Fraudsters are increasingly targeting Indian consumers through a deceptive tactic known as SMS spoofing.
In this scam, criminals manipulate sender information in SMS to appear legitimate, often pretending to be from banks or financial institutions. This tactic allows them to access your UPI-linked mobile number and link it to their own devices, potentially exploiting payment or investing apps that depend on UPI.
Spoofing text messages involves changing the sender’s name or phone number to make it look like the message is from someone else. Primarily, it is enabled through several apps and used by scammers.
Also, note that to perform any unauthorised transactions, scammers may employ different social engineering tactics and obtain your MPIN.
Spoofing text messages come in various forms but have the same intent to steal your personal information and money. Here is a list of different types of SMS spoofing:
Types of SMS Spoofing |
Meaning |
Fake Sender Identification |
It is the most prevalent SMS spoof form, where hackers create a fake ID to substitute the genuine one, making it appear as a person's bank or credit card provider. |
Harassment |
Cyberbullies, pranksters, and stalkers use this method of spoofing to send intimidating or unwanted messages to victims. Their aim may include extracting money from the beneficiary, too. |
False Prize Notifications |
A common scenario involves scammers sending a text message claiming the recipient has won a prize. They then request bank details under the false pretext of depositing the winnings. |
Espionage |
In this case, hackers send a link to a malicious website through an SMS. Upon clicking, this link redirects you to another website, installing malware to gather personal data. They use this to steal funds or access the company’s resources. |
You have likely encountered your fair share of spoofed messages, and knowing how to avoid SMS spoofing is crucial for protecting your personal information and finances. Here are some simple measures to follow:
Since APK files may contain certain malware or malicious code, your device security may be at risk. Your sensitive information can be prone to risk; hence, avoid downloading any third-party APK files.
If you receive a text with a suspicious link, refrain from clicking on it. Instead, contact the actual company using their official contact details. It is important to note that authorised apps like Groww will not use SMS to request sensitive information or ask you to click random links.
Pay attention to subtle spelling errors in the sender ID or number. Scammers often make intentional changes to trick inattentive recipients.
For example, if you have an account in ‘Groww’ and receive mail from ‘Grow’, it could be a sign of a potential scam. Always scrutinise sender details for accuracy and consistency to avoid falling victim to deceptive practices.
Scammers may create a sense of urgency, deriving immediate action from their target. Be suspicious of unsolicited texts instructing you to take urgent steps.
For instance, be cautious if someone suddenly asks you to transfer a significant amount of money, claiming an urgent situation.
Unencrypted URLs in SMS spoof messages can indicate a scam. Be wary of hyperlinks starting with HTTP instead of HTTPS. Use online URL scanning tools like Google's Virustotal by copying and pasting suspicious links to ensure safety.
You should never disclose sensitive information like OTPs, card details, card PIN or Groww PIN to any representative who claims to be from Groww.
If someone calls claiming to be from a reputable company and asks for personal information or money, report and block the number. It is important to stay cautious and verify the authenticity of such calls to protect yourself from potential SMS spoofing scams.
If you have fallen victim to a scam posing to be from Groww, here is what you can do:
Dial +91 9108800604 and speak with a customer care representative who will assist you and raise a ticket for your issue.
Visit Groww's official website and fill out the web form detailing the fraudulent activity. It will help to speed up the resolution process and ensure that your concerns are addressed promptly.
Log in to Groww’s official website to report grievances on existing complaints using the previously raised ticket ID.
Another crucial way for SMS spoofing prevention is by reporting fraudulent incidents through Groww's social media channels.
You can report fraud complaints to the nearest Cyber Crime cell, register a complaint online at the official cybercrime website or call the Cyber Crime cell helpline at 1930.
Remember, Groww never solicits confidential information and operates solely through the groww.in domain. Stay vigilant and alert authorities promptly if you suspect fraudulent activity.
SMS spoofing poses various risks, from financial loss to identity theft and malware distribution. Attackers adapt their methods as technology advances, underscoring the need for proactive measures.
Implementing authentication, raising self-awareness and using secure communication tools are crucial steps for you to substantially decrease the risk of falling prey to this deceptive practice.