Suraj Kumar, S/O Rampravesh Prasad, Village Bhawani Bigha, Post: Warsaliganj, PS: Warsaliganj, District: Nawada, Bihar. This ancient looking description is of a 24 yr old from remotest village of one of remotest district of Bihar. But his deeds will surprise your imagination. He along with 4-5 similar dropouts had cheated ultra educated, aware and rich of the top 50 cities of India of an amount that can be anything north of 5Cr. Apparently his is one of hundred such group operating in same cyber fraud domain from Warsaliganj and Kashichak of Nawada and Katrisarai of Nalanda.
Value and Scale
Before We get into What, How and Where aspect of this cyber crime, Lets understand the scale and value of the crime. Please refer to following pics for list of victims and amount siphoned from them.
What were all these people paying for
They all were aspirants of buying franchise of big brands, brands whose customer base is rapidly expanding not just in metros but also in tier 2 and tier 3 cities. In this particular case, victim was aspiring to get KFC Franchise in Durg. The list of brands that these 24 yr old kids claimed to sell is mind boggling. See the pic below.
How?: Modus Operandi
There are four critical components in a cyber crime. First, lead generator or in same case data sourcing/buying. This gives them the target. Second, logistic providers, this includes fake KYC and activated sim provider and mobile set provider. Third and very critical, Fake KYC and activated account provider. And finally the group doing communication and handles operation of fraud.
Lead Generation
For generating leads, Suraj, and all other similar groups in Nawada, buy misleading domain names from domain selling companies. They use name of big brands like Dominos, KFC, Kia Motors, Wow Momo, Indian Oil, Chai Sutta Bar, Burger King etc etc, add dealer, dealership, franchise in the domain name and buy domains with all possible extensions(.net. ,org, .com,.in etc). They copy the actual company website using HT Track website copier tool. They host their website along with email with web hosting tech service providers. Refer to the pics below list of domain selling, web hosting and email hosting companies whose services Suraj alone has taken. Also the pic below gives a list of 60+ domains that Suraj has bought and used. Our research says that thousands of similar misleading, spoof, spurious website are live with tech companies looking other way knowingly or unknowingly.
Logistic providers
Once lead start flowing, that is franchise enthusiasts start vising these authentic looking but pirated and spoof website, fraudsters need phone and sim to talk to the then future victims. KYC done and activated sim sourced from other states are in ample supply in areas like Mewat, Jamtara and Nawada which account for near 95%+ cyber fraud activity of India. The churn of both mobile and sim cards are very fast. On an average within a week, they dispose a sim and within a month they destroy phone to cut all strings of the fraud activity with themselves. The most critical supply is fake KYC already activated accounts along with linked phone number/SIM. Operators will tell victims to deposit money in these accounts
Operators
Final component is the fraud operators who does the communication and operations part. In the next edition if the article, I will discuss role of all stakeholders: police, victims, tech companies, affected brands and others in tackling such cyber crime.
अंतर्देशीय 