Recently, Delhi Police busted a multi-crore Chinese loan application fraud and extortion racket, and arrested four people, including the mastermind behind the scam.
The 149 staff employed who helped run the racket have been served notices. The seized items include, among others, 153 hard disks, three laptops, 141 keypad mobile phones, 10 android phones, and four digital video recorders (DVRs).
There were four Indian people involved in the scam, who were in touch with Chinese nationals, who actually ran the loan application app. One individual named Anil Kumar was the mastermind behind the scam, while three others, Alok Sharma (24), Avnish (22), and Kannan (35) were his accomplices.
In April, the Reserve Bank of India’s (RBI’s) working group found 600 illegal lending apps, which included 27, which were banned.
With rising instances of digital fraud, the central bank is taking a relook at the ‘know your customer’ (KYC) norms to identify inadequacies and fill the gaps.
In 2020, about 60.2 per cent of the cybercrime cases registered were related to fraud—30,142 out of 50,035 cases, according to the latest data from National Crime Records Bureau (NCRB).
While cyber fraudsters target everyone, the elderly and the young are more vulnerable. The aged are not so Internet-savvy and neither familiar with digital safety norms. As such, they easily fall prey to these types of fraud.
According to the Microsoft 2021 Global Tech Support Scam research report, millennials (aged between 24 and 37) in India are among the groups that are most susceptible to online scams, with 58 per cent of those who were part of a scam incurring monetary loss.
An FIS study published in 2019 also says that millennials are most affected by online payment frauds in India, because they are the largest audience in terms of online transactions. According to the report, they are more likely to navigate to spurious websites or click on pop-ups.
The RBI, too, has in its report by a working group on digital lending, said that online platforms and mobile apps “create unique and newer risks for consumers, as the focus is more on convenience or ease of access rather than protection. The millennial generation perhaps finds it easier to ‘set up’ an account with a digital lending app (DLA) from an unregulated fintech provider or shadow lender rather than to use a tool or channel provided by traditional banks or non-banking financial companies (NBFCs).”
According to experts, there has been a distinct rise in complaints about loans app scams in India, especially in the last two years.
“Through these apps, fraudsters target the low income groups or the not-so savvy financial people, wherein smaller amount of money is lent. The modus operandi usually involves deduction of processing fees from the loan, combined with penalties, and at significantly higher rates of interest in cases of delay in payments. It can be pretty substantial in comparison to an RBI approved institution. Besides, it is alleged that these apps also get access to the contacts and other information from the borrower’s mobile phone, which can be used to harass them,” says KV Karthik, partner, forensics, financial advisory, Deloitte India, a consulting firm.
In fact, there are many unregistered digital lending apps, which provide these instant loans.
Says Karthik: “Some of the due diligence that a borrower can do is check if the lender is approved by RBI and/or is associated with a financial institution, details of their website, existence of physical office locations, Company Identification Number (CIN) and details of the Certificate of Registration (CoR) besides checking the terms and conditions of lending.”
“As the adage goes, if it’s too good to be true, it probably isn’t. The borrowers should be extremely cautious of apps willing to give loans without credit history check. Unfortunately, if somebody falls prey to these scams, the only option left for them is to approach the police.”
While there are several ways in which fraudsters can dupe you, there are always legal steps you can take to as a recourse. That said, the best way to protect yourself from getting duped is to remain aware and exercise caution.
On a preventive basis, you should not share your personal details with anyone on social media or otherwise, and use simple techniques, such as refraining yourself from clicking unknown weblinks, ensuring use of strong passwords, and changing passwords regularly. Senior citizens should also be made aware that cybercrimes are punishable under the IT Act of India, and timely reporting is crucial.
According to experts, the option available to the borrowers is to really lodge an FIR against such operators. "In most cases, the operators are not registered with the RBI as lenders and are therefore illegal. Moreover, the interest rates being charged are exorbitant and are therefore not recoverable in the usual course of things. However, in order to recover the monies recovered by the operators, the consumers will have to pursue a long and arduous journey through the normal civil courts, or consumer courts. Through criminal proceedings, the operators may be brought to book, but the consumer may not necessarily be able to recover the proceeds," says Abhishek Tripathi, managing partner, Sarthak Advocates & Solicitors.
"RBI has also advised the borrowers to check if the platform which has lent is registered with the RBI, and if not the same should be brought to the notice of the RBI," adds Tripathi.
“When such online frauds happen, the first and foremost point is to question the individuals who are getting duped. They should be reasonable and practical about such transactions, and know what they are getting into. They need to be very cautious and alert. They cannot just give away their bank details and OTP to any random unknown person. Second, the moment it happens, they should report it to the cybercrime cell, and file an FIR. If need be, they need to report a specific FIR against people involved in a fraud,” says Abhishek Rastogi, partner, Khaitan and Co, a corporate law firm.
Here’s a list of dos and don’ts that borrowers should follow to prevent from getting duped.
1) Do not click on unknown, unverified links and immediately delete such SMS/email sent by unknown sender to avoid accessing them by mistake in future.
2) Unsubscribe to mails providing links to a bank, e-commerce and/or search engine website and block the sender’s e-mail ID, before deleting such emails.
3) Always go to the official website of your bank or service provider. Carefully verify the website details, especially where it requires entering financial credentials. Check for the secure sign (https with a padlock symbol) on the website before entering secure credentials.
4) Check URLs and domain names received in emails for spelling errors. In case of suspicion, inform the financial institution.
5) Bank officials, financial institutions, RBI and/or any genuine entity will never ask customers to share confidential information such as username, password, card details, CVV, OTP
6) Never share these confidential details with anyone, even your own family members and friends.
7) Always be careful when you are buying or selling products using online sales platforms.
8) Always remember that there is no need to enter PIN or password anywhere to receive money.
9) If UPI or any other app requires you to enter PIN to complete a transaction, it means you will be sending money instead of receiving it.
10) Never download an application from any unverified or unknown sources, or on being asked or guided by an unknown person
11) As a prudent practice, check on the publishers or owners of the app before downloading, and also check its user ratings
12) While downloading an application, check the permission/s and the access to your data it seeks, such as contacts, photographs, etc. Only give those permissions which are absolutely required to use the desired application.
13) Always check that there is no extra device attached, near the card insertion slot or keypad of the ATM machine, before making a transaction.
14) Cover the keypad with your other hand while entering the PIN.
15) NEVER write the PIN on your ATM card.
