SLCERT cautions public over spike in financial fraud

By Chaturanga Pradeep Samarawickrama 

The Sri Lanka Computer Emergency Readiness Team (SLCERT) has issued an urgent warning after a surge in financial fraud cases targeting bank customers and unsuspecting citizens through police impersonation scams.

Authorities are urging the public to remain vigilant and avoid sharing personal or financial information with unknown callers or messages.  In a media release yesterday, SLCERT said it has received multiple complaints about fraudulent SMS messages and online alerts claiming that recipients’ credit cards have been suspended due to “suspicious activity.” These messages, often using the names of well-known banks, direct users to click on links and provide sensitive details such as National Identity Card (NIC) numbers to reactivate their cards. 

The messages frequently create a false sense of urgency, warning that cards will be permanently cancelled within 24 hours if no action is taken. Victims who comply are later tricked into revealing One-Time Passwords (OTPs), enabling scammers to access bank accounts and steal funds. 

In a more sophisticated tactic, fraudsters have impersonated senior police officers through WhatsApp video calls, sometimes even appearing in police uniforms. They falsely claim that criminals have used the victim’s NIC details to obtain credit cards and commit fraud, then threaten arrest to pressure victims into transferring large sums of money. 

SLCERT has strongly advised the public never to share NIC numbers, card details, passwords, or OTPs through unsolicited messages or calls. Citizens are encouraged to verify claims directly with banks or authorities using official contact channels and to report any suspected fraud immediately.