The new tri-junction Jamtara: Know how cybercriminals are cheating you in the guise of armymen

You must have come across posts or calls from an army officer who has been transferred and is selling his products on OLX or Quickr at dirt-cheap prices. These malicious calls and messages are originating from a new crime hub which has mushroomed around Delhi and NCR.

The revelation was made after Cyber Crime Unit (CyPAD) of the Delhi police started a cleanup mission to uproot cyber fraud originating from Tri-Junction region of Nuh, Bharatpur, Mathura. Ten conmen have been arrested and two juveniles were held from different parts of Haryana and Rajasthan for allegedly duping people from Delhi-NCR after contacting them through e-commerce websites and resale goods portals.

The action by Delhi cops came after receiving over 300 complaints on National Cybercrime Reporting Portal. A dedicated team was formed to crack the entire fraud chain network comprising of callers impersonating both as prospective buyers and seller of second-hand goods listed on Olx and Quickr, account holders in whose bank accounts the defrauded money is transferred and SIM sellers who have issued multiple SIM cards on fake and bogus IDs. The police investigation shows criminals in Mewat were using SIM cards sourced from as far as Barpeta in Assam and Telangana.

“The complaints had various commonalities such as fraudsters impersonating army/paramilitary personnel, fake e-wallet transaction screenshots and use of malicious QR codes,” said DCP (cyber) Anyesh Roy. “The complaints also revealed that the fraudsters were using the same names. This indicated the involvement of a huge gang of cybercriminals targeting unsuspecting people across the country,” he added.

The complaints had various commonalities such as fraudsters impersonating army/paramilitary personnel, fake e-wallet transaction screenshots and use of malicious QR codes. The complaints also revealed that the fraudsters were using the same names. This indicated the involvement of a huge gang of cybercriminals targeting unsuspecting people across the country –DCP (cyber) Anyesh Roy

The phone numbers were tracked and raids were conducted in various states, leading to the arrest of 10 men — Husban, Hasib, Shehzad, Salim, Aziz, Sakir, Faizal, Yashvir, Sajid and Sabir — mostly from Nuh, Faridabad and Bharatpur. All of them are in their mid-20s.

सेल- रीसेल ऐप्स के यूजर्स के साथ ऑनलाइन फ्रॉड करने वाले साइबर ठगों पर, @DelhiPolice की साइबर यूनिट, CyPAD ने, हरियाणा-राजस्थान-उत्तर प्रदेश ट्राई-जंक्शन पर स्थित जिलों में व्यापक और सतत कार्यवाही करते हुए बारह लोगों को अरेस्ट और ऐपरिहंड किया है। @OLX_India @Paytm @Cyberdost pic.twitter.com/BxhdVxx3LM

— IFSO/CCU Delhi Police (@DCP_CCC_Delhi) September 13, 2020

Modus-Operandi

The conmen used two ways to dupe people. In one, the gang members used to pose as an army or paramilitary personnel posting advertisements on popular e-commerce and re-sale websites for sale of their goods, mostly cars or bikes. They post photographs of vehicles, mainly taken from the internet, which had either Indian Army or a paramilitary force name written on them to appear genuine.

After the deal is struck, they tell the victim that the vehicle couldn’t be released or sent to him unless a releasing charge was paid as per the army/paramilitary rules. Once the amount was paid, they coaxed the victim to pay more on the pretext of transport and handling charges, GST etc. They would then suddenly cut all contacts with him. The gang used bank or e-wallet accounts for transactions.

In the second mode, the accused pretended to be buyers. Here too, they impersonated army/paramilitary personnel and used to send a fake screenshot generated with the help of a spoofing app after agreeing to pay the advertised price for an item. When the victim complained about not receiving the money, they would ask him to scan a malicious QR code to bypass a technical glitch.

Once the victim scanned it on his mobile phone, the money, instead of getting credited, got debited from his account. After a complaint, they used to send another QR code promising twice the amount for the “erroneous” transfer, but that amount would also get deducted from the victim’s account.

This way, the gang managed to fraudulently make the victim scan malicious QR codes as many times as possible and then suddenly stopped responding to his calls.

Key Findings

1: SIM cards used in the crime are sourced from regions as far as Barpeta in Assam, and also from the state of Telangana. This is done mostly with the help of long-distance transporters (mostly truck drivers) that are from the Mewat region as well as some distant relatives of these cybercriminals who have settled in those areas.

2: The inability of the fraudsters to communicate fluently in English has restricted them in Hindi speaking states of the country. From an analysis of the complaints received on the National Cyber Crime Reporting Portal, it has been revealed that the majority of the victims of the syndicate are from Delhi, Haryana, U.P, M.P, Rajasthan, etc.

3: During technical analysis and interrogation, it was also revealed that these cybercriminals have also started duping people using new Modus Operandi. For instance, during the lockdown, they advertised on various social media regarding home delivery of alcohol. As soon as the victim would contact them, they would urge him/her to make the payment first. Once the money was received, they would stop responding to the victim.

Quick Tips: 

• Verify the credentials of buyer/seller before making or receiving payment.
• Buyer/seller showing unreasonable hurry or urgency is a likely fraudster.
• Don’t click on any link or scan a QR Code. You may lose money.
• Avoid accepting or making advance payment. It may be a trap to defraud you.
• Fraudsters use fake identify proof of national institutions to gain confidence and faith. Beware of any such attempt.

Investigating Team:

Inspector Parveen, sub-inspector Hansraj, sub-inspector Vijender, sub-inspector Ajit, sub-inspector Harjit and others were constituted for prompt action.