Listen to this story
Last month, a Gurugram-based firm, Paraviom Technologies, became a victim of the UPI fraud. Reports claim that the cybercriminals tampered with the firm’s payment gateway system, and as a result, Rs 35 lakh were stolen from the company’s account. This was one of the many UPI-related cyber attacks in India, which have raised a concern about the ill-effects of the growing digitalisation in the country.
According to a recent survey by the Bureau, digital fraud has become a pressing concern in India’s rapidly expanding digital economy. Among the various payment systems in the country, UPI has emerged as a prime target for fraudsters. As per the reports, in 2022-23, a staggering 55% of total digital fraud cases in India were directly linked to UPI. Cybercriminals have conducted around 95,000 UPI transactions, according to the cyber cell of the Union Finance Ministry.
These alarming statistics necessitate a closer examination of the prevalent fraud techniques and the measures required to safeguard users against these threats.
Popular fraud techniques
Fraudsters are known to employ various tactics to deceive unsuspecting individuals, employing methods such as phishing, malware, vishing, and exploiting trust on social media platforms. Phishing involves sending deceptive emails that appear legitimate, aiming to extract sensitive information like passwords or PINs. Malware infiltrates and copies data from infected devices, often downloaded unknowingly from fake attachments or unsecured websites.
In the case of vishing, fraudsters pretend to be bank employees to trick victims into sharing personal information or downloading third-party apps. They exploit trust by using deceptive UPI handles on social media platforms to extract account details. Additionally, the report claims that fraudsters take advantage of unverified apps to gain unauthorised access through remote screen monitoring.
They also use money mule accounts to transfer illicit funds through intermediaries, ensuring added anonymity. SIM cloning is another technique to intercept OTPs and gain unauthorised access to sensitive accounts.
India’s growing digital consumers
The reason behind the increasing number of frauds that Indian consumers are seeing is the remarkable surge in their adoption of digital payment systems, driven by various factors. A significant shift in consumer behaviour is evident as more Indians prefer conducting transactions online or through mobile devices, recognising the convenience and accessibility offered by digital platforms.
This preference is a reflection of the rising internet penetration, which is projected to reach 78% by 2027, providing a substantial user base for digital services. The growth in internet users is expected to be staggering, with a projected reach of 1,144 million by 2027. As consumers engage online, digital payments have emerged as a prominent feature of this digital transformation. With a projected CAGR of 74% between 2022 and 2027, digital payments are witnessing robust growth, highlighting their growing importance in the financial ecosystem.
One of the driving forces behind this shift is the emergence of a new middle class in India. As this segment seeks more digital-native and personalised products and services, they become key drivers of the digital payments trend. The reduced cost of mobile devices, ease of use and enhanced value, has made them increasingly accessible to a larger portion of the population.
E-commerce is expected to grow at a CAGR of 35-40% through 2025, while m-commerce is projected to experience a CAGR of 25-27% during the same period. Moreover, regulatory support has been instrumental in fostering the growth of digital payments.
Regulatory sandboxes established by the Reserve Bank of India (RBI) have also encouraged innovation in low-cost, mass-inclusion solutions. The government’s efforts to control voice and data costs and the emergence of 5G technology have contributed to the digital revolution. By making digital services more affordable and accessible, these initiatives have created an enabling environment for consumers to embrace digital platforms.
Basic services, such as bank account opening, money transfers, receiving payments, company registration, and media consumption, now predominantly occur on mobile devices.
Government’s attempt to stop fraud
The report by the Bureau also highlights the steps taken by the Indian government regarding the digital fraud crackdown. The government has boosted the Additional Factor of Authentication limit from INR 5,000 to INR 15,000, along with setting up registries like the Central Fraud Registry, Centralised KYC Registry, and Central Payments Fraud Information Registry, collecting data to expose the tricksters. Even loans aren’t spared, as the RBI now demands reporting to credit bureaus, ensuring no funny business goes unnoticed.
The government is also setting up baseline technology standards for Digital Lending Platforms, stopping loan disbursements on stolen identities or data breaches. Additionally, they’ve introduced open banking and intermediary account aggregators, guaranteeing financial transparency and making it harder to forge documents.
However, relying solely on regulations will not effectively address the issue of increasing fraud in India. A majority of UPI-related fraud cases stem from social engineering, a problem that can be mitigated through simple precautions such as verifying requests, maintaining a healthy scepticism towards unsolicited communications, and reinforcing password security etc.