If you own a smartphone and have registered your number with your bank, you probably get a lot of messages saying ‘Don’t disclose your OTP to anyone’. Because everyone knows that’s the simplest way to get scammed out of your hard earned money. SMSes with suspicious texts or links are a close second.
Simply clicking a link can give hackers access to your phone, as happened in this case
Harish Chander is a 52-year-old businessman from Gurugram. On September 7, 2018, he received a message on his smartphone from a hacker pretending to be an Income Tax official. The notification stated that his IT return had been held up. It further asked him to click on a link. Upon doing so, an app downloaded on his device automatically. Three days later, INR 60,000 had been wiped out from his bank account in 2 online transactions.
So, how did the withdrawal take place without the victim disclosing his OTP?
According to a report by Hindustan Times, the fraudulent link was used by the hacker to install an app on the victim’s phone. This app forwarded the OTP to the hacker’s number at 2.30 am when the victim was asleep. By the time he woke up, the money had been withdrawn. Even the bank officials couldn’t do anything to reverse the transactions.
Mohammad Azad, the Assistant Sub-Inspector of Sector 10 police station said that an FIR has been filed under section 420 (cheating) of the IPC. The number to which the OTP was sent has been traced to Pune but no arrests have been made yet.
This case reminds us yet again that cybercrimes are on the rise and we need to stay alert. Clicking on suspicious links is injurious to (monetary) health.