When internet fraudsters impersonate a business, e.g. Oxigen/Oxigen Wallet, to trick you into giving out your personal information, it’s called phishing. Don't reply to email, text, or pop-up messages that ask for your personal or financial information. Don’t click on links within them either – even if the message seems to be from an organization you trust. Oxigen/Oxigen Wallet never asks you to send sensitive information through insecure channels.
Examples of Phishing Messages:
You open an email or text, and see a message like this:
- “Receive cash back of INR XXX when you load your wallet with INR XXX. Click on the link below to proceed / to get cash back.”
- "We suspect an unauthorized transaction on your account/wallet. To ensure that your account/wallet is not compromised, please click the link below and confirm your identity."
- "During our regular verification of accounts/wallets, we couldn't verify your information. Please click here to update and verify your information."
The senders are phishing for your information so they can use it to commit fraud.
How do Fraudsters Operate?
Fraudsters send fake emails to customers impersonating as Oxigen/Oxigen Wallet, asking them to urgently verify or update their account information by clicking on a link in the email.
Once the customer clicks on the link, it diverts him/her to a fake website with the same look & feel of Oxigen/Oxigen Wallet’s official website. And then the customer is presented with a web form to fill in his/her personal information.
It may also happen that the customer gets diverted to Oxigen/Oxigen Wallets official website after he/she had been skimmed of all the confidential information so as to subdue any doubt.
Once the fraudster had all these confidential details like wallet credentials, he can easily login to customer’s wallet and exhaust all the monies either by way of recharge or through transfer.
How to Deal with Phishing Scams:
- Verify the URL of the webpage. The ‘s’ at the end of ‘https://’ stands for ‘secure’ - meaning the page is secured with an encryption. Most fake web addresses start with ‘http://’. Beware of such websites! While using Oxigen Mobile App or Website, always make sure that the domain name starts from: https://www.oxigenwallet.com
- Delete email and text messages that ask you to confirm or provide personal information (Debit/Credit/ATM pin, cvv, expiry date, passwords, etc.). Oxigen/Oxigen Wallet don't ask for this information via email or text.
- Check the Padlock symbol. This depicts the existence of a security certificate, also called the digital certificate for that website.
- Establish the authenticity of the website by verifying its digital certificate. To do so, go to File > Properties > Certificates or double click on the Padlock symbol at the upper right or bottom corner of your browser window.
- Don’t reply, and don’t click on links or call phone numbers provided in the message, either. These messages direct you to spoof sites – sites that look real but whose purpose is to steal your information.
Report Phishing Emails:
If you receive an e-mail asserting to be from Oxigen/Oxigen Wallet regarding updating your sensitive account/wallet details like OTP, password, mobile number, let us know by forwarding the e-mail to firstname.lastname@example.org.
Your report is most effective when you include the full email header, but most email programs hide this information. To find out how to include it, type the name of your email service with “full email header” into your favorite search engine.
If you notice any website impersonated as Oxigen/Oxigen Wallet (especially on social media platforms), let us know by writing at email@example.com.
Oxigen/Oxigen Wallet will never ask you to disclose your confidential information like Credit Card/Debit Card/ATM/Net-Banking details, PIN, OTP etc. via any source like - over phone/mobile, via email, on social media or in writing. We request all our customers to be-aware from any offer/schemes where you’re asked to reveal your confidential details. Please refrain yourself from transacting on any offers visible on unofficial web-pages/apps.