Since the digitisation of financial system and various usage of it in shopping, paying EMI, booking tickets, etc., scammers have also found some easy tricks to extract money from the victims, especially the innocent people who are not well aware of such digital-related scams.
There are various stories to tell, but it could divert the message I meant to tell you because of the lengthier post. Other than retrieving OTP through a phone call, scammers can also retrieve it through a malicious app installed on your phone. It’s simple:
Imagine you have downloaded an app that is not from an authentic and trusted developer. If the downloaded app requires you to give permission to read the text message and you give it then they can access the message from your phone. As soon as they collect your details, they would call you and ask you to provide some information, but they won’t ask your OTP (One Time Password). They would retrieve the password automatically and they can complete transaction without your knowledge.
These calls can be related to anything such as Aadhar card, loan inquiry, debit card information, etc. So, it’s better you install apps only from the trusted and authentic developers from the Play Store or iOS App Store.
Not to forget, if someone has physical access to your GSM SIM card, they can even make a clone of your SIM card and retrieve your message on their phone, including the One Time Password! Never ever provide any banking details including credit/debit card numbers and CVV, when asked in an email message too.
Many people asked me whether if someone’s Aadhar card details leaked online, which was linked to a bank account, can be used to transfer money from their bank account or not. Except the leak of your name, address, phone number and Aadhar number, they can’t access to your bank account unless you give them through a phone call (phishing call).