According to the FY23 annual report of the Reserve Bank of India (RBI), while the total amount of frauds reported by Indian banks decreased by 50% from 59,819 crore in FY22 to 30,252 crore in FY23, there was a significant increase in both the value and frequency of digital frauds involving cards and online payment methods during the same period.
In the previous financial year, there was a significant increase in the number and monetary value of digital frauds involving cards and internet banking services. Specifically, in FY22, there were 3,596 reported frauds amounting to 155 crore, but this number almost doubled in FY23, with 6,659 frauds totaling 276 crore. However, it is important to note that the majority of the frauds reported in FY23, accounting for 94.5% of their value, actually occurred in previous financial years. Additionally, there were delays in detecting and reporting fraud by lenders.
According to a report by Bureau, a platform that collaborates with lenders to provide risk compliance solutions, experts have observed that fraudsters are employing novel methods to deceive customers. These tactics encompass techniques such as phishing, which involves tricking individuals into divulging sensitive information, as well as the use of malware specifically created to extract and replicate data from a bank customer’s compromised device. The report also mentions vishing, a fraudulent practice that involves manipulating individuals over the phone, and SIM cloning, a method of duplicating SIM cards.
According to a senior official from a mid-size bank, while it is important for banks to continue educating their customers, the issue of social engineering often poses a challenge. This is because customers may voluntarily disclose their OTPs, passwords, or inadvertently allow fraudsters to gain control of their phones. Unfortunately, in such situations, the banks’ ability to implement corrective measures is restricted.
In addition, scammers employ deceptive tactics such as establishing counterfeit UPI handles on social media platforms to deceive individuals into divulging their account information. They may also prompt customers to download applications that can occasionally monitor their mobile or computer screens remotely. Furthermore, there are more advanced schemes in which fraud rings obtain the victim’s data and transfer funds to an intermediate account.
According to the report by Bureau, out of all the digital payment frauds reported in May 2022, approximately 55% were associated with UPI transactions. Among these UPI-related frauds, half of them involved a ticket size of less than Rs 10,000. Despite the increased presence of digital platforms and customer engagement resulting from investments made by both modern and traditional institutions, the level of digital education remains below expectations. Additionally, fraudsters now have access to simpler and less risky methods to target unsuspecting customers. They often exploit emotions such as fear and greed, as many fraudulent activities can be linked to inducing fear that one’s account is blocked or arousing greed by falsely claiming that the individual has won a lottery.
According to Biju K, the senior vice president and chief vigilance officer at Federal Bank, fraudsters and criminals have embraced the digital revolution just as much as customers have. He pointed out that there has been a significant increase in the number of digital transactions, approximately quadrupling between 2018 and 2023. The availability of a straightforward and widely used real-time payment infrastructure like UPI has made digital payment transactions a commonplace occurrence, particularly during the pandemic period.
Between 2020 and 2022, there was a substantial increase in the volume of UPI transactions, with a rise of 427%. In the month of May, the National Payments Corporation of India (NPCI) recorded a total of 9.41 billion UPI transactions, equivalent to Rs 14.89 trillion. Biju K stated that this upward trend is anticipated to persist, with cash transactions projected to account for no more than 10% to 12% of overall banking transactions.
He suggested that banks and other financial service providers should prioritize the strengthening of their IT infrastructure and regularly update it to keep up with evolving technologies. It is crucial for them to maintain a basic level of cyber hygiene to ensure that their platforms are devoid of vulnerabilities. Additionally, there is a need to raise awareness among the public about safe internet usage and digital banking practices. Furthermore, he emphasized the importance of implementing advanced monitoring mechanisms in banks to enable real-time detection and prevention of digital frauds.
He suggested that banks and other financial service providers should prioritize the strengthening of their IT infrastructure and regularly update it to keep up with evolving technologies. It is crucial for them to maintain a basic level of cyber hygiene to ensure that their platforms are devoid of vulnerabilities. Additionally, there is a need to raise awareness among the public about safe internet usage and digital banking practices. Furthermore, he emphasized the importance of implementing advanced monitoring mechanisms in banks to enable real-time detection and prevention of digital frauds.
According to the report, the majority of frauds reported by private sector banks were attributed to small-value card and internet frauds. On the other hand, public sector banks predominantly encountered frauds related to their loan portfolios.
To enhance the accuracy and reliability of data in Fraud Monitoring Returns (FMR) provided by banks, the RBI recommended that lenders should conduct thorough due diligence and gather credible evidence before including or adding the names of non-whole time directors in the FMR/CRILC (Central Repository of Information on Large Credits) while reporting cases of fraud or non-cooperative borrowers. This advisory aims to ensure that the information reported in these returns is based on verified facts and evidence.
(Source – Financial Express and The Indian Express)