Wednesday, July 3, 2013

Paying Bill Online Costs Man INR 50,000

1

"

A few days ago, Kumar had tried paying his electricity bill through a third-party website and carried out a transaction of Rs 2,340…

Next morning, Kumar shot off an online complaint to the support desk to seek refund. Within a few hours of filing the online complaint, Kumar received a call from a number, 886164****, asking for "details of my SBI account, the debit card number and PIN".

"The caller also asked Kumar to read out the bank's helpline number mentioned on the back of the card. He then asked him to give his mobile and landline numbers," a senior police officer said.

Within 30 minutes of the call, Kumar received five text messages on his phone informing him about online transactions carried out between 1.02pm and 1.06pm of Rs 10,000 each.

Link

Firstly - There is a typo in the article (of sorts). In the beginning it states - Bank confirmed a successful transaction and the website claimed that the transaction had failed. However, later in the article it's stated - Bank alerted of an unsuccessful transaction (I have highlighted both parts in the screenshot).

Request Mr. Raj Shekhar to fix the typo. Next time, read the draft before publishing it online.


Now moving on with the story:

- The number used for making the scam call - Why is it masked in the article? Pretty sure the fraudster won't be using the same number again, but what purpose does it serve to mask the number in the article?

- Third Party website - It is important to mention what convinced Mr. Kumar to use a third party website. How did he come across it and what made him believe that it was legitimate? For some reason, Mr. Raj Shekhar felt those details were not necessary to include in the article.

- I do feel bad for Mr. Kumar. BUT, here is the thing - You get a call from an unknown number. You go ahead and give this person not only your account details but also your PIN? Seriously?! This is just asking for it.

You do NOT give your PIN out. This is not mentioned in some 'secret' manual accessible to only a selected few. It is common sense (even if you don't read the text on the pin mailers sent from your bank).

Customer Support (from a vendor or service provider) will request you to verify some details for identification purposes. I can understand why Mr. Kumar didn't suspect anything and gave out his phone number(s) and address. But why would he give out his account details and PIN?!? That is just being careless.

Even a bank's support staff doesn't ask for the PIN. They might ask you to verify the last few transactions of your account (amount details) or your date of birth etc. Sometimes the last 3 digits (or something along those lines) of your Debit Card number… but never the PIN.


It is highly unlikely that someone will distribute a comprehensive manual on How To Save Your Money From Scams OR A Dummy's Guide To Keeping Yourself Safe From Fraud. That said, I will share one technique that has proven effective for a lot of people. A relatively simple concept (revolutionary to some) usually referred to as 'Use Your Brain… You Idiot!'

Shouldn't be THAT difficult a task. Try it for a change.

0 Opinions:

Archives

Followers