Search This Blog

Powered by Blogger.

Blog Archive

Labels

About Me

Showing posts with label Bengaluru. Show all posts

Bengaluru Woman Loses ₹2 Lakh to Sophisticated IVR-Based Cyber Scam

 

Cyber fraud continues to evolve, with scammers using increasingly sophisticated techniques to deceive victims. In a recent case from Bengaluru, a woman lost ₹2 lakh after receiving a fraudulent automated call that mimicked her bank’s Interactive Voice Response (IVR) system. The incident underscores the growing risk of technology-driven scams that exploit human vulnerability in moments of urgency. 

The fraud occurred on January 20 when the woman received a call from a number that closely resembled that of a nationalized bank. The caller ID displayed “SBI,” making it appear as though the call was from her actual bank. The pre-recorded message on the IVR system informed her that ₹2 lakh was being transferred from her account and asked her to confirm or dispute the transaction by pressing a designated key. Startled by the alert, she followed the instructions and selected the option to deny the transfer, believing it would stop the transaction. 

However, moments after the call ended, she received a notification that ₹2 lakh had been debited from her account. Realizing she had been scammed, she rushed to her bank for assistance. The bank officials advised her to report the fraud immediately to the cybercrime helpline at 1930 and file a police complaint. Authorities registered a case under the Information Technology Act and IPC Section 318 for cheating. 

Cybercrime investigators believe this scam is more sophisticated than traditional IVR fraud. Typically, such scams involve tricking victims into providing sensitive banking details like PINs or OTPs. However, in this case, the woman did not explicitly share any credentials, making it unclear how the fraudsters managed to access her funds. 

A senior police officer suggested two possible explanations. First, the victim may have unknowingly provided critical information that enabled the scammers to complete the transaction. Second, cybercriminals may have developed a new technique capable of bypassing standard banking security measures. Investigators are now exploring whether this scam represents an emerging threat involving advanced IVR manipulation. This case serves as a stark reminder of the need for heightened awareness about cyber fraud. 

Experts warn the public to be wary of automated calls requesting banking actions, even if they appear legitimate. Banks generally do not ask customers to confirm transactions via phone calls. Customers are advised to verify any suspicious activity directly through their bank’s official app, website, or customer service helpline. 

If someone encounters a suspected scam, immediate action is crucial. Victims should contact their bank, report the fraud to cybercrime authorities, and avoid responding to similar calls in the future. By staying informed and cautious, individuals can better protect themselves from falling prey to such evolving cyber threats.

AI-Led Cyber Fraud on a Rise in Bengaluru, Rs 1,788 Crore Stolen During Major Scam

 



Bengaluru emerges as the leading tech-enabled city for scams: Cyber fraud has been on an upward spiral during the period 2021 through September 2024, reports the police while citing the cumulative loss to this city as an amount of Rs 2,270 crore during the period and six major types of scams where the loss involved nearly Rs 1,788 crore.


Important Fraud Categories

The figures point to considerable losses in the following fraud types: 

Investment Frauds: Unrealistic returns promised by fraudsters led to a loss of ₹1,187.2 crore. 

Job Frauds: Losses due to fake job offers stood at ₹601.23 crore. 

Courier Scams: Well developed courier-related schemes accounted for ₹165.57 crore. 

Card Scams: Stolen card details used for fraudulent transactions resulted in losses of ₹116 crore.

Phishing Attacks: Emails and messages designed to steal personal data caused ₹96.98 crore in damages.  

Loan App Frauds: Fraudulent lending platforms resulted in ₹32.25 crore in losses.  


Challenges in Recovery

Recovery of stolen funds is still a challenge for the investigators. Police have identified two major hurdles:

Delayed Reporting: Victims mostly delay reporting frauds, and thus miss the most crucial "golden hour," when funds can be frozen.  

Lag in Banks' Response: Banks used to take up to eight days to provide account details, which adversely affected recovery operations. This is now reduced to 4-5 days, post meetings with RBI, but there is more to be achieved.


