NEW DELHI: A 33-year-old man who hacked the data of one crore credit card users and hawked it to scamsters and fake call centres at about 20 paise per name is now singing to the Delhi police.
Detectives investigating Puran Gupta’s scam are scouring his laptop to trace links to an as-yet unidentified Mumbai-based fraudster from whom the former data entry operator and class X passout sourced credit user data and built it all up into a formidable database which he sold to all comers. The latter were mostly fake call centres and scam callers who trick unsuspecting citizens into parting with their passwords and such like details.
Deputy commissioner Romil Baniya said the Delhi police have found one crore credit card users’ data on Puran Gupta’s laptop, amounting to some 20 gigabytes. Gupta’s clients would ask him for data of a wide variety of profiles. So the data on Gupta’s laptop was neatly organised in 24 different folders: senior citizens, Facebook data, WhatsApp data, class 12 students, Delhi University students, travel agents, people with income more than Rs 5 lakh or more than Rs 7-8 lakh, etc. If the scamsters wanted credit card data arranged bank-wise, Puran Gupta had it ready.
The Delhi police are investigating whether Puran Gupta was a freelance operative or a member of a syndicate of unethical hackers.
Police were led to Puran Gupta when they followed the footprints after arresting one of his clients, Ashish Kumar Jha, a scam caller. Gupta would supply data to Jha, who would used to call targeted card holders and earn their trust by citing the correct card details like the number, the card holder’s name and date of birth. Sweet talked thus, some people would disclose to him their bank PINs.
Explaining the modus operandi of the Gupta Jha nexus, Kislay Chowdhary, a professional hacker who works with the Delhi Police cyber cell, said, “What happens in such cases is that the database of your credit account is gathered through a hack on a bank or a private online shopping portal. After this, hackers have access to the details of the account holders who have used their cards on the site for transactions. The hacker puts this database out for buyers on the Darknet, which is still not accessible to the police.”
In carrying out his operations, Gupta even set up his own company, named First Step Services and Solutions, in 2010 to sell the illegally procured data of credit card users to clients. Baniya said the main supplier of such data to Puran Gupta is in Mumbai and yet to be arrested.
PROFILE OF THE ACCUSED:
Puran Gupta, 33
A class X passout, he worked as a data entry operator before founding his own company in 2010 procuring data from hackers in Mumbai and selling it to fraudsters.
Ashish Kumar Jha
Another class 10 passout, he used to work as a bank salesman until 2013, and then branched off to set up his own ‘call centre’
What is the Darknet?
Darknet is a platform that facilitates online anonymity. Armed with anonymity tools, IP addresses are spoofed and new IP addresses are popped up through relay networks in the system. Tracking crime on the Darknet is difficult. Facilitates a number of crimes like drug and arms trafficking, supari killings, credit card fraud and passport frauds among others.
How to be safe?
Currently, the best way to stay safe is to change your credit card within three months if you’ve made some big online transactions