NEW DELHI: In India, there has been a sharp rise in KYC-related frauds. In maximum cases, cybercriminals cheat customers by making them download remote access applications from Googe Play Store.
Even telecom operators such as Airtel, Vodafone, Jio and even the Cellular Operators Association of India (COAI) have warned mobile users to be cautious of KYC messages and advising users not to download remote access apps such as TeamViewer QuickSupport, AnyDesk, and others.
But it seems Google Play Store has learned a little. In fact, it is becoming the breeding ground for such frauds. The cybercrime unit of Delhi Police through a video on Twitter demonstrated how Google Play Store search results may be assisting scammers in carrying out KYC frauds across India.
DCP Cybercrime demonstrated in a tweet that searching for KYC on the Google Play store yields TeamViewer Quick Support as the first result. This is the same app that is being used in India to commit KYC fraud.
“Dear @GooglePlay & @GoogleIndia. Online frauds in the name of KYC verification are rampant. Fraudsters use Remote Access Apps to steal Card details, Netbanking details & OTP. Search using keyword ‘KYC’ on Google Play Store shows Team Viewer Quick Support as the 1st option. Such suggestions and prompts from Play Store aide the fraudsters in tricking gullible users. It may be one of the reasons why people are being conned into installing such App in the name of KYC updation. Kindly resolve this issue in public interest,” said DCP cybercrime in tweets.
Scammers have different methods to scare and cheat people. They send SMS or call mobile users threatening with service termination unless they submit documents for eKYC verification by calling a specific number within 24 hours of receiving a KYC message.
The fraudster, posing as a member of the customer service team, calls or sends an SMS about an incomplete KYC form. He/she asks the customer to download the Quick Support app from the Google Play store so that he can assist them. Because there is no such app, when the user tries to install it, he or she is redirected to TeamViewer Quick Support App. The TeamViewer Quick Support app enables the fraudster to remotely control the device and the accounts associated with it.
Following that, whatever the user sees on his or her mobile screen is visible to the fraudster, who then secretly screenshots the online banking passwords.
Given the widespread abuse of the TeamViewer app, the developers recently added a face and fingerprint lock for smartphones to prevent unauthorised access. While TeamViewer is a well-known platform for IT professionals, it is also regarded as one of India’s most dangerous apps. The TeamViewer Remote Control app can now be secured with biometric authentication, preventing unauthorised access even when the mobile device is left unlocked.