AI in Cybercrime

AI has been a gambler for scamsters in Bengaluru. Advanced technologies are being made use of to devise highly believable frauds: 

  • Voice Cloning: AI produced voice replicas make the victim believe he is communicating with his trusted contact.  
  • Improved Courier Scams: AI assists scammers to fabricate more convincing courier fraud scenarios.  
  • Fake Investment Platforms: AI interfaces mimic authentic apps, to look incredibly real.  


Proposed Solutions

To counter these emergent threats, the authorities have stressed the requirement of public education and systemic reformation. The CEN wing has suggested that: 

1. There should be a campaign for citizen education about prevailing scams. 

2. There should be better coordination among banks, the police, and regulatory bodies so that the responses are faster. 

3. A specific cybercrime wing with special resources should be developed, as already announced by the government.


Although measures to improve response times and raise awareness have shown promise, experts stress that more robust systems are needed to tackle the growing paradigm of cybercriminals. With AI reshaping the way scams operate, staying informed and cautious is now more crucial than ever.



Delivery Partners Exploit App Loophole, Defraud Logistics Company in Bengaluru

 




This is a major fraud case whereby delivery partners exploited a weakness in the logistics app Porter, syphoning Rs 90 lakh from Bengaluru. The swindle was detected by a routine business audit conducted in July by Smart Shift Logistics Solutions Pvt Ltd, which runs Porter. After this, an official of the logistics company filed a complaint with the police. Insider involvement was ruled out through automated operations.

The authorities suspected it could be an inside job when the fraud was first detected, considering the scale of the crime. They looked at the backend operations of the company and found nothing internal as most processes were automated. This led to a deep probe with Sarah Fathima, the Deputy Commissioner of Police (Southeast), assigning a team to trace the refunds made by the company since January. This series of operations was headed by ACP Govardhan Gopal, along with inspector Eshwari from the Southeast Cybercrime, Economic Offences, and Narcotics (CEN) police station.


Understanding the Scam

The investigators soon came across several refunds credited to the same accounts, and a rather clear fraud pattern began to emerge. The police were following this chain of suspicious transactions when it led them to a Shreyas TL, a 29-year-old from Hassan's Hirisave. Based on confession questioning of Shreyas, the police managed to seize three others: Kaushik KS, aged 26, from Mandya, Ranganath PR, also 26, and Anand Kumar, 30, both from Mandya.

These were earlier cab drivers and food delivery partners for various online applications who chanced upon loopholes in the Porter app after dabbling in such scams in other delivery services. They eventually managed to pinpoint how to exploit the Porter system through trial and error for their financial gains.


How the scam was run

Porter has a system where the driver can get a part of the total bill through his wallet whenever he accepts the job. And if he rejects the delivery, he will have his money back automatically. The application does not allow abusing this system, and therefore it has a strict cancellation policy where it blacklists the drivers in case they cancel two deliveries consecutively.

The fraudsters bypassed the system. Geo-spoofing is an application of the technology, using which they manipulated the app so as to pose their locations at places where there are few available drivers. This way, they accepted the jobs using their fake delivery accounts. The amount of the bill was credited to their digital wallets. Then the amount was drawn from these wallets into bank accounts. They canceled the delivery, and customers canceled the order and received a refund.

The reason they did not get blacklisted was because of repeated cancellations, so to avoid that, the gang bought fake phone numbers from Telegram groups and created new accounts on the app with them. Additionally, the gang practiced geo-spoofing to change their location into neighbouring states, making it hard for the authorities to trace them.


A Perfected Scam

The operation of the gang was so sophisticated that they managed to make off with a total of Rs 90 lakh from the company. Taking advantage of loopholes in the automation of the app, they had syphoned off the amount without raising any suspicion in the beginning. But finally, after going through a detailed investigation, it was traced by the police, and the fraudsters were caught.

This case shines a light on the importance of secure and foolproof systems in online platforms, especially those handling financial transactions. It also highlights the need to frequently audit and monitor company automated processes to detect fraud before it gets out of hand.




