It’s an important information for those State Bank of India (SBI) account holders who dial SBI’s tollfree number for various banking needs, queries, complaints and other bank related information.
It’s an important information for those State Bank of India (SBI) account holders who dial SBI’s tollfree number for various banking needs, queries, complaints and other bank related information. Alerting its customers, SBI has said that please be aware of Social engineering fraud using Mobile numbers similar to Bank’s Tollfree number. SBI says it doesn’t ask for any confidential information through any medium including Call, Email, SMS and chat.
Also Read: Big Breaking: Delhi’s Laal Qila Closed Indefinitely, Decision Caused By Bird Flu
Further, SBI says that please do not share any information such as card number, OTP, PIN, CVV, USER ID and Password with anyone including bank officials.
How does this fraud activity work? Know its process, modus operandi!
Department of Supervision, Central Office, Cyber Security & IT Risk Group (CSITE) in a notification alert titled – “Social engineering fraud using Mobile numbers similar to bank’s toll free number” – says, Reliable inputs have been received on a new modus operandi of social engineering frauds using mobile numbers resembling a Supervised Entity’s (SE) TollFree number and registering these mobile numbers in the name of that SE on caller identification mobile apps such as TrueCaller.
The modus operandi is given below:
– Suppose that a SE’s toll free number is 1800 123 1234 (not an actual number).
– The fraudster obtains a number, say 800 123 1234, resembling the SE’s tollfree number and registers successfully on the True caller app (or any caller identification application) as the toll free number of that SE.
– An unsuspecting customer (victim) looking to contact the SE contacts the fraudster’s number registered on the TrueCaller application (800 123 1234) instead of the genuine toll-free number of the SE (1800 123 1234).
– The person (fraudster) attending this call then lures the victim into providing sensitive details such as debit/ card credentials, username, OTP, etc. to access the victim’s account and carry out fraudulent transactions.
Good morning sessions greetings