Online frauds are on the rise. Almost on a weekly basis, I hear new ways of customers being duped of their hard-earned money. Of late, the UPI frauds have been on the rise, where the fraudsters call/text you on one pretext or the other. You eventually end up installing malicious software on your phone or sharing your One-time password (OTP) with them. We all know what happens next. This Economic Times article and Livemint article discuss the various approaches in detail.
In our earlier posts, we have discussed ways to prevent fraud in credit card/online transactions. We have also discussed your liability in such instances of fraud in this post. The post mentions that these are draft regulations. However, the same rules have since been notified by the Reserve Bank in its circular dated July 6, 2017. Though the rules are investor/customer friendly by design, there are many ifs and buts. Moreover, the way the frauds happens, there is some negligence at the investor/customer level too. So, if you share OTP to the fraudster or OTP is shared through a malicious app installed on your mobile, the banks won’t be kind on you. You can bid your money goodbye.
In my opinion, the way things work, the fraudsters will be a step ahead of regulators, banks and people like you and me. These fraudsters can be extremely glib and even smart people can also fall (or almost fall) for their tricks. Here is an example in a Twitter thread. Therefore, the intent of this post is to reduce the impact of such a fraud. i.e., you do not lose too much even in the case of fraud.
Do not keep too much money in your bank account. If your account balance exceeds a certain threshold, you can shift the excess to a bank fixed deposit. When you need the money, you can break the FD and access funds. Apart from FDs, there are other alternatives such as liquid mutual funds that investors can explore. FD remains the simplest option though. To access net banking, do not ever go to the bank website through a link in an e-mail or SMS. In such a case, you will lose only so much money that is in your savings bank account. The money in your bank fixed deposits will still be safe.
You can reduce the transaction limit on your credit cards. For instance, you can set up daily transaction limits in your bank or credit card account. You can set up daily limits for ATM withdrawals/physical point of sale purchases or even online transactions. For instance, you can set up a limit of Rs 10,000 per day for online purchases. In such a case, the bank will decline transactions that exceed Rs 10,000 (the total of all the transactions during the day). In such a case, you will not lose more than Rs 10,000 to an online fraud (or so I think). Remember, as soon as you figure out there is a fraud, you must report it to your bank. This will limit your financial liability. Many banks allow you to change the transaction limits instantly. Whenever you want to transact for a higher amount, you can increase the limit and revert to the lower limit after the transaction.
Moreover, you can lock your card temporarily for all transactions. Or you can lock your card for only domestic or international transactions. So, if you know that you are not going to use your card for a few days, you can block your card temporarily. Or if you are travelling abroad, you can block the cards that you are not going to use abroad for domestic transactions. In any case, the banks usually reject transactions (POS transactions) abroad if you don’t inform the bank of visit.
The unfortunate part is that not all banks may give you this option. I hold two credit cards. One allows me to set daily transaction limits, but the other does not.
We use our credit cards at many places and websites. We don’t trust everyone as much. At those websites or places, you can use the cards where you have set up daily transaction limits. Use credit cards instead of debit cards because it may be difficult to recover money in case of debit card frauds. Moreover, with a debit card, your entire bank balance is at risk. With a credit card, you can only lose up to your card limit (the card limit may be very high though). Remember, the fraud does not need to happen right after your details have been compromised. It may happen after a few weeks or months.
I am particularly wary of using my credit card at petrol pumps or new websites. I either use cash or opt for cash on delivery. Or I simply use Paytm wallet to make payments at such places (I do not use Paytm UPI). I quite like Paytm. I keep some money in the wallet and use it to make payments where I don’t want to use my credit card or debit card. There is not much a fraudster can do in such cases (or so I think). You can also use UPI and pay using bank mobile app (not very sure of the chinks though).
Remember, the fraudsters will always be a step ahead of us. So, perhaps, they will figure out ways (or they already have) to go around these suggestions. For instance, they can use OTP to update the mobile number or address so that the next set of OTPs go to the wrong number. The banks do not immediately allow transactions after the change of OTP, but you can be caught napping.
You need to avoid scoring self-goals. Don’t share OTPs/CVV with any Tom, Dick and Harry. In fact, don’t share the OTP/CVV with anyone. Do not click on links whose veracity you are not sure of. Do not use cards at places or sites you don’t trust much.