Bengaluru Man Arrested for Exploiting Woman in Online Interview

 



Panaji: In a disturbing cybercrime case, the Goa Cyber Crime Police arrested a Bengaluru resident, Mohan Raj V, for allegedly cyberbullying and extorting a woman from Goa. The arrest was made on Saturday after a strategic operation by the police team.

The case began when the victim, a woman from Goa, filed a complaint with the cyber crime police. She reported that the accused had posted a fake job advertisement for a position at a foreign bank. Responding to the advertisement, the woman was contacted via a chatting app by the accused, who arranged an online interview. During the video call, individuals posing as company representatives coerced the woman into undressing. They recorded the video and took screenshots, which were later used to blackmail her.

According to the complaint, the accused demanded sexual favours in exchange for deleting the compromising material. Over the past two months, he persistently harassed the woman, threatening to make the videos and pictures public if she did not comply. He also demanded that she meet him in Bengaluru.

Following the complaint, the police, led by Superintendent of Police Rahul Gupta, devised a plan to apprehend the accused. A team, including the victim, travelled to Bengaluru and laid a trap. After extensive efforts and a lengthy chase, the accused was caught when he arrived to meet the victim. The police recovered the chats and videos from the accused's phone, which will be sent for a cyber forensic examination.

The investigation revealed that Mohan Raj V used VPN phone numbers to create fake Telegram accounts and post fraudulent job offers. He targeted women by promising high salary packages and conducting fake online interviews.

The accused has confessed to his crimes and has been booked under several sections of the Indian Penal Code, including section 354A (sexual harassment), section 384 (extortion), and relevant provisions of the Information Technology Act. The case is being further investigated by Police Inspector Deepak Pednekar.

SP Rahul Gupta urged the public to verify the authenticity of online job offers through local or cyber police stations before engaging with them. He also cautioned against complying with unethical online demands, no matter the promised benefits.

This case highlights the growing menace of cybercrime and the importance of vigilance in online interactions. The Goa Cyber Crime Police's successful operation furthers the cause for robust cyber security measures and public awareness to prevent such incidents.



Digital Arrest Scam: Bengaluru Man Loses Rs 3.8 Crore to Scammers


A 73-year-old man recently lost Rs 3.8 crore due to the 'digital arrest' threat posed by fraudsters impersonating law enforcement officers. The fraudsters held him under 'digital arrest' from May 5 to 10, saying that he was under Mumbai police monitoring because a parcel shipped in his name to Taiwan contained drugs.

The Setup

It all started on May 5 at 10 a.m., when Rajkumar (name changed), an Indiranagar resident and retired MNC executive, got a call from 8861447031. The caller claimed as a 'FedEx' logistics executive and supplied Rajkumar's Aadhaar and mobile numbers. 

He said that a package shipped to Taiwan under Shankar's name contained five passports, a laptop, 3kg of clothing, and 150 grams of MDMA. He forwarded the phone to a "police officer" after claiming a case against him had been filed at Mumbai's Andheri East cyber police station.

The Deception

A man claimed to be Rajesh Pradhan, DCP (Cybercrime), Andheri and informed Shankar that he was under digital arrest until the inquiry was completed. They warned to arrest him if he left his residence and instructed him to isolate himself in a room. Later, they made a video call to him, and Shankar noticed a police station in the backdrop and assumed he was speaking with actual cops.

Pradhan informed Rajkumar that this was a high-profile and sensitive matter involving VIPs. He was told not to mention their call with anybody and threatened with arrest if he did not obey their instructions. 

The Money Transfer

The con artist added that they discovered a bank account opened in his name that was being used for money laundering. They allegedly examined the charges against him, which included money laundering, NDPS, and other criminal actions, before offering to assist him. 

To protect the account, he was ordered to move the full balance in his bank accounts to Reserve Bank of India (RBI) accounts.

