How Paytm fraud happens? Strategy / Modus Operandi of Fraudster?
On 21st of Nov, 2019 in the morning one lady tried to use Paytm three times but it didn't work all the times she tried. Then she opted Google pay for the transaction. On the same day, in the afternoon she got a message that her KYC is not completed and she can contact Mr. XYZ for that. She heard that Paytm KYC issue is creating problem to the UBER drivers. She thought that her Paytm was not working because of incomplete KYC. In the evening, she got a call that her KYC is not completed and the fraudster convinced that her KYC is completed about 60%. She on phone enquired about her part to do. The fraudster informed that she can complete her KYC on her own and he will guide her through the process. He informed her to download one app namely "TeamViewer QuickSupport" available on Google Play Store. When she downloaded the app she was asked to allow for permissions to run the app on her phone.
➢ Victim installed the app on her phone from Google Play Store π
➢ The fraudster asked for TeamViewer QuickSupport ID to get control over victims phone π
➢ In the following example seen that the victim’s phone is now under control of the fraudster. As we can see the screen of the victim's phone along with a Pointing Hand as a mouse on fraudsters phoneπ
Soon after getting full control over the victim's phone fraudster said he wanted to increase her paytm credit limit. And for that she does not need to tell the fraudster any details but she needs to enter the details on her own. At first, she denied to increase any credit limit but the fraudster convinced that there should be some limit that she wanted to have. She got convinced finally to enter the details because she did not have to tell the fraudster any details. But she was not aware that the details she entered could actually be seen by the fraudster. Soon after entering the details by her one transaction occurred for ₹ 1. She did not suspect because for authentication Google and other apps use such transaction of ₹ 1 and reverted to the account very soon. The second transaction was about ₹ 14,999. When she asked the fraudster about those transactions she was told that her Paytm limit was increasing. Third transaction was about ₹ 9,999. When such transactions was happening got a call from HDFC and she informed the bank that those transactions were not done by her. In spite of her information to the bank 3 more transactions happened and her account got empty. The fraudster could have access to her another account and started transaction. Finally when the ‘TeamViewer QuickSupport’ app was uninstalled from her phone no further transaction could be done from her account.
Therefore, it is important to know the functioning and purpose of any application before installing on our phones. Here, in this case the victim installed the app from Google Play Store the only trusted source to get any application on Android phones but the victim is not aware of the usability of the app. The ‘TeamViewer QuickSupport’ application is designed to troubleshoot issues remotely by experts or when we want others to operate on our computers and phones remotely. It is seen that, Cyber Criminals / fraudsters are not doing anything out of the box but they have good knowledge of digital platforms so they know how to exploit features of particular application for their own benefit. Hence, awareness is important for all of us.
Courtesy: Assam Police Cyberdome, Guwahati
Please follow the links:
No comments:
Post a Comment