Xavier Prabhu, CEO of a PR agency named PR HUB, lost Rs 6 lakh from his Citibank account to a cyber fraud within minutes of authenticating usage of a PayU wallet. The caller identified himself as Pradeep belonging to the risk control team of Vodafone and informed Prabhu that he should take corrective action or would need to pay bills for the international phone calls done by a hacker. When Prabhu got suspicious he sent him an email from complaints@appelate-vodafone.com. He was also send an APK file which he was asked to download.

COMMERCIAL BREAK
SCROLL TO CONTINUE READING

The mixture of documents that looked authentic coupled with fear of SIM card misuse made Prabhu fall prey to the trap. The fraudster later told Prabhu that correcting SIM card cloning was a complex process which required control of his phone. "It was only when I called my wife I realised that my phone was diverted to some other number and transactions were authenticated on my behalf," says Prabhu.

Citibank, meanwhile, offered a provisional credit to Prabhu and are investigating the matter. He also approached the banking ombudsman of RBI in Bangalore who opined that they don't have enough regulatory control over digital wallets.

"It is a swim-swap fraud in which the fraudster installs a malware in which the phone shuts for a while till the fraud is conducted. We urge people to cross check multiple times before authenticating such overtures made by wrongdoers," said Brijesh Singh, IG Cyber Security, Maharashtra Police.