What is Fraud?

23 May, 2025


Synopsis

• If someone lies in order to deprive a person or organisation of their money or property, they’re committing fraud. 

• Common online and offline fraud include phishing, identity theft, malware attacks, money mule, check fraud and KYC fraud.

• You can report financial fraud through the National Cyber Crime Portal or helpline number 1930.
  
  

Fraud has been around for centuries, but in today’s digital world, banking fraud is more prevalent than ever. From phishing scams and fake loan offers to deepfake-powered identity theft, fraudsters are able to evolve their tactics constantly.

Banking fraud thrives on a combination of psychological manipulation, technological advancement and security gaps. Scammers exploit trust, urgency and lack of awareness to trick individuals into sharing sensitive information or making unauthorised transactions. Plus, with digital banking becoming the norm, fraudsters now have more opportunities than ever to strike.

Below, you can get information on the meaning of financial fraud, the various types, how you can protect yourself and the various security measures HDFC Bank uses to protect your data.

What is Fraud?

According to the Indian Contract Act, 1872, fraud can be defined as an activity that takes place when an individual or organisation deceives another party to gain an advantage over them. It includes:

• Lying About Facts: Providing false information to gain financial benefits.
  
  Example: A borrower submits fake income documents to get a loan for which they otherwise wouldn’t qualify.
  
  

• Hiding Important Information: Concealing critical details that could affect a financial transaction.
  
  Example: A bank employee hides unauthorised transactions to cover up embezzlement.
  
  

• Making False Promises: Assuring something with no intention of delivering.
  
  Example: A fraudster promises guaranteed high returns on a fake investment scheme and convinces you to transfer money.
  
  

• Any Act Meant to Mislead: Any trick or action designed to deceive banks or their customers.
  
  Example: A scammer sends you a phishing email pretending to be from a bank and tricks you into revealing your account details.
  
  

• Legally Recognised Fraud: Any act that the law specifically considers fraudulent.
  
  Example: A cybercriminal uses stolen Credit Card details to make unauthorised transactions.
  
  In 1973, Donald Cressey developed a model for explaining the factors that cause someone to commit occupational fraud and named it the fraud triangle. It consists of three components which, together, lead to fraudulent behaviour:
  
  

• Pressure: Pressure or motivation may drive fraudsters to commit fraud and involve situations like debt, drug use, gambling, job loss or lifestyle needs.
  
  

• Opportunity: Weak internal controls or access to sensitive financial information can create opportunities for fraud.
  
  

• Rationalisation: The fraudster convinces themselves that their actions are justified, such as believing they will repay the money later or thinking they deserve extra compensation.
  
  

Types of Online Fraud

Here’s a breakdown of popular online banking fraud:

• Phishing: Fraudsters use fake emails, messages and websites to trick you into revealing sensitive information.
  
  

• Identity Theft: Criminals steal your personal data like Aadhaar or PAN to open fake bank accounts, apply for Credit Cards or Loans and commit other banking fraud.
  
  

• Deepfake Fraud: Fraudsters use AI-generated voice and video manipulation techniques to deceive you into transferring money.
  
  

• Account Takeover Fraud: Cybercriminals can gain unauthorised access to your bank accounts to drain funds.
  
  

• Ransomware Attack: Hackers encrypt your sensitive information and demand ransom in order to release the data.
  
  

• Malware Attack: Fraudsters can exploit security gaps to install malware to steal your financial credentials.
  
  

• Distributed Denial of Service Attack (DDoS): In a DDoS, cybercriminals make a website unavailable to its users temporarily or indefinitely.
  
  

Types of Offline Fraud

Here’s a list of the different types of bank fraud that take place offline:

• Call Merging Scam: Fraudsters exploit a phone’s call merge feature to steal one-time passwords (OTPs) and commit financial fraud. 
  
  

• Money Mules: This fraud involves criminals using unsuspecting individuals to transfer illegally obtained money.
  
  

• QR Code Fraud: Fraudsters replace genuine QR codes with fakes. Scanning such codes may redirect you to a phishing site or trigger an unauthorised payment.
  
  

• Cheque Fraud: Fraudsters forge, alter or steal cheques to withdraw money from bank accounts illegally.
  
  

• Card Skimming: Fraudsters can steal your Credit or Debit Card details using skimming devices. They attach these devices to POS machines or ATMs to capture sensitive information.
  
  

• Embezzlement: Employees can misappropriate company funds or assets over a period of time for personal use.
  
  

• Insurance Fraud: Fraudsters file false claims, inflate damages or stage accidents to receive insurance payouts.
  
  

• KYC Fraud: Fraudsters submit fake documents to open bank accounts or avail of credit facilities.
  
  

HDFC Bank Security Measures

The bank’s security measures are designed to improve your banking experience and secure your finances. These include:

• Secure Login: HDFC Bank ensures secure login with a unique ID and randomly generated IPIN, printed on tamper-proof media and encrypted using industry-standard protocols.
  
  

• Session Security: HDFC Bank protects your online session with 128-bit encryption to prevent unauthorised access. Automatic logout after inactivity ensures your account remains secure.
  
  

• Digital Certificate: Our webpages are secured with a Verisign-certified digital certificate that protects you from phishing attempts and safeguards your confidential information.
  
  

• Virtual Keyboard: You can use the Virtual Keyboard while logging into NetBanking to protect against keyloggers. This can be especially useful on shared or untrusted computers.
  
  

• InstaAlert: You can get instant SMS and e-mail alerts for financial and non-financial transactions. You will also receive notifications when beneficiaries are added or if a customer service executive has tried to contact you.
  
  

• Extended Validation Secure Sockets Layer Certificate (EVSSL): EVSSL enhances security by providing clear visual indicators so that customers can identify a genuine website.
  
  

• Additional Authentication for Financial Transactions: All financial transactions need two-factor authentication.
  
  

• Last Login: You can check your last login details each time you access your account. Report any unauthorised activity to the bank immediately.
  
  

• Mobile Number Masking: To protect your privacy, only the last five digits of your mobile number are displayed.
  
  

How and Where to Report Fraud

If you suspect fraudulent activity on your account, report it immediately through these channels:

• Customer Support: Contact your bank’s customer service helpline.
  
  

• Email Support: Send a report to the bank via email.
  
  

• Cyber Crime Portal: Report financial fraud through the National Cyber Crime website.
  ​​​​​​​
  

• Helpline Number: You can report online fraud through the helpline number 1930.
  
  

Join Vigil Army, where Vigil Aunty will decode various frauds and give people a heads-up on the dos and don’ts of combating frauds online. To join the Vigil Army, send ‘Hi’ to her via WhatsApp number: 7290030000.

*Disclaimer: Terms and conditions apply. The information provided in this article is generic in nature and for informational purposes only. It is not a substitute for specific advice in your own circumstances.