What is OTP Fraud ?

Posted by on

A one-time password (OTP), also known as one-time pin, is a password that is valid for only one login session or transaction, on a computer system or other digital device. OTPs avoid a number of shortcomings that are associated with traditional (static) password-based authentication. 

What is OTP Fraud ?, Cyber Security Tips and Tricks, OTP Frauds types, Banking Frauds, Credit Card Fraud, Cyber Crime

 

A number of implementations also incorporate two factor authentication by ensuring that the one-time password requires access to something a person has (such as a small keyring fob device with the OTP calculator built into it, or a smartcard or specific cellphone) as well as something a person knows (such as a PIN).

One-time password (OTP), a commonly used two-factor authentication, is considered an effective deterrent against criminals trying to steal money from your bank account through online transaction. Not any more.

There has been a large number of cases in which criminals duped bank customers into revealing OTP or accessed it by hacking the smartphone. But now they have found another way to bypass the OTP deterrent — by requesting your bank to change your phone number linked to your bank account.A criminal can just walk into a bank, impersonate you, request a change in your registered mobile number and use the new connection to receive OTPs for transactions.

Another way criminals can dupe a bank customer is to contact mobile operator with fake identity proof and get a duplicate SIM card.The operator deactivates the original SIM and the criminals generate OTP on the new number and conduct online transactions.

PRECAUTION

  • Never disclose your OTP and PIN number to any person.
  • No Bank or other institution will ask for credentials lik OTP, PIN, CVV number or other credentials.
  • If you give these credentials to any one , they will siphon money out of your account.
  • Don’t attend any call or disconnect calls if the other person asks your OTP, PIN, CVV number or other credentials.
  • If you have installed a True caller and the name displays as a bank manager or the name of your bank, don’t believe that caller immediately without probing him.
  • Ask him to talk to you in your mother tongue or tell him that you will visit the branch or ask him multiple questions until you are satisfied it is your real bank manager who is calling you.

Source : cyberpolicebangalore.nic.in


Location: India

Comments

Post a Comment