Using guile, charm and poise, they ‘vish’ out money from bank accounts

APTFilter AVGNews CERT-LatestNews FSecureNews KasperskyNews Malware McAfeeNews Security News SocialEngineering SophosNews SymantecNews ThreatsActivists ThreatsCybercrime ThreatsEconomic ThreatsStrategic TrendMicroNews Uncategorized VulnerabilitiesAdobe VulnerabilitiesAll VulnerabilitiesApple VulnerabilitiesApplications VulnerabilitiesCisco VulnerabilitiesCrypto VulnerabilitiesDBMS VulnerabilitiesFirmware VulnerabilitiesGoogle VulnerabilitiesHardware VulnerabilitiesLinux VulnerabilitiesMicrosoft VulnerabilitiesMozilla VulnerabilitiesNetwork VulnerabilitiesOS VulnerabilitiesVMWare VulnerabilitiesVOIP

Tamil Nadu

It sometimes takes only an innocuous phone call to deplete a bank account. Unfortunately, thousands of people in the city have received these damaging phone calls. As they take the call on good faith, people often part with sensitive information that unscrupulous fraudsters use to siphon off their hard-earned money.

Police claim that the number of such complaints has increased. Every day, they receive at least five complaints demanding action against phishers.

Every complainant has a different experience to share with the police. A woman who was sitting in her home on a Sunday evening received a phone call from an unknown person. The caller introduced himself as the branch manager of a nationalised bank. She narrated: “The caller told me that my ATM card was blocked as I had not linked my Aadhaar number to the bank account. After I shared my Aadhaar number, he told me my card had been activated.”

But things did not end here. The caller continued: “You must have received a six-digit number in your mobile. If you tell me the number, your card will be active.” He made several calls in quick succession, giving the woman customer a feeling that there was a crisis. “Half-an hour after his last call, I got the message that ₹60,000 had been debited from my bank account in six transactions,” she explained.

In the case of a retired employee in Mandaveli, the intent of the caller was the same, and the modus operandi only slightly different. The caller claimed to be from the Reserve Bank of India and that he was making a routine verification call, mandatory every year. The complainant was told to share his card number details.

The senior citizen said: “He spoke to me at length for roughly half an hour and I ended up giving my card number. After receiving the card number, he also asked for the CVV number as well. When I hesitated, again he re-assured me that he was calling from the RBI, and that I need not to worry at all. Then I shared the CVV number, and subsequently the one time password that was sent to my mobile number. As soon as I shared it, the call was disconnected, and I lost ₹40,000.”

The vishers seem to target senior citizens primarily, picking on retired employees of private and nationalised banks, police said. Six months ago, a 72-year-old person, who retired from a top position from a nationalised bank and was living in Mylapore, was a victim.

“Vishers will usually impose themselves on victims as bank officials and offer great discounts on credit cards, even prizes. They also indicate that failure to reveal account details may lead to cards or bank accounts being frozen. They then collect card details, CVV number, expiry date and OTP from the customer and use this data to shop online,”explained Selvarani, Inspector, Central Crime Branch.

Most of the fraudsters operate from Bihar, and Ghaziabad and Noida in Uttar Pradesh, she added. Procuring data from middlemen, they operate from undisclosed locations in these areas. They use different mobile numbers to cheat gullible customers.

The officer also said cyber fraudsters now also target mobile e-wallets, since the e-wallet user need not furnish debit or credit card details every time. One can easily create e-wallet with banks if the customer has an email address or with Facebook details.

Usually, after defrauding a person, cyber criminals transfer the money to bank accounts opened in fictitious names. Bank officials say that since customers themselves voluntarily share the details, they are unable to help much.