New Delhi: Any discussion about the notoriety of cyber criminals in India is incomplete without the mention of Jharkhand’s Jamtara. So much so that the district has an OTT series named after it. But a fresh analysis of an estimated 20,000 fake customer care numbers suggests West Bengal may be gradually emerging as a hub of fake call centres.
Published on 24 February, the report by Bengaluru-based cybersecurity firm CloudSEK shows that the “top three” fake numbers operational roughly for a period of more than 600 days were traced to West Bengal.
“Kolkata served as the centre for many large-scale operations,” read the report, adding that around 23 per cent of the total fake customer care numbers analysed were registered in West Bengal.
Delhi and Uttar Pradesh tied for the state with the second most registered fake numbers, together accounting for about 19 per cent of the total. Clubbed together in the report, Bihar and Jharkhand accounted for about 7.3 per cent of fake numbers analysed.
However, the report added, “while the numbers are registered in these regions, they may be used from different locations to target victims across India”.
The report comes amid renewed efforts by the Telecom Regulatory Authority of India (TRAI) to curb spam calls and messages or unsolicited commercial communications (UCC).
According to a press release dated 17 February, TRAI in a meeting with representatives of major telecom companies (telcos) directed them to review the “menace” of UCC and “curb the misuse” of messages and calls from “unauthorised or unregistered telemarketers”.
The regulator also asked major telcos to get registered telemarketers to join the DLT-based (distributed ledger technology) platform, allowing both to monitor the telemarketers’ activity better. Though TRAI has been trying since 2018 to get telemarketers and any business owners who wish to send commercial messages, to register themselves on the DLT-based platform, its efforts haven’t fully succeeded so far.
The analysis by CloudSEK found that, of the “top three fake customer care numbers detected”, “+918116494943” was used to impersonate fashion outlets and financial businesses. According to the caller ID app Truecaller, the number belongs to one “Avinash Kumar”.
The other two numbers are “+917001088584” and “+918697355745” — which belong to “Sipahi Sahni” and “Mitra Pvt Ltd”, respectively. These have been used in the past to impersonate representatives offering banking services.
Fake customer care numbers, says the report, are an “apt modern-day phishing technique” because people instinctively feel they can trust an agent trying to help them solve problems and also because “people tend to be ignorant while engaging with customer care numbers”.
Of the 31,179 fraudulent numbers found by CloudSEK, some were active for more than two years, which is unusual given that most fraudsters tend to change their numbers regularly to avoid detection. Of these numbers, at least 17,285 were of Indian origin.
The report also said that of all the numbers of Indian origin, 80 per cent are still operational and that the period between 10 am and 5 pm was the “preferred calling time for scammers” targeting Indian customers. It also found that a single fake number is used to make an average of 30 calls each day.
For the analysis, CloudSEK also analysed 8,41,486 calls (both standard calling and calls via internet) linked to 470 fake numbers. Around 47 per cent of the over 8 lakh calls were answered.
Also Read: Mewat is India’s latest Jamtara. And sextortion is the new kill
Fraudsters rely on ‘social engineering’
A typical fake customer care scam is conceived when a fraudster uses a fake identity to purchase ‘burner’ sim cards that are untraceable and easy to dispose of. The fake numbers are then promoted on social media, websites, and “advertisements to get a wider reach” on search engines.
Unwitting customers searching for a customer care number online may stumble across one of these fake numbers and dial it in search of help.
For the next part of this scam, fraudsters rely on “social engineering” — building a relationship with the target by citing seemingly valid reasons to gain access to the target’s financial information and OTPs.
“Generally, scammers try to leverage impersonation and the fear factor to collect money from the victims,” said the report by CloudSEK.
It added that fraudsters use similar names, logos, and website domain names to impersonate a real business. They then access the target’s bank account and purchase gift cards or transfer money to their own accounts.
Businesses most impersonated were those in the banking and finance sector, followed by healthcare and telecommunications.
Fraudsters rely largely on social media, mostly Facebook, to propagate their fake numbers, links to their phishing website, or to fraudulent WhatsApp or Telegram accounts created to lure victims. “88% (15,271) of the fake customer care numbers were distributed via Facebook advertisements, posts, profiles, and pages… Despite Facebook claiming to have taken down close to 2 billion fake accounts per quarter, scammers continue to flood Facebook with fake profiles and pages,” the report said.
Twitter and Google were other channels used by fraudsters to promote fake numbers.
The report also found that at least 6,118 of the fake numbers analysed were active for less than 30 days and around 881 were active for 485-623 days. The fraudsters, it added, were using “sophisticated tactics to evade detection” such as changing the domain name of their website or where the phone number was posted for targets to see.
It also found that apart from targeting customers in India, fake numbers were also used to make 214 calls to potential targets in Dubai.
(Edited by Amrtansh Arora)
Also Read: Why are cybercrime convictions low in India? ‘Weak forensics, dark net & cross-border attacks’