Delhi police have stumbled upon a new modus operandi of e-banking fraudsters in which they first hack the internet banking account of the target and then get mobile number blocked to prevent the bank customer from receiving SMS alerts about illegal transactions made by them.
In a recent case, two Nigerians were arrested by the staff of South Delhi police for allegedly swindling Rs 70 lakh from the bank account of an NRI based in Japan.
Police seized three laptops from them containing banking data of around 1.5 core people. During interrogation, the duo told police about the new modus operandi in which hackers first hack data of bank customers from its website which contains the internet banking Id, passwords, other basic details and the mobile number on which SMS alerts are sent in case of a transaction from the account.
"Armed with this information, fraudsters reach retail outlet of the mobile service provider and get the number blocked on the pretext that the SIM along with the mobile handset has been stolen or was lost.
"As they already know the name and address of the owner of the mobile number through hacking, they even get a duplicate SIM issued of the same number," said a senior police official.
As per police, there have been a number of such cases in the recent past in which transactions worth lakhs were made after getting the number blocked.
On August 13, Basanta Kumar, Country Head of Bangladesh of Global Alliance for Improved Nutrition (GAIN) had filed an FIR with the Economic Offences Wing of the Delhi police saying that some fraudsters swindled Rs 19,31,000 from his bank account through internet banking after getting his phone number blocked.
Criminals have gone a step further after banks started sending SMS alerts to their customers about every transaction and the need of the hour is to devise new methods to counter it, the official said.
"Firstly, people should regularly change their internet banking passwords. We have observed that most of such dubious transactions are made at night and more than one at a time. Banks should change their policy and take note of transactions which take place at odd hours and are dubious in nature," he said.
"Banks should ask for alternate mobile number on which a customer can be informed if they detect some suspicious activity from an account such as multiple transactions involving big money or in which money is transferred to foreign accounts," he said.
Abney and Associates, Hackers Modus Operandi for e-banking