Online Fraudsters Tapping Aadhar Card for Cyber Crime
Every full moon is followed by an eclipse. We can take this statement literally and we can also take this statement as a metaphor. Simply put, everything that looks good and promising also has a dark side waiting to be exploited. This is true in case of India’s Digital Drive. The nation is experiencing unprecedented digital growth ever since Narendra Modi-led government took over at Delhi. This is good, absolutely good!
The problem however is that this massive digitization drive is opening up hidden doors for cyber criminals. This time, the online fraudsters have resorted to dupe common men like you and me using the Union Government’s push to link Aadhar Card with bank account.
This new fraud is gradually picking up and the problem is with us – the common people, because we don’t know anything about bank protocols. We just consider it as a place where we dump our money, earn interest and make cash withdrawals when needed. We barely know that banks never call us for getting One-Time-Passwords and they don’t call us asking us to link our Aadhar Card to our savings bank accounts.
This ignorance is precisely what is being exploited by these new fraudsters. It has been reported that nearly 20 people every day are becoming victims of these online fraudsters or cyber criminals. What these criminals are doing is that they are calling the individuals and say that bank has decided on linking their debit cards and Aadhar Cards so that better services can be offered.
Hey wait! First thing first, ATM Cards are not linked to Aadhar Card. The savings bank account is linked to Aadhar Card. Also, banks never do that on their own. Banks are in no position to decide whether a person’s Aadhar Card should be linked to his or her savings bank account (or as the fraudsters use, ATM or Debit Cards). It is solely dependent on whether the person actually wants that to happen or not. So, most people are ignorant about the limitations of banks, which makes them easy prey.
The fraudsters are very cunning. They know (which most of us don’t even realize) that a bank which issues a debit card with 16-digit number has the first 12 digits in common on all cards. These first 12 digits are unique to every bank. Only the last four digits differ from customer to customer. The fraudsters thus exploit this ignorance and give out the first 12 digits stating that the last four digits are to be given out by the customer for verification. The innocent customers give out the remaining 4 digits and then they are duped into giving out the 3-digit CVV code as well.
Now that the fraudsters have all the information they need, the immediately initiate online transactions using Bill Desk or PayTM or similar other services. This is when the customers get One-Time Password which remains valid for only 10 minutes. The fraudsters call the customers and ask for the OTP stating that the password is required for completing the linking process! The ignorant customers give out the OTP too and voila! The fraudsters have all the information they need to complete their online purchases at the cost of others.
While this is the most straightforward route, some fraudsters take a slight detour and ask the poor victims for an alternative phone number. Once the alternative phone number is provided, the fraudsters send OTP to the primary number ask for the OTP for verification of the second number. The victims quickly give out the OTP and then… well, you know the story!
Police investigation is under process but the only thing the police have managed to find out so far is that the criminals are mostly operating from Delhi, Uttar Pradesh and Jharkhand. They have so far failed to arrest anyone for these crimes. According to Md. Riyaz, inspector of Cyber Wing of Cyberabad Police, most of these fraudsters are actually very well-aware of how tele-callers operate and he thinks that majority of these criminals are actually former call center employees who have a history of dealing with vital confidential data of customers.
Several of these victims, whose money has been stolen using this new fraud circulating in market, have actually approached police immediately after the theft but the police have been helpless in helping them primarily because most of the payment gateways like the Bill Desk are not very cooperative with the investigation, thus allowing ample time to these fraudsters to cover their tracks and escape without being traced.