Beware of these 4 frauds while making payments via UPI amid lockdown

Share one time passwords (OTP) with unknown entities or scan unverified quick response (QR) codes and you are sure to lose your money. Many fraudsters are misusing the ‘collection facility’ allowed under UPI wherein he may send a collection request and ask you to approve it to receive money. Most sites, including banking sites, allow you to change passwords with OTP authentication. So by sharing the OTP you could be allowing scamsters to take control of your online banking logins.

QR code with malicious software is yet another new threat. When you are scanning the code, a malicious code will capture details linked to your wallet, bank account, etc. and these can be misused. Exercise caution while scanning. Scan only those codes with known merchants and make sure that the merchant’s name is appearing on the screen.

Fraudsters may send you a mail that is masked to show the sender as a genuine entity, this is basically phishing. You could also get several messages that seem to be from genuine sources such as your bank. Hovering your mouse on and checking the link is of little use due to the increased usage of tiny URL, a system that allows users to hide their long, expanded URLs.

Prevention is better than cure and it is best to not click on any link at all since you cannot distinguish between genuine and fake ones. If at all you have to click, make sure the site opened is secured. Look out for a small lock emblem at the extreme left side of the URL before parting with any personal information.

The best way to keep frauds at bay is by updating contact details stored with your bank. However, banks and other financial institutions tend to bombard customers with regular doses of promotional mails and SMSes. By ignoring these altogether, you may miss out on important messages too. Your safest bet is to unsubscribe from these promotional offers.

Many of us save our debit and credit card details on several sites and apps. However, this is best avoided. This happens when you fail to turn off the auto fill facility in your browser. Turning it off will increase inconvenience but it will make your online transactions more secure.

Watch: Covid impact: Are you doing enough to keep your money safe in today's digital world?

Since banking is now at your fingertips thanks to your smartphone, don't neglect protecting your SIM. It takes 20-30 minutes to clone a SIM. If you suddenly lose network, that is a red flag. If you leave your SIM cards unattended, fraudsters with SIM reader/writer can clone it, use it on some other phone and receive the OTPs and other SMSes sent to you by banks.

Device finger printing has increased the importance of your gadgets. Offline hacking can happen if you leave the device in someone else's hands, even leaving your phone in a repair shop. Online hacking can include direct attacks or when you download apps or pirated movies from unsecured platforms. As a rule, don’t give permission to all your data— photos, location, email, SMS, microphone, camera, etc. This can be a serious threat because banks send emails and SMSes for every transaction and any app that reads all that will know your exact transaction details.

Among apps, one segment in particular is turning out to be a big problem, namely the gaming/casino apps. They collect details and store it outside India. Some can also read data from other apps. You should also be careful while sharing sensitive information using your mobile, because these shared information get stored there. Lock devices with antivirus software. It is a treat for the hacker when there is an overflow of information and we access such unsecured sites.

These cards require no PIN authentication and this can be troublesome if the card is misplaced or stolen. The threat has increased ever since RBI hiked its maximum daily usage limit from Rs 2,000 to Rs 5,000 in January. You can limit usage of this facility or block it entirely to ensure safety.

Similarly, you need to exercise caution when transacting in abroad or on foreign websites because not many countries use a second factor authentication system. Some sites also force you to save card details before making payments. Even if you have to store card details, do so only temporarily, delete the details and history as soon as you have made the payment.

RBI has come up with various steps to protect bank customers. One of these is the 'positive pay system', under which you can ask your bank to verify details of the cheque if the amount involved is more than Rs 50,000 and this will prevent the misuse of cheque leaves. Just inform the bank about a few details of the cheque- date, name of the payee, amount etc.- electronically. As of now, the positive pay system is voluntary but RBI has allowed banks to make it mandatory for cheques involving over Rs 5 lakh.

Similarly, most bank customers are still not using the facilities to restrict usage of their debit and credit cards. You have the option of keeping your cards inactive or keep very minimal transaction limits on them, so make the most of these features.

As a best practice, you must guard all and not just your financial data. Fraudsters can even catch hold of non-financial but highly personal information and figure out a way to fraud you. This kind of fraud can be seen in the mushrooming of online loan portals. People can replicate your profile with publicly available/leaked info about you, create a new account and take loans.

Morphing of photos, videos etc. have been common since pre-covid times. So watch your steps on social media. Don’t give out family details on social media either. Refrain from mentioning your date of birth and avoid revealing details that can be linked to your passwords.