Beware! Hackers might be fraudulently accessing your e-wallets, mobile banking app and UPI Wallet. A complete guide to secure your wallet.

India is thriving towards digitalisation. Since last year due to imposition of lockdown and the social distancing norms followed, digital transactions are preferred over cash, for being a contactless mode of payments. Significant percentage of consumers have increased their usage of digital payments via credit and debit card, mobile wallet and other UPI-based payment methods. However, with the surge in the digital transaction, the number of online fraud transaction such as phishing, cyberattacks etc., where fraudsters manage to target your bank account or extract money from your Debit Cards/Credit Cards, payment wallets such as Google pay, Paytm, Phonepay etc., have also shot up.

The Schemers keep looking for information about you. Data is the new gold. Most of the data are provided by you. The Question is How?

Let me give you instances: 1st scenario…. When you visit a Mall/ Restaurant, you will find some youngster approaching you with a form to fill the details saying that you are eligible to participate in the Luck Draw!!. You will fill the details. Bhoom….you have given your vital information: Your Name, Your date of birth, your anniversary date, your email ID, address etc…

2nd Scenario… Most of you like posting details of your life events on the social media handler’s page. Your Birthday celebrations, The Pictures of your family/ friends, the places you visit, the restaurant you eat etc, etc.. Your information is scattered all over the digital media, which if pooled in together gives the whole picture about you.

This information is gold for these schemers. The Schemers deploy new tactics for looting money digitally. Fraudster by collecting the information may call you and say they are the representative of some Bank/ Telecom Company and say you are eligible for some loan, or some gift and ask you to confirm your DOB and other details to empty your bank account over a call. And unsuspecting you will give away the information.

To create awareness the telecom service provider such as Airtel, have during the outward calls are playing the pre-recorded warning against sharing the OTP Pin, ATM Pin, CVV Number etc over the phone. National Payments Corporation of India (NPCI), Banks and the Reserve Bank of India (RBI), are also issuing advisories on these fraud transactions. Despite this, people are falling prey to such frauds.

This reminds me a plot of the web television series Jamtara – Sabka Number Ayega that was released on the Netfilx OTT Platform on 10th January 2020. The storyline of the series is based on phishing operations being conducted from a village, Jamatra remotely located in Jharkand State, by a bunch of young illiterate boys and girls using minimal infrastructure like mobile phones and a laptop and looting lakhs of rupees from the urban literate unsuspecting people like us. Worth watching it!!!

Every Schemers have his/her own special modus operandi.

  1. Remote Screen mirroring tool:

Since the Lock down was imposed in March 2020, Work from Home is the new norm in the business. Many Companies are insisting on downloading remote screen mirroring applications to keep track on their employees. These applications work to connect one device to another. So, any person gaining access to your device through this application will be able to view and control your device.

However, fraudster are using these applications to commit fraud. Many times, hacker pose as bank official or the customer service provider of the online payment wallets and say that your wallet or bank KYC is invalid or debit card is blocked and you will need to download an app to claim the money or validate the KYC to continue to use the payment wallets. This Application could be Remote Screen Mirroring tool. Sometimes while transacting through the online wallet, you may get a message that the transaction has failed or declined or some error, but the amount would have been debited from your bank account. At such instance a victim will search for the helpline numbers listed in the search engine, but it may out to be fake number. This has happened to many.  Apparently, the fraudster had created a fake website page, that was an exact copy of official page of the actual service provider, the Bank, where he put fake helpline number. The victim ended up complaining on this fake helpline number or calling them for all complaints. The schemer convinced him to download the remote mirror application for resolving the payment issue. The victim fell prey to the scam. Once the application was downloaded in the victims Phone, the Fraudster could access the victims phones, read his messages and OTPs, the clicks on the phone etc.. The Victim lost all his hard-earned money from his bank account. One should always look at the authenticity of the website of the Banks. Do not search for the helpline numbers in the search engine. Always contact the number listed in the Official Website of the bank and not on any other social media pages.  

