Your KYC has expired...

Annie was working at home and she received a SMS indicating that KYC has expired for her favourite payment app and the SMS received also had a customer care number to call back.

Annie did not want her app to stop working and hurriedly called up the customer care number mentioned in the SMS. The executive on the line confirmed that her KYC has expired and that all the money would lapse with the expiring of KYC. She needs to renew it immediately and the executive can help.

The executive either asks her to pay a one time charge/authorize a payment request which will get reversed immediately post KYC verification. Once Annie clicks on the link and enters the PIN the money is debited. Executive asks her that this didn't happen successfully and she needs to do it again.

On another pretext the executive will ask Annie to install a remote app such as QS(quick Support/Anydesk) and ask her to share the authorization PIN so that he can debug the issue in Annie’s KYC flow. Annie gives access to her device and the executive empties her bank account.

What Happened?

This is a method of fraud called Authorized Push Payment/Collect call or Device Takeover Frauds. The SMS that was sent was a fake SMS that was sent to many people. Few people end up falling for this and end up calling the mobile number mentioned in the SMS.

• Annie ends up falling for a fake SMS

• Annie ends up getting convinced by fraudsters to send money to get KYC done

• Annie ends up getting convinced of giving access of her device to an unknown person which led to getting defrauded.

This type of fraud is split into 2 types:

Collect Call/Authorized Push Payment(APP) fraud

When a user authorizes a payment request money will get debited and credited to the requestor( in this case fraudster). The fraudster raised a request to get money from Annie and on authorization this ended up debiting her account

Remote Device Takeover /Anydesk fraud

On installing an app from playstore which allows one to take remote control of the device, annie has authorized the fraudster to take over her device and do anything with the same. These apps/softwares are built for remote debugging and should not be shared or given control to another person at all. These apps allow someone to take control of the entire device and play around the apps. A fraudster keeps you busy on the call and takes control of your device to transfer the funds from your account to his own account.

How to stay Safe?

Your security is in your own hands , here is how to stay safe from such frauds:

• Look at SMS header (BT PTKYCK/QP 687878 etc)

SMS headers are a way of telling where did the SMS originated from. Mostly companies have defined headers from where messages come from, these seem to be a non genuine source.

• Look at SMS body for misspellings or grammatical errors

Any company will proofread the SMS been sent , this is clear signal that this is not the work of a company.

• Support Number Verification

Please do check against the company websites the numbers posted in the SMS. Very rarely do companies give out mobile numbers in a generic blast SMS. Every company has a contact us page which lists the customer care number , do verify against that.

• Check the App for status

Do not just rely on the SMS , check your app on the KYC status. Unless the app shows a warning on the KYC , do not fall for this.

• When in doubt Verify

When in doubt verify after calling the official support numbers from the company website or raising a ticket on the app. Let the official customer care come back to you with the explanation. Often these fraudsters stress on the time bound limit to do an action. Do not fall for a pressure for any timeline on such calls or SMS. Take your time to verify.