Please do read this CAUTION from a Senior Naval Officer & be very careful.
FRAUD in Every Part .. Beware of Apps.. nothing is safe
Cyber Fraud case- pls go through
Dear Friends, I had a harrowing experience today and would like to share it with you so that you may avoid my fate -
Our Havells Water Heater sprang a leak so I had it drained and taken down so that a Havells technician could examine it. I got the Havells Customer Service number from Google and called up. I was redirected to a service agency (a common practice these days). The guy said he needed some details before he could commit a technician. He asked me to download their service app which would capture all the details for the record. I did so while he stayed on the line. The app looked quite genuine and asked for my name, phone number and address, which I dutifully entered. It then asked for details of the equipment. Since I had bought the unit on Amazon, I logged into my Amazon account and found the three year old details. He asked me to enter the order no. and date of the order etc which I did. As I was doing this, I noticed a flurry of OTP notifications which came and went so fast I could not even read them. The last one hung around for about a second, long enough for me to see that an amount of Rs 49,999/- had been taken from my credit card (the details of my credit card had been saved on the Amazon site). I was totally zapped and realised that I had been scammed. I quickly disconnected the call, uninstalled the "service"app, and then quickly blocked my credit card. I checked my credit card current statement, which showed no transaction over the previous 48 hours!! It had been wiped clean! I was shaking all over as I then phoned my credit card bank to find out what had happened. They informed that my card had been debited Rs 1.56 lakhs over six separate transactions. They confirmed the card was safely blocked. I registered a fraud complaint with them and was promised an investigation and that I should expect to hear the outcome after 40 days! Soon afterwards I found a further 8 email notifications from Amazon saying "order cancelled, payment failed"! On looking deeper I found they were orders for gold jewellery to be sent to a buyer from Bihar! I spent the rest of the day changing passwords on every device and account we have, tigtening up security, putting an antivirus onto my phone etc. I feel ashamed that despite being considered to be tech-savvy I fell for this scam. Here are the lessons to be learned from this expensive mistake -
1) don't take telephone numbers from a Google Search. Take the numbers only from a verified company website.
2) don't install any "service app" given to you by a "service agent" over the phone. It is probably a keylogger through which every key stroke is collected by the scammer or a tool through which he can access your files. Only follow links to service apps directly from the verified company website.
3) don't enter any payment related website - Amazon, Bank, Yatra, Booking etc while a service app is in use.
4) learn in advance how to uninstall an app in a hurry, and block a credit card in an even greater hurry, keep a set of emergency instructions (how to change passwords etc) pinned to your desk in case needed. The experience was so shocking, I was completely disoriented with a poundinhg heart, and didn't know what the right steps were. Precious seconds were lost in this way.
In this case time, literally, was money!
I hope the bank will verify that this case is one of genuine cyber-fraud and not penalise me further.
I hope this never happens to you!