Cyber Law Cases
- ACCUSED IN RS 400 MILLION SMS SCAM ARRESTED IN MUMBAI
MUMBAI: The alleged mastermind behind a Rs 400 million SMS fraud that duped at least 50,000 people has been arrested along with an associate more than two months after the scam was unearthed.
Jayanand Nadar, 30, and Ramesh Gala, 26, were arrested late on Monday from a hotel in Mira Road in the western suburbs. Nadar, a first year college dropout, along with his brother Jayaraj had allegedly duped at least 50,000 people of Rs.400 million, said officials in the city police’s Economic Offences Wing (EOW).
The two brothers along with Gala allegedly took help of SMS technology and launched the first-of-its- kind SMS fraud in India.
According to EOW sources, in August 2006 the duo launched an aggressive and catchy advertisement campaign in the print media that read: “Nothing is impossible. The word itself is: I M Possible.”
As part of the attractive scheme, the Nadar brothers messaged random numbers, asking people interested in ‘earning Rs.10,000 per month’ to contact them.
“The modus operandi adopted by the brothers was alluring,” an EOW official said Tuesday.
“Interested ‘subscribers’ were asked to deposit Rs.500 each. The conmen duo claimed to be working with a US-based company named Aropis Advertising Company, which wanted to market its client’s products through SMS’,” senior inspector A Thakur said. “The brothers even put up a website (www.getpaid4sms. com) to promote their scheme. Subscribers who registered with them received about 10 SMS’ every day about various products and were promised handsome commissions if they managed to rope in more subscribers by forwarding the messages,” Thakur said.
In return, the Nadars promised to pay Rs.10,000 over 16 months to the investors. The amount was to be paid in instalments of Rs.1,000 every few months.
The brothers are said to have told the subscribers that their American clients wanted to conduct a study about local response to their advertisement and were using SMS as it was the latest medium of communication.
The duo invited people to become agents and get more members for the scheme. Gala reportedly looked after the accounts.
Initially, the brothers paid up small amounts. But when cheques and pay orders of larger sums issued by the duo were not honoured, the agents got worried. The SMSes too suddenly stopped.
On November 30, one of the duped agents approached the DN Road police station and lodged a complaint after a bank failed to honour a pay order amounting Rs.2.17 million issued by the Nadar brothers.
Then suddenly, the Nadars and Gala disappeared, leaving their agents and investors in the lurch.
By December, the police were flooded with similar complaints. The DN Road police station registered a case against the brothers and Gala and later transferred it to the EOW.
“By December 2006 the scheme had an over 50,000 membership in Mumbai alone. And we suspect that hundreds of thousands from across the country were also hooked to the scheme, thanks to a massive agent network and a door-to-door campaign carried out by the firm’s now duped agents,” Thakur said.
“We suspect that the fraud amount may be over Rs.1 billion. With the extent of the scam spread across the country, we are still trying to get the details.”
During investigations, the EOW came to know that the Nadars, residents of the upmarket Juhu-Tara Road, owned a fleet of imported sport utility vehicles and sedans.
“The brothers led an extravagant life. They would stay in top five star hotels, throw massive parties for investors and were also known faces in the city’s Page-3 circuit,” Thakur revealed.
“We are now looking for Jayaraj, who has eluded arrest. Gala, who is believed to have looked after the accounts, and Jayanand have been remanded to police custody till March 5.”
- CITY PRINCIPAL SEEKS POLICE HELP TO STOP CYBER CRIME
Principals across the city seem to be taking a cue from principal of Bombay Scottish School, Mahim. After students began posting insults against him on Orkut, instead of punishing them he decided to call in cyber cell cops to talk to students. Now, other school principals have decided to bring in the cyber cell police to speak at their schools. They feel students and parents need to be educated against the legal and moral consequences of cyber crime.
Admitting to the existence of some mischievous students who misuse the internet and also stray into restricted sites due to lack of supervision, principals feel the cyber cell can play a huge role in educating students and warning them. Principal Rekha Vijaykar, GHK School, Santacruz, said that with more and more exposure to the internet, students had started misusing the freedom and hence needed to be monitored. “Monitoring and educating students against the pitfalls of visiting restricted sites is the responsibility of parents. However, the school too has to play an active role,” she said.
Principal Alka Lokre of J M Bajaj School, Nagothane concurred. “Students need to be oriented with soul searching and conscience questioning which will help restrain them from misusing modern amenities,” she said. As a solution, Principal Fr Dr Francis Swamy of Holy Family School, Andheri, said that apart from educating students, parents and teachers also needed to be roped in for the success of any initiative against internet abuse. “Without the support of parents, no awareness programme can succeed. Parents need to be sensitised to the problem on hand and should be active in stopping their children from maligning anyone,” he said.
Principal Paul Machado of Campion School went a step further, highlighting the longterm effect of such uncontrolled freedom to students. “Parents must understand that today their children are misusing the internet to abuse others. Tomorrow, they may become victims of it too. Hence, parents need to be taken into confidence too to stem this rot.” Apart from the above, all principals lauded the move by Dr D P N Prasad, Bombay Scottish principal, to invite the cyber cell to speak on cyber crime and said that they would also be inviting the cell officials to speak on the subject in their schools.
