How Fake ID-Printing Websites Are Cheating Thousands Of People, UP Police Launches Crackdown

NEW DELHI: A cyber security firm has found that hundreds of fake identification card printing websites are headquartered in Uttar Pradesh, where they are using consumers’ personal information for fraudulent purposes.

CloudSEK, a Bengaluru-based cyber research company, claims that these fake websites promise to make and cheaply deliver physical identity cards like Aadhaar, PAN, and driving licences to customers’ doors.

The investigation found that personal information is used in social engineering, identity theft, phishing attacks, and possibly even illegal financial transactions and the distribution of SIM cards.

ALSO READ: Job Scam: Middle East New Target Of Phishing Scams, Cyber Thugs Pose As UAE Ministry Officials

CloudSEK found that after the COVID-19 pandemic broke out, a significant number of these cyber threat actors have emerged in western Uttar Pradesh.

Superintendent of Cybercrime in Uttar Pradesh Triveni Singh said that his department is investigating multiple impersonation cases after receiving allegations of them.

He noted that these occurrences are being reported more frequently in larger cities, especially in the NCR.

Singh has asked citizens to report cybercrimes immediately by dialling the designated helpline number 1930 or visiting cybercrime.gov.in.

ALSO READ: Abysmal State of Critical Infra: Supply of Gas, Water & Govt Services at High Risk – CloudSEK’s Report

Hard Copy vs Digital ID

India has had a digital revolution, but a lot of people still prefer paper copies of documents to digital ones, especially when it comes to ID cards like driver’s licences and Aadhaar. Earlier, CloudSEK’s contextual artificial intelligence (AI) risk platform found that groups in Uttar Pradesh were committing fraud by printing fake ID cards.

Because of this, some corner stores offer ID printing services. “However, many people have turned to the internet to get ID printing services since many physical businesses have closed because of the pandemic.”

MODUS-OPERANDI

Threat actors are getting in on the action by making fake websites and pretending to be well-known Indian businesses that promise to send hard copies of ID cards. CloudSEK says that a large number of Indian people have been tricked.

“The domains impersonate popular Indian brands including various telecommunication providers, banks, payment wallets, courier services, etc. This includes Fino Payments Bank, DTDC, India Post, etc., to present themselves as a legitimate business,” CloudSEK report said.

It highlights the threat group employs Google Ads, social network pages, and SEO optimization techniques to distribute and popularize these domains.

Victims are duped into sharing their PII (Personally Identifiable Information) and OTPs on a KYC portal integrated with popular payment channels.

Threat actors can sell the PII or use it to orchestrate other scams. They also use the OTPs to gain access to victims’ accounts to lock them out and carry out unauthorized transactions.

CloudSEK’s routine scanning identified multiple fake domains advertising cheap printing and laminating services to scam people. Further investigation revealed multiple fraudulent websites advertising similar services with fake customer support numbers concentrated in the Western Uttar Pradesh region. A thorough examination of the campaign revealed that these websites are part of a large-scale campaign involving unauthorized access to victims’ KYC portals. Multiple complaints have been posted by the victims of these scams on various social media platforms such as Twitter and Facebook

CloudSEK says that it has found a number of popular YouTube channels and videos that link to these dangerous sites.

ALSO READ: Sharp Rise In Cyber Attack On Healthcare Sector, India Second Most Targeted Country: CloudSEK

“We came across a fake domain that XVigil discovered for one of our clients, hosting a website where you can get an “Aadhar Smart Card” for an incredibly less cost. Upon deep dive investigation- we found 69 active domains and the activity related to this scam first started way back in 2016. The large-scale scam involved the scammers gaining unauthorized access to the KYC portal of the victims. This can be leveraged to a scalable identity theft. To avoid falling prey to such scams, users must avoid sharing their PII (Personally Identifiable Information) details and identity documents with unreliable third parties,” said Aarushi Koolwal, a security researcher at CloudSEK.

PII can be used by threat actors to carry out attacks like social engineering, identity theft, phishing, and others. OTPs can be used to take money out of someone else’s bank account without their permission. The report said that threat actors could register SIM cards in the names of victims and use them for bad things.

It went on to say, “Aadhaar card and PAN card information can be used to create fake bank accounts, ask for loans, and do other bad things.

As far as safety precautions go, the top cyber security research company told people to avoid suspicious websites and not open emails or messages from senders they don’t know.

“Only enter your ID information on official government sites that end in.gov,” says the warning. If you enter it on any other websites, you should be careful.

Follow The420.in on

 Telegram | Facebook | Twitter | LinkedIn | Instagram | YouTube