How to Protect Yourself from Fraud

1. OTP (One-Time Password) Fraud 

How fraudsters operate: 

• They introduce themselves as an employee of the Central Bank, a familiar person, or a representative of another bank. 

• They claim that a loan is being issued in the client’s name or that their account is about to be hacked. 

• They ask for a one-time password (OTP) received via SMS under the pretext of protection

• Sometimes they send a fake ID to gain trust. 

What happens next: 

• Once they obtain the OTP, fraudsters carry out various operations on behalf of the client: issuing online loans, making P2P transfers, opening deposits, and withdrawing funds.  

• All operations are conducted through drop cards and drop accounts (cards/accounts registered to other people and sold to fraudsters). 

2. “Accidental Transfer” Scam  

How fraudsters operate:  

• They transfer a small amount to the victim’s card.  

• They call and say: “I accidentally sent you money, please return it.”  

• They suggest an unusual way of “returning” the funds — a link, a code, or a service where card details must be entered.  

What happens next:  

• The victim enters their card number, CVV, and expiry date, and confirms with OTP.  

• Fraudsters then gain full access to the card and withdraw all available funds. 

3. Marketplace Scams  

How fraudsters operate:  

• They find a product listing on platforms like OLX and express interest in buying.  

• They claim to be in another city and unable to meet in person. They offer “convenient delivery” via a fake website that looks like a well-known courier service (e.g., BTS or others).  

• They send the victim a fake website link. The interface looks almost identical to the real one.  

What happens next:  

• The victim follows the link and sees a familiar interface.  

• They enter their card details on the fake website.  

• Once submitted, the data immediately goes to the fraudsters.  

4. Selling Accounts and Cards  

How fraudsters operate:  

• They buy verified accounts or cards from clients.  

• They use these to open virtual cards, take loans, and transfer stolen money.  

What happens next:  

• All actions are considered to have been performed by the account holder.  

• The person who sold their account bears full responsibility for all transactions.  

5. Malicious Files for Android  

How fraudsters operate:  

• They distribute infected .apk files via Telegram, disguised as “useful applications.”  

• The victim downloads and opens the file.  

What happens next:  

• The virus steals data from the phone (SMS, passwords, bank access).  

• It automatically spreads to the victim’s contacts.  

• This method does not work on iOS, which is why fraudsters mainly target Android users.  

6. Fake Lotteries and Prizes  

How fraudsters operate:  

• They inform the victim of a “big win” or a “lottery prize.”  

• They request payment of a “tax” or “fee” to claim it.  

What happens next:  

• After receiving the payment, the fraudsters disappear.  

• The prize does not exist. nbsp;

7. Fake Investments and Cryptocurrency  

How fraudsters operate:  

• They offer to invest in cryptocurrency, stocks, or an “investment platform.”  

• They promise quick and high returns.  

What happens next:  

• The victim transfers money directly to the fraudsters.  

• Profits are either fabricated or disappear completely.  

What to Do if You Become a Victim of Fraud  

1. Immediately block all cards — via the mobile app or by calling the hotline: 78 140 69 00 / 1296. 

2. If you cannot do it online, visit a bank branch with your passport. 

3. Reissue your cards — fraudsters will lose access. 

4. Report the case to law enforcement authorities and file a statement. 

5. Save all evidence — correspondence, screenshots, phone numbers, links. 

6. Change passwords for all important accounts..

Important to Remember  

The Bank will never call a client to request a one-time password (OTP), PIN code, CVV, or any other confidential information. It will not ask you to make transfers yourself, send money to a “reserve account,” or confirm transactions by phone. Communication with clients is carried out only through official channels: the mobile application, the official Telegram chat — @ipaksupport, and the contact center at 78 140 69 00 / 1296. If you suspect suspicious activity — end the conversation immediately.