If you have a BCA, HSBC, Bank Danamon, Citibank, OCBC NISP, Panin, BII, Bank Standard Chartered or CIMB Niaga bank account, you’d best check your account activity for anything unusual.
The Jakarta Police recently announced they had busted a criminal enterprise in which scammers bought data from a hacker who had acquired ATM card information and PIN numbers for customers of the nine above banks. The scammers then used that data to create fake but usable ATM cards.
The police are still looking for the hacker or hackers that got the data, although authorities suspect the computer criminals were operating outside of Indonesia. The customer data was sold through several shady websites includingwww.kanxxxx.com, www.valxxxxxx.sul and www.tonyxxxxxxx.cc.
However police were able to arrest some of the scammers using the stolen data in Jakarta. Authorities said one of the suspects arrested in the case, a 32-year-old identified as W, was caught despite the precautions he took while using the fake ATM cards.
“W withdrew money from several ATMS while using a wig and false mustache to obscure his identity,” said Police Assistant Commissioner Didik Sugiarto on Sunday, as quoted by Tempo.
In addition to the disguise, W also used forged documents to exchange his stolen funds for foreign currencies (which we have to admit is pretty smart given what’s going on with the rupiah right now)
According to Didik, W was not the brains behind the bank account burglaries. Police say that was in fact a 41-year-old man named E who managed to mastermind the scheme from his cell inside Cipinang Penitentiary.
Didik said E purchased the ATM card info and PIN numbers from the three websites. “He bought them using bitcoins, priced at around US $ 300 to US $ 700,” Didik said, adding that E was able to orchestrate the purchases from prison through his mobile phone.
With W’s help, E was able to steal 100 of millions of rupiah from various bank accounts. Police said the largest withdrawal was one for Rp 306 million.
Police are currently continuing their investigation to find all of E’s accomplices as well as the hackers who sold them the data.