Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Online fraud. Show all posts
telecommunications
AI Scams AI tools Cyber Security CyberCrime Fake Documents financial scams Fraud Online fraud SE Asia SIM telecommunications

Tamil Nadu Police, DoT Target SIM Card Fraud in SE Asia with AI Tools

 

The Cyber Crime Wing of Tamil Nadu Police, in collaboration with the Department of Telecommunications (DoT), is intensifying efforts to combat online fraud by targeting thousands of pre-activated SIM cards used in South-East Asian countries, particularly Laos, Cambodia, and Thailand. These SIM cards have been linked to numerous cybercrimes involving fraudulent calls and scams targeting individuals in Tamil Nadu. 

According to police sources, investigators employed Artificial Intelligence (AI) tools to identify pre-activated SIM cards registered with fake documents in Tamil Nadu but active in international locations. These cards were commonly used by scammers to commit fraud by making calls to unsuspecting victims in the State. The scams ranged from fake online trading opportunities to fraudulent credit or debit card upgrades. A senior official in the Cyber Crime Wing explained that a significant discrepancy was observed between the number of subscribers who officially activated international roaming services and the actual number of SIM cards being used abroad. 

The department is now working closely with central agencies to detect and block suspicious SIM cards.  The use of AI has proven instrumental in identifying mobile numbers involved in a disproportionately high volume of calls into Tamil Nadu. Numbers flagged by AI analysis undergo further investigation, and if credible evidence links them to cybercrimes, the SIM cards are promptly deactivated. The crackdown follows a series of high-profile scams that have defrauded individuals of significant amounts of money. 

For example, in Madurai, an advocate lost ₹96.57 lakh in June after responding to a WhatsApp advertisement promoting international share market trading with high returns. In another case, a government doctor was defrauded of ₹76.5 lakh through a similar investment scam. Special investigation teams formed by the Cyber Crime Wing have been successful in arresting several individuals linked to these fraudulent activities. Recently, a team probing ₹38.28 lakh frozen in various bank accounts apprehended six suspects. 

Following their interrogation, two additional suspects, Abdul Rahman from Melur and Sulthan Abdul Kadar from Madurai, were arrested. Authorities are also collaborating with police in North Indian states to apprehend more suspects tied to accounts through which the defrauded money was transacted. Investigations are ongoing in multiple cases, and the police aim to dismantle the network of fraudsters operating both within India and abroad. 

These efforts underscore the importance of using advanced technology like AI to counter increasingly sophisticated cybercrime tactics. By addressing vulnerabilities such as fraudulent SIM cards, Tamil Nadu’s Cyber Crime Wing is taking significant steps to protect citizens and mitigate financial losses.
Read more »
Social media identity theft
Costa Rica cybercrime Cyber Fraud Cybercrime Prevention Digital Security identity theft protection Online fraud Social media identity theft

Costa Rican Authorities Issue Warning as Social Media Identity Theft Cases Double

 

With the rapid evolution of technology, there has been a concerning rise in cybercrime, particularly in the realm of identity theft on social media platforms. The Cybercrime Unit of the Public Prosecutor's Office has observed a significant surge in such cases, prompting heightened attention to this growing threat.

Esteban Aguilar, the lead prosecutor of the Cybercrime Unit, shed light on the methods employed by cybercriminals to carry out identity theft. He explained that these crimes often target individuals, corporations, and even trademarks, using social networks, websites, or other digital platforms as their primary vehicles. Aguilar highlighted the severity of this issue, noting that identity theft has become the second most rapidly increasing form of cybercrime in the country, trailing only behind cyber fraud in its expansion.

The prosecutor emphasized the gravity of the situation by discussing the legal repercussions associated with identity theft. According to Aguilar, the Cybercrime Unit frequently receives reports of false profiles on social networks, which can lead to serious legal consequences, including imprisonment for up to three years. He stressed the importance of educating young people, who are the most active users of social media, on the legal and ethical responsibilities they must uphold online. Aguilar warned that any involvement in such illicit activities could result in severe penalties.

Statistical data from the Public Prosecutor's Office further underscore the growing concern. Since 2019, the number of identity theft cases has nearly doubled, rising from 449 reported incidents that year to 950 cases in 2023. This sharp increase reflects the escalating nature of cyber threats and the need for stronger measures to combat them.

The Costa Rican Penal Code specifically addresses the crime of identity theft, prescribing imprisonment ranging from one to three years for offenders. The law is clear: anyone who impersonates the identity of a natural person, legal entity, or trademark on any social network, website, or digital platform will face serious legal consequences.

The impact of identity theft has not been limited to individuals. Businesses, too, have been affected, with several high-profile companies falling victim to this crime. For instance, Pozuelo, a well-known cookie brand, has issued warnings to the public about fraudulent schemes where criminals have misappropriated the company's identity. Similarly, financial institutions, including banks, have alerted their customers to various scams designed to exploit their trust.

