The modus operandi is indeed simple. Deposit a rupee, gain trust, catch the target off-guard, create confusion and before the penny drops, sweep out as much money as possible from the victim’s account
Hyderabad: Hook, line and sinker – that’s how gullible victims are falling to fraudsters’ latest trick of penny drop phishing.
The modus operandi is indeed simple. Deposit a rupee, gain trust, catch the target off-guard, create confusion and before the penny drops, sweep out as much money as possible from the victim’s account.
Most banks have already started alerting their account holders about the newest fraud which basically is a twist of a regular banking practice.
Technically, ‘penny drop’ is a test transaction done by banks, insurance companies, financial institutions, and in several instances, even individuals to verify a bank account. When a big amount is to be transferred, those transacting the amount initially deposit a small amount, say Rs 1 or Rs 10, and once the payee confirms the receipt, the total amount is moved.
The cyber crooks are now riding on this penny drop verification process and with a twist of deceit, emptying the bank accounts of gullible victims.
The fraud starts as a routine ‘business’ call from the cheat claiming to be representing a bank, insurance company, telecom agency or some government unit. Not allowing the target much time to grasp and respond intelligently, the fraudster keeps pushing a lot of chatter, says a big amount is waiting to be paid and asks very business-like details about the account the money is to be credited.
Once the bank account details are shared, the fraudster deposits a small amount, Rs 1 to Rs 11 or some instances, Rs 101, stating that penny drop verification was being done and asks the victim to confirm the receipt. Having received the amount, the victim feels reassured and that’s when the fraudsters unroll the dice.
Deploying their technological prowess, the fraudsters generate a fake bank message about credit transaction of a large amount having been made and get it sent as a SMS. And before the victim can actually check the account for an updation, the fraudsters call back and claim that by mistake more than the approved amount got transferred.
There is pleading for the extra amount to be transferred back and for that a scan is forwarded. Extremely gullible is the talk with which the target is hooked and not allowed any time to actually check the account. The moment the victim uses the scan, the fraudster takes over the account and moves chunks of money from it !
Senior police officials involved in cyber security says the newest modus operandi of the fraudsters thrives on trust created with a small deposit and the temptation of bigger amount on the way. “Having received small deposit the victims feel reassured and then ends up in the elaborate trap laid out by the fraudster. One should actually check the bank account for debits and credits and not just go by SMS, which turns out to be fake in this fraud,” says the official.
