In a phishing operation originating from Jamtara, Jharkhand—often dubbed India’s “phishing capital”—a 49‑year‑old Delhi resident, K. C. Barthwal, was duped of ₹10.8 lakh after receiving a call claiming his SBI credit card had been debited, and then being pressured to update his KYC details via a fake link.
Spoofed Calls, Fake Links and Malicious Apps
On April 5, Barthwal received a call from someone impersonating an SBI official in Mumbai, who falsely informed him that a payment of ₹588.82 had been made. Offered assistance to block the card, Barthwal was sent a link to “update KYC.” Believing it legitimate, he complied—a decision that triggered unauthorised withdrawals totalling ₹10.8 lakh over the next three days .
Delhi Police’s South-West Cyber Cell traced the fraudsters to Karmatar in Jamtara, using a combination of spoofed calls, phishing links resembling SBI’s website, and a malicious “Customer Support” APK that intercepted real-time OTPs and net-banking credentials.
Three suspects—Mujaffar Jilani (27), Aftab Ansari (27), and Mohammad Iqbal Raza (24)—were arrested after undercover surveillance. Jilani and Ansari helped set up mule accounts, while Raza deployed the malicious app and rerouted Barthwal’s calls and SMS to fake numbers to bypass detection.
Complex Laundering via Apps and Fake SIMs
To obscure their trail, the criminals laundered the stolen funds through gaming platforms and digital wallets—including A23 Gaming, Classic Rummy, Mobikwik, and Umpire First Gaming—before transferring them to mule accounts and withdrawing cash via premium-rate fake SIM cards.
Authorities seized multiple devices and SIM cards during arrests and discovered the gang’s connection to other frauds via the National Cybercrime Reporting Portal.
Algoritha: The Most Trusted Name in BFSI Investigations and DFIR Services
Wake-Up Call on KYC and Phishing Frauds
DCP Amit Goel warned that no bank would ask customers to update KYC via unsolicited links, urging the public to remain vigilant. Experts view this as yet another alarming example of the Jamtara-based phishing network’s reach, using increasingly sophisticated digital stratagems aimed at middle-aged and rural victims who may not recognise red flags quickly.
About the Author – Anirudh Mittal is a B.Sc. LL.B. (Hons.) student at National Forensic Sciences University, Gandhinagar, with a keen interest in corporate law and tech-driven legal change