Are you planning to enjoy the airport lounge facility while you wait for your next flight? Pause for a second! You might end up losing your hard-earned money just like this Indian woman did at Bengaluru airport.
Recently, this lady, named Bhargav Mani, took to social media and shared a reel about her experience at Bengaluru airport, India. On 29th September, Mani reached the Bengaluru airport 5 hours ahead of the flight departure time. She was too exhausted and wanted to access the airport lounge to rest for a while.
The authorities asked her to show her credit card, which she was not carrying at that time. So, Bhargav showed the picture of her credit card to the authorities. They instructed her to download an app and go ahead for a facial scan and screen sharing, which they claimed was meant for security purposes. The woman did not give much thought and went ahead and downloaded the so-called “lounge pass app.”
However, Bhargav changed her mind, and instead of using the lounge, she went to Starbucks to relish coffee. Soon, she continued with her flight journey.
The next 15 days were utterly tiring for her as she was busy in a medical emergency with her parent. Meanwhile, friends and acquaintances told Bhargav that she was unapproachable on her phone. Also, later, she got to know that a male was picking up her call at her place. She ignored all these because of the ongoing stress.
What came as a shock to her was a transaction of INR 87,125 ($1036) on her credit card bill. Eventually, Bhargav realized that she had been scammed. The fraudsters, through screen sharing and face scanning, have got access to her sensitive data. Her calls got diverted, and they got access to all the OTPs.
She has been in constant touch with her bank (HDFC) and the Bengaluru airport authority. Her credit card has been blocked for safety purposes. A cybercrime report has also been filed, and an investigation is ongoing. The Bengaluru authority is going above and beyond to help Bhargav with any kind of assistance she requires.
They also wanted to share the images of the airport staff with her so that she could recognize who assisted her with the app download. However, Bhargav was too exhausted on that fateful day and could not recognize anyone from the staff team.
Bhargav is not at all blaming the Bengaluru airport authority for the cyberscam. Rather, one of her friends sent her the Google link to the ‘Lounge Pass’ app. The spoofed link was ranking at the top, which Bhargav believes is the reason behind her getting duped. This scam is a staggering reminder of the level of sophistication the threat actors have achieved lately. Clicking on a malicious link on Google can land you in trouble beyond your imagination! It is, therefore, important to cross-check every word and spelling before clicking on any link, even if it is ranking high on Google.
In a similar kind of incident, a Chennai-based businessman earlier this month lost almost INR 2 crore ($237,872.80). Threat actors used malicious emails to scam the victim. The scammers posed as suppliers and convinced the businessman to transfer a whopping INR 2 crores.
The scammers used existing conversations and counterfeit invoices to establish credibility and gain the trust of the victim. This shows how sophisticated the cyberscam strategies are getting with every passing day. The threat actors have designed the emails strategically in a way that the unaware businessman falls prey to their malicious intentions.
The victim discovered the scam the next day after contacting the genuine supplier. He promptly reported the incident on the National Cyber Crime Reporting Portal. Fortunately, the Indian cybercrime team acted swiftly. With their strategic efforts and phishing protection measures, they managed to recover the stolen funds.
What to do in case you get scammed?
- Staying vigilant is the only way to prevent getting duped by these sophisticated and highly trained scamsters.
- Also, in case you get scammed, make sure you report the incident as soon as possible. The sooner you report, the higher the chance of getting your money back.
- Make sure you double-check the emails and text messages and verify any payment or download requests.
- Also, if you are required to download an app, make sure you download it from either the Google Play Store or the Apple App Store. Avoid downloading any app or APKs from Google.
- Before sharing any permission with your app, think twice about the plausible consequences.
Verify every link that pops up in search engine result pages. Threat actors have become smart enough to rank their malicious pages at the top of SERPs.