The Aftermath

After promising to repay him after his transactions were verified, they convinced Shankar to send money to their accounts in several transactions. 

After transferring Rs 3.8 crore, Rajkumar was promised that the return would be in his account within 30 minutes of verification and the connection was discontinued. Rajkumar only realized he had been duped after the crooks went mute.

The digital arrest is fake: DCP

According to Kuldeep Kumar Jain, DCP (East), Shankar submitted a report on May 13, and they were able to freeze Rs 9 lakh within two days.

A case has been filed under the Information Technology Act and IPC section 420 (cheating and dishonestly inducing delivery of property).

According to Jain, such claims should not be taken seriously. The police force has no idea of digital arrests or online (virtual) investigations. If you receive such calls, simply disconnect and report them to your nearest police station or the 1930 cyber helpline. If you lose any money, you should contact the police right away. Delays in filing complaints will have an impact on recovery rates.

Stock Market Scam in Bengaluru: Businessman Loses Rs 5.2 Crore



In a recent cybercrime incident, a 52-year-old businessman from Bengaluru fell victim to a stock market scam, losing a staggering Rs 5.2 crore. The victim, referred to as Sharath for anonymity, reported the incident to the cybercrime police on April 8. According to his account, the ordeal began when he received a WhatsApp message on March 11 promoting stock market investments with promises of high returns. Despite refraining from clicking the accompanying link, Sharath found himself involuntarily added to a WhatsApp group named "Y-5 Ever Core Financial Leader," boasting around 160 members.

Subsequently, Sharath received numerous calls from unidentified numbers, urging him to download an application linked to the investment scheme. Initially resistant, Sharath eventually succumbed to the persuasion tactics employed by the fraudsters and downloaded the app. Under the guidance of the perpetrators, Sharath began purchasing stocks facilitated by multiple accounts provided by the fraudsters. Assured that his funds were being invested in the stock market, Sharath transferred a staggering Rs 5.2 crore to five designated accounts by April 2.

Despite his growing suspicions, Sharath's attempts to withdraw profits or reclaim some of his invested capital for further investments were thwarted by the fraudsters. It was only then that he realised he had fallen victim to a scam. In response to the complaint, authorities have initiated legal proceedings under the IT Act, with ongoing investigations. Efforts have been made to freeze the funds in the fraudsters' accounts in collaboration with bank officials, raising hopes for potential recovery of some of the lost money, as confirmed by a senior police official.

Senior Citizen Scammed: Woman Loses Rs 6 Lakh

In another distressing incident, a 61-year-old woman fell prey to cybercriminals impersonating Delhi police and Customs officials. Exploiting her fear, the fraudsters falsely accused her of drug smuggling and money laundering, coaxing her to transfer Rs 6.56 lakh. Manipulating her trust, they provided fake validation procedures, leading to her significant loss.

These incidents serve as stark reminders of the growing tactics of cybercrime and the importance of caution while engaging in online transactions. Authorities urge the public to exercise caution and scepticism when encountering unsolicited investment opportunities or suspicious requests for financial transactions. As investigations continue into these cases, efforts to combat cybercrime through deliberate security measures and real-time data sharing remain imperative to safeguard individuals and businesses from falling prey to such fraudulent schemes.


Bengaluru Woman Escapes a Cyber-scam Attempt, After Indigo’s Bogus ‘Agents’ Cancel Rs.15,600 Tickets


A 32-year-old woman from Bengaluru, India, suffered a cyber scam where the scammers falsely identified themselves as the agents of Indigo Airlines. The scammers attempted to obtain Rs. 15,600 from the victim. 

Following a few questions from the ‘agents,’ victim Mahashweta Pal grew suspicious and called the official helpline number of the airlines to inform them about the narrow escape from the fraud. 

Pal, the social media manager at Inquest, was taken aback when, on January 1, she received a call from an alleged Indigo agent informing her that her tickets had been cancelled. Pal had purchased a round-trip ticket to Kolkata on Indigo.

