Fake Image - CloudSEK

Menace of Fake Banking Services

We have all received calls from fake bank representatives, offering us complimentary credit card upgrades, free Insurance, and assistance to complete KYC (Know your customer) formalities. And to provide these services, they would have requested us for credit card or debit card details.

However, in the last few years, the general public has smartened up to this scam. And most of us don’t indulge these calls anymore. And in response to this, scammers have repackaged their scams, that are delivered to us, via other channels. The new schemes are so convincing that we reach out to them.

Let’s explore these sophisticated approaches and the various resources that allow scammers to continue defrauding us.

What makes us vulnerable?

Most people unequivocally rely on Google search for everything ranging from bank locations to restaurant reviews. So, it is only natural that scammers have started targeting Google services, to index bogus web pages that contain fake bank branches and customer care numbers. Also, it is simple to list a business on Google, because there is no detailed verification process. In 2018, police busted a scammer who was running a fake branch of Karnataka Bank in UP’s Ballia.

How are fake banking services provided?

  • The scammer buys a domain name that closely mimics the targeted bank. They replicate the bank’s trademarks, logos, and website design, to give it an air of authenticity.
  • They set up telephone numbers which are advertised on the fake website. The scammer goes the extra mile, to convince skeptical users, by mimicking original caller tunes, hold tunes, and following standard operating procedures.
  • Sometimes, scammers even set up interim branches and kiosks, employing people at different levels, so that it appears to be a legitimate operation.
  • They then list themselves on Google services with seemingly genuine location details.
  • When a customer searches for a bank branch or customer care number, these sites appear as top Google search results.
  • When the customer calls the fake number or visits a fake branch, scammers slip questions about CVVs (Card Verification Value) or ask for OTPs (One Time Password) in the middle of the conversation.
  • They may even advise users to download and install certain remote desktop sharing apps or open links that give them the control of the customer’s mobile device.
  • Scammers especially favour UPI (Unified Payment Interface) and other similar apps. They will ask for a victim’s UPI ID, and convince them to accept 1 rupee on the app. Wherein, instead of accepting money, unaware and inexperienced users, will in fact be remitting a large amount from their account.

Are there precautions we can take?

  • Stay abreast of scammers and the different types of online scams.
  • Proactively monitor the surface web and alert authorities of any scams you have identified.
  • Inform targeted banks about such scams. It will also help them to initiate the takedown of such sites and apps and ensure others don’t fall prey to these scams. 

If you have concerns about your organization’s security posture, contact us: Request a Demo now.

Senior Manager at CloudSEK, heading the Global Pre-sales Team. He worked with Dimension Data, MetricStream and Virtusa as part of his previous assignments.
This is Alt
Cyber Intelligence Editor, CloudSEK
Total Posts: 2
She is a Cyber Intelligence Editor at CloudSEK. A lawyer by training and a content writer by choice, she prefers to write on matters concerning current affairs, security, and human frailty.
×
Senior Manager at CloudSEK, heading the Global Pre-sales Team. He worked with Dimension Data, MetricStream and Virtusa as part of his previous assignments.
CloudSEK is continuously analyzing the Surface, Deep and Dark web to identify the emerging threat indicators and trends. For real-time threats emerging against your organization or industry, you can request a demo for free.