Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Cyber Scam. Show all posts
Pop-ups
Call Center Call Center Scam CBI Cyber Fraud Cyber Scam Fake Calls Fake IT Support Financial Fraud Japan Pop-ups

CBI Uncovers Tech Support Scam Targeting Japanese Nationals in Multi-State Operation

 

The Central Bureau of Investigation (CBI) has uncovered a major international scam targeting Japanese citizens through fake tech support schemes. As part of its nationwide anti-cybercrime initiative, Operation Chakra V, the CBI arrested six individuals and shut down two fraudulent call centres operating across Delhi, Haryana, and Uttar Pradesh. 

According to officials, the suspects posed as representatives from Microsoft and Apple to deceive victims into believing their electronic devices were compromised. These cybercriminals manipulated their targets—mainly Japanese nationals—into transferring over ₹1.2 crore (approximately 20.3 million Japanese Yen) under the pretense of resolving non-existent technical issues. 

The investigation, carried out in collaboration with Japan’s National Police Agency and Microsoft, played a key role in tracing the culprits and dismantling their infrastructure. The CBI emphasized that international cooperation was vital in identifying the criminal network and its operations. 

Among those arrested were Ashu Singh from Delhi, Kapil Ghakhar from Panipat, Rohit Maurya from Ayodhya, and three Varanasi residents—Shubham Jaiswal, Vivek Raj, and Adarsh Kumar. These individuals operated two fake customer support centres that mirrored legitimate ones in appearance but were in fact used to run scams. 

The fraud typically began when victims received pop-up messages on their computers claiming a security threat. They were prompted to call a number, which connected them to scammers based in India pretending to be technical support staff. Once in contact, the scammers gained remote access to the victims’ systems, stole sensitive information, and urged them to make payments through bank transfers or by purchasing gift cards. In one severe case, a resident of Hyogo Prefecture lost over JPY 20 million after the attackers converted stolen funds into cryptocurrency. 

Language discrepancies during calls, such as awkward Japanese and audible Hindi in the background, helped authorities trace the origin of the calls. Investigators identified Manmeet Singh Basra of RK Puram and Jiten Harchand of Chhatarpur Enclave as key figures responsible for managing lead generation, financial transfers, and the technical setup behind the fraud. Harchand has reportedly operated numerous Skype accounts used in the scam. 

Between July and December 2024, the operation used 94 malicious Japanese-language URLs, traced to Indian IP addresses, to lure victims with fake alerts. The scheme relied heavily on social engineering tactics and tech deception, making it a highly sophisticated cyber fraud campaign with international implications.
Read more »
User Privacy
Cyber Scam Malicious Campaign malware Tria Stealer User Privacy

Fake Wedding Invitation Malware Targets Android Users

 

Malicious actors are propagating a recently discovered Android malware called Tria by sending phoney wedding invitations to consumers in Brunei and Malaysia. 

According to a report published by the Russian cybersecurity firm Kaspersky, the attackers have been using private and group chats on Telegram and WhatsApp since mid-2024 to distribute the malware, inviting users to weddings and prompting them to install a mobile app in order to get the invitation.

Once the malware is installed, it can collect private information from call logs, emails (including Gmail and Outlook), SMS messages, and messaging apps (such as WhatsApp and WhatsApp Business). 

Researchers caution that accounts that depend on email and messaging app authentication could be compromised, passwords can be reset, or online banking can be accessed using the stolen data. 

The attackers' main objective seems to be taking complete control of the victims' Telegram and WhatsApp accounts so they can make phoney money requests to connections or propagate malware. To process stolen data, the hackers employ two Telegram bots: one for managing SMS data and another for gathering text from emails and instant messaging apps. 

According to Kaspersky, posts on social media sites like Facebook and X suggest that the campaign has reached a number of Android users in Malaysia, while the precise number of victims is still unknown.

The researchers have not identified a specific organisation responsible for the attack, but evidence implies that the hackers are Indonesian-speaking. 

In 2023, Kaspersky discovered a similar effort known as UdangaSteal, in which hackers stole text messages from users in Indonesia, Malaysia, and India and transmitted the data to their servers using a Telegram bot. The attackers utilised a variety of deceptive approaches to trick users into installing malicious files, such as bogus wedding invites, package delivery notifications, annual tax payment reminders, and job offers. 

