New Delhi: “Dear user… your KYC expired today. Please call 9********* to update immediately. Visit this link to update your KYC. Your number will be blocked.” It begins with this message, containing a link that leads to a set of phishing pages and applications — and soon, you’ll find your money siphoned off.
The Delhi Police’s Intelligence Fusion and Strategic Operations (IFSO) unit has busted a pan-India gang that allegedly looted money from more than 8000 victims across India. The police have arrested 23 people so far.
The gang allegedly operated by procuring people’s net-banking credentials on the pretext of updating their know your customer (KYC) details with the State Bank of India (SBI), using an imitation of SBI’s Yono app, launched in 2017.
Once you fill in your details on the phishing application, the fraudsters can access all the information, along with one-time passwords (OTP). They can then transfer funds from the victim’s account to another set of bank accounts, and distribute the money among themselves.
Sources said that they suspect the total amount lost is over Rs 20 crore. “An average victim was looted of around Rs 25,000. Some of the victims lost over a lakh as well,” a senior Delhi Police officer said.
“After technical analysis of the links sent by the victims, hosting of the links, mobile call analysis, the financial trail was carried out. It was revealed that they are operating in a very organised manner from various places scattered all over India,” said K.P.S. Malhotra, deputy commissioner of police (DCP), IFSO.
“Their hideouts in Surat, Kolkata, Girdih, Jamtara, Dhanbad and Delhi NCR were identified. On 25 March, coordinated raids were conducted in these locations after reconnaissance,” the DCP said.
“This was done after we noticed during technical analysis that the mobile phones and other digital footprints of the accused went off the radar at the same time, so if one of the accused was apprehended, the rest would have gone untraceable,” he added.
Fifty-eight mobile phones, 12 laptops, 20 debit cards and 202 SIM cards were recovered from those arrested. The devices are now being forensically examined, and so far, 820 pre-existing complaints have been linked with those arrested, police said.
The 23 people arrested are: Pawan Mandal, Tinku Kumar Mandal, Chotu Kumar Mandal, Sandeep Mandal, Ramjeet Mandal, Birender Mandal, Sushil Kumar Mandal, Ravi Kumar Mandal, Sanjeet Kumar, Raj Kishor Mandal, Vikas Kumar Mandal, Mahender Mandal, Shankar Kumar Mandal, Pappu Kumar Mandal, Kuldeep Mandal, Pramod Kumar, Binod Kumar, Neeraj Sharma, Tinku Kumar Mandal, Umesh Kumar Mandal, Rajender Mandal and Sanjay Kumar Mandal.
According to the police, the gang hosted phishing pages on various platforms such as ngrok — used to expose a locally running application to the internet — and targeted people by sending text messages in bulk that led to the fake ‘Yono’ app.
Once the account holder filled in their credentials, the accused would then log in to the person’s account and siphon large sums of money into other bank accounts created by them. The money would then be withdrawn from different locations immediately.
“Upon receipt of various complaints, SBI management was contacted and a joint investigation was done. After data was obtained, the investigating team started a detailed enquiry and an FIR was lodged with the Special Cell,” Malhotra said.
More than 100 such complaints were found, 51 of them from Delhi.
According to the police, the gang operated in six modules — one to create and host the phishing links, another to acquire fake SIM cards, which the third module would use to send the links and make calls to the targets, asking them to insert their OTP in the scam app.
The fourth would then simultaneously log in to the target’s internet banking account and transfer money to fake bank accounts. The fifth module was responsible for arranging those fake accounts and the sixth withdrew the money.
(Edited by Rohan Manoj)