Learn bits
Science & Tech.
Mahesh

25/03/24 12:19 PM IST

Digital financial frauds in India

In News
  • Cybercrime poses a burgeoning threat in India, impacting millions of individuals and organisations.
  • According to the National Crime Records Bureau (NCRB), cybercrimes in India in 2023 resulted in a staggering loss of ₹66.66 crore, with 4,850 reported cases.
Digital fraud
  • While various names have been given to diverse types of frauds, the general modus operandi of a fraudster is any one of the following: 
  • convincing the victim to send money, either by impersonation (fake WhatsApp/FB/Insta, social media profiles) or by giving them a false promise of greater return (investment, crypto, held up custom package etc.)
  • by taking credentials such as Unified Payments Interface ID (UPI), Personal Identification Number (PIN), One-Time Password (OTP) or Internet banking ID/password from the victim and then using the same on other apps/websites and transferring money without the knowledge of the victim.
  • For this the customer will either be given a fake link which looks exactly like a UPI app screen/banking website or the victim will be conned into installing a screen sharing app.
  • The scammers can also convince the victims over phone to give out those details.
  • When these details are used on official banking apps this gives the fraudsters access to even the Fixed Deposits/Recurring Deposits which are also siphoned out in most cases.
  • by taking card details and convincing the victim to share OTP.
After the scam
  • After a fraudster empties a victim’s bank account, the money undergoes a series of circulations in broadly three stages.
  • The first stage is a temporary account into which the fraudsters transfer victims’ money.
  • This account will be used to receive money from various other victims as well. From here, the money is then transferred into a second stage account.
  • The second category of accounts are a group of accounts among which money is circulated.
  • There are a lot of middlemen who are money circulators. Their task is only to receive money from first level bank accounts for a nominal cut.
  • The victim’s money is then split into small parts and then circulated within these accounts, by a person who is sitting in a different corner of the country.
  • After sufficient churning, the money is then transferred into a third stage account which is a sink account.
  • This can be a bank account, an e-wallet etc. Here, the total defrauded amount from a group of victims is re-collected.
  • The money is then withdrawn in a large chunk through conventional methods of either ATMs/cheques or e-wallet cash outlets such as an e-wallet payments bank.
Prevention
  • As a first, just as how Google accounts do not allow logging in from a new device unless permission is granted by the former, financial institutions must be mandated to replicate this feature in their apps.
  • As soon as a UPI ID, password or OTP is entered in a different device, an alert must be generated in a previous device with no further action being allowed until it is approved by the person. Secondly, the screen share facility must be disabled.
  • Banking and financial apps must disable screen-sharing to run on top of them.
  • And finally, in the bank statement, all banks/NBFCs/SEs must be mandated to provide comprehensible data. Currently only partly printed numbers are shown which even knowledgable customers are unable to understand.
  • The transaction description must contain the receiver’s account/mobile or any other identifying number irrespective of it being within the same bank or to an outside bank.
  • One of the biggest hindrances law enforcement agencies face is in following the money trail.
  • The siphoned off money hops across bank accounts and wallets within minutes but supervised entities/banks/NBFCs/wallets are not able to give the required details to agencies with the same speed.
  • Most of the crime is reported after 24 hours of the commission. Due to stress and trauma most victims end up deleting much of the evidence from their devices/phones.
  • By the time a money trail is established the money is already withdrawn from the system and there is no way to either identify the person or recover the money.
Minimising Delays
  • Banks/NBFCs/SEs must be mandated to provide data in a predetermined format with all the terms explained.
  • The data must be given in a CSV or XLSX file. For example, the CDR (Call Data Record) shared to enforcement agencies has a fixed format and fixed file types, such as .CSV or .XLSX. Currently the banks give the statement either in a printed hardcopy or in PDF format. This causes huge inconveniences to the investigating officers.
  • Most tech-savvy officers are often held back only because they do not get the data in a usable format. 
  • The International Mobile Equipment Identity (IMEI) must be recorded. All banking and financial apps must be mandated to save IMEI details of the device being used.
  • Fraudsters use fake mobile numbers and fake bank accounts which span across different States with the goal of adding layers to increase anonymity and preventing agencies from prosecuting them.
  • Thus, the IMEI becomes crucial evidence in determining the device and its location. Recording IMEI will make for stronger evidence in establishing a device and its connection to fraudsters in a court of law.
Way forward
  • The Bharatiya Nagarik Suraksha Sanhita 2023 which is set to replace the Indian Penal Code of 1861, recognises ‘organised crime’ as a “continuous unlawful activity”.
  • Digital financial frauds are very much covered in this definition. Law enforcement agencies face a lot of difficulties in conducting interstate raids and arrests.
  • It requires a large team and coordinated effort. Interstate digital financial fraud networks must be recognised as a serious crime and bail may be restricted by the Courts.
  • Additionally, digital frauds create a considerable amount of black money when seen from a macro-economic perspective.
  • In conclusion, cybercrime being a subset of crime in general can be dealt like conventional offences, albeit with a different set of tools.
  • Instead of a specialised unit, if the fintech and telecom industries are mandated to take certain preventive steps in their technology and provide data in a manner which enables speedier investigation, the prevention, detection, recovery and conviction will be much more effective. Faster availability of data will make it easier to identify and convict pan-Indian gangs.
Source- The Hindu

More Related Current Affairs View All

15 Nov

Government issues guidelines to curb misleading ads by coaching centres

'The central Government issued new guidelines aimed at curbing misleading advertisements by coaching institutes, specifically prohibiting false promises such as "100 per cent selec

Read More

15 Nov

Janjatiya Gaurav Divas

'Every year on November 15th, Janjatiya Gaurav Divas is celebrated to honor the contributions of these communities, especially in India’s freedom struggle.' 5th November

Read More

15 Nov

Supreme Court’s order on mandatory accessibility standards

'A bench of the Supreme Court last week ordered the Union government to frame mandatory rules for ensuring the accessibility of public places and services to persons with disabilit

Read More

India’s First Ai-Driven Magazine Generator

Generate Your Custom Current Affairs Magazine using our AI in just 3 steps