- UTI BANK HOOKED UP IN A PISHING ATTACK
Fraudsters of cyberspace have reared its ugly head, the first of its kind this year, by launching a phishing attack on the website of Ahmedabad-based UTI Bank, a leading private bank promoted by India’ s largest financial institution, Unit Trust of India (UTI).
A URL on Geocities that is almost a facsimile version of the UTI Bank’s home page is reported to be circulating amongst email users. The web page not only asks for the account holder’s information such as user and transaction login and passwords, it has also beguilingly put up disclaimer and security hazard statements. ”
In case you have received any e-mail from an address appearing to be sent by UTIBANK, advising you of any changes made in your personal information, account details or information on your user id and password of your net banking facility, please do not respond. It is UTI Bank’s policy not to seek or send such information through email. If you have already disclosed your password please change it immediately, ” the warning says. The tricky link is available onhttp://br.geocities
If any unsuspecting account holder enters his login id, password, transaction id and password in order to change his details as ‘advised’ by the bank, the same info is sent vide mailform.cz (the phisher’s database).
After investigation, we found that Mailform is a service of PC Svet, which is a part of the Czech company PES Consulting. The Webmaster of the site is a person named Petr Stastny whose e-mail can be found on the web page.
Top officials at UTI Bank said that they have reported the case to the Economic Office Wing, Delhi Police. The bank has also engaged the services of Melbourne-based FraudWatch International, a leading anti-phishing company that offers phishing monitoring and take-down solutions. “We are now in the process of closing the site. Some of these initiatives take time, but customers have been kept in the loop about these initiatives, ” said V K Ramani, President – IT, UTI Bank.
As per the findings of UTI Bank’s security department, the phishers have sent more that 1,00,000 emails to account holders of UTI Bank as well as other banks. Though the company has kicked off damage control initiatives, none of the initiatives are cent percent foolproof. ”
Now there is no way for banks to know if the person logging-in with accurate user information is a fraud,” said Ramani. However, reliable sources within the bank and security agencies confirmed that the losses due to this particular attack were zilch.
The bank has sent alerts to all its customers informing about such malicious websites, besides beefing up their alert and fraud response system. “Engaging professional companies like FraudWatch help in reducing time to respond to attacks,” said Sanjay Haswar, Assistant Vice President, Network and Security, UTI Bank.
- ONLINE CREDIT CARD FRAUD ON E-BAY
Bhubaneswar: Rourkela police busted a racket involving an online fraud worth Rs 12.5 lakh. The modus operandi of the accused was to hack into the eBay India website and make purchases in the names of credit cardholders.
Two persons, including alleged mastermind Debasis Pandit, a BCA student, were arrested and forwarded to the court of the subdivisional judicial magistrate, Rourkela. The other arrested person is Rabi Narayan Sahu.
Superintendent of police D.S. Kutty said the duo was later remanded in judicial custody but four other persons allegedly involved in the racket were untraceable. A case has been registered against the accused under Sections 420 and 34 of the Indian Penal Code and Section 66 of the IT Act and further investigation is on, he said.
While Pandit, son of a retired employee of Rourkela Steel Plant, was arrested from his Sector VII residence last night, Sahu, his associate and a constable, was nabbed at his house in Uditnagar.
Pandit allegedly hacked into the eBay India site and gathered the details of around 700 credit cardholders. He then made purchases by using their passwords.
The fraud came to the notice of eBay officials when it was detected that several purchases were made from Rourkela while the customers were based in cities such as Bangalore, Baroda and Jaipur and even London, said V. Naini, deputy manager of eBay.The company brought the matter to the notice of Rourkela police after some customers lodged complaints.Pandit used the address of Sahu for delivery of the purchased goods, said police. The gang was involved in train, flight and hotel reservations.
The hand of one Satya Samal, recently arrested in Bangalore, is suspected in the crime. Samal had booked a room in a Bangalore hotel for three months. The hotel and transport bills rose to Rs 5 lakh, which he did not pay.
Samal was arrested for non-payment of bills, following which Pandit rushed to Bangalore and stood guarantor for his release on bail, police sources said.
- CYBER AND NETWORK SECURITY FRAMEWORK
Rising at alarming rate, the number of cyber crimes in India may touch a humungous figure of 3,00,000 in 2015, almost double the level of last year causing havoc in the financial space, security establishment and social fabric, an ASSOCHAM-Mahindra SSG study warned.
While releasing the joint study on “Cyber and Network Security Framework” Mr. D.S Rawat, Secretary General ASSOCHAM said, “What is causing even more concern is that the origin of these crimes is widely based abroad in countries including China, Pakistan, Bangladesh and Algeria among others”.
As per the study findings, during 2011, 2012, 2013 and 2014 years, a total number of cyber crimes registered were 13,301, 22,060 71,780 and 62,189 (till May). Currently, the cyber crimes in India is nearly around 1,49,254 and may likely to cross the 3,00,000 by 2015 growing at compounded annual growth rate (CAGR) of about 107 per cent. As per the findings, every month nearly 12,456 cases registered in India.