In a particularly alarming development, the country recently reported its first case of identity theft involving social networks. The case involves a man accused of accessing his ex-girlfriend's social media accounts and business profiles without her permission. According to the Prosecutor's Office, the accused had knowledge of her passwords and used them to infiltrate her personal and business accounts, raising serious concerns about privacy and the misuse of personal information.

This case serves as a stark reminder of the far-reaching consequences of cybercrime, particularly identity theft, and the urgent need for vigilance, both online and offline. As technology continues to advance, so too must the efforts to protect individuals and businesses from the growing threat of cybercriminals.

Read more »
Online fraud
Bengaluru Cyber bullying Cyber Crime Extortion Goa Online fraud

Bengaluru Man Arrested for Exploiting Woman in Online Interview

 



Panaji: In a disturbing cybercrime case, the Goa Cyber Crime Police arrested a Bengaluru resident, Mohan Raj V, for allegedly cyberbullying and extorting a woman from Goa. The arrest was made on Saturday after a strategic operation by the police team.

The case began when the victim, a woman from Goa, filed a complaint with the cyber crime police. She reported that the accused had posted a fake job advertisement for a position at a foreign bank. Responding to the advertisement, the woman was contacted via a chatting app by the accused, who arranged an online interview. During the video call, individuals posing as company representatives coerced the woman into undressing. They recorded the video and took screenshots, which were later used to blackmail her.

According to the complaint, the accused demanded sexual favours in exchange for deleting the compromising material. Over the past two months, he persistently harassed the woman, threatening to make the videos and pictures public if she did not comply. He also demanded that she meet him in Bengaluru.

Following the complaint, the police, led by Superintendent of Police Rahul Gupta, devised a plan to apprehend the accused. A team, including the victim, travelled to Bengaluru and laid a trap. After extensive efforts and a lengthy chase, the accused was caught when he arrived to meet the victim. The police recovered the chats and videos from the accused's phone, which will be sent for a cyber forensic examination.

The investigation revealed that Mohan Raj V used VPN phone numbers to create fake Telegram accounts and post fraudulent job offers. He targeted women by promising high salary packages and conducting fake online interviews.

The accused has confessed to his crimes and has been booked under several sections of the Indian Penal Code, including section 354A (sexual harassment), section 384 (extortion), and relevant provisions of the Information Technology Act. The case is being further investigated by Police Inspector Deepak Pednekar.

SP Rahul Gupta urged the public to verify the authenticity of online job offers through local or cyber police stations before engaging with them. He also cautioned against complying with unethical online demands, no matter the promised benefits.

This case highlights the growing menace of cybercrime and the importance of vigilance in online interactions. The Goa Cyber Crime Police's successful operation furthers the cause for robust cyber security measures and public awareness to prevent such incidents.



Read more »
unauthorised access
Cyber Fraud Financial crime Financial Loss Information Technology Online fraud Online Scam OTP unauthorised access

E-Challan Fraud, Man Loses Rs 50,000 Despite Not Sharing Bank OTP

 

In a cautionary tale from Thane, a 41-year-old man, M.R. Bhosale, found himself embroiled in a sophisticated online scam after his father fell victim to a deceptive text message. The incident sheds light on the dangers of trusting unknown sources and underscores the importance of vigilance in the digital age. 

Bhosale's father, a diligent auto-rickshaw driver in Ghatkopar, received a seemingly official text message from the Panvel Traffic Police, notifying him of a traffic violation challan against his vehicle. The message directed him to settle the fine through a designated app called Vahan Parivahan, with a provided download link. Unbeknownst to him, the message was a clever ruse orchestrated by scammers to dupe unsuspecting victims. 

When Bhosale's father encountered difficulties downloading the app, he sought his son's help. Little did they know, their attempt to rectify the situation would lead to financial loss and distress. Upon downloading the app on his device, Bhosale encountered a barrage of One-Time Passwords (OTPs), signalling a red flag. Sensing trouble, he promptly uninstalled the app. 

However, the damage had been done. A subsequent check of his bank statement revealed unauthorized transactions totalling Rs 50,000. With resolve, Bhosale wasted no time in reporting the incident to the authorities. A formal complaint was filed, detailing the deceptive mobile number, fraudulent link, and unauthorized transactions. 

In response, the police initiated an investigation, invoking sections 66C and 66D of the Information Technology Act to pursue the perpetrators and recover the stolen funds. This unfortunate ordeal serves as a stark reminder of the prevalence of online scams and the importance of exercising caution in the digital realm. To avoid falling victim to similar schemes, users must remain vigilant and skeptical of unsolicited messages or unfamiliar apps. 

