‘SIM deactivation fraud linked to bank insiders’

‘SIM deactivation fraud linked to bank insiders’

The cyber crime wing of the Criminal Investigation Department (CID) has traced the recent spate of online bank frauds — initiated by deactivating SIM cards of bank customers and regenerating one-time password (OTP) — to the banks themselves, or rather a few unscrupulous bank employees.

Over the last few months, a network of fraudsters had siphoned off as much as Rs. 70 lakh from Bengaluru residents. The police have arrested a bank official from Hyderabad along with two other accomplices from Mumbai.

The Hyderabad bank employee has been linked to the Chickpet case where a city garment trader lost Rs. 9.62 lakh in November 2015. The police suspect that the banker leaked details of the garment dealer to the fraudsters. Investigators also suspect a similar bank connection in another case where a businessman lost Rs. 45 lakh to fraudsters.

“It is shocking how the culprits got the precise details of the complainants’ bank account and produced documents to deactivate his or her SIM card to keep them in the dark,” said an investigating officer attached to the Cyber Crime wing of the CID now probing the pattern of fraud.

Banker involved in Rs. 45-lakh fraud?

Their modus operandi was ingenious in its simplicity and highlighted flaws not just in the banking system but also from the cellphone service provider’s end, said police sources.

In another case in January 2016 that is still being investigated, a city businessman, R. Siddesh Kumar, lost Rs. 45 lakh to fraudsters who illegally made nine transactions to nine accounts in five days. The police are yet to establish whether it’s linked to the Chickpet case.

According to Mr. Kumar, a man deactivated his business cellphone number attached to the bank account by personally visiting the mobile service provider’s outlet in Jayanagar. “Posing as my manager, the culprit submitted a copy of the Aadhaar card with a changed photograph and obtained a duplicate SIM after saying that he had lost his cellphone and the card needs to be blocked immediately,” Mr. Kumar told The Hindu.

The gang soon began operating Mr. Kumar’s online account obtaining OTPs on the duplicate SIM card and transferring the money quietly. All through, Mr. Kumar’s manager assumed it was a cellphone network failure.

The Mumbai connect

On Wednesday, CID investigators arrested two men from Mira Road, Mumbai, who were identified as Rahul Patil (24), a SIM card retailer, and Afsal (46), an insurance agent, in connection with Mr. Kumar’s case. “The money was transferred to nine bank accounts, including the ones held by Rahul and Afsal who then diverted the funds to other accounts. We have questioned the duo and will apprehend their accomplices in the coming days,” added the officer. The police have managed to block and salvage Rs. 11 lakh, of the Rs. 45 lakh transferred in the case.

Investigators believe that the information leak, including confidential customer details, mobile phone numbers, information on ID proofs, could have come from a “bank insider”.

Source:BankingUpdates