The State Bank of India (SBI) is giving out warnings to all its bank account holders of a recent WhatsApp scam which steals money from users by deceiving them to share their bank details.
It is suggested that some of the SBI account holders have received a WhatsApp message in the form of OTP-related advice which further turns into a scam.
Here’s what all happens in the new WhatsApp scam:
- A fraudster acting as an SBI employee gains users’ trust by creating “awareness” on OTPs (one-time passwords) via a message on WhatsApp.
- The scam is a two-parter: the first part involves the impostor asking users to upgrade his or her debit/credit card for which card details (card numbers, CVV and date of expiry) are asked for.
- Following this, the users receive an SMS or a WhatsApp message which will confirm the upgrade. That’s where the second part comes to play.
- The message is accompanied by a link, clicking on which downloads malicious apps in the users’ devices. The installed malware will redirect all OTPs received to the trickster’s server.
- Given that the fraudster already has the card details, the redirected OTP (received by the users each time) will help the scammer conduct transactions via the users’ account and steal money.
However, SBI users worry not! Users who have fallen prey to the scam can report the issue within three working days for a refund.
Additionally, users can call 1-800-111109 or send ‘Problem’ to 9212500888, and let the bank know of the fraud.
SBI further claims that if the bank is at fault, it will refund the money even if the issue hasn’t been reported. However, it doesn’t happen when the users are at fault.