Blind trust in unknown sources can lead to devastating consequences, as Bhosale's family discovered firsthand. Furthermore, it is essential to verify the authenticity of communications from purported official sources and refrain from sharing personal or financial information without thorough verification. 

In an era where online scams abound, skepticism and diligence are paramount. As the investigation unfolds, Bhosale's story serves as a cautionary tale for all internet users. By staying informed, exercising caution, and seeking assistance when in doubt, individuals can protect themselves from falling prey to online scams.
Read more »
scam tactics
Cyber Criminals Cyber Fraud Cyber Scam Cyber Threats CyberCrime Delhi cybercrime rise Delhi Police digital house arrest forged letterheads Fraud Online fraud police alert scam tactics

Delhi Police Alerts Citizens to New Cyber Scam

 

Authorities in Delhi are cautioning residents to remain vigilant against a recent surge in cyber fraud cases known as ‘digital house arrest,’ with over 200 incidents reported monthly in the capital.

Described as a serious threat by senior officials, this tactic employed by cybercriminals aims to coerce victims into parting with their money once ensnared in their schemes.

In this scheme, scammers posing as law enforcement officers deceive victims into believing their bank accounts, SIM cards, Aadhaar cards, or other linked documents have been compromised. The victims are then virtually confined to their homes and pressured into paying the scammers.

According to a senior officer from the Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi Police, cases involving amounts exceeding Rs 50 lakh are investigated by their specialized team.

In a recent case, a man preparing for work received a call from someone claiming to be from the Mumbai Crime Branch. The caller accused the victim of involvement in drug trafficking using his Aadhaar card and instructed him not to leave his house during a prolonged interrogation session. The victim, fearing repercussions, complied. Eventually, the scammers gained remote access to his computer, drained his bank account, and vanished.

These fraudsters often employ forged police letterheads and use translation tools to enhance their communication. They specifically target vulnerable individuals, such as the elderly. Victims are urged to immediately report such incidents to the police helpline for assistance.

According to the National Crime Records Bureau (NCRB), cybercrime cases in Delhi nearly doubled in 2022, with reported incidents increasing from 345 to 685. This marks a significant rise from the 166 cases reported in 2020.
Read more »
Paytm fraud
bank transaction fraud BSF Personnel Cyber Fraud Online Banking Online fraud online transactions Paytm Paytm fraud

Yoga Trainer Defrauded of Rs.94,998 in a Paytm Fraud


In a shocking incident of cyber fraud in Lucknow, India, a yoga trainer lost Rs. 94,998 from her bank account within five transactions that she made online. The victim claims to have been approached by the fraudsters impersonating a BSF personnel who requested to deposit the said amount to a Paytm account.

Sudha Swarnkar, a professional yoga teacher claims to have lost the whopping sum in only 20 minutes. After realizing she has been duped, the victim lodged a complaint to her local cybercrime unit of Lucknow police, with Ashiana police station.

Sudha’s father, Ghanshyam Swarnkar, who works at the information department condemned the police for their delay in investigation, emphasizing the fraudster managed to defraud the money in just 20 minutes with only five transactions, but the police is yet to take action on the matter even after one week since the incident.

Sharing details of the online fraud, Mr. Ghanshyam says that on July 15 his daughter was approached by the fraudster over the phone, claiming to be Pankaj Kumar Pandey, a Border Security Force (BSF) personnel. The ‘BSF personnel’ offered her a role in the two-month-long yoga camp that will be sponsored by BSF in the Lucknow Cantonment area.

After giving more details on the yoga camp to build the victim’s trust, the fraudster asked her to deposit the fees that must be paid as a ‘hiring request’ through the Paytm account linked to her bank account. He claimed that the scammer sent her a Paytm request asking her to complete a Rs 2 transaction and pay the associated fees.

He further noted that the Paytm account showed the username as ‘Bitoli Devi,’ and when it seemed the money was debited, the transaction failed. Following this, at the request of the fraudsters, the victim repeated the transaction process again and again. By the time she realized what was going on, an amount of Rs 94,998 was already debited from her account through the five transactions that she made.

According to Mr. Ghanshyam, the phone number of the fraudster is still active, with him making calls to the victim actively. However, the police did not react to the complaint while confirming that the investigation on the matter is ongoing.

Read more »
User Privacy
Canada Cyber Fraud Holiday Scam Internet Scam Online fraud Scammers User Privacy

Customers are Advised to Exercise Caution as Internet Frauds Approach Record Levels

 

Online shoppers are being advised to exercise additional caution as the holiday shopping season draws to a close and the pressure to find the ideal gift builds. 

Scams, according to the Canadian Anti-Fraud Centre, the local police, and the Better Business Bureau of Vancouver Island, are at an all-time high. 

