Modern Scams Use Real Info and OTPs to Trick You — Here's How to Stay Safe from Financial Fraud

Imagine receiving a call from someone who is familiar with your name, your bank, and even the last few digits of your credit card. They alert you about “suspicious activity” on your account and claim they’ve just sent you a one-time passcode (OTP) for identity verification. You read it out loud, trusting you're speaking with your bank. But minutes later, your money is gone and your bank refuses to help.

This kind of fraud, referred to as a "convergence scam", is rapidly increasing. It poses a greater threat than conventional scams because it combines real-life techniques with stolen online information, making it incredibly convincing.

Stolen data and fake calls: The alarming rise of scams

Fraudulent schemes like these often don’t start with suspicious links or fake applications. They start from your personal information, which may have been exposed in a data breach or sold by shady data brokers. This can include your name, phone number, email address, and, in some cases, even banking or card information.

Once scammers obtain this data, they may place a convincing phone call, frequently using fake caller IDs that match your banks. They create a sense of urgency, claiming there is fraudulent activity on your account, and request you to “verify” a code — which is actually a one-time password (OTP) for a legitimate transaction occurring in your name. The moment you disclose that code, the scam is successfully executed.

What makes this scam even more troubling is that banks typically do not compensate victims. Most have guidelines stating that if you "voluntarily" disclose your passcode, even if it’s under pressure or confusion, you’ve violated their terms.That means you’re held responsible, regardless of being clearly manipulated.One individual lost approximately A$6,000 after revealing a passcode to a scammer. The bank denied the request for a refund, referencing the breach of terms.

Law enforcement is also not very helpful in this situation. These crimes are frequently left without investigation. Since these scams generally involve small sums distributed among numerous individuals, they are not given priority.

The growing use of personal data, combined with weak enforcement and outdated security systems like SMS codes, leaves regular people vulnerable and unprotected.

Steps you can take to protect yourself from scams and keep your personal information secure:

1. Be cautious about sharing personal details online 

Details like your phone number, birthday, or bank name can help scammers build a profile on you. Keep personal information private, especially on public platforms.

2. Never share OTPs or security codes over the phone

Even if someone sounds like they're from your bank, never read out a one-time passcode. Scammers often impersonate officials to gain your trust and steal your money.

3. Hang up and call your bank directly

If you're unsure about a call, don't continue the conversation. Hang up immediately and dial your bank's official number.

4. Avoid entering sensitive information on untrusted websites

Always check that a website is secure and trustworthy before entering any login or payment details. If a site looks suspicious or unfamiliar, it’s best to stay away.

Stronger systems and awareness needed to fight modern scams

Solving scam threats needs more than personal caution. Banks must adopt stronger security than OTPs, data brokers need tighter regulation, and law enforcement must act swiftly on evidence. Public education is crucial to spot fraud early.These scams attack trust, identity, and money — so stay informed, stay alert, and always think twice before sharing sensitive information over the phone.

This article is based on information from NDTV