Earlier this month, a strange incident was reported from Uttar Pradesh’s Noida where a UPI user reportedly lost Rs 6.8 lakh from his State Bank of India (SBI) savings account. The victim lodged a police complaint, informing that the money was transacted 7 times from his bank account during the last two months and he didn’t even receive a single message from the bank, probably because he didn’t own a smartphone.
When he visited his bank branch to withdraw cash, the man got to know about the fraud. This comes even as National Payments Corporation of India (NPCI) claims UPI to be extremely secured and guarded.
Cyber Law Expert, Dr Karnika Seth, told Zee Business Online that the incident could have happened because of the malfunctioning of the interface or a technical glitch, while adding, “Not getting informed via a text message alert or an e-mail is against the RBI policy.”
She said there is also a possibility of the UPI account getting hacked by a third party, external hacker or a fraudulent call where frauds, hiding their real IDs, discuss unusually attractive offers or try to get the bank account holder to talk about their bank account details pretending to be a bank employee.
“Another reason for the fraud can be when the user compromises on his/ her password and disclose it to the other person,” she said. This is a threat to the safety of the monetary transactions. Cyber Security Expert, Sanyog Shelar, said, “When you create a UPI account it comes with security.
Now, that account configures with a third party example PayTm, PhonePe, Google Pay, that app having the facility that the person has created a UPI pin as well, can easily transfer your amount that configures around that particular account. If someone is using SBI company services….it is not related to his bank account, he allowed the third party to use his bank account.”
The experts added that this is not the first time that such fraud has happened. It has become common since the third party money transferring entities have come into play, Sanyog said.
How to make your UPI account more secure?
Dr Karnika advices users to avoid clicking unknown and dubious links and websites. The users should also check the security pocket layer on the website’s address bar, especially while making financial transactions. Also, they should beware of hoax phone calls or filling up free surveys for a quid-pro-quo transaction.
“Avoid Using your actual UPI services on third-party apps which are available in the market with a lot of offers, cashback, amazing offers you are not aware of the maintenance of security. Always verify the particular app. Even when the UPI had started there was a huge amount of fraud was happening when they launched UPI,” Sanyog Shelar, also suggested.
What to do when trapped?
Informing the police should be the top priority along with informing the Security IT, as per Dr Karnika.
Meanwhile, Sanyog said that Google has given a provision about fraud transactions where it can investigate the matter and if a false transfer of money is found, the transaction could be reversed. However, the same cannot be done if the transaction is made through the bank.