Fraudsters are most active in times of crisis, such as the one we are currently experiencing, when consumers must simultaneously contend with rising interest rates, rising inflation, and the holiday shopping frenzy, according to Rosalind Scott, CEO of the BBB Vancouver Island. 

“People, when they’re desperate to get a little bit more money, are quicker to believe these scams because they want it to be true,” she stated. 

Scott claimed that despite only 5% of individuals actually reporting being conned, there is a tremendous amount of internet fraud. “But we do know literally millions and millions of dollars are lost every year,” he said. 

More than $380 million US were lost to online shopping scams in North America last year, according to the Better Business Bureau's Scam Tracker, marking a rise of 87% since the tracker's introduction in 2015. 

The tracker stated that almost 36% of all allegations of online retail fraud originated from a fake website and that 40% of reported frauds were started by con artists using social media and email. 

Experts’ advice 

The Canadian Anti-Fraud Centre noted that in a bulletin released just before Black Friday and Cyber Monday, the two busiest online shopping days of the year, fraudsters have flooded social media feeds with deals that seem too good to be true while "spoofing" websites and email addresses — creating addresses that look like they come from a trusted or legitimate source — to entice unsuspecting customers. 

“Unfortunately, fraudsters and cybercriminals use holiday promotions to continue to victimize people. The best way to protect yourself and those around you is by learning what fraud and cybercrime look like and report it,” stated Chris Lynam, the centre’s director general. 

This means that customers should be on the lookout for warning signs like prices that seem excessively low, complicated payment procedures, poorly designed websites, stores that omit vital information like return policies, privacy policies, and contact information, online stores that lack security features, or websites with misspelled URLs. 

Online fraud is probably underreported, according to Victoria police Const. Terri Healy, because it is hard to investigate and most consumers interact with their credit card providers and financial institutions directly.  

Healy advised customers to shop with reputable online merchants, constantly check their credit card and bank statements for any unusual or suspicious behaviour, and steer clear of offers that look "too good to be true. Education and knowledge are your finest lines of defence against fraud. Discuss it if someone has been a victim of fraud or a scam. Inform your family, friends, and coworkers."

Consumers should never store credit card information in a web browser and should only make online purchases on private Wi-Fi networks, not public ones, according to the Canadian Anti-Fraud Centre. Use cellular data or create a virtual private network if transactions must be done over open networks. Additionally, they encourage conducting research, reading reviews, and exercising common sense. 

According to the centre, frauds involving online purchases or sales of products or services cost Canada more than $21.1 million in damages in 2021. Over 47,000 victims nationwide have reported $420 million in fraud of all types over the first ten months of this year. 
Read more »
Scam
Cyber Fraud Data protection Data Theft Internet scammers Online fraud Scam

How Con Artists are Getting Conned? Here’s All You Need to Know

 

Scammers keep demonstrating how evil never sleeps. While their goals—to acquire peoples' financial and personal information—remain the same, their strategies frequently change to stay relevant. In fact, con artists have improved their methods and abilities to the point where some of them even con fellow con artists since their familiarity with the techniques makes it simpler to evade discovery and extort something from them. 

According to a recent Sophos study, cybercriminals are allegedly defrauding one another of millions of dollars and utilizing arbitration to settle disputes over the schemes. The findings also reveal how attackers carry out their schemes against one another using tried-and-true techniques, some of which are decades old, such as typosquatting, phishing, backdoored software, and false marketplaces. 

Let's go through each technique one at a time for those who are not familiar with how they operate: 

Typosquatting: An attack that targets users who inadvertently enter the incorrect website address into their browser's URL field. Internet users frequently have no notion that the websites they are viewing or buying from are phony. This identity theft could be used by dishonest website operators to trick users into disclosing their personal information. 

Phishing: An online scam in which victims are duped by receiving emails purporting to be from banks, mortgage lenders, or internet service providers. 

Backdoor malware: Malware that bypasses standard authentication procedures to access the system.  As a result, application resources are accessible remotely, giving attackers the ability to remotely update malware and run system commands. 

Fake marketplace: The website acts as a launchpad for scams like fraudulent goods, catfishing, and even hacking. 

Hackers and fraudsters are now more prevalent than only knowledgeable software developers and computer specialists. Today's technology is so user-friendly that "noobs" could be in charge of a fraud occurrence that costs companies and clients millions of dollars. 

The number of fraud incidents rose by more than doubling (178%) in Asia-Pacific alone in the first quarter of 2021 compared to the same time in 2020. The two most frequent occurrence categories are online banking fraud and account takeovers, with increases of 250 percent and 650 percent, respectively. 

Scammers getting the taste of their own medicine 

For this research, BreachForums, an English-language cybercrime forum and marketplace that focuses on data leaks, as well as Exploit and XSS, were examined by Sophos X-Ops experts. Russian-language cybercrime forums Exploit and XSS provide access-as-a-service (AaaS) listings. All three locations have dedicated arbitration rooms. 

