Scammers from China have cooked up a complex money laundering scheme that exploits India’s payment gateways and poses a wider threat to the neighboring country’s financial system.
In a new report, CloudSEK, an international digital risk management company, said that Chinese scammers launder money via fraud payment gateways, exploiting India’s Unified Payments Interface (UPI).
Scammers are ubiquitous in Asia. Just recently, hundreds of Chinese nationals were deported from Myanmar to China to face charges over involvement in online fraud schemes.
But they keep coming, CloudSEK says. According to its researchers, on September 8th, a group of cybercriminals set their sights on India's financial ecosystem, and started advertising a malicious app impersonating a bank headquartered in Tamil Nadu with a revenue of $23 million.
This bank became the unwitting pawn in a meticulously orchestrated attack. And there were more – CloudSEK’s research uncovered an illicit accumulation of over $44,000 between July and September.
“This money flowed into the coffers of cybercriminals who used more than 55 malicious Android apps to deceive their victims,” said CloudSEK, adding that specifically Chinese individuals have been operating over 15 obscure payment gateways.
The playbook is simple, researchers said. First, the crooks create counterfeit instant loan apps. The repayment terms are attractive enough to trick victims into sharing their personal information, including their name, address, phone number, and bank account details.
To further their scheme, the malicious app coerces users into granting access to their contacts and other sensitive data stored on their mobile devices. But once the victim provides all requested data and pays the processing fee (5% of the promised loan account), the scammers disappear.
Around 40,000 individuals have been compromised in this way over the two analyzed months. The scam is spread globally – the fraud payment gateways operate in countries such as Indonesia, Malaysia, South Africa, Mexico, Brazil, Turkey, Vietnam, the Philippines, and Colombia.
However, the scammers are most actively targeting customers of Indian banks, drawn by the large customer base and ease of opening accounts. Fraudsters also maintain a presence within India, primarily to facilitate the collection of SIM cards and bank accounts, essential components in the money-laundering process.
CloudSEK recently also revealed a global network of crooks taking advantage of naive job seekers worldwide. Scammers impersonated thousands of companies to cause a loss of possibly over $100 million.
More from Cybernews:
Subscribe to our newsletter