Online fraud thrives during banking hours
65-70% cases between 7 am and 7 pm, finds HDFC analysis
At the peak of the economic boom in late 2000, many banks used to offer banking services to their customers from 8 am to 8 pm. As digital transactions gained traction in the following decade, so has online fraud.
An analysis of such online frauds shows that the time preferred by fraudsters to target people also coincides with the peak business hours — 7amto7pm.
A fraud dispute time analysis for the first three months of the current financial year by HDFC Bank — the largest private sector lender of the country — shows 70 per cent of the frauds happened during this 12-hour period.
According to the bank, digital frauds have had a makeover since the beginning of the pandemic and are now becoming sophisticated enough to gain people’s trust.
There has been an increase in online mode of payments as compared to physical and paper-based instruments, data from Reserve Bank of India showed. Digital payment systems recorded 26.2 per cent growth in volume during 202021 on top of 44.2 per cent rise in the previous year.
“These scammers do not rely much on technical ways such as hacking to defraud people,” said Manish Agarwal, Head - Risk Intelligence and Control, HDFC Bank.
“In fact, most of the frauds now happen through social engineering. The fraudsters are well aware of current affairs, regulations, etc. and use them as their theme to target customers,” he told Business Standard.
According to Agarwal, fraudsters are generally concentrated in geographies around the metros and urban centres. This is primarily because the reach of law enforcement agencies is strong within metros.
Social engineering is the preferred modus operandi of the fraudsters, as their scripts are generally themed around greed, help, threat and commerce.
They lure the customer with lottery (greed); promise to help the customer redeem card points; warn the customer to update KYC or risk deactivation of the account (threat). There are also examples of customers initiating a transaction (commerce) by ordering online from an unverified site (claiming to sell liquor, for instance) and thereby falling prey to fraudsters.
“Around 65-70 per cent of cyber frauds happen between 7 am and 7 pm since fraudsters want to gain the trust of their victims. Calling during working hours makes their offers appear more convincing and customers often fall prey to them as the calls appear legitimate,” Agarwal said.
Another interesting point revealed by the analysis is that as many as 80-85 per cent of the affected customers are in the age group of 22-50, supposedly a tech-savvy cohort.
“While, technically, almost 80-90 per cent of frauds happen due to customer negligence, many times customers get defrauded even without sharing confidential information,” Agarwal said.
Fraudsters, on the pretext of helping their targets, are now making victims download certain genuine applications (apps) and gaining access to their phones. Hence, without even asking their targets, they are gaining access to confidential information through legitimate apps.
“There are genuine apps that are used by IT professionals to service their customers in different locations. Through these apps, they take control of their customers’ laptops/phones in order to mend and resolve issues,” Agarwal explained.
Apart from asking customers not to share OTP, PIN and other confidential information, HDFC Bank is also asking them not to click any unknown links and make payments on unrecognised e-commerce platforms. “Customers are also being made aware that if someone is promising to send money, it does not require them to share any type of authorisation or PIN authentication,” Agarwal added.
The home ministry has operationalised a centralised helpline number (155260) and a reporting platform where victims can report incidents of cyber crime. The helpline is manned by respective state police departments and reported incidents are handled through the Citizen Financial Cyber Fraud Reporting and Management System, which is integrated with law enforcement agencies, banks and financial institutions.