It was Friday and 20-year-old Mahima (name changed), who works in the accounts department of a company in Delhi’s Kashmere Gate area, was at home. Suddenly, in the afternoon she received a call from an unknown number. The caller was a woman. “Hello, Is this Mahima ji speaking,” the caller said. “Yes, I am,” Mahima replied. “Hi, I am Nathalie, calling you on behalf of the Amazon company, we were looking for some people for an online job and your profile seems a good fit. Would you like to earn some money through a work-from-home job,” the caller said in a confident voice.
Mahima got excited and agreed to the job. Then she was given a weblink similar to the Amazon company link and asked to complete several orders for which she would get a commission for every order. Unaware of any hidden notions, Mahima proceeded further and kept doing transactions to the tune of lakhs and later when it was too late she realized that she was cheated.
It was not an isolated case, rather several people have in recent times fallen prey to several kinds of high-end cyber crimes in which people are being defrauded to the tune of hundreds of crores of Rupees every day. Devasta ted after financial losses, people then approach the police and many times the cops are able to solve the case but there are some instances when the criminals are too smart to get away.
From just minor frauds of some hundreds of Rupees to transactions worth lakhs, these swindlers are everyday adopting new innovative ways to defraud the gullible citizens of the country.
Just for the information, the fraudsters who cheated Mahima were nabbed by the Delhi Police and it was later revealed that it was not any ordinary but an international syndicate of cyber cheats, operating from Dubai and running a fake call centre in the national capital.The accused people with the help of some website developers had created a fake website that had the same user interference as that of the genuine E-commerce Amazon website. The cheats used to contact those people who were looking for jobs and allured them to work from home job by contacting them through WhatsApp of Philippines originating numbers. They used to procure details of job-seeking youths from various online job providing portals.
In another case that later turned out to be a huge syndicate, a complaint was lodged at the Intelligence Fusion & Strategic Operations unit of the Delhi Police’s Special Cell by a woman alleging that she was being abused and threatened by some unknown persons who were sending her morphed and vulgar photographs to her family, friends and relatives through social media. The complainant had taken a loan from a loan app, cash advance, she repaid the same in time. But after repaying the loan she started getting threatening calls and messages on WhatsApp from the employees of that loan app company.
In another case, when the police were investigating a cyber fraud of just Rs 6,500, it was shocked to learn that the bank account in which the cheated amount was deposited had a daily transaction of `19.43 crore. Both of these cases were the Chinese Loan Application scam. The thing is that high-tech Chinese cyber criminals have devised a new strategy to dupe people and are these days defrauding Indians via fake loan applications.
Gullible Indians are everyday falling prey to the small amount of loans that they get through these Chinese-operated fake loan apps that are available on the Play Store. These lend money instantly to any person for a period of a few days. At the time of downloading the application, the app asks permission to capture, contact list, photo gallery and other personal data of the phone of the loan seeker.
If the money is not paid, the call centres operating out of neighbouring countries like Nepal, threaten the victims to leak their personal data and make abusive comments to their contacts as while downloading the application it accesses all the contacts, photos, and other data in the phone of the victim. In this loan app scam amounting to Rs 150 crore, the Delhi Police recently made a big breakthrough and arrested a 52-year-old Chinese woman national who was said to be the mastermind.
Mewat: The new Jamtara
Anyone who is a close follower of cyber crimes flicks may have encountered the term Jamtara. Notably – Jamtara, a city in Jharkhand – has earned the nickname of the phishing capital of India after umpteen incidents of cyber fraud across India were reported with this town being the epicentre of all cases.
Even as the authorities in Jamtara are striving hard to shed the infamous image, a new triangle of cities has emerged that seem to have specialized in blackmail based on deep fakes.
The maximum cyber crime cases are now being reported from Mathura in Uttar Pradesh, Bharatpur in Rajasthan and Mewat region which is spread in three states of Haryana, Uttar Pradesh and Rajasthan.
Recently, a Lucknow-based businessman was targeted in a “sextortion” attempt. Soon after accepting a woman’s friend request on social media, he received a WhatsApp video call from her. During the 15-second call, she snared him with seductive gestures and words. Minutes later, the businessman received another call to cough up `30 lakh or see his conversation with the woman leaked on social media.
Delving further into such crimes, this correspondent visited the Mewat region and spoke to a recently released scammer at Jurehra village in Rajasthan, located at a distance of 2 km from Haryana-Rajasthan border. The alleged scamster, who wished not to be named, did not share details about sextortion but said he duped people through the Olx mobile application.
The 34-year-old said they used to post an advertisement posing as a defence personnel and share their location that would be at least 300-400 km away so that there is no face-to-face interaction. “We used to gain our victim’s trust and convince them the device would be sent through courier. So we used to cheat them for some advance amount and Courier charges,” he said. But such scams are not only a threat to an individual but these days hackers are even targeting major institutions.
