'Press 1 for fraud': How a 'fake' IVR call from   nationalised bank duped Bengaluru woman of   Rs 2 lakh

BENGALURU: In what appears to be a first such cyber crime reported in Bengaluru, a 57-year-old woman lost Rs 2 lakh following instructions and pressing a key during a fake IVR (Interactive Voice Response) call from a nationalised bank.

Sumitra (name changed), a resident of Dattatreyanagar in Hosakerehalli, BSK 3rd stage, told Girinagar police that she received a call from 01412820071 around 3.55pm on Jan 20. She thought the call was from SBI as the same was displayed and she had an account with the same bank.

The IVR call announced in English: Rs 2 lakh is being transferred from your account to another account. If the transaction is made by you, press 3; if the transaction is not made by you, press 1.

Speaking to TOI, Sumitra said, "I was shocked on hearing the voice note as I had not done any such transaction. I didn't press any number. The voice note repeated, saying that I have not responded. I was confused. After three rounds of such announcements, I pressed 1 as I had not initiated the transaction. Soon after that, there was a second announcement stating, ‘Please visit your bank and contact the manager immediately.' Subsequently, the call got disconnected," she said.

"I checked and noticed a shortage of Rs 2 lakh in account. I immediately rushed to the bank and contacted the manager. The manager asked me to immediately call cyber helpline 1930 and complain. He said he will take measures to cancel the transaction or write to the concerned to freeze the money from fraudster's account. I reported the incident to the cyber helpline and approached Girinagar police and filed a complaint after exiting from the bank," Sumitra said.

A case has been registered under the Information Technology Act and BNS section 318 (cheating).

Strange case: Cops

A senior police officer said, commonly during IVR call, the fraudsters will set the voice message asking for credentials of their target, such as debit card's last four digits, bank account number, or date of birth, email ID, or data which require to authenticate online banking. "Once the victim shares the information, the money is siphoned off. Without sharing the credentials, it is not possible to siphon off money just by pressing the options 3 or 1 or 9," he explained.

"In this case, the victim appears to be hiding some facts. She may have responded to the voice message and shared some information that requires them to siphon off money by accessing her account. If she is not hiding anything, then this is something very new to us. There will be clarity only after investigation," he said.