“Woman shares OTP with ‘bank caller’, loses Rs 68K.”
“One phone call, and lakhs gone: How cyber thugs use trust and pressure to dupe victims”
“Salt Manufacturing co. loses Rs 1.1 crore after cyber frauds alter mail ID, mobile no. linked to a/cs”
“Two cousins arrested for driving Vadodara farmer to suicide with digital arrest threat.”
Each of these is an actual headline from newspapers, where cyber scammers have cheated unsuspecting Indians of their hard-earned savings or robbed them of access to their own bank accounts.
These incidents, spread across different cities, from Chandigarh, Kolkata, Vadodara to Hyderbad, point to one uncomfortable truth—cyber fraud in India is not new, but it is spreading dangerously. It is against this frightening backdrop of fast-evolving cybercrime that cybersecurity expert Jiten Jain steps in with urgent, practical advice to help citizens protect what matters most: their money, identity and peace of mind.
Jain issues four key recommendations to stay protected. First, never share your OTP with anyone, not even callers claiming to be from your bank, the police or a government agency. (We all know this and yet, some have fallen prey to this). Second, avoid sharing your mobile number and email ID unnecessarily, especially while shopping. Third, maintain separate numbers for marketing and banking purposes to minimise exposure. Fourth, keep a dedicated low-balance bank account for online transactions, and if you suspect fraud, call the national cybercrime helpline 1930 immediately to freeze the transaction.
He also raises serious concerns about how casually businesses collect customer data. Recalling a recent experience at a retail store, Jain advocates for stricter regulations to ensure that mobile numbers and email addresses are not collected without clear and informed consent. There must be transparency regarding why data is being collected, and a firm assurance that it will not be misused for marketing or data harvesting.
With cybercrime on the rise, the responsibility of safeguarding digital accounts is now shared between users and service providers. Enabling two-factor authentication (2FA) across platforms like WhatsApp, Instagram and email adds a critical layer of security. It works by requiring a user to provide two different “factors” of authentication, such as something they know (a password), something they have (a physical device like a phone), or something they are (a biometric, like a fingerprint). Even if a password is stolen, 2FA prevents unauthorised access because the attacker would also need the second factor.
And if an OTP arrives when you were not expecting it, it should immediately raise a red flag. Instead of ignoring it because you didn’t ask for an OTP, you should take it as a sign that someone may possibly be trying to gain access to one of your accounts.
In the age of digitally authorised transactions, OTPs have truly become the new lifeline. But as scammers evolve their methods, public awareness and personal caution must evolve just as fast.
(This is part of a series of articles on cyber-security and cyber frauds where we look at citizen’s digital safety. You can read the previous articles: OTP Scams: How digital scammers trick you and here)