• Apply Now

Money in bank in 24 hours

Apply Now

Tips to Avoid OTP Fraud

  • Highlights

  • OTP offers an added layer of security for the majority of online transactions

  • OTP theft is carried out either by deceiving people into sharing the OTP over a call or getting them to download malware that can read the OTP

  • Not sharing your OTP, not clicking on links in unsolicited messages, and always using official channels of communication can help steer clear of OTP scams

The entire idea of a one-time password (OTP) is to act as a security measure to ensure the safe transfer of money. This time-bound security step became very popular as digital financial transactions rose. However, with time, scammers found it to be an area of vulnerability to con people – such is the irony of the OTP scam. Something introduced as a critical second-factor authenticator became the basis for siphoning the money off of people.


identity theft insurance

A Typical Modus Operandi

Fraudsters impersonate companies, send messages offering credit limit enhancements or easy loans, share a number for the customers to contact them, send messages offering credit limit enhancements or easy loans, and share a number for the customers to contact them. When the client calls back, fraudsters make them fill out forms and collect their financial credentials. These impostors then deceive them into sharing their OTP or PIN details to carry out unauthorised fund transfers from the account.


Other ways in which OTP theft is carried out

  1. Getting you to install the malware in your phone: Scammers can mirror your phone by asking you to download an app on the pretext of addressing a grievance or other such genuine sounding reasons. The malware can read the OTP messages and compromise your account.

  2. Getting conned into revealing the OTP: Fraudsters use tactics such as luring you with false promises, intimidating you with negative consequences and coaxing you into giving out your OTP. They do this via email, text, WhatsApp messages, and calls.


identity theft insurance

Tips to avoid OTP fraud

  • Exercise caution and refrain from clicking on links embedded in text messages, especially if you are unsure of the sender or the source of the message Clicking on these links can compromise your phone and sensitive data by installing malware.

  • Do not download third-party apps such as AnyDesk, even if the caller claims that it is required for a KYC update or a grievance redressal. Genuine companies do not require this and never persuade customers to do it

  • Do not disclose your OTP to anyone – including your financial provider. If the caller is sincere, they will never ask for this in the first place

  • Keep checking your text messages and emails to ensure that no OTP is generated without your prior consent and knowledge

  • Use official modes of contact, such as accessing the official website of your financial provider. Do this when you want to seek any clarification, get product or service-related information, or avail their services


If you have fallen prey to an OTP theft, intimate your financial provider immediately and block your card so it cannot be further compromised. Report the OTP fraud by sending an email to sachet@rbi.org.in or calling the RBI number at 14440.

Online payments and digital transactions are meant to make life easy, but unscrupulous people use them as a platform to carry out sophisticated frauds. With a little prudence from our end, we can beat them at their own game.


Savdhaan Rahein. Safe Rahein.

Read more:
• Cautionary Note - https://www.bajajfinserv.in/cautionary-notice-new.pdf
• Infosec Page - https://www.bajajfinserv.in/infosec-pages
• Fraud Awareness Blog - https://www.bajajfinserv.in/insights/fraud-awareness

How would you rate this article

 Please let us know why?

What did you dislike?

What did you dislike?

What did you like?

What did you like?

What did you like?