By Preeti Kulkarni, ET Bureau | May 14, 2018, 06.30 AM IST | Economic Times
Are you feeling tempted to access your credit report for free? Before you rush to share your personal details with a little-known third party in return for the free report, remember you can get it directly from the credit information companies (CIC). You are entitled to receive one report per year from each CIC— TransUnion CIBIL, Equifax, Experian and High Mark. However, third-party fintech portals such as Paisabazaar, Bankbazaar, Creditmantri, etc. offer customers access to more than one free credit report in a year, along with some other services.
“Some fintech firms help consumers understand their credit situation and guide them to improve their credit score. Others help compare and find the best credit card and loan offers based on one’s credit score,” says Manu Sehgal, Head, Business Development and Strategy, Equifax. These are the services that CICs do not offer. Also, as third-party portals do not have any restrictions on how many times you access the credit report, you can take corrective steps quickly, if needed, to improve your credit score.
“Even a small discrepancy in the records or a single day’s default in EMIs or credit card bills has an impact on your credit score. Easier access to credit report allows you to quickly initiate steps with CICs/banks to correct mistakes,” says Navin Chandani, Chief Business Development Officer, BankBazaar.
Approach with caution
Given the recent reports of data leaks and its misuse, should one part with personal information in exchange for free services? Third-parties typically seek PAN, identification, address, mobile number and email details. Also, you will have to give your consent before CICs can share your credit history with a third-party. “We can share credit reports with portals we have partnered with only if the customer consents to it,” says Harshala Chandorkar, COO, TransUnion CIBIL.
Once you give consent, you cannot hold the CIC responsible for any misuse of your information by a third party—so be careful whom you give consent. “If the customer is not diligent and gets lured into giving out his information—PAN, date of birth, mobile—required to get the credit score, he risks misuse of his credit history and other information in the report,” says Chandani.
Additionally, sharing personal details with third parties may invite spam calls and emails. “Read the terms and conditions when accessing the services of these portals and avail services of only the betterknown fintech portals,” says Sehgal.
Before you share your details, verify if the portal has a tie-up with a credit bureau. “The portal should mention the name of the bureau offering the credit report and it should also provide consumers the option to unsubscribe or delete their details from the platform,” says Radhika Binani, Chief Products Officer, Paisabazaar.
Ahmedabad Mirror | Updated: Oct 17, 2017, 02.00 AM IST
This is something every Amdavadi would dread — misuse of your IT return, Aadhar card and PAN card. The email account of an officer in a private company was hacked and his IT return, Aadhar and PAN cards were recovered. Using copies of the documents, impostors tried to secure car loans from various banks in the city. The cheating came to light after an alert banker called up the officer to verify the documents.
Rajesh Panchal (33) filed an FIR at Navrangpura police station against three persons under IT Act and for misusing his documents. Panchal who resides at Sagar Apartment, near Bhavsar Hostel in New Vadaj, has been working as a team leader at a private company in Chandkheda for the past seven years. On October 7, Panchal received a call from Cosmos bank trying to verify his role as guarantor for someone seeking a car loan. A shocked Panchal said he had not stood as guarantor for anyone. Bank manager Sandeep Shah called Panchal to the bank and showed him copies of his Aadhar card, PAN card and two years’ IT returns.
The documents belonged to Rajesh but the photo and signatures on it were of another person. A person named Kaushik Shukla had applied for a car loan and had provided Panchal’s documents as his guarantor. From the bank, Panchal called up the police control room. At the time Kaushik’s friend Mahendra Chopra was also present at the bank. The bank manager, Panchal and Chopra were taken to the Navrangpura police station, where Chopra promised to produce the person named Rajesh who provided the documents.
Thereafter Panchal checked his online CIBIL score and came to know that his documents were used to secure loans from seven other banks. Panchal also found Shukla had used his name to acquire possession and allotment letter of a house, besides opening a bank account. Panchal filed an FIR with Navrangpura police against the unknown person named Rajeshkumar (resident of Amardeep Residency in Nana Chiloda), Mahendra Chopra (resident of Sayona City in Ghatlodia) and Kaushik Shukla (resident of Kulin tenament in Vasna).
Navrangpura PI R V Desai said, “On the basis of Rajesh Panchal’s complaint we have filed the offence and begun probe. Mahendra Chopra has been arrested in the past in Navrangpura and Rajasthan in a case of cheating.” Panchal said, “As my sister is a bank employee she had advised me to check my CIBIL. From there I got to know that loans under my name had been sought from seven banks. The documents had reached the bank manager which had the accused’s name and phone number on it. But the con came to light as the bank manager called on the number mentioned on the IT return documents. I believe this is the work of a gang. My documents were obtained by hacking my email id and password.”
Govt steps up security to check criminals seeking bank details of taxpayers
Tinesh Bhasin | Mumbai | May 3, 2016 Last Updated at 22:36 IST | Business Standard
The next time you get an email from the Income Tax (I-T) department stating that it wants to refund you some money, don’t be delighted — be cautious.
In all likelihood it would be from cyber criminals trying to trick you into revealing your bank details.
Taking a note of such cyber frauds, the I-T department have sought help from the country’s premier cyber security agency, Indian Computer Emergency Response Team (CERT-In), to block these hackers lurking in the e-world. The department is particularly worried after taxpayers recently brought to its notice certain emails which have very cleverly spoofed the department’s identity by using almost resembling addresses to cheat gullible taxpayers.
Email spoofing helps them change their email address to any that they wish. In some cases, victims received emails even from the firstname.lastname@example.org.
“There’s a rise in such emails lately and they are often sent during the tax filing months,” said Amit Jaju, executive director, fraud investigation and dispute services, EY India. He explains, the victims usually receive an email that informs individuals of an unclaimed refund. It, then, asks the person to click on a link to verify his details and processing of the fund. Once the person clicks on the link, he is taken to a website that looks like it belongs to his bank. An HDFC Bank or an SBI Bank customer will be taken to the respective fake websites.
“Surprisingly, in many cases, people are taken to the actual bank they use. This means, the fraudsters have a database of target’s email address and the bank account,” says Jaju.
In some cases, when the person clicks on the link, he is taken to a fake I-T website that’s identical to the original, according to Saloni Verma, associate director, IT security, risk advisory, BDO India. Gullible taxpayers end up giving all their bank account details. You can also receive a fake I-T notice asking to pay up outstanding tax demand and be redirected to the fake I-T website.
But, recognising such fraudulent emails is not difficult. You just need to be alert. The first thing to look at is the email address, according to Jayant Saran, partner and national leader for forensic technology at Deloitte India. He explains the email might seem to be originating from incometaxindia.gov.in but many service providers, such as Gmail, inform the user if it actually originates from this website or not. You will see that such emails will have ‘via’ right after the email address and then the name of the server. This means that the email was sent via another mail service. “Never download file attached in such emails as it can also install malicious software,” says Saran.
If you happen to the link provided in the email, which takes you to the fake website of the bank or I-T department, check the address of the website. It will not be the same as your bank’s or I-T department’s. Whenever you are transacting online, check if the address starts with HTTPS rather than HTTP and should have a closed lock sign. This means that the website is secure and verified. The best way to cut risk is to use a licensed antivirus software.
Bank account details should never be sent through an email and one should contact the respective organisation in case of any such requests. There are even provisions to report the phishing attempts at organisation’s websites such as the I-T department website.
Source : http://goo.gl/bOsp7G