Even while it occasionally causes chaos between "plaintiffs and defendants," the scamming of fraudsters is lucrative. Some alleged offenders simply disappear or call the complainants themselves "rippers." Sophos examined 600 scams over the course of a year, with claims ranging from US$ 2 to US$ 160,000, costing hackers more than US$ 2.5 million between them on just three sites. 

Not all scams are conducted merely for financial gain. Matt Wixey, a Senior Security Researcher at Sophos, claims that interpersonal conflicts and rivalries were common. They also found cases where con artists would defraud those who had defrauded them. 

“In one case, we found a trolling contest set up to get revenge on a scammer trying to trick users into paying US$ 250 to join a fake underground forum. The ‘winner’ of the contest received US$ 100,” Wixey stated. Additionally, Sophos discovered that the dispute resolution and arbitration procedures left a wealth of unused intelligence behind, which security professionals and law enforcement might use to better understand and stop cybercriminal tactics.
Read more »
User Secuirty
BFCM Cyber Fraud data security Online fraud Shopping Scam User Secuirty

Scammers are Targeting Black Friday and Cyber Monday Shoppers

 

As Black Friday and Cyber Monday (BFCM) approach, hackers are plotting new tricks to spoil the party of shoppers. 

Last year, US shoppers spent USD 10.90 billion on Cyber Monday and another USD 9.03 billion on Black Friday. At the same time, merchants also hope to cash in on any additional traffic that BFCM brings to their ecommerce sites. 

But, while more traffic often brings more opportunities, it also directs to increased rates of online fraud. According to the UK's National Cyber Security Centre (NCSC), victims of online shopping frauds lost an average of ($1,176) each during the holiday shopping period last year – and the figure is rising. 

Sophisticated Technique 

To understand the patterns of cyber fraud, threat analysts at Bitdefender Antispam Lab have examined the fraudulent activities associated with Black Friday and Cyber Monday. 

During their study of fraud patterns between October 26 and November 9, the analysts detected that rate of unverified Black Friday emails peaked on Nov 9, when reached 26% of all Black Friday-related mail. The fraudsters employed multiple email subjects in an attempt to lure the recipients into visiting the fake websites to receive huge discounts. 

The researchers also identified a widespread online campaign inviting recipients to claim gift cards from popular retailers like Home Depot. In this case, the malicious emails include links to bogus online survey pages that have nothing to do with the retailer’s gift card. 

Once the victims have completed the survey, they were directed to another page where they could choose the ‘prize.’ To receive the prize at their doorstep, recipients were requested to pay for the shipment by providing private and banking details. 

“We scored an iPhone 13, though. The displayed page uses the recipients’ IP address to display a localized version of the scam – in our case Romania. We need to pay 15 RON (roughly 3.06 USD) for shipping and enter our name and address,” one of the recipients of fraud mail stated. “After entering our shipping details, we were prompted to enter our payment information, including cc number and CVV code.” 

Prevention Tips 

  1. Always scan the sender’s email address and look for typos 
  2. Never interact with unsolicited giveaway correspondence 
  3. Always shop on verified websites you already know 
  4. Research properly before providing details to a new vendor 
  5. Avoid accessing links or attachments from unverified sources
Read more »
US
Cyber Security international law enforcement agencies Online fraud Portuguese US

Authorities Seize Online Marketplace for Stolen Credentials

In coordination with International Law enforcement authorities, Portuguese conducted an investigation and successfully seized the website selling login credentials and PII addresses of over 5.85 million people. 

The United States law enforcement agencies also reported that they have seized four domains of an online marketplace associated with the online shop, named ‘wt1store.cc’, ‘wt1shop.net’, wt1store.com’, and ‘wt1store.net’. 

A federal agency had charged Nicolai Colesnicov, 36, of the Republic of Moldova, with operating wt1shop to facilitate the selling of stolen credentials and PII. 

Following the incident, the U.S. Justice Department (DoJ) stated that the agencies seized approximately 25,000 scanned driver’s licenses/passports, 1.7 million login credentials for various online shops, 108,000 bank accounts, and 21,800 credit cards.

According to the documents, visitors of the illegal marketplace could purchase the stolen data using Bitcoin. Around 2.4 million credentials had been sold on wt1shop, for total proceeds of $4 million. Also, the online market had a forum that could be accessed by the customers. 

The data that was sold was for online retailers, PayPal accounts, financial institutions, and email accounts. Other credentials were for remote access to computers, servers, and other appliances Additionally,  a person visiting the website to buy stolen credentials can also purchase the credit card accounts of that victim. 