Now a days as a trend, most of the people choose to contact the officials through the twitter account to seek the attention of the service provider for quick redressal. They post the details of the failed transaction online, thinking that it will be resolved soon. However, the schemer will also be reading such posts. The fraudsters may contact you as the representative of the redressal agency and will make you reveal further details and will convince you to download an application to solve your problem or for verification purposes.

Just because a UPI social media page, has the words BHIM, NPCI, or names similar to any banks or government agencies, it does not make it authentic.

What happens once you download the remote screen application?

After downloading this remote screen mirroring application, a 9-digit code is generated on your device, which allows the hacker to remotely access your device. After inserting this 9-digit code on your device, the hacker asks you to grant certain permissions, which are like what is required while using other apps. Once they gain the access to your device, the hackers can view the screen and control your device via this application and carry out the transactions fraudulently through mobile banking application or payment related applications including UPI wallets. You will get an OTPs for all these transactions which Fraudsters also can view. They use your credentials to transfer huge amounts from your account and delete the SMS, which you may never know. And Boom… your bank account is empty.

Most interesting thing is that these hacking applications are freely available on the search engine and play store of Android, that allows you to use their tools to hack into anybody’s phone. Hackers can read through your chats, SMS, and other applications and gather all personal information about you, without you even noticing it. You always need to be alert. Read the permission sought by this app at the time of downloading a new app. Do not download the application from unknown source. Be cautious.   

  1. Scams using UPI Pin or OTP.

Recent ways adopted by the schemers are sending the “request money” link via SMS/Website. Once you click the link and authorise the transaction thinking that you will receive the money, on the contrary your savings will be deducted from your bank account.

There was this instance where PhonePe customers received SMS from fake header ‘AX-PHONEPE’ instead of legitimate ‘AX-PHONPE’, claiming that their account has expired or blocked, or KYC verification is due etc to transfer user’s money. Customers of other payment wallet including Eko India, Paypoint, Pay1, and Infibeam Avenues have also encountered phishing calls via illegitimate SIM cards.

One of the classic ways in which the fraudster tries to scam you is to convince you to share the OTP or UPI Pin over the phone. Once they have the details, they will authenticate the UPI transaction and steal your money.

Generally, during the process of on-boarding in any UPI application, the app and banks send text messages (SMS) at various stages—registration, adding a bank account and while setting the UPI PIN. If you are not registered for UPI services on any app but happens to receive an SMS regarding the on-boarding process having been initiated, then reach out to your bank immediately and lodge a complaint.

  1. Phishing Scam

This is the most common way scammer use to scam you. The Schemer will call you informing that you have won crores of Rupees through Lottery or that your bank account is blocked and to unblock it you will need to click on the link (unauthorised URLs) provided by them via SMS. These fake bank URLs will look almost identical to the original URL. If you are in hurry you click on that link, it will direct you to the UPI payment app installed on your phone and will ask you to select any of the apps for auto-debit. Once, you give permission, the amount will get debited from the UPI app instantly.

Often, after such financial accidents you may be uncertain about how to seek redressal through formal channels. Here are the steps to be taken.  

As soon as you realise that a suspicious bank activity is taking place or that you have been a victim of a UPI scam- collect evidence.

  • Preserve the transaction details:
    • Take screenshots of the transaction, of SMS, email, fraudulent website, UPI handle;
    • Note the transaction ID, beneficiary’s bank account details, phone number of the fraudster, etc.
    • If you are defrauded through e-commerce platforms, you should save a screenshot of the merchant’s web page.
    • If you fall victim to ATM skimming, which means stealing your details through a device placed illegally at an ATM terminal, you should document the ATM location, address and number which is listed on top of the machine.
    • Similarly, you should note the merchant’s address if a point-of-sale device has skimmed your card details.

This is vital information and will be useful while lodging a complaint with the Police or the Bank or payment wallet companies or Application developer Company. Always remember to change all your passwords & PINs related to your bank account or mobile wallet immediately. Never search for the service providers helpline number in the search engine. Always get the number from the service providers official website. Look out for the genuine websites.

