Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Bank Scam. Show all posts

Santander Bank Faces Major Data Breach Affecting 30 Millions

In a significant cybersecurity incident, Spain's largest bank, Santander, has confirmed a data breach involving unauthorized access to sensitive information. The breach, detected two weeks ago, was linked to a third-party provider's database and impacted employees and customers in Chile, Spain, and Uruguay. 

The hacking group ShinyHunters, also responsible for a recent attack on Ticketmaster, claims to have compromised data belonging to 30 million individuals. This includes 28 million credit card numbers and 6 million account numbers and balances. Despite the group's assertions, Santander's Q1 2024 financial report indicates the bank only has 19.5 million customers in the affected countries. ShinyHunters is reportedly selling the stolen data for $2 million on the dark web, as observed by Dark Web Informer. 

To support their claims, the hackers have released samples of the data. While the legitimacy of these samples is yet to be confirmed, the threat underscores the growing menace posed by cybercriminals targeting major financial institutions. Santander has taken immediate steps to protect client accounts and ensure that financial transactions remain secure. 

The bank has also reached out to affected customers to apologize and reassure them that essential online financial information remains intact. Despite these efforts, cybersecurity experts caution about the potential risks associated with the breach. This incident highlights the vulnerability of digital infrastructure to sophisticated cyberattacks and raises concerns about the security measures employed by financial institutions. 

The breach follows closely on the heels of the FBI's seizure of BreachForums, a platform operated by ShinyHunters and another hacker known as Baphomet, further emphasizing the persistent threat posed by organized cybercriminal groups. As investigations continue, the breach at Santander serves as a stark reminder of the critical importance of robust cybersecurity defenses in safeguarding sensitive financial data in an increasingly digital world.

Digital Arrest Scam: Bengaluru Man Loses Rs 3.8 Crore to Scammers


A 73-year-old man recently lost Rs 3.8 crore due to the 'digital arrest' threat posed by fraudsters impersonating law enforcement officers. The fraudsters held him under 'digital arrest' from May 5 to 10, saying that he was under Mumbai police monitoring because a parcel shipped in his name to Taiwan contained drugs.

The Setup

It all started on May 5 at 10 a.m., when Rajkumar (name changed), an Indiranagar resident and retired MNC executive, got a call from 8861447031. The caller claimed as a 'FedEx' logistics executive and supplied Rajkumar's Aadhaar and mobile numbers. 

He said that a package shipped to Taiwan under Shankar's name contained five passports, a laptop, 3kg of clothing, and 150 grams of MDMA. He forwarded the phone to a "police officer" after claiming a case against him had been filed at Mumbai's Andheri East cyber police station.

The Deception

A man claimed to be Rajesh Pradhan, DCP (Cybercrime), Andheri and informed Shankar that he was under digital arrest until the inquiry was completed. They warned to arrest him if he left his residence and instructed him to isolate himself in a room. Later, they made a video call to him, and Shankar noticed a police station in the backdrop and assumed he was speaking with actual cops.

Pradhan informed Rajkumar that this was a high-profile and sensitive matter involving VIPs. He was told not to mention their call with anybody and threatened with arrest if he did not obey their instructions. 

The Money Transfer

The con artist added that they discovered a bank account opened in his name that was being used for money laundering. They allegedly examined the charges against him, which included money laundering, NDPS, and other criminal actions, before offering to assist him. 

To protect the account, he was ordered to move the full balance in his bank accounts to Reserve Bank of India (RBI) accounts.

The Aftermath

After promising to repay him after his transactions were verified, they convinced Shankar to send money to their accounts in several transactions. 

After transferring Rs 3.8 crore, Rajkumar was promised that the return would be in his account within 30 minutes of verification and the connection was discontinued. Rajkumar only realized he had been duped after the crooks went mute.

The digital arrest is fake: DCP

According to Kuldeep Kumar Jain, DCP (East), Shankar submitted a report on May 13, and they were able to freeze Rs 9 lakh within two days.

A case has been filed under the Information Technology Act and IPC section 420 (cheating and dishonestly inducing delivery of property).

According to Jain, such claims should not be taken seriously. The police force has no idea of digital arrests or online (virtual) investigations. If you receive such calls, simply disconnect and report them to your nearest police station or the 1930 cyber helpline. If you lose any money, you should contact the police right away. Delays in filing complaints will have an impact on recovery rates.