wordpress blog stats
Connect with us

Hi, what are you looking for?

RBI urges caution regarding existing cyber threats, lists ‘safe digital banking practices’

The central bank also mentions familiar ways in which scammers trick victims to access their confidential details.

Taking cognisance of recent instances of cyber frauds, the Reserve Bank of India has recommended a slew of safe digital banking practices.

In a press release, Chief General Manager of RBI Yogesh Dayal urged customers to never share bank account details, even with bank officials. Dayal also said that emails or phone calls that threaten that one’s account may be blocked were ‘common modus operandi of fraudsters.’ “Do not respond to offers for getting KYC updated/expedited. Always access the official website of your bank/NBFC/e-wallet provider or contact the branch,” he added.

“It has come to the notice of Reserve Bank of India that unscrupulous elements are defrauding and misleading members of public by using innovative modus operandi including social media techniques, mobile phone calls, etc. In view of this, the Reserve Bank cautions members of public to be aware of fraudulent messages, spurious calls, unknown links, false notifications, unauthorized QR Codes, etc. promising help in securing concessions/ expediting response from banks and financial service providers in any manner.” — RBI press release

Social engineering-based cyber frauds are on the rise and they’re not just targeted towards senior citizens (perceived to be unskilled in digital use) but also target those who are technologically proficient and use smartphones on a regular basis. Recently, Reliance Jio warned customers of a social engineering fraud where scammers posing as Jio representatives try to gain access to a customer’s sensitive information such as Aadhaar, bank account details, and so on.

Typical modus operandi used by fraudsters, according to RBI

The RBI listed various ways in which fraudsters attempt to get access to confidential details like user id, login/transaction password, OTP, debit/credit card details and other personal information. They are —

  • Vishing: RBI described vishing as phone calls pretending to be from bank/non bank e-wallet providers/telecom service providers in order to lure customers into sharing confidential details in the pretext of KYC-updation, unblocking of account/SIM-card, crediting debited amount, etc.
  • Phishing: RBI said phishing activities included spoofed emails or SMSs designed to dupe customers into thinking that the communication has originated from their bank or e-wallet provider and contain links to extract confidential details.
  • Remote Access: The central bank said that many fraudsters lure customers to download an application on their mobile phone or computer through which they are able to access all the customers’ data on that device.
  • Payment request: RBI also said that many scammers were misusing the ‘collect request’ feature of UPI by sending fake payment requests with messages like ‘Enter your UPI PIN’ to receive money.
  • Fake numbers: Many scammers are providing fake numbers of banks or e-wallet providers on webpages, social media, and displayed by search engines, etc, RBI added.

Checking URLs, domain names received in emails and other safe banking practices

These are few of the practices that RBI recommended for users to follow while carrying out online banking and similar activities —

  • RBI urged citizens to not download any unknown app on your phone or device. “The app may access your confidential data secretly,” it said.
  • RBI informed that transactions involving receipt of money do not require scanning barcodes or QR codes or entering MPIN. It urged one to exercise caution if asked to do so.
  • “If you receive an OTP for debiting your account for a transaction not initiated by you, inform your bank / e-wallet provider immediately. If you receive a debit SMS for a transaction not done, inform your bank / e-wallet provider immediately and block all modes of debit, including UPI,” it said.
  • RBI recommended users to not share the same password of one’s email with their bank or e-wallet account. It also urged users to not set their passwords as ‘password’.

Also Read:

Have something to add? Post your comment and gift someone a MediaNama subscription.

Advertisement. Scroll to continue reading.
Written By

Among other subjects, I cover the increasing usage of emerging technologies, especially for surveillance in India

MediaNama’s mission is to help build a digital ecosystem which is open, fair, global and competitive.



Looking at the definition of health data, it is difficult to verify whether health IDs are covered by the Bill.


The accession to the Convention brings many advantages, but it could complicate the Brazilian stance at the BRICS and UN levels.


In light of the state's emerging digital healthcare apparatus, how does Clause 12 alter the consent and purpose limitation model?


The collective implication of leaving out ‘proportionality’ from Clause 12 is to provide very wide discretionary powers to the state.


The latest draft is also problematic for companies or service providers that have nothing to with children's data.

You May Also Like


Google has released a Google Travel Trends Report which states that branded budget hotel search queries grew 179% year over year (YOY) in India, in...


135 job openings in over 60 companies are listed at our free Digital and Mobile Job Board: If you’re looking for a job, or...


Rajesh Kumar* doesn’t have many enemies in life. But, Uber, for which he drives a cab everyday, is starting to look like one, he...


By Aroon Deep and Aditya Chunduru You’re reading it here first: Twitter has complied with government requests to censor 52 tweets that mostly criticised...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to our daily newsletter
Your email address:*
Please enter all required fields Click to hide
Correct invalid entries Click to hide

© 2008-2021 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