Insider’s Role In Online Thefts: Experts

PUNE: It’s not just clever tech planning but also inside information that apparently helped cyber thieves withdraw huge amounts of money from the accounts of people using the virtual funds transfer route.
Earlier this month, a businessman (Rajesh Bipinchandra Kamdar) was duped of Rs 19 lakh electronically in a cyberattack that targeted his bank account, where the fraudsters had blocked his cellphone sim to execute the fraud. As many as ten transactions were made from his bank account and the amounts were transferred to banks located in different parts of country. In a similar case earlier, Sanjay Govind Dhande (65), a former professor at IIT-Kanpur who now lives in Pune, also found Rs 19 lakh siphoned off from his bank account in a similar manner.
Cybercrime officials, who have leads on two of the four net-banking theft cases reported this month, revealed that in the case of the businessman who lost Rs 19 lakh, fraudsters submitted a copy of his passport to the mobile company to get another sim card issued. “The mobile company employee who issued a new sim in Kamdar’s case has been traced, which will help us reach the fraudsters, who may be the same people in both cases as the IP address used in both cases is the same and has been traced to Nagpur,” a cybercrime official said.
The official explained that once the second sim card was issued to the fraudster and it was activated, the first one in the victim’s phone automatically got deactivated. “Investigations also revealed that the businessman’s number had been diverted to another number (of a different mobile service provider) in Daund that had been deactivated six months ago. All calls made on his number were getting routed to this particular deactivated number,” said the official, adding that in the meantime, Rs 19 lakh from his account were transferred to banks in Bhopal, Jaipur, Mumbai, New Delhi and Bangalore.
A cybercrime scrutiny expert said in many such internet banking related frauds, the cybercriminals usually have an insider in the mobile company as well as the bank. “The insider within a bank may provide the fraudster with information such as the ‘fattest’ account in the bank, the account number, user ID, the registered mobile number and even the prospective victim’s KYC documents. The fraudster now knows the mobile company whose services the victim is using and arranges for an insider in that company to get the victim’s KYC details. Without these insiders, such crimes are not possible,” he said.
The expert added that the fraudster then uses these bogus documents to have another sim card issued to him. Once the sim is activated, he tries to reset the victim’s online banking password for which the one-time-password is sent to the user’s mobile number (which now the fraudster has via the duplicate sim).
Another cybercrime expert added that selling credentials of people is currently one of the biggest underground industry today, from where many fraudsters get the KYC details they seek. “There are also many duplicate sim card selling agents with vested interests within mobile service providers,” the expert added.
A senior official from the cybercrime cell in the city told TOI there have been four to five such cases this month, where the victims’ sim was blocked and cybercriminals transferred money from their bank accounts.
The official added that the money was transferred to ‘fake beneficiary accounts’ created by fraudsters in different banks across the country. “Fraudsters are able to create fake beneficiary accounts producing bogus KYC forms of people in whose names they open these accounts. Often, banks do not undertake KYC verification of each and every customer opening an account as it is a mammoth task,” he said.
The official said that it is also very easy nowadays to hack into the victim’s online banking username and password to execute such frauds. “If a prospective victim is using wi-fi, a seasoned hacker will know exactly how to get the information being punched in on the victim’s computer even though he (victim) may be sitting somewhere else but in the same network,” the official said.
Expert Speak:
“Upon receiving any alert of a bank transaction on the phone or upon having the sim suddenly deactivated, one should immediately visit the bank and ask the concerned authority to freeze all transactions. He should then lodge a complaint at the police station.”
Sandip Gadiya, a cybercrime investigation expert
“Whenever people submit photocopies of pan cards or identification or address proofs, they have to make sure that it is going in trusted hands”
Sagar Rahurkar, a certified fraud examiner, said that
How the fraudsters did it
Approached the mobile service providers, produced fake KYC documents of the victim and got a duplicate sim of the victim’s number issued.
Activated the second sim card, because of which the original sim card with the victim got blocked.
Made several transactions, transferring victim’s money into fake beneficiary accounts, in addition to online shopping transactions.
The criminals could hack into the victim’s internet banking password to execute the crime.
‘Banks should ensure safety of customer information’
“As financial institutions in India interact with more of their customers electronically, they face unique challenges in ensuring that every single new channel touching a customer is secure. This is vital with cyber threats growing in sophistication and increasing the numbers of financially motivated attacks, and exploiting security weaknesses across multiple channels of the bank and ATMs are no exception,” said Anand Naik, managing director – Sales, India and SAARC, Symantec.
He added that cyber criminals are always looking for newer avenues namely social networks, unprotected mobile devices and unregulated usage of cloud services to not only attack an individual’s identity but also their financial information. “These areas often lack security features such as encryption, access control, and manageability, providing a massive opportunity to cybercriminals. As banks shift from a branch-centric culture to a digital-centric approach to deliver great customer experience across multiple channels, they need to adopt an information-centric view of security. In fact, banks are mandated by RBI guidelines to implement comprehensive security measures such as two-factor authentication to protect customer information, identity and transactions,” said Naik.
Credit Sudhaar is India’s first Credit Health management & improvement company whose goal is to help clients to Restore, Enhance and Protect their Credit and make them credit healthy.

CS Identity Shield helps individuals from various types of Identity theft, Cyber crime and Credit card fraud. 
Courtesy : Times Of India