The Unified Payments Interface (UPI) introduced in 2016 in India, began to gain momentum after COVID-19 since it allowed for touchless money transfers as fraudsters take advantage of the widespread use of digital payment system.
Fraudsters use phishing as a tactic to deceive customers into divulging private information, like bank account details, OTPs, or UPI PINs. These frauds frequently use fake emails, messages, or websites that imitate trusted providers. People may get messages asking them to click on a link or reveal their UPI credentials, purporting to be from their bank or a payment service.
Cybercriminals frequently pretend to be retailers or service providers when sending fake UPI payment requests. Because it could seem legitimate, customers may approve the payment, unknowingly sending funds to the scammer’s account. Transactions on social media and online marketplaces are especially vulnerable to this kind of scam.
In order to access customers’ smartphone screens and banking apps, scammers force them to download screen-sharing Fraudsters also send fake QR codes or URLs that, when scanned, confirm financial transactions, or they fabricate UPI IDs that resemble the real ones.
A victim’s SIM card can be fraudulently obtained by cybercriminals in order to intercept OTPs and access their UPI account without authorization.