Hackers on prowl
Country’s top tertiary care, All India Institute of Medical Sciences (AIIMS) in November last year confronted a major act of cyber terrorism that paralysed its patient care delivery system for over two weeks. The ransomware attack corrupted its servers and allowed the perpetrators to access sensitive medical records of crores of patients who received treatment there including ministers, politicians, celebrities among others.
Experts dubbed the incident as one of the ‘biggest’ and ‘most serious’ that India has ever seen at the hospital that caters to medical requirements of dignitaries like the President and the Prime Minister. The attack was so severe that the NIA had to be roped in.
According to data, accessed by this newspaper, as many as 54,314, 48,285 and 1,92,439 cyber security incidents related to government agencies, institutions and undertakings were observed during the years 2020, 2021 and 2022, respectively.
Trying to understand the vulnerabilities which hackers usually expose, this newspaper spoke to iAcuity Fintech’s CEO, Gaurav Batheja, an expert in the field of preventing cyber crimes. The firm iAcuty, which empowers law enforcement agencies to combat financial crime, has built the world’s first hyper-automated, AI analytics engine to facilitate both investigation and prevention. “It is essential to have data secured while at rest or in motion. As business continuity requirements change, many enterprises are providing remote access to employees. The first step is to ensure that data is stored and transferred in encrypted formats,” Batheja told this correspondent.
“Central Law Enforcement Agencies should implement systems to continuously monitor and track cyber-criminals using AI/ML systems to track patterns and behaviours in telecom networks, internet and banking systems.,” Batheja said.
Dearth of tougher laws
International Commission on Cyber Security Law chairman Pavan Duggal, while speaking to this correspondent, said the time has come that we must have dedicated cyber crime courts, because the existing courts are bogged down by existing criminal prosecutions. “We now require new legal framework to deal with the misuse of emerging technologies for crimes,” he said. Duggal said that the pandemic has resulted into the beginning of the golden age of cyber crime, which is going to continue for the next many decades with it being our direct competitor.
“Now, cyber crime is our default companion, and the new normal are cyber security breaches. Indians, unfortunately, are not quite ready to deal with this new wave of cyber crime. With emerging technology, cyber criminals have got their huge potential for committing new kinds of crimes, with ChatGPT emerging as a very distinctive, potent ammunition for them, we have far more challenges with it,” he averred.
Speaking on what the law says about cyber crime and criminals, Duggal said that first and foremost, the people need to understand that we don’t have any dedicated law on cyber crime. “Secondly, we won’t be sought to cover some cyber crimes under the Information Technology Act 2000, and also under the IPC. Number three, our laws are extremely weak when I look at them as potential response mechanisms to fighting cyber crimes,” he stated.
Women: Fraudsters’ prime target
Last year in October, a woman lodged a complaint that she met a man on a matrimonial website who presented himself as an admin professional in some department of the Government of India having a hefty income of Rs 50-70 lakh per annum.
Since, the complainant woman was looking for a suitable match and was impressed with the profile of the man, she got in touch and started meeting the accused who informed her that presently, he is working at CBI as joint director and also looking after additional charges of ATS head, NIA Second-in-Command and RAW.
One day he told the woman that his account has been seized due to a vigilance enquiry and he is in need of some money and cheated the complainant of Rs 1.5 lakh. The man, who was a fraud, was later arrested by the police. Notably, the Intelligence Fusion & Strategic Operations (IFSO) unit of the Delhi Police which functions under the Special Cell and is a specialised unit, handles all complex and sensitive cases of cyber crime including those in which victims are women and children.
The IFSO regularly organises special awareness programmes that focus on Internet-related sexual offences. Deputy Commissioner of Police (IFSO) Prashant Gautam told this newspaper that special awareness programmes are being conducted for the girls and the women in both online and offline modes in a bid to safeguard them against any such cyber crimes.
According to official data, the total number of cyber security incidents tracked by Indian Computer Emergency Response Team (CERT-In) during the year 2019 was 3,94,499, which spiked to 11,58,208 in 2020 and further increased to 14,02,809 in 2021. Similarly, 13,91,457 cyber security incidents were
observed in 2022.
High-end fraud taken online
Several people have fallen prey to high-end cyber crimes in which people are being defrauded to the tune of hundreds of crores of Rupees every day
From just minor frauds of hundreds of Rupees to transactions worth lakhs, swindlers are everyday adopting new innovative ways to defraud gullible citizens of the country
Cyber crimes are of different types – social media crimes, data theft, ransomware, phishing, online lottery scam, sextortion, among several others
Attack on govt agencies, institutions & undertakings
Policing cyber space
The year 2022 saw a new low in history of crimes in the online space in India. Individuals apart, hackers last year targeted major govt institutions. Ujwal Jalali looks at the trends and capabilities of fraudsters while tracing cases, damage, legal perspectives and law enforcement efforts