HYDERABAD: Cyberabad Cyber Crime detectives on Thursday arrested seven people, including the Kingpin and four others based in Hyderabad, on charges of deceiving foreigners into accessing their credit card details under the guise of offering services techniques.
The fraud came to light after employees of HDFC Bank noticed some suspicious transactions involving one of the bank’s clients named Healthy Dental Clinic. The bank brought it to the attention of the Cyberabad Cyber Crime Police who then started to investigate and eventually zero in on the fraudsters.
Police said one of the defendants, Naveen Bhutani from New Delhi, used his experience in providing technical assistance to overseas clients by activating three call centers in Janakpuri from New Delhi, Kaishambi from Ghaziabad and Mohali from Punjab.
He used the services of the four defendants based in Hyderabad. Of these four, Srinivas and Nagraj, who are software developers, created websites and linked them to payment gateways, while Pavan and Shravan’s bank accounts were used to deposit money accessible by clients.
The quartet, after meeting the commission fee, transferred the amount to Delhi-based Mohit and Monu who in turn would eventually send it to Bhutani after deducting their share of the proceeds. Revealing the gang’s modus operandi, police said they used fake messages and technical glitches through Google Adwords to dupe their customers.
At first, the gang created websites that offered anti-virus software and lured customers by providing a toll-free number. Google Adwords led victims to the website and offering to fix technical issues, the gang used to take control of customers’ device and transfer money to their accounts.
Another approach was to send a fabricated message to customers. A sample message reads: “Security Alert – We noticed your card was recently used on 2021-07-02 12:59 PM, on amazon.com for $2559.99. If not the case, please call 1-xxx-xxx-xxxx”. The victims eventually revealed details of the card and account the gang used to drain their bank accounts.
Gateway loophole helped crooks?
It appears that the offenders used a flaw in the payment gateways, in which the servers only ask for verification and do not verify the customers, which helped the scammers to commit the crime.
Cyberabad CP Stephen Raveendra said, “Payment channels only work for earnings and do not verify applicants. The gang targeted those in the UK, Singapore and Australia and carried out the transactions mostly during night hours, leaving victims with no opportunity to file a complaint. Fraudsters frequently changed toll-free numbers. It is suspected that customer details were accessed from the dark web