14 Lakh customer’s data was compromised in this scam
Special Task Force of Uttar Pradesh has arrested the mastermind behind the scam
The gang targeted customers of ecommerce companies such as Flipkart, Paytm, and others
On Sunday (March 31st), the Special Task Force (STF) of Uttar Pradesh police arrested the gang leader Nandan Rao Patel who was responsible for the illegal leak of 14 Lakh online shoppers’ data. The leak has allegedly contributed to an online fraud of INR 200 Cr.
The gang was targeting customers of major ecommerce platforms such as Flipkart, Amazon, Myntra, Paytm, Snapdeal, Shopclues, and HomeShop18 among others. Scammers used to make fake calls, posing as the representatives of ecommerce companies and convinced customers to transfer money. The number of people involved in the gang could not be assessed.
“The gang used to lure people by offering them fake lucky draws and expensive gifts against the online shopping they would have recently made. They further ask them to deposit a certain amount as registration fees in order to claim their gift,” STF Deputy Superintendent of Police Rajkumar Mishra told Financial Express.
Patel was the director of digital promotion and bulk SMS firm, Anic World Company. He used to orchestrate the hack of customer data through its sources at the cost of INR 2-3 per customer. This hacked data was then sold to fake call centres who duped online customers for INR 5-6 per customer, he added.
The scam was carried out in multiple Indian states including Delhi-NCR, Bihar, Maharashtra, Rajasthan, Punjab and others.
With the rise in digital transactions and their increased reach in the country, cyber frauds at banks have also hiked. According to a report by the Reserve Bank of India (RBI), 2,059 cyber fraud cases were reported in 2017-18 with a total worth of INR 109.6 Cr. The number of cyber fraud cases in 2016-17 was 1,372 costing a total of INR 42.3 Cr.
The share of cyber frauds is bigger than all other types of bank fraud. A total of 5,917 bank frauds were reported last year and about 33% of these cases were cyber frauds.
This is not the first incident of cyber frauds in ecommerce companies. Earlier in November 2017, Flipkart was duped of INR 17 Lakhs. Before this, the homegrown ecommerce company was also cheated in 2016 for INR 1.05 Cr. The company’s biggest rival, Amazon also got conned twice in 2017 amounting to a total loss of INR 119.91 Lakhs.
Customers have also took advantage of ecommerce companies by exploiting the companies easy return policies. After the order delivery, customers would replace the product with stones and soil, and they demanded a refund from the company. If denied, the customer threatened to file a court case and defame the company on social media. This lead to Flipkart being cheated for INR 1.56 Cr. by a group of customers between January 1, 2016, and November 3, 2017.
To fight such rampant cases, RBI had proposed to set up a compliance and tracking system portal in December 2018. The proposed online portal would address cyber fraud complaints from all regulated entities including Prepaid Payment Instruments (PPIs) and mobile banking interfaces in addition to the registered banks and NBFCs, as per the directions of Internal Ombudsman Scheme of 2018.
Ecommerce companies have also setup multiple checks and balances to mitigate these cases of online fraud. An artificial intelligence startup, ThirdWatch has also developed a solution for ecommerce companies to catch possible fraudulent transactions. The company’s AI systems generate a flag for every transaction and give it a risk score which can then be evaluated by the ecommerce company.