Big StoryUttar Pradesh

Fake ID-Printing Websites Use Customer Data For Cyber Fraud: UP Cops

A large number of such cyber threat actors mushroomed following the outbreak of the COVID-19 pandemic and are based in western Uttar Pradesh, CloudSEK has found in a new research.

Hundreds of fake identity card-printing websites are operating out of Uttar Pradesh and duping people by using their personal information, according to a cyber security research firm.

The websites put out advertisements offering to make physical identity cards like Aadhaar, PAN, driving licence etc. and deliver those at the customers’ doorstep at affordable rates, CloudSEK, the Bengaluru-based firm, has claimed.

The personal information of people is used to carry out social engineering attacks, identity thefts, phishing attacks, while it can also be exploited to carry out unauthorized financial transactions and issuing SIM cards illegally, it noted.

A large number of such cyber threat actors mushroomed following the outbreak of the COVID-19 pandemic and are based in western Uttar Pradesh, CloudSEK has found in a new research.

When contacted, Superintendent of Police, Cyber Crime, Uttar Pradesh, Triveni Singh told PTI that his department is seized of complaints of impersonation and already investigating a number of such cases.

“Such matters are being reported from bigger cities, especially those in the National Capital Region (NCR),” he said.

Mr Singh asked people to report any online offence immediately at the dedicated helpline number 1930 or at cybercrime.gov.in.

Earlier, CloudSEK’s contextual artificial intelligence (AI) risk platform uncovered identity card-printing frauds orchestrated by Uttar Pradesh-based groups as it noted that despite India’s digital revolution, a large swath of the population still prefers physical copies over digitised versions of documents, especially when it comes to identity cards such as a driving licence, Aadhaar etc.

“This need accounts for the existence of corner shops that provide ID-printing services. However, with physical stores shutting down due to the pandemic, many have turned to the internet to avail ID-printing services,” it noted.

Threat actors are jumping on the bandwagon by hosting fake websites and impersonating major Indian firms that claim to deliver hard copies of identity cards. Scores of Indian citizens have fallen prey to this scam, according to CloudSEK.

“The domains impersonate popular Indian brands, including various telecommunication providers, banks, payment wallets, courier services etc. This includes Fino Payments Bank, DTDC, India Post etc. to present themselves as a legitimate business,” the research document stated.

“The threat group employs Google Ads, social network pages and SEO optimisation techniques to distribute and popularise these domains. Victims are duped into sharing their PII (personally identifiable information) and one-time passwords (OTPs) on a KYC portal integrated with popular payment channels,” it added.

The lure of easy money or cheap services prompts unsuspecting users to click on the links and visit malicious websites, which are often promoted using SEO (search engine optimisation) techniques, and on social media platforms such as Facebook, Instagram, Twitter and YouTube.

According to CloudSEK, it has uncovered multiple YouTube videos and channels with many views that were embedded with the links associated with these malicious domains.

“Threat actors can leverage the PII to carry out other social engineering attacks, identity thefts, phishing attacks etc. OTPs can be used to carry out unauthorised transactions from the victims’ bank accounts. Threat actors can register SIM cards in the name of the victims and use those for illegal activities,” it stated.

“Aadhaar card and PAN card details can be used to create fake bank accounts, apply for loans or to carry out other malicious activities,” it added.

On safeguard measures, the leading cyber security research firm cautioned people against clicking on suspicious links and advised them to ignore e-mails or messages from unknown sources.

“Enter your ID data only on official government websites (sites with the .gov extension). Be cautious when entering it on any other sites,” it added.

Leave a Reply

Your email address will not be published. Required fields are marked *