Alert! New Scam Drains Bank Accounts Without OTP — Here's How to Stay Safe

Cybercrime Without OTP: A Shocking New Threat
In a startling incident from Muzaffarpur, Bihar, cybercriminals managed to steal ₹5.07 lakh from two bank accounts — and that too without requiring any OTP. This alarming case highlights the evolving tactics of online fraudsters, who are now bypassing even the most trusted layers of digital banking security. It’s a wake-up call for all banking customers to take immediate and strong protective measures.

🕵️♀️ What Happened?

The victim, Mohammad Samsul, a resident of Mathurapur Patahi in Muzaffarpur, received a call from an unknown number. The caller posed as an employee from Bandhan Bank, claiming that they needed Aadhaar and PAN details to complete KYC (Know Your Customer) verification. Samsul, being cautious, refused to share any personal information and told the caller he would visit the bank instead.

Despite not sharing any OTP or sensitive data, multiple unauthorized withdrawals were made from two of his bank accounts, totaling over ₹5 lakh. The fraudsters exploited vulnerabilities without traditional OTP verification — a clear sign that cybercrime is now operating at a more sophisticated level.

🚨 How Did This Happen Without OTP?

While exact technical details are still under investigation, here are possible techniques fraudsters may use to bypass OTP:

• SIM cloning or SIM swap attacks to intercept OTPs.

• Malware or remote access tools that give hackers direct control of your device.

• Exploiting third-party banking app vulnerabilities.

• Social engineering to gain partial info and manipulate systems.

🔐 How to Protect Yourself from Such Frauds

Now more than ever, digital vigilance is essential. Here's how to stay ahead of cybercriminals:

1. Never Share Personal Information

• Don't share your Aadhaar, PAN, bank account details, or login credentials over phone, SMS, or email.

• Banks never call to ask for sensitive data like passwords or OTPs.

2. Verify Callers

• If someone claims to be from your bank, hang up and call your branch directly using an official number.

• Never trust a caller ID — fraudsters can spoof phone numbers to look authentic.

3. Regularly Monitor Your Bank Accounts

• Check SMS alerts, emails, and statements regularly for any unusual activity.

• Enable instant transaction alerts for all bank activity.

4. Report Immediately

• If you notice suspicious calls or transactions, contact your bank and file a cybercrime complaint at .

• Many scams can be reversed or stopped if reported within the first few hours.

5. Use Strong Security Practices

• Set a complex banking password and change it periodically.

• Enable two-factor authentication (2FA) for all online financial services.

• Avoid using public Wi-Fi for banking transactions.

🛡️ What If You Are a Victim?

If you've fallen prey to such fraud:

• Immediately block your bank accounts and cards.

• File an FIR and a complaint at the nearest cyber police station.

• Use the National Cyber Helpline Number – 1930.

• Track the complaint on the Cybercrime Portal using the reference number.

📌 Conclusion

This incident is a harsh reminder that even without sharing OTP, you can fall victim to cyber fraud. The landscape of financial scams is changing rapidly, and so must our approach to online security. Stay alert, educate your family, and follow cybersecurity best practices to protect your hard-earned money.