Despite their similarities, experts identify major differences between the two attacks, such as distinct malware code, geographic targets, and attack techniques. While UdangaSteal has always focused on SMS theft, experts say Tria has a larger reach, attacking emails and chat apps as well as SMS conversations.
Read more »
Fraud Calls
Bengaluru call scams Cyber Fraud Cyber Scam Financial Fraud Financial Scam Fraud Calls

Bengaluru Woman Loses ₹2 Lakh to Sophisticated IVR-Based Cyber Scam

 

Cyber fraud continues to evolve, with scammers using increasingly sophisticated techniques to deceive victims. In a recent case from Bengaluru, a woman lost ₹2 lakh after receiving a fraudulent automated call that mimicked her bank’s Interactive Voice Response (IVR) system. The incident underscores the growing risk of technology-driven scams that exploit human vulnerability in moments of urgency. 

The fraud occurred on January 20 when the woman received a call from a number that closely resembled that of a nationalized bank. The caller ID displayed “SBI,” making it appear as though the call was from her actual bank. The pre-recorded message on the IVR system informed her that ₹2 lakh was being transferred from her account and asked her to confirm or dispute the transaction by pressing a designated key. Startled by the alert, she followed the instructions and selected the option to deny the transfer, believing it would stop the transaction. 

However, moments after the call ended, she received a notification that ₹2 lakh had been debited from her account. Realizing she had been scammed, she rushed to her bank for assistance. The bank officials advised her to report the fraud immediately to the cybercrime helpline at 1930 and file a police complaint. Authorities registered a case under the Information Technology Act and IPC Section 318 for cheating. 

Cybercrime investigators believe this scam is more sophisticated than traditional IVR fraud. Typically, such scams involve tricking victims into providing sensitive banking details like PINs or OTPs. However, in this case, the woman did not explicitly share any credentials, making it unclear how the fraudsters managed to access her funds. 

A senior police officer suggested two possible explanations. First, the victim may have unknowingly provided critical information that enabled the scammers to complete the transaction. Second, cybercriminals may have developed a new technique capable of bypassing standard banking security measures. Investigators are now exploring whether this scam represents an emerging threat involving advanced IVR manipulation. This case serves as a stark reminder of the need for heightened awareness about cyber fraud. 

Experts warn the public to be wary of automated calls requesting banking actions, even if they appear legitimate. Banks generally do not ask customers to confirm transactions via phone calls. Customers are advised to verify any suspicious activity directly through their bank’s official app, website, or customer service helpline. 

If someone encounters a suspected scam, immediate action is crucial. Victims should contact their bank, report the fraud to cybercrime authorities, and avoid responding to similar calls in the future. By staying informed and cautious, individuals can better protect themselves from falling prey to such evolving cyber threats.
Read more »
User Security
Cyber Scam Home Ministry Social Media Cyber Crime User Security

WhatsApp Emerges as the Most Exploited Platform in Cyber Frauds

 

WhatsApp, Instagram, and Telegram have once again become the favorite tools for hackers, as per a report released by India's Home Ministry (MHA). 

According to the report, WhatsApp is still the most commonly utilized medium for cybercrime. Several examples of digital fraud were reported this year, with cybercriminals exploiting WhatsApp video calls to dupe people out of millions of rupees. 

In the first quarter of 2024, 43,797 cybercrime complaints were received, with 22,680 attributed to WhatsApp, making it the most widely used platform for fraudulent activity. Telegram ranked second with 19,800 complaints. According to the MHA's Annual Report 2023-24, scammers rely extensively on Google services, particularly Google Ads, to carry out targeted scams, which expands the reach and impact of these frauds. 

Additionally, Investment frauds continue to dominate, targeting individuals across the globe. Other common cybercrimes include money laundering frauds and digital fraud. Online criminals have also used Facebook ads in a systematic method to deliver fake landing apps to users' devices, worsening the situation.

I4C, the cybersecurity division of the Home Ministry, is working diligently to combat the rising tide of cybercrimes. Recently, the authorities blocked thousands of WhatsApp accounts. Cybercriminals exploited these accounts to carry out digital frauds against Indian individuals, and they were linked to international numbers. 

WhatsApp is the world's most popular instant messaging platform, with more than 2.95 billion active users. Its popularity is unparalleled in India, with millions of daily active users. Its large user base makes it an appealing target for cybercriminals.While WhatsApp is a popular method of communication, users must be attentive and implement strong digital security measures to safeguard themselves from potential scams.
Read more »
User Security
Cyber Scam Data Privacy Financial Fraud Mobile Security Phone Scam User Security

Here's How to Safeguard Yourself Against Phone Scams

 

Sophisticated phone scams are becoming more common and more relentless. The numbers are mind-boggling. According to the FTC, impostor fraudsters cost US consumers $2.7 billion in 2023, and the figure is rising year after year. 

