In its FIR, Lendbox has alleged that unscrupulous elements exploited loopholes in its system to fraudulently withdraw money using refund requests
Scamsters allegedly deposited cash in various P2P lending schemes and then withdrew the amount twice, once through the Lendbox app and second time via NPCI
As per the report, nearly 457 suspicious accounts were used to perpetrate the scam before the matter was flagged by Lendbox’s platform partners MobiKwik
P2P lending startup Lendbox has reportedly filed a first information report (FIR) with the Delhi Police after malicious actors duped it to the tune of INR 10 Cr.
As per The Times of India, the FIR alleges that unscrupulous elements exploited loopholes in Lendbox’s system to fraudulently withdraw money using refund requests. The scamsters allegedly deposited cash in various P2P lending schemes of the platform, and then withdrew the amount twice, once through the Lendbox app and second time via NPCI citing non-receipt of funds.
As per the report, nearly 457 suspicious accounts were used to perpetrate the scam before the matter was flagged by Lendbox’s platform partner MobiKwik. Police officials are reportedly conducting a sweep of the IP addresses used by suspected accounts and have gathered some leads in the matter.
The fraud took place over a period of time between December 2022 and March this year, investigators said.
“Recently, we became aware through our platform partner, Mobikwik, that several users who deposited money with us, raised a request for return of the money on the same day, i.e., the date of deposit. It is also noteworthy that all transactions for deposits were made using UPI. Since the remittances were made using UPI, such transactions are governed by the National Payments Corporation of India (NPCI),” Lendbox said in the FIR.
However, the FIR also noted that there was a ‘system error’ on the side of Lendbox which resulted in the scam.
“However, due to a system error at the complainant’s side, the requests raised could not be responded to by the complainant. Accordingly, NPCI directed the complainant’s bank to refund the money back to such persons,” the FIR stated.
The Modus Operandi
The fraudsters exploited NPCI guidelines that mandate all members of its Aadhaar-enabled payment systems to raise chargeback requests on its portal. NPCI rules also state that if no response is received within the stipulated time, then such chargeback requests are deemed to be approved.
In addition, if the request for chargeback is denied, then NPCI has the authority to direct the complainant bank to refund the money, in question, to such a user.
During an internal enquiry, Lendbox is said to have learnt that the scamsters allegedly pushed refund requests through Mobikwik and at the same time wrote to NPCI claiming that the money deposited by them had not been returned or was deducted from their account without consent.
While Lendbox, as per the FIR, promptly refunded the money upon their request, the scamsters purposely raised chargeback requests with NPCI, which then forwarded the request to the complainant’s bank.
After the scamsters realised that Lendbox did not dispute the chargeback requests, they began to undertake multiple fraudulent transactions. As a result, the accused were refunded double the amount they deposited.
Further investigation into the matter is currently underway.