Uttar Pradesh authorities have blown the lid off an ATM card syndicate that swiped lakhs of rupees from dozens of people with the help of bank officials and technology.
The Special Task Force says the gang misused a loophole in the phone banking system, bypassing all security norms.
CARD CLONING
According to officials, with their technique the cheats did not need to steal an ATM card and PIN, or block the mobile number of a person to siphon money from his bank account.
In fact, banks would deliver original debit or credit cards into their hands while the clients remained oblivious.
The incident comes against the backdrop of mounting cyber crimes in India as technology penetrates deeper into even the most intractable corners. As per Reserve Bank of India (RBI) data, 11,997 cases related to ATM, credit and debit cards as well as net banking frauds were reported by banks in 2015-16.
The modus operandi of the gang kicked off with the leak of client information from the bank. "We have discovered the role of bank officials, who used to take screenshots of bank account holders information," said UP STF's additional superintendent Triveni Singh. "It has name of account holder, address, mother's name, date of birth, account balance and mobile number. These details are sufficient for the gang to target anyone. Screenshots of potential targets were leaked by bank officials to gang members through WhatsApp."
One of the cheats then called up a bank call centre as a customer and choose the option of updating a debit card.
"Here is the flaw in the system. If the caller does not enter the ATM PIN despite being asked twice then, to forward the call to a customer care executive, the system will ask the person to enter a nine-digit reference number. The system accepts any random nine-digit number. As soon nine numbers are typed, the call gets connected to a customer care executive who asks for basic details, which have already been supplied by bank executives to the gang," Singh explained.
After providing the account holder's details, the imposter would request an upgrade for the debit card, which as per norms is done based on the balance in the account. The customer care executive then clears the application.
OBLIVIOUS CLIENTS
To get the new card and PIN, the gang followed the same process and a member would call up the bank's customer care department after a few days, complaining that he had not received his card.
"After asking for some personal information, the customer care executive provided details of the courier company assigned to deliver the card and PIN," the officer said. "The cheat then called up the delivery firm and expressed urgency to collect the card. As the imposter had all the details handy, the courier man delivered the card to the person at the desired location."
The syndicate, which now had a new card and PIN, would go to any cash machine and change the linked mobile number so the customer would not get any alert messages on transactions "When a request to change mobile number is placed, the ATM machines ask for the old number, which the gang already has. So, a member inserts a number which does not exist.Now they make transactions without getting tracked," said the officer.
The gang's mastermind was arrested in UP's Kanpur city on Wednesday and was identified as Dhiraj Nigam. He earlier worked with a debit card selling company in Delhi and knew minute details of the banking system, police said. About half a dozen victims have come forward so far with losses amounting to Rs 20-24 lakh. More cases are expected to emerge. "We have also zeroed in on a call center executive who was passing the information to the gang and will be arrested soon," Singh said.
0 Comments