These are merely the listed losses; many people who have been duped are embarrassed and refuse to acknowledge they fell for such a scam. You may believe that you will not be misled, yet many of those who are duped thought this before the incident. 

Scammers have refined their strategies to sound trustworthy and legitimate, and AI is just making matters worse. When combined with the strain or situation, it only takes a few moments to fall for it. 

The best defence against phone scams is to be prepared to face them, as they are likely to occur at some point. We've compiled a list of some of the most popular phone scams in 2024 and how to prevent them.

AI-powered scams

The most obvious example of fraudsters exploiting new technology to power existing scams is artificial intelligence (AI). For instance, scammers might use AI to: 

  • Generate more convincing and genuine sounding phishing emails and text messages. 
  • Create deepfakes of celebrities to lure victims into thinking they're investing in a good company or project.
  • Impersonate an employer and ask for private information. 

Student loan forgiveness scams 

The back-and-forth adjustments in student loan forgiveness create an ideal scenario for scammers. Fraudsters know that individuals want to believe that their student loans will be forgiven, and they will use this need for personal benefit.

For example, scammers may call you or set up fake application sites to steal your Social Security number or bank account information. They may put pressure on their victims by sending bogus urgent messages encouraging them to seek debt relief "before it's too late." Then they will charge you a high application fee. In reality, this is a scam.

Zelle scams

Scammers are using Zelle, a peer-to-peer payment tool, to steal people's money. The fraudster might email, text, or contact you, claiming to work for your bank or credit union's fraud department. They'll claim that a thief intended to steal your money via Zelle and that they need to walk you through "fixing" the issue. 

Subsequently, fraudsters may advise you to pay the money to yourself, but the funds will actually go to their account. Starting in mid-2023, Zelle began refunding victims of some frauds. However, you may not always be eligible for reimbursement, so be aware of these financial frauds. 

Prevention tips 

Avoid clicking on unknown links: Whether the link arrives in your email, a text or a direct message, never click on it unless you're certain the sender has good intentions. If the message says it's from a company or government agency, call the firm using a number that you look up on your own to confirm its legitimacy. 

Be skeptical: Scammers can spoof calls and emails to appear to be from a number of sources, including government institutions, charities, banks, and major companies. Do not provide any personal information, usernames, passwords, or one-time codes that others could use to gain access to your accounts or steal your identity. 

Don't refund or forward overpayments: Beware whenever a company or person asks you to refund or forward part of a payment. Often, the original payment will be fraudulent and taken back later. Following simple safety precautions and reviewing the most recent scam alerts might help you stay safe. However, mistakes might occur, especially when you are stressed or overwhelmed.
Read more »
Threat Landscape
Cyber Crime Report Cyber Fraud Cyber Scam South Asia Threat Landscape

Rise of Cybercrime in India: Reasons, Impacts & Safety Measures

 

The reel is frequently influenced by the real. Jamtara, an OTT series, was inspired by cyber fraud activities carried out in a remote part of Jharkhand. However, the script appears to need some tuning in the future. This is because cybercrime hotspots in India, such as Jamtara and Mewat, have spread outside the country's borders. 

According to a recent study conducted by the Indian Cyber Crime Coordination Centre, a part of the Union Home Ministry, approximately 45% of cybercrime cases targeting Indians originate in other South Asian nations, primarily Myanmar, Cambodia, and Laos. This is not to imply that the threat is minimal in India. 

The number of complaints about grey activities such as trading scams, phishing, and fake romance has risen dramatically, from 26,049 in 2019 to 7.4 lakh by April 2024. This year, the national cybercrime reporting system received over six lakh complaints, totaling almost Rs 1,800 crore in fraudulent money. 

Based on a study undertaken by an IIT Kanpur-incubated non-profit, financial fraud accounts for approximately 77% of cybercrimes between 2020 and 2023. There are additional risks: identity and data theft caused by cyber fraud can have long-term consequences such as a permanent debt footprint, as well as legal and security issues. Notably, the cybercrime network based in these South Asian nations has been deceiving Indians by using Indian SIM cards and fraudulent recruitment possibilities via messaging apps.

For example, the Indian embassy in Cambodia sponsored the extradition of 360 Indians. However, 5,000 citizens are accused of being trapped there and forced to commit cybercrime against their fellow Indians. Last year, India was the 80th most targeted country for cybercrime. New Delhi must use diplomatic channels to interact its concerns to these countries.

