What is OTP Fraud How to Avoid Being Scammed CERT In Release Advisory All Details


India’s national cyber security agency, CERT-In, has issued an important advisory for people due to the rapidly increasing OTP fraud in the country. In this, people have been given information on how to avoid OTP (One-Time Password) fraud. With digital payments becoming increasingly common, scammers have devised several clever tricks to trick people into sharing their OTP with them, causing people to suffer losses to the tune of lakhs of rupees. Many such incidents have been reported in recent months, where fraudsters have tried different methods to collect OTP from people and digitally defraud their bank accounts. In such a situation, you should also know well about OTP fraud.

What is OTP Fraud and How Do Scammers Execute This?

OTP fraud is a scam where fraudsters trick their targets into revealing their one-time password (OTP). If you don’t know, then let us tell you that OTP is usually required as verification to complete financial transactions or access accounts. These OTPs are sent by the bank through SMS or email. Only after submitting these, the transaction is completed or the account is logged in.

It acts as an extra security layer in the security system, ensuring that only authorized users can perform sensitive tasks. However, scammers take advantage of people’s lack of awareness, and often pose as legitimate employees of banks or service providers to gain access to this number. Once the OTPs are shared, scammers use them to transfer payments to their own accounts or, in some cases, log into the user’s account on their own devices.

Scammers use many different tactics to trick individuals into sharing their OTP. To establish trust, they often pose as bank representatives, customer service agents or even government officials. To further strengthen the trust, they sometimes even make the phone numbers look like toll-free or official bank numbers. To pressure the victim into revealing the OTP, fraudsters pretend to have a fake problem with their account or pretend to offer them attractive rewards. In some cases, they also use phishing websites or apps that resemble the official portal to trick users into entering their OTP and personal information.

How to Avoid OTP Fraud

According to CERT-In, to avoid such frauds, keep the following information in mind:-

Be wary of calls that look similar to toll-free numbers of any bank or authorized company.

Do not share any personal information like credit/debit card details, CVV, OTP, account number, date of birth, debit/credit card ending numbers etc. with unknown persons over phone/online.

Always visit the official website of the bank or any authorized company and verify the number from which the call/SMS is received.

Do not share OTP over phone calls, emails and SMS for cashback, reward points or any such offers.