  • How to file Complaint with your Bank:
    • Immediately inform your bank of the unauthorised transaction on the bank’s toll-free helpline (always mentioned in the banks’s official website) or send an email to your bank or visit your bank’s home branch to alert them of the fraud. Sooner you inform, the safer your money will be.
    • In case of a payment fraud on an e-commerce website, a PoS device or an ATM, customers should file the complaint with the card issuing bank.
    • In case any fraudulent transaction has been committed with your bank account linked to the UPI app, immediately register a complaint by giving a call or sending an email to your bank. Also, request your bank to block future UPI transactions associated with the account.
    • Submit a request to block your bank account. The banks will verify your identity by asking some personal details before finally blocking your account. It will stop future UPI transactions. You’ll be able to access your bank account after you change the passwords or issuance of new details.
  • Complain to the payment platforms:
  • If you are using a TPAP (third-party app providers) platform like PhonePe, Google Pay, PayTM, etc- call on the toll-free number to submit your complaint. Each of these platforms will have a grievance redressal mechanism, which you will need to follow to lodge the complaint.
  • You also need to lodge a complaint of fraudulent transaction with the UPI app developing company to investigate the issue. There are mechanisms in place to raise the issues in case of disputes with most of the UPI app developing companies. For instance, on Google Pay, there is a dispute option on each paid transaction to raise the complaint if you feel it is suspicious / fraudulent
  • The platform will be able to share some details related to the fraudster which may help you identify them.
  • Some platforms also offer an in-built complaint feature where you can easily raise a dispute against a transaction.
  • The bank and the UPI company should be able to resolve your complaint within 10 days.
  • Complain to the Cyber Crime Police:
    • After you have notified your bank and the Payment platform and App developing company, you should file the first information report (FIR) with the local police station and request them to forward it to the cyber-crime cell in case the police station in your area does not have this division. This is because cyber-crime cells have the expertise to investigate digital fraud cases.
    • While filing the cyber-crime complaint, you need to provide following:
      • your identity proof, contact details and address proof
      • your last six months’ bank statement,
      • details of the fraudulent transactions
      • and a copy/screenshots of the messages received while making those transactions.
  • Complain to PSP and NPCI:
  • In case the complaint / grievance remains unresolved, the next level for escalation will be the PSP (Payment Service Provider) Bank, followed by the bank (where you maintain your account) and NPCI, in the same order.
  • The complaint can be raised for both the types of transactions i.e. fund transfer and merchant transactions
  • You will be kept communicated by the PSP / TPAP (third-party app providers) by means of updating the status of such end-user customer’s complaint on the relevant app itself

List of 3rd party UPI based payment apps, which along with a partner bank offers payment app :

  • Complain to the Digital Payments Ombudsman:
    • After exercising these options, you can approach the Banking Ombudsman and / or the Ombudsman for Digital Complaints, as the case may be. The Reserve Bank of India (RBI) in January 2019 has launched an Ombudsman scheme which specifically deals with digital transaction issues. The idea was to have the mechanism of ombudsman for redressal of complaints against deficiency in services related to digital transactions. The deficiencies identified and included are delays in payment/credit/refunds, unauthorized transfers, and failure to act on instructions given by the customer.
    • Should you not get a response from you bank or payment service provider within a month, or if you are not satisfied with the response, you can approach the RBI’s Banking Ombudsman.
    • You can send your complaint in writing with the ombudsman for Digital Payments. A form is also available on RBI’s website here:, which you may use to file a UPI fraud complaint. You will be required to give following details to ombudsman for reviewing a case:
      • name and address proofs,
      • facts giving rise to the complaint supported by documents/screenshots/messages, the nature and extent of the loss and the name / contact number / address (any information that is available) against whom the complaint is made.

Note that frauds such as the ‘request money’ ones typically don’t fall under the ombudsman scheme as they are incurred by fooling the user into doing a spurious transaction. RBI’s ombudsman scheme does not accept complaints in cases where, legitimately, the consumer has entered the PIN and transferred the amount using UPI apps.