 U.S. Attorney Brit Featherston said that “This case exemplifies the need for all of us, right now, to take steps to protect our online identity, our personal data, and our monetary accounts. Cyber-criminals are lurking behind the glow of computer screens and are harming Americans. These investigations require dedicated professionals who work tirelessly to stop thieves that steal from unknowing innocent people. To those who dedicate their lives to stopping cyber-criminals, we thank you.”

Earlier this year, the Department of Justice along with other international authorities had announced that they had seized Slilpp, the largest site for stolen credentials on the Dark Web. The site had data of 80 million users from 1,400 service providers. 

Also, on March 16, 2022, a federal grand jury put Igor Dekhtyarchuk, a Russian citizen, on trial for running a cyber-criminal marketplace that stole and sold thousands of login credentials, authentication tools, and Personally Identifiable Information. 
Read more »
Online fraud
Chinese Threat Actors Cyber Security Digital Money Indian ED Agency Online fraud

Chinese Loan Apps Fraud: Indian Agency Raids Razorpay, Paytm, Cashfree

 

On Saturday, The Indian law Enforcement Directorate agency (ED) carry out raids at nine premises connected to online payment gateways including Paytm, Cashfree, and Razorpay in Bengaluru. Also, some of these companies are believed to be involved in illegal betting. 

The official said the raids were conducted in connection with a money laundering case — part of an ongoing investigation against some illegal loan apps allegedly run by Chinese Nationals. 

The ED reported that the law enforcement agency successfully seized Rs 17 crore kept in “merchant IDs and bank accounts of these Chinese persons-controlled entities” during the raids. 

In a statement, a Razorpay spokesperson said: “Some of our merchants were being investigated by law enforcement about a year-and-a-half back. As part of the ongoing investigation, the authorities requested additional information to help with the investigation. We have fully cooperated and shared KYC and other details. The authorities were satisfied by our due diligence process”. 

Furthermore, the agency added that after it started working on probes, many of these companies shut down their business and diverted funds through fintech companies to buy crypto assets so the money could be laundered abroad. 

In this connection, the Law enforcement agency searched various premises associated with crypto exchange WazirX and froze Rs 64 crore in its accounts. 

Cashfree said its processes adhere to PMLA directions. “We extended our diligent cooperation to the ED operations, providing them the required and necessary information on the same day of inquiry. Our operations and onboarding processes adhere to the PMLA and KYC directions, and we will continue to do so in the time to follow,” said a company spokesperson. 

Additionally, in August 2020, the agency successfully ran a raid and froze Rs 47 crore belonging to a Chinese company that was running illegal betting and loan apps in India. Also, the agency conducted searches at 15 premises in connection with the company across Delhi, Mumbai Gurgaon, and Pune. 

The Directorate of Enforcement (ED) agency is Indian law enforcement and economic intelligence agency which works for enforcing economic laws and conducting legal battles against economic frauds and crimes in India.
Read more »
Online fraud
american express Cyberattacks Data Breach Online data breach Online fraud

Phishing Scam Targeting American Express Customers

Armorblox security researchers discovered a brand new phishing campaign targeting American Express customers. Threat actors sent emails to lure American Express cardholders into opening an attachment and trying to get access to their confidential data and their accounts. Also, the hackers created a fake setup process for an “American Express Personal Safe Key” attack. 

The emails sent by hackers to customers urged them to create this account to protect their system from phishing attacks. Once you click the given link, it takes you to a fake page that asks for private data such as social security number, mother's maiden name, date of birth, email, and all American Express card details, including codes and expiration date. 

Additionally, the group of threat actors crafted the counterfeit webpage smartly to resemble the original American Express login page, including a logo, a link to download the American Express app, and navigational links. 

“The victims of this targeted email attack were prompted to open the attachment in order to view the secure message. Upon opening the attachment, victims were greeted with a message announcing additional verification requirements for the associated account. The urgency was instilled within the victims through the inclusion of the language, “This is your last chance to confirm it before we suspend it”, and a prompt for victims to complete a one-time verification process that was needed as part of a global update from the American Express team,” Armorblox security blog reads. 

Armorblox security researchers further added in their blog that, the hackers try to create a sense of urgency within the victim's mind that the sent email is essential and should be opened at once. Once the customer opens the link, the email appears as a legitimate email communication from American Express. 

“The language used within this attachment evoked a sense of trust in the victim, with the inclusion of the American Express logo in the top left and a signature that made the message seem to have come from the American Express Customer Service Team,” Armorblox security blog reads. 

Armorblox co-founder and CEO DJ Sampath said that financial institutions are often targeted with credential phishing scams. The main targets of this phishing scam are American Express charge card holders.
Read more »
ransomware attacks
Banking Trojans malware Online fraud Ransomware ransomware attacks

ProLock Ransomware Operators Join Hands with QakBot Trojan to Infect Victims' Networks


'Human-operated ransomware' has been on a rise with the emergence of ProLock in the month of March, the new ransomware came as a successor to 'PwndLocker', another variant of malware targeting all the major industries from finance, retail to healthcare and governmental organizations as well. Notably, in late April, the attack targeting the largest ATM provider in the United States, Diebold Nixdorf was the first major attack carried by ProLock where the attackers only compromised the company's corporate network while their ATMs and customer networks were left untouched, according to the media reports.

