top of page

Modus Operandi of Financial Fraudsters: Part IV

Updated: Jul 8, 2022

In the last blog post, we saw how financial fraudsters work in a dynamic environment and steal data. They improved their hacking and sabotage skills and mastered these skills as professionals. As we already know the financial fraudsters are also scamming the Non- Banking financial Companies too by different methods including Fake Loan websites / App Frauds, SMS / Email / Instant Messaging / Call Scam, Fake Advertisements for Extending Loan by Fraudsters, OTP based Fraud, Fraudulent Loans with Forged Documents, and Money Circulation/Ponzi/Multi-Level Marketing (MLM) Schemes Fraud.

We listed out precautionary measures which have been given by the office of the Reserve Bank of India (RBI) Ombudsman, Mumbai in its booklet on modus operandi of financial fraudsters. The general precautions can be summarised as follows:

  1. A conscious user must always be very careful of clicking on popups that appear when one is surfing/ browsing on the internet.

  2. A user must always check the authenticity of the payment mechanism being used by the website/ gateway, it must be checked if it is secure or not. This can be done by a pad lock system or cross- checking the https://- URL).

  3. The user is also warned and suggested not to share his/ her PIN (Personal Identification Number), CVV, credit card or debit card information or nay passwords of any sort.

  4. Two- factor authentication service must be availed wherever there is an option.

  5. A user must never save his/ her information on any public devices/ laptops/ computers/ websites and shared devices.

  6. Copies of things that might contain personal information must not be shared with strangers, these include KYC documents and chequebook.

  7. Suspicious emails with unfamiliar attachments are better left unopened and deleted.

The booklet also provides specific instructions that can be followed for computer/ device safety:

  1. A user should make sure to scan unknown U disk / device before use.

  2. One should install antivirus software on the device and install update when it is available.

  3. The user is suggested to set automatically a system to lock the device after a specified time.

  4. Do not leave your device unlocked.

  5. One must change your password regularly.

  6. One should not store passwords or confidential information on unknown devices.

  7. The user is suggested to not install unknown applications or software.

Not only this, the booklet suggests methods for safe internet browsing, they include:

  1. A user should not be using unknown browsers.

  2. One must avoid visiting unsafe websites.

  3. One should not share private information with strangers on social networks.

  4. One should avoid saving passwords on public devices.

  5. A user must avoid entering security credentials on unknown websites.

  6. One must avoid entering security credentials on unknown websites.

  7. One must always check the security of the page to prevent email or SMS links from being redirected

Among other guidelines, some for safe internet banking include:

  1. One must regularly update the password on all their apps.

  2. One must not use the same password for email and online banking. This can avoid hacking of all accounts.

  3. One must close online banking immediately after use.

  4. One must always use the virtual keyboard on public devices, because keystrokes can also be captured by infected devices, keyboards, etc.

  5. One must avoid using public terminals (Internet cafes, etc.) for financial transactions.

  6. One must always use the virtual keyboard on public devices, because keystrokes can also be captured by infected devices, keyboards, etc.

Some precautionary methods have been suggested for e-mail account safety:

  1. One must never secure credentials/ passwords and others sensitive data in emails.

  2. One must avoid using emails on free and public networks.

  3. One must not open unknown emails/ click on emails from unknown senders.

Some precautionary methods have been suggested for password security/ safety:

  1. One must change all passwords at regular intervals to avoid getting hacked.

  2. One must use two- factor authentication for all accounts as and when needed.

  3. One must make strong combinations of alphabets, numbers and special characters while creating a password.

One common question which has also been answered in the manual is how does one know whether an NBFC which is taking deposits is genuine or not?

The following things can be looked at which might help in verifying the authenticity of an NBFC:

  1. Depositors should check if the NBFC exists on the deposit list of NBFCs entitled to receive deposits, available at, and ensure that it does not appear on the list of companies that are forbidden to accept deposits.

  2. The NBFC must clearly display the Certificate of Registration (CDR) issued by the Reserve Bank of India (RBI) on its website. The certificate that is issued and displayed on the website must also reflect that the NBFC has been specifically authorised to accept deposits by the RBI. The depositor must carefully check the certificate to ensure that the NBFC is entitled to accept deposits.

  3. NBFC cannot accept deposits of less than 12 months and more than 60 months. The highest interest rate that NBFC can pay to depositors must not exceed 12.5%.

  4. The Reserve Bank announced the change of the interest rate which can be found on the official website that follows this path: → Site Map → NBFC List → Frequently Asked Question

Along with these, some other precautions that can be taken by the depositors include:

  1. Depositors should insist on providing appropriate receipts for each deposit amount deposited into the company.

  2. A duly signed receipt by an official authorised by the NBFC must indicate the name of the depositor, date of deposit, the amount of words and numbers, the interest rate payable, the due date and the amount.

  3. For brokers/agents, etc. who collect public deposits on behalf of NBFC, depositors must ensure that brokers/agents are properly authorised by NBFC.

  4. Depositors should note that deposit insurance facilities are not applicable to NBFC depositors

After reading so much about how financial fraud and its preventive methods extensively, we hope that the users have understood how these frauds work and how one can prevent themselves from these scams.


Recent Posts

See All


Get Started with Listing of your Bug Bounty Program

  • Black LinkedIn Icon
  • Black Twitter Icon
bottom of page