India has the second largest population of active internet users. However, the vast majority of them are unaware of internet fraud, making them easy targets for scammers. Other rising threats include privacy violations and sextortion. The expanding digital ecosystem needs a thorough understanding and mitigation of cyber threats. 

To prevent such mischief, legal loopholes must be fixed. However, there should be a balance between cybercrime prevention and overregulation so that access to the internet is not hampered while also protecting the privacy of users. Treading this fine line under an authoritarian rule can be difficult.
Read more »
User Privacy
Action Fraud Cyber Fraud Cyber Scam Cyber Scammers UK User Privacy

Scammers Targeting WhatsApp Groups in UK

 

When businessman Mohammed Yousaf received an urgent plea for assistance from one of his oldest friends, he rushed to the rescue.

The 56-year-old received a WhatsApp message from the account of a man he had been friends with for 50 years. It began with the greeting 'Salaam', followed by the message: "Please, I need a little assistance from you..." 

Mohammed was concerned about his friend and inquired how he could help. He was told that his friend was attempting to send £800 to an account, but it did not function, and he was asked if he could make the payment instead, with his friend reimbursing him the next day. What transpired was a fraud that terrified Mr. Yousaf and cost him £800. Unfortunately, he's not alone. 

Last month, men in East Lancashire were warned of blackmail fraud after scammers posing as Eastern European gang members sent threatening requests for payment. Police said men in Accrington and Blackburn were pushed into giving over substantial sums of cash after getting disturbing messages and video calls of someone carrying a pistol. 

Action Fraud, the UK's national reporting centre for fraud and cybercrime, reports that fraudsters are now targeting group chat participants in order to exploit WhatsApp users. The fraud often begins when a member of the group receives a WhatsApp audio call from the fraudster, who pretends or claims to be another member of the group. 

This is done to earn the individual's trust, and the scammer will frequently use a phoney profile image and/or display name, giving the impression that it is a genuine member of the group. 

The fraudster will inform the victim that they are providing them a one-time passcode that will allow them to participate in an upcoming video call for group members. The perpetrator then asks the victim to reveal the passcode so that they can be "registered" for the video conference.

In reality, the attacker is asking for a registration number to migrate the victim's WhatsApp account to a new device, allowing them to take over the account. 

Once the fraudster has gained access to the victim's WhatsApp account, they will activate two-step verification, making it impossible for the victim to regain access to their account. Other members of the group, or friends and family in the victim's contacts, will then be messaged, urging them to wire money immediately because they are in urgent need of assistance. 

According to Detective Superintendent Gary Miles, head of the City of London Police's National Fraud Intelligence Bureau, WhatsApp remains a key channel of communication for several people in the UK, but fraudsters continue to figure out ways to gain access to these platforms.
Read more »
scam tactics
Cyber Criminals Cyber Fraud Cyber Scam Cyber Threats CyberCrime Delhi cybercrime rise Delhi Police digital house arrest forged letterheads Fraud Online fraud police alert scam tactics

Delhi Police Alerts Citizens to New Cyber Scam

 

Authorities in Delhi are cautioning residents to remain vigilant against a recent surge in cyber fraud cases known as ‘digital house arrest,’ with over 200 incidents reported monthly in the capital.

Described as a serious threat by senior officials, this tactic employed by cybercriminals aims to coerce victims into parting with their money once ensnared in their schemes.

In this scheme, scammers posing as law enforcement officers deceive victims into believing their bank accounts, SIM cards, Aadhaar cards, or other linked documents have been compromised. The victims are then virtually confined to their homes and pressured into paying the scammers.

According to a senior officer from the Intelligence Fusion and Strategic Operations (IFSO) unit of the Delhi Police, cases involving amounts exceeding Rs 50 lakh are investigated by their specialized team.

In a recent case, a man preparing for work received a call from someone claiming to be from the Mumbai Crime Branch. The caller accused the victim of involvement in drug trafficking using his Aadhaar card and instructed him not to leave his house during a prolonged interrogation session. The victim, fearing repercussions, complied. Eventually, the scammers gained remote access to his computer, drained his bank account, and vanished.

These fraudsters often employ forged police letterheads and use translation tools to enhance their communication. They specifically target vulnerable individuals, such as the elderly. Victims are urged to immediately report such incidents to the police helpline for assistance.

According to the National Crime Records Bureau (NCRB), cybercrime cases in Delhi nearly doubled in 2022, with reported incidents increasing from 345 to 685. This marks a significant rise from the 166 cases reported in 2020.
Read more »
Subscribe to: Posts (Atom)