Gurugram: Fraudsters are after your Paytm wallets, KYC scams see sharp rise

GURUGRAM: The city has seen a sharp spike in cybercrime since September — and most of it has been through Paytm wallets. “There has been a steep increase in the number of complaints, especially those related to Paytm. In September, there were 60 such complaints. That went up to 82 in October and 96 since November,” said ACP (cyber cell) Karan Goel. That’s 238 complaints in just over three months — or three complaints a day.
In most such cases, customers receive a message with a contact number for the KYC verification and a warning that their Paytm wallet will be blocked if verification is not done.
A customer who does call is asked to install apps like Team Viewer or Quick Support and add a token amount to the wallet. These apps are actually meant for remote access, granting another device complete control — often used by tech support to fix problems on a device from a different location.
“Once this is done, the fraudsters gain complete access to the customer’s phone and, therefore, their card information,” said Goel, adding that no apps should be installed on the basis of suggestions by customer care executives and that KYC verification is never done online. One such case came up on Thursday, when Divya Chawla, a resident of Jyoti Park, lost Rs 54,775 to the KYC fraud.
In other instances, fraudsters approach those who have posted ads for sale of furniture or other items. They ask for the seller’s bank information and send them a QR code, asking the seller to scan it to receive payment. “What people don’t realise is that one never has to scan a QR code to receive payment,” said Goel. When they do, money is deducted from their account.
With the sudden increase in such cases, Gurugram Police have reached out to the e-wallet company.
“We have spoken to the Paytm team and are working out a plan to step up awareness and reduce response time when such a crime takes place,” said Goel.
Paytm, on its part, said it has introduced security features on its app to protect its users. “We are informing all our customers that Paytm’s KYC is not done via remote desktop apps. Our entire KYC procedure can only be completed by meeting our agent face to face. Paytm does not call customers to get their KYC done via phone or ask its users to install any new app to complete the KYC procedure,” said Sumit Somani, associate vice-president of Paytm Payment Bank’s cyber frauds division.
“We are educating all our customers via blogs, SMSes, app notifications, pop-up messages to not share any UPI-MPIN, passcode, password or OTP,” he further said, adding that the company is working with telecom companies and police crime branches to deal with cyber fraud as quickly as possible when they are reported.
A backlog of FIRs, however, has piled up. Of the 238 complaints filed since September, FIRs have been lodged in just four. Over the past year, only 90 FIRs have been filed in such cases.
Investigation is pending in all the rest — FIRs in cybercrime cases are registered only after preliminary investigation is over which, in several cases, takes months. In many cases, police retrieve the money that was stolen, and the complaints are then withdrawn.