How cybercriminals target UPI payments and what's being done to stop them

The Unified Payments Interface (UPI) has revolutionised digital payment systems space, offering fast, easy, and secure transactions. While it has gained popularity, it has also been a prime target for cybercriminals.

In this piece, we look as how cybercriminals target UPI payments and the measures being implemented to thwart their schemes.

Vishal Salvi, CEO of Quick Heal Technologies Ltd., said, “In the digital age, cybercriminals are increasingly targeting UPI payments using various deceptive tactics. They often pose as familiar contacts or trusted services to prompt users into making hasty money transfers. Additionally, they might impersonate bank officials over the phone, creating a sense of urgency to extract sensitive card details."

For instance, phishing is one of the most common techniques cybercriminals use. Fraudsters send fraudulent emails that appear to be from legitimate banks or UPI service providers.

Secondly, these criminals deploy malware and spyware to infiltrate your devices. These malicious programs can steal your personal information, including UPI details, etc. or even remotely control the device to initiate unauthorised transactions.

Third, social engineering tactics are a new type of cybercrime. They involve manipulating users into divulging confidential information. In such a case, fraudsters posing as customer service representatives will convince you to share your UPI details under the guise of resolving a payment issue.

What you should do

While financial institutions provide multi-factor authentication (MFA) to add an extra layer of security and provide financial literacy programmes, protecting yourself from UPI payment fraud is not as daunting as it may seem. The key is to be cautious and verify every transaction. Never share your UPI PIN or OTP with anyone, and always use the official app or website for transactions. Check for secure connections (https) before entering any information. Stay updated with the latest app version and enable transaction alerts to monitor for any suspicious activity. These simple steps can go a long way in keeping you safe.

Remember, in the face of a fraudulent transaction, time is of the essence. The moment you suspect something is amiss, don't hesitate to take action. Salvi says, "Report the incident to your bank and the UPI platform, and if necessary, block your account to prevent further unauthorised transactions. File a complaint with the bank's ombudsman, providing all relevant details. And don't forget to report the fraud to the local cybercrime authorities. Swift and decisive action can be the difference between losing your funds and recovering them."