"The caller then proceeded to offer two options: immediate rebooking at the same fare or a refund of the original booking amount (Rs 15,600) within 24 hours[…]This purported cancellation was presented as a fact, with no prior notification or explanation provided. The caller told me he could send me a link for repayment on WhatsApp," Pal said. 

Pal discovered that her tickets had been cancelled, but that a third party had handled it, after hanging up the phone and dialling Indigo's official hotline number.

She informed that the Indigo ‘agents’ informed her of the cancellation of her tickers and that there was nothing they could do except initiate a “partial refund of the cancelled tickets and I received around Rs 8,000."

However, when Pal asked some follow-up questions, the bogus agents informed them that someone had altered the information on their website. The customer support agent admitted that there were errors in the cancellation information; her phone number and email address did not match what she had entered. This disparity implied that her booking was maliciously altered and that there was illegal access to her account. Even though they acknowledged that there was a problem, they did not provide a fix or the remaining portion of my money.

Following a week of Pal pursuing the case and eventually taking the case to social media, she finally started getting calls from the airlines for assistance. 

"The customer care executive was kind enough to share the information about the scammers. The email ID they used was maheshmeena00417@gmail.com and the number to which the OTP was sent was 9257384638. And the IP address was 157.38.67.21," Pal shared.

The airline took further measures to "ensure the security" of Pal's booking when she purchased the flight tickets once again. "We have temporarily blocked any modifications or web check-in of your booking. If you have any further requirements or need to make changes, we kindly request you to contact our IndiGo contact centre for assistance," Indigo stated.

Moreover, on Tuesday, Pal was contacted by another executive informing her that her previous booking, which had been fraudulently cancelled, had been fully refunded.  

A 38-Year-Old Indian Professor, Lost Rs 10 Lakh to a Scammer in Cryptocurrency Trading

 

A Bengaluru-based 38-year-old professor new to the cryptocurrency world lost Rs 10 lakh in bitcoins to a scammer, who assured to manage his cryptocurrency account. This Palace Gutahalli resident and a private university lecturer brought a complaint on Saturday to the Central CEN Police. The incident took place on 22 February, after attempting to register to a cryptocurrency trading platform, as per the complainant.

“As he was unaware of how to handle cryptocurrency, he had visited certain groups on Telegram, where discussions on the same took place. As he (the victim) had doubts regarding how to use CoinSwitch Kuber, the trading platform, the hacker approached him promising to help in handling bitcoins to ensure high returns,” the police said. CoinSwitch Kuber is a simple and safe platform for Indian users, which allows them to purchase more than 100 cryptocurrencies, including Bitcoin, Ethereum, Ripple, etc. 

The victim posted a query on a Telegram group following failure to effectively add Rs 90,000 to his account. He also registered into a couple of crypto-currency rooms of the mobile app, Telegram – to understand the trade process and share their views. Later a scammer told the victim himself that he could manage the bitcoins that the latter purchased and make high returns from it. The alleged scammer pursued his credentials, including a one-time password (OTP), and then the Bitcoins worth Rs 10 lakh were transferred from the wallet of the victim to some other wallet in the following few minutes. 

In response to a complaint from the victim, a case was also registered by the Central CEN police, in compliance with the appropriate sections of the Information Technology and Indian Penal Code (IPC). A senior police officer said that this is their first-of-a-kind case and that they are examining how they want to verify. 

“We are exploring options on how to conduct the investigation. To begin with, we will approach CoinSwitch Kuber as there are no other regulators that can be communicated to take this forward,” the officer added. 

In response to the incident, CoinSwitch Kuber said in a statement: “It is unfortunate that one of our users has been subjected to fraud by a third party. We will cooperate with the investigating authorities and provide them all possible assistance. We request all our users to be extremely careful in handling their OTPs and account details.” 

Further, the company warned its users by stating that, the credentials are just as sacrosanct as the credentials of one's bank and therefore it should not be shared with any third party. Customers also need to note that CoinSwitch Kuber and its staff never demand for their login credentials.