Be extremely cautious while transacting on app-based money wallets. You must always verify the identity of the other party before initiating a payment or sharing your details. Also, never delay in reporting such an occurrence- quick action can help your case by leaps and bounds

So, prevention is always better than cure. Here are the ways you should keep in mind while transacting online.:

  • If you are banking electronically, you must register yourself for SMS/email alerts and immediately inform your bank in case of a fraud;
  • According to RBI, you must only use sites with https while banking online. “https” tag is more secure compared to “HTTP”. Look at the name of the domain. Does it contain any unusual symbols, too many dashes, or suspicious attempts at mimicking big brands’ or other businesses’ names and products, spelling errors etc. Check the contact information. Legitimate websites, businesses, and organizations have no reason to hide. Other fake website red flags include poor grammar, spelling mistakes, gibberish in website copy or blog content, as well as a multitude of intrusive ads.
  • Avoid undertaking banking or other financial transactions through public, open or free wifi-networks.
  • Regularly change your password/PIN/ OTP;
  • Never share important details like debit card number, CVV, expiry date, registration, OTP with anyone. Many a time, the caller asks you these details in the name of bank executive stating that your card will be blocked. Do NOT fall for these types of calls. The Bank Officials will have all the details pertaining to your bank account. Apart from banks, SMS can also come in the name of IRDAI and EPFO. However, they also do not send any such message.
  • Do not share UPI MPIN with anyone. MPIN is the one which you enter in the UPI app to check your balance.
  • Do not click on any unofficial link from the SMS. Also, do not forward any such SMS.
  • Do not download any app or confirm payment from unknown accounts via UPI.
  • Do not store important banking data on the mobile, e-mail, electronic wallet or purse.
  • Do not share personal details on any social media platform and do not lodge complaint about the digital transactions on social media handle.
  • RBI also warned citizens to be wary and not fall prey to fraudulent tactics used by seamsters. RBI Helpline Number to report fraudulent activity in your bank account: 14440

So Be alert and Safe transacting!!!

This article contains general information only. It does not constitute legal advice. You should consult a suitably qualified lawyer on any specific legal matter or issue.

The current competitive business landscape presents various obstacles to companies, including differentiating themselves from their rivals and obtaining funding. However, Intellectual property (IP) can be a potent instrument for gaining a competitive advantage and establishing a multimillion-dollar corporation. In this article, we will discuss how companies can unlock the power of intellectual property and achieve success.

To unlock the power of intellectual property the company should first identify what IP it possesses. Conducting a comprehensive IP audit and reviewing all the company’s intellectual property assets is an excellent way to accomplish this. The audit can reveal areas where the company may be susceptible to infringement or theft and identify opportunities to strengthen its IP portfolio. After identifying its assets, the company must protect its inventions, creative works, and brands by effective means of IP protection. By safeguarding its IP, the company can position itself as a leader in their industry and create an obstacle to entry for competitors. This can also help the company to attract investors and secure funding, as investors are often more willing to invest in a company with strong IP protection.

In addition to safeguarding its intellectual property, a company can leverage its existing knowledge and resources to expand its business without starting from scratch. The company can produce a novel and innovative product or service by building upon an established idea and incorporating its unique twist. For example, a startup can enhance an existing e-commerce platform by introducing a personalized recommendation engine, much like the successful strategies employed by Amazon, Vedantu, and Uber. Additionally, using patent data can assist the company in identifying emerging trends and opportunities in the technology sector, enabling them to develop innovative products or services and avoiding potential patent infringement issues. Collaborating with universities, research institutions, and other companies can also provide valuable expertise and knowledge, which can result in the creation of new and innovative technologies that can be protected through intellectual property.

Another way the company can benefit from intellectual property is by entering into licensing agreements or collaboration with other companies. For instance, a company could license a patented technology from another company and integrate it into its product or service, without having to create it from the ground up. This approach can provide the company with access to valuable intellectual property assets without the added cost of developing them. Through licensing agreements, companies can generate revenue or sell their intellectual property assets, resulting in a consistent flow of income without the need to produce or market a product themselves. This is especially advantageous for companies that have developed a unique technology or product but lack the necessary resources to bring it to market.

In summary, by effectively utilizing IP to gain a competitive advantage, attract investors, and generate revenue, companies can establish themselves for success in the current crowded and competitive marketplace. Protecting their IP, leveraging existing knowledge and resources, analysing patent data, and earning revenue through licensing agreements can all contribute to the creation of a multi-million dollar company.

