Welcome to the first issue of #incidentreport. This series of blogs takes one through the analysis of important incidents related to the internet and Cybercrimes, while also providing a few recommendations to stay away or protect oneself from these crimes. The present blog takes a look at the recent incident which has come into light where people in Odisha were duped off about Rs.10 Lakhs in 3 days.
What Exactly Happened?
Bhubhaneshwar DCP Umashankar Dash on Wednesday informed the media that cybercriminals, in Odisha, have swindled over 10lakh rupees in the last three days, and the newly set up helpdesk is getting flooded with calls from people reporting such cases of cyber fraud.
The police reported multiple modus operandi of these offenders. In one of the instances, the criminal usually approaches the victim through their social media accounts, by impersonating and posing as a model. The criminals will then slowly try to establish a rapport with the individual by Chatting with them and sharing various made-up details of their lives. These chats soon become private and sexual where certain private images or videos are shared. These pictures and videos are then used to blackmail these individuals and extort money from them.
Another type of reported modus operandi of these individuals is that they call up the people who search for customer care numbers of different banks. These people who are called up usually call their banks for cancelling their credit cards, and confirm the procedure of getting their card cancelled in the first instance. However, later receiving a call from the bank regarding the same, already establishes a rapport and a level of authenticity, and the victim usually does what the individual on the other end of the phone tells them to do. This offender then directs the individual to share the OTP which they receive on their mobile phone, for completing the process, which leads to the victim getting distressed from a text message from their bank, which tells that a certain amount is deducted from their bank account. The police suspect some malicious apps or the employees of the bank, to be the culprits behind this issue.
What is the extent of the problem?
The newly setup help-desk has received an unprecedented amount of calls of distressed individuals. The police reported to the media that they have identified or received complaints, from people living in Bhubhaneshwar and as well as people living outside the city, regarding the financial frauds and online frauds to the tune of Rs.10.58 Lakh.
What can one do?
- Well, the first thing which one can do is to just not share their OTP with anyone. One should carefully read the OTP messages which they receive. Every one of them clearly states that nobody from their or any other bank will ever ask for UPI pin of OTP on the phone, as all the transactions are digital and the same is not required to be done on the phone. It becomes very difficult for one to recover the money from the bank if one shares their OTP with anyone, before a fraudulent transaction. The Bank marks this case of a fraudulent transaction as a negligent transaction by their customer and hence it absolves them from any kind of liability.
- However, if one does fall victim to the same, one should report the same to their nearest cyber police station or report the same to national cyber crime portal, along with the necessary details required for the same, like the transaction id, sender account details, receivers account details, date of transaction, time of transaction etc.
- To deal with the blackmail and extortion cases, one should first realise that it is not their fault they have fallen prey to such action. It’s very easy for the cybercriminals to take advantage of people’s vulnerabilities and then exploit them, as they are experienced in this. The most important and the right thing to do is to report to the nearest cyber crime police station or the national cybercrime portal, under the columns of financial frauds. In case the pictures are leaked on social media, one can report it to the respective social media by visiting their help centre and following the process or refer to one of the blogs present on this website, for the process. One can also report the same to the cybercrime police station or the national cybercrime portal as well.