New Delhi: You open your computer, a GIF pops up following a message that your operating system is under virus attack and needs immediate attention as your data is vulnerable. For assistance you have to call on the given number. The targets here are the elderly. Once you seek assistance, they gain access to the computer through Anydesk, LogMeIn, lure you to make payment to fix the system and take all your data. You are asked to make payments through paychecks or Paypal. The money and those on the other side of the call vanish.
This is just one of the ways how fraudsters sitting behind computers operating remotely in tiny office hideouts — call centres — can target you.
The attack can come through anything and everything — from calls, text messages with phishing links to emails or just through malware attacks as well and this menace is found to be thriving across both big and small Indian cities. The target can be anybody, it depends on the modus operandi of the cyber criminals. You may also be attacked more than once.
This is not specific or unique to one city or town, the fake call centres and the art of duping are spreading. Some of the fake call centres were shut for duping US, UK and Canadian citizens too. A close look into the recent cases, raids and arrests show how police agencies in Delhi, Mumbai and Kolkata’s Bidhannagar (Salt lake) commissionerates are battling such cases.
Last week, the Intelligence Fusion Strategic Operations (IFSO) unit of Special Cell, Delhi Police, Federal Bureau of Investigation (FBI), USA and Canadian Law Enforcement Agency in a joint operation arrested six such cyber criminals who looted US citizens for over eight years amounting to USD 10 million.
According to sources, these men who kept changing the locations of their call centres every couple of months looted 20,000 people. Some amount was also paid in bitcoin which the investigating agencies are now tracing.
The most recent company that the six allegedly ran is called — PC Support and Care — an office that occupied one floor in Ganesh Nagar and bank account statements revealed transactions over 4 crore between 2012 to 2020.
Deputy Commissioner of Police (DCP) IFSO, Prashant Gautam told ThePrint, “In most of these cases complainants are unwilling to come forward. This case saw the light of the day after two elderly persons aged 85 and 86 reached out to the nodal agencies and they informed the Delhi Police on 7 December this year”.
DCP Gautam said the fraudsters took around $ 85-299 from one particular victim.
Since 2020, the Delhi Police IFSO has busted 10 such call centres that have been duping innocent people of crores, according to police. In other cases, the accused duped people on the pretext of gift vouchers and offering jobs. The district police have additionally raided over 40 such call centres.
Also Read: Was AIIMS cyberattack inevitable? Doctors flagged risks soon after hospital went digital in 2016
Modus operandi of cyber criminals
These cyber criminals operate through multiple ways, the one of the most common one being — luring with attractive deals. In Bidhannagar or Salt Lake, the IT hub of Kolkata, these illegal call centres have been mushrooming targeting thousands outside the state and country.
The Bidhannagar police through massive crackdowns have busted 25 such illegal call centres in the past four months, between September and December arresting 292 accused through massive raids, The Print has learnt.
The commissinerate has recovered around Rs 5 crores have been returned to victims. However, sources stated that the returning of money to the victim is possible only when the victim immediately reaches out to the police, who then reach the court and get an order out. This order is then submitted to the bank which freezes the destination accounts and the money is transferred to the victim accounts.
In cases where the complainant doesn’t inform swiftly, the money is lost, police officers said.
Speaking to ThePrint, senior police official of Bidhannagar commissionerate in West Bengal Police explained that there are three main modus operandis of these fraudsters.
“One is the domestic call centres operating in Salt Lake, where they target people outside the state. They make calls to people saying they are from Jio and Airtel for installation of mobile towers. They submit fake documents of Reliance Jio, Airtel, Telephone Regulatory Authority of India. They tell the victims to transfer Rs 1 lakh to 6 lakhs for registration security etc and in return lure them saying that they will give Rs 20 lakh once the job is completed and also give a well paying job. Once the money is received they disappear”.
These calls, the source said, are random. The accused changes digits and keeps trying the numbers. In larger nexuses operating as international call centres, the data is bought for $50-80 from dark web.
The international call centres have two key common modus operandis — installing norton antivirus and other softwares, and insurance. “They make VOIP calls to US, UK, Germany, Austria giving lucrative medical and other insurance deals and looting people. In other cases, they say that it will provide antivirus for three devices at cheaper rates — 50 dollars as compared to the market rate of 80 dollars”.
This year, the Mumbai Police busted a call centre that was looting people under the garb of selling Viagra and other libido enhancing drugs to US citizens illegally. In another case, the accused were extorting amounts under the pretext of providing loans.
In an attempt for a massive crackdown on cyber criminals, the Central Bureau of Investigation launched Operation Chakra in October this year with Interpol, FBI, and police forces of multiple countries.
Search operations in 115 locations took place with assistance of local police — Delhi, Haryana, Rajasthan, Karnataka, Chandigarh, Punjab and Andaman & Nicobar Islands. At least Rs 1.8 crore cash and 1.50 kg gold was seized through these operations in Rajasthan. Additionally, Rs 1.89 crore bank account balance was frozen in Karnataka. Two call centres operating in Pune and Ahmedabad since 2014-2015 were also busted.
Also Read: India is dangerously unprepared for Chinese cyber-war. AIIMS ransomware attack shows why
Hurdles probe agencies, police face
The problem for investigating agencies, sources said, are because — most victims don’t register complaints, most of them even if they reach the police don’t want to record a statement and come forward, even when they do it’s too late and money is gone and the accused sometimes deal in Bitcoins. To avoid suspicions, these fraudsters also keep changing their offices.
“These fraudsters keep changing their hideouts and also their numbers and email ids. Most complainants also don’t want to come forward to take the matter ahead. These call centres thrive on luring innocents with offers. One person can be cheated more than once as well. If they make 100 calls, at least 5-6 persons fall for it. The biggest hurdle here is the non registration of complaints,” Biswajit Ghosh, deputy commissioner of police, detective department, Bidhannagar Police Commissionerate told ThePrint.
“When the victims are based outside the country it becomes very difficult. There are cases where we have called multiple times but they won’t take calls seeing an Indian number. In some cases, they reply by email and we take that as a [section] 161 Code of Criminal Procedure (CrPC) statement (statement of witnesses recorded by the police) and submit it in court,” the police sources.
In most cases, even the domestic victims don’t want to lodge a complaint, the source said, adding that they only want the money back, which makes it difficult for the police to bring down the entire gang and make a stronger prosecution case.
“This is also why they keep operating, they don’t most won’t complain and hence, go unnoticed. In most cases, we have only source-based intelligence,” the source added.
(Edited by Anumeha Saxena)
Also Read: Cybersecurity firm ‘sniffed out’ hacked Tiruppur hospital data on dark web. Now, it’s a ‘victim’ too