This article contains general information only. It does not constitute legal advice. You should consult a suitably qualified lawyer on any specific legal matter or issue.

The metaverse is a digital realm where individuals and businesses can interact with one another in a virtual three-dimensional space. As more people enter this space, the question of who owns intellectual property (IP) rights to virtual assets and creations becomes increasingly complex. In this article, we will explore the challenges and opportunities that IP presents in the metaverse and how to protect it, including relevant case laws, including Indian case laws. Read More

This article was published in May 6, 2023, 4:18 PM IST Gayathri Prajit in VoicesTech, Times Of India

As we commemorate World Intellectual Property Day 2023, we celebrate the women who have made remarkable contributions to the field of innovation and creativity. This year’s theme, “Powering Change: Women in Innovation and Creativity,” recognizes the essential role that women have played in shaping our present and future. This theme emphasizes the need to address gender inequality in the field of intellectual property and to create an environment that promotes diversity and inclusivity. It is a reminder that women’s contributions are critical and deserve recognition and protection under intellectual property laws.

Women around the world have made significant contributions to innovation and creativity, breaking down barriers and driving change across a range of industries. From biotech to e-commerce, these women leaders and innovators have inspired others to pursue their passions, overcome obstacles, and make a difference in the world.

Women entrepreneurs have played a critical role in shaping the India’s economic landscape. Kiran Mazumdar-Shaw, the founder and executive chairperson of Biocon Limited, is a prime example. She has taken the company to global heights, developing innovative solutions for diseases like cancer and diabetes. Meanwhile, Falguni Nayar, the founder of Nykaa, has built a thriving beauty and wellness platform that has become a household name in India.

Women entrepreneurs have also made strides in the tech industry. Suchi Mukherjee founded Limeroad, an online marketplace that specializes in fashion and lifestyle products. Upasana Taku, the co-founder of MobiKwik, has been instrumental in revolutionizing India’s digital payments ecosystem. MobiKwik is a leading supplier of payment services, offering a digital wallet and mobile phone-based payment system. Taku’s leadership and innovation have enabled MobiKwik to provide secure and convenient payment solutions to millions of customers across India. These women have been instrumental in bringing about digital transformation in India and have created new opportunities for businesses and consumers alike.

In addition to entrepreneurs, women innovators have also made significant contributions across various industries. Nandini Harinath, a rocket scientist at the Indian Space Research Organization, has played a crucial role in several landmark missions, including the Mars Orbiter Mission. She is a champion for women in STEM fields and has inspired many young girls to pursue careers in science and technology. Dr. Kristina M. Johnson, an inventor and entrepreneur with over 100 patents to her name, co-founded ColorLink, which developed technology used in high-definition television displays. She is also a strong advocate for renewable energy and has worked to promote sustainability throughout her career.

Sonam Srivastava, the co-founder of Wright Research, is another inspiring woman innovator. She is a data scientist and entrepreneur who has developed cutting-edge algorithms and tools for data analysis. Her company specializes in market research and provides valuable insights to businesses across various sectors. Srivastava’s work has helped companies to make informed decisions, identify new opportunities, and stay ahead of the competition.

Women innovators have also shown remarkable resilience and determination in the face of adversity. Dr. Cynthia Breazeal, a roboticist and pioneer in the field of social robotics, has faced many challenges in her career, including being the only woman in her field at MIT. Despite these obstacles, she has continued to innovate and has developed the world’s first social robot for the home. Aditi Gupta, the founder of Menstrupedia, a digital platform that provides information and resources on menstruation, has helped to break the taboo surrounding menstruation in India and has empowered girls and women to take control of their health and wellbeing.

In conclusion, women innovators and women entrepreneurs have made significant contributions to innovation and creativity in India and around the world. Their breakthroughs and entrepreneurial spirit have inspired others, broken down barriers, and created new opportunities for businesses and consumers alike. As we celebrate their achievements on World IP Day, we should recognize the importance of diversity and inclusivity in driving innovation and creativity forward. These women have proven that with hard work, determination, and passion, anyone can make a difference and power change.