Running a business on PhonePe?

Keep your earnings safe. Beware of Merchant Frauds.

The proliferation of digital payment modes has made life really easy. The ability to use payment apps to send or accept money, pay all your bills, recharge mobile/DTH, etc., shop online, and also make instant payments at the local Kirana stores have made the dependence on cash non-existent.

While digital payment modes have been a big boon, fraudsters are constantly looking at new ways to con not just customers but retail merchants as well into doing fake transactions.

Below are a few scenarios where Kirana store merchants are systematically targeted by fraudsters.

Frauds through screen-sharing apps

Fraudsters posing as representatives from a payments company call on the pretext of checking daily sales of the merchant. During the interaction, fraudsters try and gain the merchant’s card or bank account details or take possession of the merchant’s phone. Then the fraudsters proceed to defraud the merchants of their hard-earned money.

Example:

Fraudster: I am calling from the Sales Support Team to inform you that due to some technical errors, we could not record the transactions your customers made in the last few days. Apologies for the inconvenience caused, I am here to help you fix the problem. Here are the things you need to do:

1. Send us your Bank account/ Debit/Credit card details / BHIM UPI PIN
2. Click on the link to install this app so that we can solve the issue for you <The fraudster sends the merchant a link to install a screen-sharing app like Anydesk / ScreenShare>

The Merchant falls for the excuse, shares the details and installs the app. As soon as the merchant installs the app, the Fraudster gains control over the merchant’s phone and steals the money.

Cashback or Offer Scheme Frauds

There are also instances where the merchant receives calls from fraudsters posing as merchant representatives of their payment partners. The call is actually initiated by the fraudster, with the intention of misleading the merchant with attractive cashback offers.

Scenario 1

Fraudster — I am calling from the Merchant Support Team. There’s a special cashback scheme running this week. Make a payment to this LINK and get the cashback amount directly in your bank account.

• Make a payment of Rs.500 & get Rs.1000 Cashback
• Make a payment of Rs.10,000 & get Rs.15,000 Cashback

The merchant falls for the offer, makes the 1st transaction & receives Rs. 1000 from the fraudster. The fraudster then asks the merchant to transfer the bigger amount. In the hope of receiving a bigger cashback, when the merchant transfers Rs.10,000, the fraudster cuts the call and disappears.

Scenario 2

Fraudsters call up Merchants with special offers or schemes and defraud their money using a QR code.

Example:

Fraudster — We have a special cashback scheme running this week. Pay with the QR code we send you to double your money.

• For a transaction of Rs.100, you get Rs.200 Cashback directly credited to your bank account
• For a transaction of Rs.10,000, you get a bumper Rs.20,000 Cashback directly credited to your bank account. Try now!

The merchant likes the offer, makes a transaction of Rs.100 through the QR code sent by the fraudster, and gets the Rs.200 Cashback. As soon as the Merchant pays the higher amount, the Fraudster disconnects the call & does not send any money back.

Frauds through Google Forms

Here, the fraudster sends a Google Form to the victim giving different reasons and steals money.

Example:

Fraudster: I am calling from the Merchant Team to inform you that some of your details have not been updated in our system due to which we may need to suspend your account for a few days. To avoid this from happening, please click on the LINK & fill the Google Form with your details now.

The Merchant is convinced & ends up filling the form that contains personal/sensitive information such as account number, UPI PIN, registered mobile number, name, email id, etc. Fraudsters misuse this information filled out by the ‘merchant and robs them of their money.

Points to Remember:

1. Never share PINs and OTPs or accept an unknown collect request
2. Do not pay/accept the collect request or send payment if it is from an unknown source
3. Do not accept attractive offers/freebies from an unknown source
4. Never fill any form and update sensitive information such as bank details, PIN, etc
5. Check for the sender’s details before accepting the collect request or sending money to an unknown person/merchant
6. Do not enter your UPI PIN to receive money.
7. Never share identifiable information on Social Media platforms like Twitter, Facebook that can be misused by the fraudster
8. Report to Cyber Cell/Bank immediately if you accept a collect request from unknown sources & your money gets deducted from your account
9. Block the Fraudster’s number on the PhonePe app
10. Report fraud incidents on the PhonePe app. Clicking on the fraudulent transaction, select “Contact PhonePe Support” and raise a ticket