(844) 627-8267
(844) 627-8267

How criminals based in southeast Asia are trapping Indians online | Explained News | #cybercrime | #infosec

A large number of Indians are falling prey to financial fraud carried out over the Internet, allegedly by criminals based in three contiguous southeast Asian countries: Myanmar, Laos, and Cambodia.

In its analysis of trends seen from January to April, the Indian Cybercrime Coordination Centre (I4C) found that 46% of such frauds reported in this period — in which the victims cumulatively lost an estimated Rs 1,776 crore — originated in these three countries.

The I4C works under the Union Home Ministry “to create an effective framework and ecosystem for the prevention, detection, investigation, and prosecution of cybercrime in the country”.

National Cybercrime Reporting Portal (NCRP) data show 7.4 lakh complaints were made between January 1 and April 30 this year, while 15.56 lakh complaints were received in all of 2023.

A total 9.66 lakh, 4.52 lakh, 2.57 lakh, and 26,049 complaints were received in 2022, 2021, 2020, and 2019 respectively.

Types of cybercrime

Festive offer

The I4C has identified four broad categories of fraud originating from these three countries, following certain modus operandi.

short article insert
TRADING SCAM: The alleged fraudsters issued ads on social media offering free trading tips, often using pictures of well known stock market experts and fake news articles. The victims were asked to join a WhatsApp group or Telegram channel, where they would receive “tips” on making money by investing in shares.

After a few days, the victims would be asked to install some specific trading applications and register themselves in order to receive further guidance on making “huge” profits. The victims would start “investing” on the apps, following recommendations made by the cybercriminals. None of these apps would be registered with the stock market regulator Securities and Exchange Board of India (SEBI), but the victims typically neglected to check this.

The victims deposited money in particular bank accounts to “buy shares”, and were shown some fake profits in their digital wallets. But when they tried to withdraw this “money”, they were shown a message that they could do so only after they had accumulated a certain amount, say Rs 30-50 lakh, in their wallet. This meant the victim had to keep “investing” and, sometimes, had to also pay “taxes” on the “profits” they were purportedly earning.

“After analysing data from the first four months of this year, we found that Indians lost Rs 1420.48 crore in the trading scam,” I4C CEO Rajesh Kumar said.

DIGITAL ARREST: Potential victims would get a call in which the caller would tell them that the victims had sent or were the intended recipients of a parcel containing illegal goods, drugs, fake passports, or other contraband.

In some cases, relatives or friends of the target would be told that the target had been found to be involved in a crime.

Once they had the target — who would be chosen carefully — in their net, the criminals would contact them over Skype or another video calling platform. They would pose as law enforcement officials, often wearing uniforms and calling from places resembling police stations or government offices, and demand money for a “compromise” and “closure of the case”.

In certain cases, the victims were “digitally arrested”, which meant they were forced to stay visible to the criminals until their demands had been met. Indians lost a total Rs 120.30 crore in this type of scam in the January-April period, Kumar said.

INVESTMENT SCAM (TASK-BASED): Victims typically received a WhatsApp message from an overseas number, purportedly belonging to a representative of a company, with an offer to earn a large sum of money, say, Rs 30,000, while working from home.

Those who responded were told they would have to help boost the social media ratings of some entities by giving them a five-star rating. After the “task” was completed, victims received a “code”, which they were asked to share with their “admin” on Telegram.

The “admin” would ask the victims where they wanted to receive their money and, after a few five-star rating “tasks” on YouTube or Google reviews etc. were completed, would deposit a small sum, perhaps Rs 500.

At this point, the victim would be asked to participate in a “pre-paid” or “merchant” task, in which a higher return would be promised after a certain amount — which could be between Rs 1,500 and Rs 1 lakh — had been deposited. Victims who refused were blocked, but those who chose to participate were told the money and profit would come to them in a day.

However, the following day, the victims would be told that their “performance score” was not good enough, and they needed to improve it by participating in new tasks so they could get their money. Indian victims lost a total Rs 222.58 crore in this “investment scam (task based)”, Kumar said.

ROMANCE/DATING SCAM: This was a somewhat more conventional trap, though laid online. The victims, who were male, were lured by people they thought were foreign women. These “women” would propose relationships or marriage, and then make plans to come and meet in person. However, the victim would typically get a call from the “woman” that she had been detained at the airport, and needed money to get out.

On its website, the US FBI, which has dealt with such cases, says romance scamsters are experts at appearing genuine, caring, and believable. These con artists lurk on most dating and social media sites, and seek to quickly gain the victim’s trust.

Kumar said Indian victims lost a cumulative Rs 13.23 crore in romance/dating scams in the first four months of this year.

Why Southeast Asia

I4C zeroed in on Myanmar, Laos, and Cambodia after analysing data on its National Cybercrime Reporting Portal (NCRP), inputs received from states and Union Territories, and some open-source information.

“The cybercrime operations based in these countries employ a comprehensive array of deceptive strategies, including recruitment efforts by exploiting social media to lure Indians with fake employment opportunities,” Kumar said.
The I4C has found that many web applications used in the crime had Mandarin characters. “We cannot rule out some kind of Chinese connection,” Kumar said.

Source link


Click Here For The Original Source.


National Cyber Security