Anti-FraudArticle Series #Article2- MOBILE FRAUDS AKA TELECOM FRAUDS

Mobile fraud is the unauthorised use, alteration, or manipulation of a cellular phone or service. Recently, mobile fraud has become a major concern. By accessing one gadget, crooks may control everything. Risk to personal finances and security is real. Scammers create new and exciting ways to commit fraud. They benefit from some recognised methods. Juniper Research predicts that by 2021, two billion mobile bankers would have used their handsets, up from 1.2 billion in 2020. Although the online channel is still risky, scammers are focussing on mobile. The rise in global e-commerce spending, including gaming app and other entertainment purchases, is to blame. Statistica expects Google Play Store mobile app sales to reach $55.5 billion in 2024. The App Store and Google Play are expected to generate about 171 billion U.S. dollars by 2024 (https://www.statista.com/statistics/747489/annual-consumer-spend-mobile-app-by-store/ ).

In relation to the aforesaid facts, the first mobile fraud technique is the “Man in the Middle Attack”. In Man-in-the-Middle (MitM) attacks, the culprit steals network data between the financial institution and the customer. A crook can set up a fake Wi-Fi network to steal a customer's financial details when they connect to the hotspot. In a recent case in India, the top-read newspaper "Times of India" reported on April 4, 2023, that a fraudster created a fake email id (similar to a Portuguese firm) and dumped a Mumbai-based firm, losing Rs 54Lakhs. Find this information at: https://timesofindia.indiatimes.com/articleshow/99226594.cms#?utm_source=contentofinterest&utm_medium=text&utm_campaign=cppst

The second type which is widely used by the fraudster is “Mobile Phishing”,approximately 5 lakh Indians are victims of mobile phishing, the second form utilised by fraudsters. In smishing, a criminal sends you a text message with a URL to trick you into clicking on it. The user may click on the link to a phishing page that steals their login credentials or downloads surveillance spyware. The goal is to breach the device's personal, sensitive, and business data. SMS phishing often uses small URLs to drive users to dangerous content. Other methods include URL padding, screen overlays, SMS smoofing, and smartphone verifications.Large-scale smishing campaigns use these. Pushpalata Pradip Chinderkar, a 68-year-old former Union Bank employee from Borivali (East), Mumbai, lost Rs. 9.15 lakh to a cyber scam, according to “India Today”. Clicking a WhatsApp link caused this sad situation. According to The Indian Express, Chinderkar tried to make a complaint online using the bank's grievance redressal website about her fixed deposit. Her complaint was often hampered by Union Bank grievance cell internet difficulties. After many attempts, she reached a page asking for her phone number.

The third type is "Device Cloning," a common mobile fraud practice. Our phones contain many apps and personal data that enable online banking and shopping. Data and services can be transferred between mobile devices by scammers, generating an identical clone. Cloned handsets allow scammers to make calls and make financial transactions without authentication. The “Times group” said that a “Trader's SIM card cloned, Rs 2.39 crore gone in three hours”. Find the news at: https://timesofindia.indiatimes.com/city/ahmedabad/ahmedabad-traders-sim-cloned-rs-2-39-crore-gone-in-three-hours/articleshow/92711168.cms

A prevalent sort of identity theft is account takeover (ATO), where an attacker gains access to personal information within an individual or organization's computer, email, or other accounts. Hackers utilise compromised user credentials from the dark web, phishing, or malware to take control the target's account in a conventional ATO assault. Organisations are vulnerable to automated coup attacks using hacked credentials. Takeovers can lead to these offences and financial losses: Bank account thefts (credit card, current) Money laundering Incentives or loyalty points theft Reselling subscription data

The Rise of Synthetic Personas: The McKinsey Institute reports that synthetic identity fraud is the fastest-growing financial crime in the US and abroad. Synthetic identity fraud accounts for 85% of fraud. This type of fraud involves combining personal data with fictional identifiers to create identities. They create a new identity by adding fake information to real data. Organisations are struggling to prevent synthetic identity fraud, which involves creating a fake victim. My research article on "Identity Theft" shows that this is a global and FinTech-specific technique. Below is the paper link:

https://www.emerald.com/insight/content/doi/10.1108/JFC-08-2022-0211/full/html?skipTracking=true

?Some additional links of the typical Indian cases related to mobile scams can be referred below:

https://www.thehindu.com/news/national/cbi-conducts-searches-in-call-centre-fraud-case/article66517117.ece

https://timesofindia.indiatimes.com/city/bengaluru/fake-money-laundering-case-techie-loses-rs-1-4l-to-scamsters/articleshow/104907437.cms

https://timesofindia.indiatimes.com/india/cbi-searches-at-76-spots-in-cyber-financial-fraud-probe/articleshow/104566942.cms?from=mdr ?

https://timesofindia.indiatimes.com/city/lucknow/mobile-tower-scam-cbi-raids-army-officers-residences-in-lucknow/articleshow/103335691.cms

https://indianexpress.com/article/india/cyber-frauds-cbi-searches-76-places-seizes-gadgets-8991542/

https://timesofindia.indiatimes.com/city/kolkata/800-crore-fraud-cbi-raids-in-new-town-dattabad/articleshow/105740357.cms

Happy Reading !!

Dr Shefali Saluja

The information above is well researched and written by me.