Bank Name Scams — How Safe Are We?

Introduction

In today’s digital age banking has become faster and smarter — but so have scammers. Fraudsters increasingly use SMS and phone calls that appear to come from banks to trick people into revealing account details or transferring money. This article explains how SMS/phone banking scams work and provides clear, actionable advice to protect yourself.

What is an SMS/Call Bank Scam?

Definition

SMS/Call bank scams are deceptive attempts to obtain your banking information over the phone or via text. Scammers send fake messages or place fraudulent calls pretending to be from your bank to persuade you to reveal sensitive details or click malicious links.

Common Lures Used by Scammers

– “Your ATM is blocked” alerts
– “Update your KYC” requests
– “You’ve won a lucky draw” messages
These messages prey on fear (account blocked) or greed (prize won) and prompt victims to click links or share confidential information.

Typical Scam Techniques

1. Fake Phone Calls (Vishing)

– Scammer pretends to be a bank employee.
– They use excuses like KYC update, debit card block, or suspicious activity.
– They request OTPs (one-time passwords), account numbers, or PINs.

2. Phishing SMS (Smishing)

– A message that looks like it’s from the bank includes a URL resembling the bank’s site.
– The link directs you to a fake login page.
– When you log in, attackers capture your credentials.

3. Remote Access Apps

– Scammers ask you to install remote-control apps (e.g., AnyDesk, TeamViewer).
– With remote access they control your phone or computer and initiate transfers.

Growing Incidents in Nepal

Trend Overview

Recently, scams that mimic bank SMSs or calls have become widespread in Nepal. Many complaints registered with Nepal Police Cyber Bureau describe similar patterns: money gone after scanning QR codes, giving OTPs, or following suspicious links.

Typical Reported Cases

– Money transferred after scanning a malicious QR code.
– Cash withdrawn or transferred after victims shared OTPs.
– Remote access given to fraudsters who then carried out unauthorized transactions.

How to Protect Yourself — Prevention Checklist

Never share OTP, PIN, or CVV

– Bank employees will never ask for OTPs, PINs, or CVV numbers.
– Treat any request for these details as a red flag.

Verify links before clicking

– Check whether the URL contains the bank’s official domain (for example, correct country domain or exact domain spelling).
– Avoid opening suspicious links.

Say “No” to unknown app downloads

– Do not install remote-access apps at someone’s request unless you’ve verified the person and the reason.
– If help is required, contact official bank support first.

Use only official bank numbers

– For problems, call the customer-care number listed on your bank’s official website or on the back of your debit/credit card.
– Phone numbers in Google results may be fake—verify via the bank’s site.

Enable Two-Factor Authentication (2FA)

– Turn on 2FA for your bank app, email, and other important accounts.
– 2FA adds an extra layer of security beyond passwords.

If You Are Scammed — Immediate Steps

1. Inform Your Bank Immediately

– Request your account be blocked or frozen to stop further transactions.
– Ask the bank to reverse or halt suspicious transfers if possible.

2. File a Report with Cyber Crime Authorities

– In Nepal, you can lodge online complaints with the Nepal Cyber Crime Bureau (for example via their official portal).
– Gather evidence: call recordings, screenshots, transaction records, and any suspicious URLs.

3. Preserve Evidence

– Keep call logs, SMS screenshots, bank statements, and any files or links you received.
– These will help the bank and law enforcement investigate.

Message: Be Cautious — Don’t Regret Later

Scammers manipulate emotions: fear and greed. The best defense is awareness. If you stay informed and skeptical of unsolicited calls and messages, your data and money remain safer.

Conclusion & Final Message

SMS and phone scams using a bank’s name target thousands of people. However, simple habits—never sharing OTPs/PINs, verifying links, refusing unknown app installations, and using official contact numbers—significantly reduce your risk. Stay alert, enable 2FA, and act quickly if something feels wrong.

FAQs

Q1: Will my bank ever ask me for my OTP or PIN over the phone?

A1: No. Legitimate bank staff will never ask for your OTP, PIN, or CVV. If someone asks, hang up and call the bank using the official number.

Q2: I clicked a suspicious link — what should I do now?

A2: Immediately disconnect from the internet (turn off Wi‑Fi/mobile data), do not enter further information, and contact your bank right away. Change your passwords and enable 2FA where possible.

Q3: Is it safe to scan QR codes for payments?

A3: Only scan QR codes from trusted sources. If a QR code was sent via an unsolicited message, don’t scan it. Confirm the recipient and amount before approving any payment.

Q4: If I gave remote access to my phone, how do I regain security?

A4: Immediately contact your bank to block accounts, uninstall the remote app, factory-reset the device if necessary, and report the incident to cybercrime authorities.

Q5: How can I verify a bank’s phone number?

A5: Check the bank’s official website or documents (card/back of passbook) for verified contact numbers. Avoid numbers found only via web search results unless validated on the official site.