Phishing attacks of online banking accounts or cloning of ATM/Debit cards are common occurrences. The increasing use of mobile/smartphones/tablets for online banking/financial transactions has also increased the vulnerabilities to a great extent. The maximum offenders came from the 18-30 age group, adds the report.
These attacks have been observed to be originating from the cyber space of a number of countries including the US, Europe, Brazil, Turkey, china, Pakistan, Bangladesh, Algeria and the UAE, highlighted the ASSOCHAM-Mahindra SSG joint study.
With increasing use of information technology (IT) enabled services such as e-governance, online business and electronic transactions protection of personal and sensitive data have assumed paramount importance. “The economic growth of any nation and its security whether internal or external and competiveness depends on how well is its cyberspace secured and protected”, said Mr. Rawat.
The ASSOCHAM report further said, mobile frauds are an area of concern for companies as well as 35-40% of financial transactions are done via mobile devices and this is expected and this is expected to grow to 55-60% by 2015, adds the study.
Growing internet penetration and rising popularity of online banking have made India a favourite among the cybercriminals, who target online financial transactions using malware and India ranks third after Japan and US in the tally of countries most affected by online banking malware during the year of 2014, highlighted the ASSOCHAM- Mahindra SSG study.
Increasing smartphone sales and usage in India, the number of people falling victim to such crimes is also on the rise. The number of cyber crime victims in India (2012) was 46 million people against the global average of 560 million.
During the years 2011, 2012, 2013 and 2014 (till May), a total number of 21,699, 27,605, 28,481, 48,174 Indian websites were hacked by various hacker group spread across worldwide and likely to touch 85,000 by 2015, adds the study.
There are many ways that sensitive information is hacked as a result of cell phone usage. The most common are due to installation of uncertified applications, said Mr. Rawat.
The smartphone users rarely check for security certificates and download apps (games, music and other software) from third party or unsecured sites. Mobile banking apps store data such as PIN, account number on the phone. So, there is a risk that if the phone is hacked or stolen, then the information is compromised, points out the study.
Credit and debit card fraud cases top the chart of cybercrimes. There has been a sixfold increase in such cases over the past three years. According to the data, around 2277 complaints of online banking/credit/debit card fraud have been reported this year, followed by 191 Facebook-related complaints (morphed pictures/cyber stalking/cyber bullying). Other major cyber complaints were cheating through mobile (61), hacking of e-mail ID (59), abusive/offensive/obscene calls and SMS (55), and others.
As per the study, Andhra Pradesh, Karnataka and Maharashtra have occupied the top 3 positions when it comes to cyber crimes registered under the new IT Act in India. Interestingly, these three states together contribute more than 70 per cent to India’s revenue from IT and IT related industries.
According to the National Crime Records Bureau (NCRB), in 2013, 681 cyber crime related cases have been registered in Maharashtra, which has seen a 44.6 per cent rise in cyber crimes when compared to 2012. Andhra Pradesh with 635 cases registered in 2013 has also seen a 48 per cent rise when compared to 2012. Karnataka with 513 cases registered in 2013 has seen a 24.5 per cent rise when compared to 2012.
Uttar Pradesh with 372 cases registered in 2013 is in the fourth place. It has seen a huge rise of 81.5 per cent in just one year. Kerala is in the 5th place with 349 cases registered in 2013.
Among the bigger states Tamil Nadu and Bihar have very few cyber crime related cases. Just 54 cases have been registered in Tamil Nadu and just 23 cases have been registered in Bihar in 2013. Gujarat and Odisha have also registered just 61 and 63 cases respectively in 2013. Among the Union Territories, the national capital Delhi has registered 131 cyber crime related cases. It has seen a rise of 72.4 per cent when compared to 2012.
Dos and Don’ts
- Avoid online banking, shopping, entering credit card details, etc if the network is not properly secured
Check your online account frequently and make sure all listed transactions are valid.
- Be extremely wary of e-mails asking for confidential information. Never ever click on a link given in a spam e-mail.
- Always delete spam e-mails immediately and empty the trash box to prevent clicking on the same link accidentally.
- Beware of lotteries that charge a fee prior to delivery of your prize.
- While using a credit card for making payments online, check if the website is secure as the CVV will also be required for the payment.
- Notify your bank/credit card issuer if you do not receive the monthly credit card statement on time. If a credit card is misplaced or lost, get it cancelled immediately.
- Do not respond to lottery messages or call on the numbers provided in the text messages.
- Do not provide photocopies of both sides of the credit card to anyone. The card verification value (CVV), which is required for online transactions, is printed on the reverse. Anyone can use the card for online purchases if they get that information.
- Do not click on links in e-mails seeking details of your account, they could be phishing e-mails from fraudsters. Most reputed companies will ask you to visit their website directly.
- Do not give any information to people seeking credit card details over the phone.
- Avoid online banking, shopping, entering credit card details, etc if the network is not properly secured