In order to acquire access to targets' networks, ProLock has joined hands with financial malware primarily targeting businesses, QakBot. Since its initial online fraud attacks, the banking trojan has constantly evolved to specialize in SOCKS proxy, anti-research capabilities and to effectively steal victims' online banking credentials. The malware has been upgraded so much so that one of its present variants can even incapacitate securing software functioning at the endpoints. Interestingly, the assistance of QakBot that distinguishes the malware from other ransomware operators further strengthens the operations of ProLock as it helps the malware with credential dumping and anti-detection techniques.

ProLock makes use of RDP and QakBot to set the attack into motion, it assists the threat actors in evading detection and with persistence. Researchers told QBot specializes in bypassing detection as it is programmed to check out for its latest version and replace its current version with the newest one. Meanwhile, in order to acquire persistence in the network, the attackers use authentic accounts for RDP. RDP allows the malware to move laterally across networks and accumulate data, which later is exfiltrated through a command-line tool. Side by side, the files are being encrypted by ProLock that adds a .proLock, .pr0Lock or .proL0ck extension to all the encrypted files and leaves a ransom note demanding a ransom in turn for their data. However, as of now, ProLock doesn't have a website to publish victims' stolen data in case they are denied ransom.

“ProLock uses many similar techniques as other ransomware operators to achieve their goals,” said Oleg Skulkin, senior digital forensics analyst at Group-IB in a recent analysis. “At the same time, however, the group does have its own unique approach. With more and more cybercrime groups showing interest in enterprise ransomware deployment campaigns, some operators may be involved in deploying different ransomware families, so we’ll likely see more overlaps in tactics, techniques, and procedures.”
Read more »
Technology
Gaming Online fraud Technology

Counter-Strike: Global Offensive (CS:GO) — Money Laundering Prompts Valve to Shut Down In-Game Key Sales


Counter-Strike: Global Offensive (CS: GO) was being targeted by criminals for money laundering, according to the US video game developer, Valve. In a statement, the makers told that the aim of the attackers is to "liquidate their gains".

Developed by Valve and Hidden Path Entertainment, CS: GO is a popular multiplayer, first-person shooter game in which two teams go against each other strategically completing given objectives such as diffusing bombs and rescuing hostages.

The game allows players to earn cosmetic upgrades for their guns and avatars in loot containers, normally these boxes can only be opened via a key that players have to buy from Valve. However, the makers observed that "worldwide fraud networks have recently shifted to using CS: GO keys to liquidate their gains. At this point, nearly all key purchases that end up being traded or sold on the marketplace are believed to be fraud-sourced." The fraudsters exploited the loot gathering systems in the game to trade keys which further allowed them to unlock rewards for real money.

As a security measure, the company has updated the game in a manner that shuts down the ability to transfer new loot box container keys among users in the game.

"CS: GO container keys purchased in-game can no longer leave the purchasing account. That is, they cannot be sold on the Steam Community Market or traded. Pre-existing CS: GO container keys are unaffected–those keys can still be sold on the Steam Community Market and traded," the blog read.

In the blog post, the company also expressed concern for the effect this would have on legitimate players but also emphasized the need to combat fraud which they have on priority.

While the total amount of money laundered through the Steam marketplace remains ambiguous, hundreds of thousands of loot containers along with keys have been traded by the criminals via the online marketplace. Notably, the boxes and keys were traded for a few dollars each.

In the past seven years of its existence, CS: GO amid gaining massive popularity has unfortunately also attracted a number of disputable scenarios including illegal gambling and hidden business interests for social media influencers.
Read more »
Spy
Online fraud South Korea Spy

1,600 Motel Guests Were Secretly Streamed Live






South Korea has arrested four men accused of online streaming of the “intimate private activities” of 1600 hotel rooms.

The men allegedly installed mini cameras in TVs, hair-dryer holders, and sockets, to record all the private activities which were sold on online platforms for up to $6,200.

If the allegations proved right, then they could face jail up to 10 years and a  30m won ($26,571; £20,175) fine.

The men created a website in November, where they allowed users to pay for full videos or watch 30-second clips for free. They reportedly posted 803 videos and earned money from 97 paying members before the website was taken down.

"The police agency strictly deals with criminals who post and share illegal videos as they severely harm human dignity," a spokesman for the Seoul Metropolitan Police Agency told the local newspaper the Korea Herald.

The recent incident has sparked a nationwide protest against the filming of sex and nudity as the number of such incidences have increased many folds.

