Reserve Bank of India (RBI) has reiterated cautionary measures people should undertake while conducting digital transactions. In an advisory released on Monday, the central bank warned people to follow proper safety measures in light of reports suggesting users falling prey to fraudsters in recent days. The RBI advisory comes close on the heels of a government warning about a suspicious phishing attack in the garb of official information on COVID-19.
In its recent advisory RBI said, "In recent days there are reports of users falling prey to fraudsters who are luring them on fictitious pretexts, such as alleged completion of KYC requirements etc. and impersonating identities and websites of banks and payment system operators."
The central bank further listed precautions that people should follow while carrying out digital transactions. The RBI reiterated that banks and other payment systems operators never ask for sensitive details such as password, PIN, OTP or CVV number.
The RBI asked users not to share their ATM, credit card, debit card or prepaid card details, as well as information like password, PIN, OTP, CVV, UPI-PIN, etc, with anyone. The top bank also asked people to avoid undertaking banking or other financial transactions through public, open or free WiFi networks. It also cautioned not to store important banking data on the mobile, e-mail, or electronic wallets.
The advisory from RBI came a day after the Indian Computer Emergency Response Team (CERT-In) of the Ministry of Electronics and Information Technology (MeitY) warned of a large-scale phishing attack against Indian individuals and business, including small, medium and large enterprises, starting Sunday.
The phishing the campaign is expected to use malicious emails under the pretext of local authorities in charge of dispensing government-funded COVID-19 support initiatives. The phishing campaign is designed to impersonate government agencies, department and trade associations who have been tasked to oversee the disbursement of the government financial aid programmes.
"The malicious actors are claiming to have 2 million individuals or citizens email IDs and are planning to send emails with the subject" Free COVID-19 testing for all residents of Delhi, Mumbai, Hyderabad, Chennai and Ahmedabad, inciting them to provide personal information," MeitY said in a statement.