Lost money in e-wallet fraud? Here’s what you need to do

As per a recent Mint report, Hyderabad-based Sejuti Baral ended up losing almost six months’ worth of savings in an attempt to sell her old phone online. Baral had put her old phone up for sale on an e-commerce website. Someone from Vizag bought it and transferred the money through Google Pay. She asked to send the parcel to a given address.

In order to send the package, Baral called a local DTDC courier service number that she found listed online. The person on the line told her he would call up from another number. Later, he sent her a link to a Google Form from the new number and asked her to fill in her details to request the pick-up.

She opened the form and entered her name and UPI ID. The person then asked her to enter the PIN, and clarified that it was part of the procedure. Unlike other payment gateways where the numbers turn into dots or asterisks as you type for security and safety purpose, the PIN was showing up on the form. Baral got suspicious and deleted the PIN immediately but it was too late.

Baral’s State Bank of India account, which was linked to Google Pay, saw eight transactions of Rs 9,999 each and one of Rs 8,000, in quick succession. In a matter of minutes, she lost about Rs 88,000. As soon as she saw this, she tried blocking her account but she was not able to log into her account as there was a pop-up saying it was a duplicate entry, which meant the fraudsters were already accessing her account. She couldn’t do anything but look at her screen helplessly as notifications of debit transactions kept popping up.

You will not believe but, incidents of such frauds have become fairly common. However, only a few know how they can seek recourse if they are defrauded on an e-wallet platform.

If you are a victim of e-wallet fraud, here’s what you need to do:

In January 2019, the Reserve Bank of India (RBI) mandated all users of mobile wallets to be provided with the same safety as offered to regular credit or debit cardholders. The rules bring in clarity on what happens in case of unauthorised or fraudulent transactions on mobile wallets. The central bank made it mandatory for all transaction SMSes that users receive from these platforms to have a contact number or email ID which can be used to report unauthorised transactions immediately, if necessary.

RBI also asked digital wallet companies to set up 24×7 customer care helplines where people can report fraud or any loss or theft in order to ensure that customers are assisted and given a full refund if a case of fraud occurred due to the negligence or deficiency on the part of the wallet provider.

The RBI also mandated that if such cases are reported within three days, the entire amount is to be refunded. If the fraud is reported within four to seven days, the transaction value or Rs 10,000, whichever is lower, be refunded. If the fraud is reported after seven days, the refund will be as per the RBI-approved policy of the e-wallet company.

However, here’s something that you need to know. According to the guidelines, a customer is liable for any loss caused due to unauthorised transactions if it happened because of their own negligence. In the above-mentioned case, for example, the woman had shared the payment credentials. In such cases, the customer will bear the entire loss until they report the unauthorised transaction to the bank. The silver lining here is that any loss occurring after the reporting of the unauthorised transaction shall be borne by the bank.

As per the report, Baral informed the cyber crime cell within an hour of the incident and lodged a written complaint with the branch manager of her bank. She also followed up with the police, but 15 days after the incident, she still hasn’t heard back from anyone.

Baral was quoted in the report saying, “I never mentioned my PIN to the scammers verbally. I suspect they had access to my mobile screen and could view anything I typed.”

Prevention tips:

While you may recover the money you lost if you inform the bank of the fraud and if the bank is not able to stop the transaction, prevention is still a better option. In order to avoid being duped of your money and having to seek recourse, make sure to never enter your PIN, CVV or OTP unless you are absolutely sure that you are on a secure payment gateway of platform.

If possible, avoid using public WiFi as they are a haven for criminals looking to intercept your connection and use it to steal passwords, banking or credit card information, and other personal data.

If you are connected to a legitimate access point or a secure network, make sure that the sites you are using are protected using SSL (secure sockets layer), or consider using a VPN to protect your transactions.

While looking up phone numbers online, be very careful as anyone can list a fake number with the name of the service provider you are looking to connect with and lure you into a trap. Always look up the official website and call the number listed there. Make sure to confirm thoroughly that you are not speaking to someone posing as an executive.

While carrying out any type of transaction, make sure your connection is secure. You can do this by looking at the URL bar of your browser and making sure that the address starts with https:// rather than http://. You can also look for the little lock icon on your browser. These will mean that your transaction is protected.

It is worth mentioning that fraudsters keep using new ways to dupe people which is why it is nearly impossible to predict what the next modus operandi is going to be. In such a scenario, stick to a few cardinal rules like using only secure payment gateways and never sharing your PIN with anyone, and always be careful. Also, do not park your funds in one account so as to not lose much in case you do end up falling for such a trap.