"There was a similar case in the past where illegal cameras were (secretly installed) and were consistently and secretly watched, but this is the first time the police caught where videos were broadcast live on the internet," police said.

Read more »
SIM Swapping
Banking fraud Missed Call fraud Mobile scam Online fraud Phishing scam SIM Swapping

SIM SWAP Fraud: A Mumbai Businessman Gets Robbed Off Of 1.86 Crore Via Missed Calls






A terrifying banking fraud, the researchers are calling “SIM SWAP”, recently preyed upon a Mumbai based businessman.
Reportedly, Rs.1.86 crore were harvested from this man’s bank balance via 6 late night missed calls.




Numerous other such cases of “SIM-SWAPPING” have also come to light in the metro cities of Bengaluru, Delhi, Bombay and Kolkata and the police cyber-cells are working on them.


This baffling fraud is not just subjective to people with lack of cyber knowledge or lack of critical thinking, technologically active people could also easily get drowned in the scam.


This seemingly stupid and unbelievable method of scamming people is fairly obvious to other parts of the cyber-world.


Despite being quite fresh in India, it has already affected a lot of people around the country and has targeted a fair number of “not-so-aware” mobile phone users, leaving their bank accounts pretty light.


When users switch from their old generation SIM cards to the upgraded versions, meaning when they change their 3G cards to 4G they use a technology called, “SIM SWAP” to register the new SIM card.


This technology had also come into play when the older SIM cards got switched by nano cards.




SIM SWAP:- WHAT? AND HOW?
SIM SWAP is a technique of replacing the existing SIM card by a duplicate one.

It can only be done when the attacker knows the unique 20 digit SIM number embarked on the SIM card.

Either the SIM-con would persuade the user into telling them the number or would hack into it on their own.




WHAT HAPPENED TO THE VICTIM!
Reportedly, the scammers had gotten the access to the victim’s 20 digit card number and had set the SIM SWAP process on, in the night time.

The scam broadly takes place in 2 steps, the SIM SWAP being the second step of the scamming technique.


Already privy to the banking ID and passwords, all that’s left for the fraudulent cons to find is the OTP on the registered mobile number and behold, the transactions begin!


Possibly, the victim was previously victimised by a phishing attack and unawares, mentioned his real password and account ID into a fake website fabricated by the cons.


The businessman had received 6 missed calls between the hours of 11pm and 2 am. These calls were initiated from 2 separate numbers, one beginning from +44(UK’s code).


The calls weren’t attended to as his phone was on the silent mode. Almost all the money got withdrawn from around 14 bank accounts the man had across the country, except for the 20 lakhs he somehow managed to recover.



When a user SIM SWAPS or basically EXCHANGES SIM CARD, all they do is register their phone number with their new SIM card.


This way the phone number is harvested and once that’s done the OTPs could be easily received, opening avenues of online shopping and ludicrous transactions in the owner’s name.


SIM SWAP could also affect people who communicate about their passwords or IDs via cell phones.


The technique depends upon who is a part of the communication. In actual and legitimate SIM exchanges, the users are connected to the servers of service providing organizations like Vodafone or Airtel.


These operators have ‘specifically designed official USSD codes’ for the SIM Swap process.


But when the swapping is not done by the user, the 20 digit SIM card number might fall into wrong hands.


If the wrongly swapped SIM card falls into the hands of the scammer, the victim would fall into immense danger.




HOW THE SCAM GOES ABOUT

The user would get call from the scammer, pretending to be from Idea or Jio. The caller would then, engage the user by saying that the call is for improving the call experience.


Once, set and familiar, the caller would guide the user’s way to SIM exchange, all the way wanting to extract the 20 digit SIM code.


The caller would try all means possible and would trick the user with any trickery possible to haul those 20 digits out.


After having persuaded the user about the 20 digits, the caller would ask them to press 1 or confirm the SIM swap.


The fraudster would then actually initiate the SWAP, having extracted the 20 digit SIM code, they were after.



Meaning, if supposedly the user has an Airtel SIM, the fraudster will too use an Airtel SIM to officially go through with the SIM swap.


Airtel would then send a confirmation text to the user’s cell number. Airtel would be sure that the SIM swap has actually happened and the attacker would have the cell number.


The actual user’s mobile will be left with no signals at all, whereas the fraudster will have full signals on the SIM and complete control over the cell number.


The fraudster would then incessantly call to make the user switch off the phone, in order to get a window to complete the fraud. Once that’s done, the user wouldn’t have any idea about it.



 
Aadhar number could also be an important credential that you would never want to share over the phone.

Also, always keep a close check on your bank account, and if any weird activity is speculated, immediately contact the bank and put a stop to the questionable transaction.

Read more »
Subscribe to: Posts (Atom)