Secure Your UPI and Digital Payments
The Unified Payments Interface (UPI) has made sending and receiving money seamless, but it's also a prime target for fraudsters. Scammers often use deceptive QR codes or fake payment requests to trick people. Remember the golden rule: you never need to enter
your PIN to receive money. Always verify the recipient's name before sending funds and be suspicious of urgent requests. Scammers on platforms like WhatsApp or OLX might send a QR code, claiming it’s for payment, but scanning it actually authorizes a withdrawal from your account. The National Payments Corporation of India (NPCI) advises using only trusted payment apps and keeping your transaction alerts turned on to catch any suspicious activity immediately.
Learn to Spot Phishing and Smishing Attacks
Phishing (via email) and smishing (via SMS) are common tactics where criminals impersonate banks, government agencies, or delivery companies to steal your data. These messages create a sense of urgency, with warnings like "Your account will be blocked" or "Your KYC update is pending." They contain malicious links that lead to fake websites designed to harvest your login credentials or financial details. Before clicking any link, check the sender's details carefully and look for spelling errors or unusual URLs. No legitimate organisation will ever ask for your password, OTP, or CVV over a message. If you receive a suspicious message, do not respond and report it.
Strengthen Your Passwords and Use 2FA
Using the same weak password across multiple accounts is one of the biggest security risks. A strong password should be at least 12 characters long and include a mix of uppercase letters, lowercase letters, numbers, and symbols. To take your security a step further, enable two-factor authentication (2FA) on all critical accounts, especially email, social media, and banking apps. 2FA adds a second layer of security, usually a code sent to your phone, that prevents anyone from accessing your account even if they have your password. Advisories from India's Computer Emergency Response Team (CERT-In) consistently recommend enabling multi-factor authentication as a key defence against account takeovers.
Beware of New and Evolving Scams
Scammers are constantly evolving their methods. One of the fastest-growing threats in India is the "digital arrest" scam. Fraudsters pose as police or CBI officials on video calls, falsely claiming you're involved in a crime and demanding money to avoid arrest. Another common tactic involves fake job offers that promise high income for simple tasks, but first require you to pay a registration fee. Investment scams on WhatsApp and Telegram are also on the rise, luring victims with promises of guaranteed high returns. The simple rule is: if an offer sounds too good to be true, it almost certainly is a scam.
Practice Good Digital Hygiene
Small, consistent habits can make a huge difference in your online safety. First, always keep your phone and computer software updated, as updates often contain critical security patches. Second, avoid using public Wi-Fi at airports, cafes, or railway stations for any financial transactions; switch to your mobile data instead. Unsecured networks make it easy for hackers to intercept your information. Finally, review your bank and credit card statements regularly to spot any unauthorized charges quickly. The sooner you report a fraudulent transaction, the higher the chance of recovering the funds.
