27 C
Monday, May 27, 2024

SL CERT warns of online app-based loan scams

- Advertisement -

The Sri Lanka Computer Emergency Readiness Team (SLCERT) has issued a warning, advising the public not to divulge personal information to online instant loan providers. This caution comes in response to a surge in online loan scams, with over 100 complaints related to such scams reported to SLCERT in recent months.

Charuka Damunupola, Senior Information Security Engineer at SLCERT, in an interview with the Daily Mirror about the rising prevalence of online loan scams. These fraudulent companies often lure individuals with promises of lower interest rates compared to local banks and claim to require minimal documentation for loan approval. Loan amounts typically range from Rs. 5,000 to Rs. 1 million, seemingly with attractive low-interest rates.

To exploit potential victims, these companies ask them to register through provided links and install their mobile apps. During the app installation process, the application requests access to sensitive areas of the user’s phone, such as contact lists and picture galleries. Granting these permissions allows the loan companies to access and retrieve personal data from the user’s device at any time.

After installing the app, the company extends a loan facility with a seemingly low-interest rate, which may later be increased based on the user’s loan repayment history. If a borrower fails to make a payment on time, the company resorts to accessing the borrower’s personal contacts and harassing them to settle the outstanding loan. SLCERT has already received 150 complaints regarding such tactics, and a majority of the victims are women who felt pressured to repay loans due to these threats.

SLCERT strongly advises people against applying for online loans from such sources and cautions against installing apps that are not from trusted sources like Google Apps. If individuals have already installed such apps, they are advised to perform a factory reset on their mobile phones and avoid restoring previous apps. Simply uninstalling these applications may not prevent unauthorized access to personal data.

To enhance data security, SLCERT recommends enabling two-factor authentication (2FA) wherever possible. It is crucial to refrain from sharing sensitive personal and financial information, including photos of national identity cards (NICs), passport copies, birth certificates, and one-time passwords (OTPs) with unknown entities to prevent falling victim to scams.


Chinese traveler from Colombo found infected with COVID-19 on arrival at Shanghai

A Chinese national who arrived from Sri Lanka has been infected with COVID-19, Shanghai (China) Health Commission said on Thursday morning.  According to Chinese media,...

Another 160 Omicron cases detected in Sri Lanka

Another 160 cases of Omicron COVID variant have been recorded in Sri Lanka, Dr. Chandima Jeewandara from University of Sri Jayewardenepura said. According to Dr....

PM visits Tirupati

Prime Minister Mahinda Rajapaksa has left for India on a 2-day pilgrimage to the temple city of Tirupati today (23). He was accorded a warm...


Breaking: French Ambassador to Sri Lanka and Maldives Passes Away

The Ambassador of France to Sri Lanka and Maldives, Jean-François Pactet, has reportedly passed away in his official residence in Rajagiriya today (26). Sources indicate...

Van Accident in Galgamuwa Leaves One Dead, 13 Injured

A tragic accident occurred in the early hours of Sunday (26) in the Mee Oya area of Galgamuwa, where a van transporting pilgrims veered...

Viranjith Thambugala Granted Bail

Aura Lanka Chairman Viranjith Thambugala, who was arrested by the Criminal Investigation Department (CID), was granted bail. On May 22, the CID arrested Thambugala over...