TN POLICE – CYBER CRIME ALERT

TN Police – Cyber Crime Alert
Subject : How to Spot Fake QR Code, Links and Rouge Apps.
Nature of Information :
Cybercriminals are constantly seeking new ways to steal money. Rogue banking apps, QR codes, transaction links packed with malware are designed to steal sensitive /critical data or banking credentials.
Tactics of Cyber Criminals:

1. Fraudsters make use of the UPI request feature by making bogus payment requests with messages such as “Enter your UPI PIN to receive money,” “Payment successful rececive Rs.XXXX,” and so on..
2. Similarly, fraudsters send QR codes via message, asking to scan them to deposit money in to the victim’s account. When the QR code is scanned, the fraudster gain access to all of the user’s banking details. Scanning QR codes is akin to giving thieves access to your bank account. QR codes need to be scanned only to make payments. As a result, never use a QR code to receive payment.
3. Fraudsters send links in texts or e-mails from an unknown source. Clicking on this link helps them to obtain a replica SIM card, which gives them access to one-time passwords. They do this by impersonating a cell business and requesting that you forward and SMS containing the SSIM card number to activate the clone SIM.
4. Rogue banking applications are unauthorized or cloned banking apps that contain malware designed to steal sensitive /critical data or banking credentials. These may be freely available on the internet. Trojanizing is a technique used by cybercriminals to replicate legal versions of apps and incorporate mobile malware in them, These rogue apps are made to resemble legitimate mobile banking apps. Cybercriminals employ a variety of techniques, including the use of similar graphics and icons, as well as a strong resemblance to the original publisher’s name.
5. Some fraudulent mobile apps may include well-written legal clauses that emphasize the app’s ability to charge you. Even if these legal phrases appear to be legitimate, you should examine them carefully.

Suggested Precautions:

1. Customers must input their PIN only while sending money. To receive money, do not pay or provide your UPI PIN. Transfer money only if you know to whom you are transferring them.
2. Never use a QR code to receive payment. Even if the person claims to be from the bank, never give out your UPIO wallet PIN or card details such as PIN, One-Time Password (OTP), CVV, expiration date, grid value, or card kinds (Visa, Mastercard, Rupay, etc.) to anybody.
3. The rogue apps can quickly deplete your phone’s battery. As a result, a battery that runs low regularly could be a symptom of malware or virus infection. Check your phone bill regularly and keep an eye out for any unusal activity on your phone or your phone bill. Look for discrepancies or misspellings on the App’s download page. That is a telltate indicator of a forgery.
   If you are the victim of such scams, file a complaint on https://cybercrime.gov.in/ or call Toll free number 155260 for financial frauds.
   It is only a general alert. It is not against specific persons or products or services.