According to Narveer Rathore, DSP, State Cyber Crime, said, over 700 online financial frauds, big and small, were reported in 2019. (Express photo)
When advocate Chander Shekhar Sharma got a call from a man seeking his services, he had no reason to suspect otherwise. The caller wanted Sharma to represent his relatives in Himachal Pradesh High Court in a criminal case. He even offered to pay the lawyer part of the fee in advance and asked for his bank details to deposit the payment.
“Sharma shared not just his account details but also an OTP received on his phone. He then received a message that Rs 1.50 lakh had been withdrawn from his UCO bank account,” recalled a police officer. The lawyer promptly alerted the police, and state cybercrime officials asked the payment gateway operator and the merchant bank to freeze the money before it could land in the fraudster’s electronic wallet.
But all victims of cyber fraud are not as lucky as Sharma. In a bank fraud case in Mandi last year, the victim’s money was transferred to around 25 e-wallets registered in various parts of the country.
Police officers say instances of e-wallets being used to commit cyber fraud are on the rise. Most e-wallets can be opened using a one-time password delivered via SMS, and inadequate authentication has made it harder for police to identify criminals.
According to Narveer Rathore, DSP, State Cyber Crime, the use of e-wallets in crimes has shot up over the last year or so. Over 700 online financial frauds, big and small, were reported in 2019, out of which nearly half the cases involved the use of e-wallets, he said.
“Bank accounts rely on authentication through KYC documents, but e-wallets are being opened using SIM cards obtained under fictitious names. Some teleservice providers are pushing the sales of their SIM cards due to which it becomes easier to get SIMs activated via fake identification. Recently in Jabalpur, the police recovered thousands of such SIMs which were to be sold to fraudsters,” he said.
This makes tracing such fraudsters difficult, but not impossible. The police are now relying on other sources, such as the mobile IP address, to trace the location of account holders. The use of virtual private networks (VPNs) in the transactions further complicates the investigation, as many VPN providers are located outside the country. “Some VPN providers are based in countries with hostile governments. For instance, several VPN providers have been traced to Pakistan with which we have no communication channels. There are also other countries with which we do not have established ties or treaties,” said an official.
Officials said that so many e-wallets, payment gateways and processors have sprung up in the last 1-2 years that sometimes even IT personnel in banks take a long time to decipher the mode and channel of the transaction, due to which crucial time is lost during an investigation. “In one recent fraud case, the local branch of the bank is clueless about the nature of the transaction and they have forwarded our request to their head office in Mumbai. We’re still waiting to hear from them,” said an official.
Rathore said that the police are tackling these new challenges systematically. “Following directions from MHA, DGP SR Mardi is preparing a proposal for setting up a cyber coordination centre in the state, which will have hi-tech forensic tools, devices and other infrastructure to deal with the ever-evolving techniques used by organised cybercriminals,” he said, adding that skill enhancement of cyber police personnel is also on the cards.
However, he added, there is no substitute to a smart public. “The analysis of all cybercrimes in the state shows that in around 90 per cent cases, it is some negligence on the part of the victims which leads to these frauds. Whether it’s social media or financial transactions, remaining vigilant while using the internet, phone or an ATM is the key weapon against online financial fraud,” he said.