A major online fraud incident has come to light involving Himachal Pradesh State Co-operative Bank, where scammers withdrew Rs. 11.55 crore by hacking a customer’s mobile phone. The fraudsters tricked the customer into downloading a mobile application, which gave them access to his bank account linked to the bank’s Halti branch in Chamba district. Using this access, they transferred the stolen funds to 20 separate accounts through NEFT and RTGS transactions.
How the Scam Unfolded
As reported by the PTI, the scam unfolded between May 11 and May 12 but went unnoticed until May 14, partly due to a bank holiday on May 13. The bank discovered the fraudulent activity after receiving its transaction report from the Reserve Bank of India (RBI).
Also read: Google renames Find My Device to Find Hub: What’s new, and why Android trackers still need work
According to reports, the fraud began when hackers compromised the customer’s mobile phone using an application called HimPaisa. Through this malicious app, they accessed the bank’s internet banking system and executed the unauthorised transfers.
Once the scam was detected, the bank’s chief information security officer filed a zero FIR at the Sadar police station in Shimla. The investigation was then handed over to the Cyber Police Station. Authorities promptly froze all the accounts involved in the scam to prevent further unauthorised transactions.
Also read: 5 Essential cloud tools that let you work seamlessly across devices
A team from the Indian Computer Emergency Response Team (CERT-In) is scheduled to arrive in Shimla to conduct an in-depth investigation at the bank’s data centre. The investigation will focus on how the hackers gained entry and whether the bank’s systems have other security weaknesses.
Also read: iOS 19 to take to boost iPhone’s battery life with help of AI
RBI Guidelines to Prevent Digital Banking Fraud
The RBI has issued guidelines to help protect customers from such fraud. These include:
- Do not share your login credentials, PIN, OTP, or card information with anyone.
- Avoid clicking on suspicious links or downloading files from unknown sources.
- Refrain from installing apps from unverified sources that demand extensive access.
- Be cautious of UPI ‘collect requests’ as scammers may send fake payment prompts.
- Always rely on the official websites of banks or service providers for contact information.
