'One is fraud related to online deliveries, online shopping and online groceries and liquor.'
'Second fake news, third hate speech and fourth sextortion.'
"Assuming that people would spend more time on social media during the lockdown, cyber criminals shifted their activities more on social media."
Dr Balsing Rajput, Superintendent of Police, Maharashtra Cyber Cell, reveals to Prasanna D Zore/Rediff.com the latest methods used by cyber criminals to defraud You.
A Chevening Cyber Security Fellow with a doctorate in philosophy from the Tata Institute of Social Sciences, the soft-spoken Indian Police Service officer has been at the forefront of handling cyber security in Maharashtra since March 2016.
The first of a two-part interview:
How have the cyber criminals changed their activities to take advantage of the national lockdown? What are the new trends emerging in cyber crime?
There are a few changes in the modus operandi of cyber criminals after the lockdown.
Assuming that people would spend more time on social media during the lockdown, cyber criminals shifted their activities more on social media.
They particularly started spreading messages like 'get free mobile recharge', 'get Rs 2,000 credited to your bank accounts', etc.
And they are prompting people to click such links so that they could harvest more data by directing people towards fake Web sites. So this is the first trend.
Second, sending fake news and rumours have seen spikes since the lockdown.
Third, there has been an increase in hate messages targeting religious communities.
On the criminal side, we have observed that there are many online payment applications and wallets that are being used to cheat people.
These cyber criminals are targeting people searching for groceries and vegetables vendors nearest to their homes when they are locked down in their homes on Google.
Sensing an opportunity here, fraudsters have changed their methods and put their numbers on social media as grocers and vendors of essential goods.
They are given the option of cash on delivery for their purchases and are sent an application link, which when clicked opens up a form that asks for credit card or bank details so that they can book their orders by making a payment of Rs 5 or 50.
Once a customer makes this payment, all his details are captured by these criminals including their mobile number, OTPs, passwords, e-mail IDs, etc.
Using these details, they withdraw money from bank accounts or use credit cards for purchases.
Many people have lost money to these online tricks.
I have personally received five to seven such cases and in different locations in Maharashtra we have received complaints about 50 such cases.
In urban areas, we have seen a spike in liquor searches and to take advantage of these, online criminals opened fake liquor shops promising free home delivery. The modus operandi remains the same. Sending a fake link to capture credit card and bank details of people and then use these sensitive data to withdraw money from their accounts.
We have issued advisories across the state about such scams and alerted the police stations where such criminal activities have been rampant.
The other trend is blackmailing people who watch pornographic content during this lockdown or perhaps before the lockdown began.
There has been a surge in e-mail sextortion rackets in the last few days. These sextortionists happen to have leaked e-mail IDs and passwords of people who surf the Internet for pornographic content.
The e-mail senders claim that they have seen the users browsing pornographic sites and they have the recordings. They threaten to shame these people by sending these recordings to their family members. In return, they ask for ransom for not sending these recordings.
This could have actually happened in a few cases, I don't yet know for sure, but in most of the cases these sextortionists get access to breached data or data captured through malware called 'crawlers' and 'trackers' by searching the browser history of their targets or from add-on extensions or cache memory.
Most browsers store history of Web pages visited by users; many users save their e-mail IDs and passwords on their computers.
There are two possible ways in which these criminals access your private data: Either through data breach on Websites that people often visit or maybe a cache of browser data is leaked.
We have received many complaints related to sextortions and we have issued advisories also regarding that. People/Users need not panic in such instances.
They should immediately change their password, clear their browser cache setting.
Don't allow any pop-ups and add-ons if you are using Web browsers.
If you are using mobile and browsing through mobile apps, then check which applications are running, what permissions you have given to those apps and check which apps are consuming most of your mobile data, which mail client you are using to check your mails on mobile.
We have advised people to look into these issues and follow basic safety precautions while surfing online.
These are some of the top trends about how cyber criminals are using the lockdown to scam people or swindle money using their credit cards or bank details.
Has there been a sharp increase in the number of these cases after the lockdown?
There has been a marked increase in four types of cases.
One is fraud related to online deliveries, online shopping and online groceries and liquor.
Second fake news, third hate speech and fourth sextortion.
What action has the Maharashtra Cyber Cell taken against these criminals?
We have a zero tolerance policy (against cyber crimes).
The Government of India has created a portal called cybercrime.gov.in. We advise people to register their complaints online.
Their complaints directly come to the concerned police station and we are the nodal office for Maharashtra. These complaints are also received at our end.
We scan these complaints immediately and ask the concerned police station to act upon these complaints.
We also appeal to people that they should visit their nearest police station and lodge their complaints.
We also have a zero tolerance policy towards fake news, hate messages, and cyber crime which is related to exploitation of women and children.
We take these complaints very seriously. We have acted so far very stringently against such criminals.
From January 2020, we started Operation Black Face to curb pedophilia and online exploitation of women, register such complaints and bring the criminals to face the law.
From January till date, we have registered 140 related cases. More than 60 people have been arrested. More than 100 people have been identified, who will be arrested soon.
Likewise, the second category that we have zero tolerance against is fake news and hate speeches.
We have registered more than 275 cases against those spreading fake news and hate messages. More than 69 people have been arrested so far.
We have identified more than 200 people who have indulged in spreading fake news or hate messages and will be arrested soon.
During the lockdown period, Whatsapp and Facebook have been used extensively for rumour mongering and hate messages followed by TikTok and Twitter. Most of the audio and video content related to these cases were found on Facebook and WhatsApp. We have also notified these platforms about these activities.
How are these social media platforms cooperating with the Maharashtra Cyber Cell in tracking and curbing such crimes?
We have asked them to curb these criminal activities taking place on their platforms and they have responded positively. But we want them to act proactively and preemptively.
They know what the trend is on their platforms; they know from where the traffic is coming and going, what kind of activities are happening under their noses, but still (they are running away from their responsibilities) under the garb of 'We don't look into user content'... but these trends are visible. They should make technological arrangements, which will prevent (these criminal activities).
I will give an example.
Google Pay has a reverse link which can be used to debit money from someone's account instead of a person crediting money into someone's account.
So, if I have to pay you, then you can send me a link to make the payment. Normally, if I have to pay you, I credit the money into your account using your mobile number linked to your bank or using your bank details.
But there's also a facility (reverse link) whereby you can also send a link to me and ask for a debit from my account.
Google Pay and OLX has become a deadly combination for some gangs using this modus operandi.
If you are buying something (on OLX), then instead of you making the payment to the seller, the seller hoodwinks you to scan an RFID code to make the payment but such transaction generates a reverse link, that is, instead of generating a credit link (through which the buyer makes the desired payment to the seller), the seller sends you a debit link which allows him to withdraw whatever amount he wants from your account instead of the amount for which the transaction takes place.
So, instead of you (the buyer) paying money to me (the seller), the scammer has sent a debit link to you that allows him to withdraw whatever amount he wants to from your account. Such scams are also happening while buying goods online on e-commerce Web sites.
In such instances, a technological arrangement like when you register for making payments through the NEFT (National Electronic Funds Transfer) or IMPS (Immediate Payment System) platforms where you have to register first and after some time, which is used for verification of the creditor and debitor, you can make and receive payments using these platforms.
Two-factor authentication can also help in curbing such crimes.