Monday, February 6, 2023
  • Advertise With Us
  • Write For Us
  • Contact Us
  • About Us
  • Editorial Calendar
Download Latest Issue - Free!
The Cyber Express
Ransomware Report
  • Magazine
  • Firewall Daily
    • All
    • Dark Web News
    • Data Breach News
    • Hacks
    • Ransomware
    • Vulnerabilities
    Voice Networks

    Voice Networks are Under Attack – is Anybody Listening?

    Anonymous Sudan Declares War on American Corporate Giants with Devastating DDoS Onslaughts

    Dominic Alvieri

    After Hive, Will More Ransomware Groups be Taken Down in 2023?

    McEwan Fraser Legal

    ALPHV Ransomware Hits UK Realty Firm McEwan Fraser Legal, 300GB Data On The Line

    Kewal Kiran

    Indian Apparel Manufacturer Kewal Kiran Clothing’s Data Out For Sale

    BATLoader

    Stealthy BATLoader Lurks Under PowerShell Script to Evade Detection and Launch Malware

    Guardian Analytics Data Leak

    Guardian Analytics Data Leak: Ransomware Groups Daixin Team and Lockbit List Firm as Victim

    VectorStealer

    VectorStealer, Unlocking Doors to RDP Hijacking

    Qakbot Malware

    Spammers Deploy Information Stealing Qakbot Malware in OneNote Attachment

  • Essentials
    • All
    • Compliance
    • Governance
    • Policy Updates
    • Regulations
    TRAI

    TRAI Asked to Involve MoD in Drafting Big Data Regulations & Policies

    cybersecurity

    Cybersecurity incidents may soon be ‘uninsurable’

    Australia

    Australia Ropes in Tech Veterans to Set Up Cyber Action Plan

    Active Directory

    Prevent Ransomware: Save the Active Directory

    Privacy Penalty Bill

    Privacy Penalty Bill: Australian Parliament Approves Heavy Fines

    Zero Trust Strategy

    US Department of Defense to Embrace Zero Trust Strategy

    browser hijackers

    Researchers Find Browser Hijackers on Google Chrome Web Store

    DORA proposal

    DORA Proposal for Cybersecurity Awaits Full Approval by Council and ESAs

    Privacy penalty bill

    Australia Privacy Penalty Bill 2022: Pay a $50 Million Fine for Data Breaches

    • Regulations
    • Compliance
    • Governance
    • Policy Updates
  • Features
    • Cyber Warfare
    • Espionage
    • Workforce
      • Learning & Development
  • Business News
    • Startups
    • Mergers & Aquisitions
    • Partnerships
    • Appointments
    • Budgets
    • Research
      • Whitepapers
      • Sponsored Content
      • Market Reports
    • Interviews
      • Podcast
  • Events
    • Webinars
    • World CyberCon Middle East 2023
    • Endorsed Events
  • Advertise
No Result
View All Result
The Cyber Express
  • Magazine
  • Firewall Daily
    • All
    • Dark Web News
    • Data Breach News
    • Hacks
    • Ransomware
    • Vulnerabilities
    Voice Networks

    Voice Networks are Under Attack – is Anybody Listening?

    Anonymous Sudan Declares War on American Corporate Giants with Devastating DDoS Onslaughts

    Dominic Alvieri

    After Hive, Will More Ransomware Groups be Taken Down in 2023?

    McEwan Fraser Legal

    ALPHV Ransomware Hits UK Realty Firm McEwan Fraser Legal, 300GB Data On The Line

    Kewal Kiran

    Indian Apparel Manufacturer Kewal Kiran Clothing’s Data Out For Sale

    BATLoader

    Stealthy BATLoader Lurks Under PowerShell Script to Evade Detection and Launch Malware

    Guardian Analytics Data Leak

    Guardian Analytics Data Leak: Ransomware Groups Daixin Team and Lockbit List Firm as Victim

    VectorStealer

    VectorStealer, Unlocking Doors to RDP Hijacking

    Qakbot Malware

    Spammers Deploy Information Stealing Qakbot Malware in OneNote Attachment

  • Essentials
    • All
    • Compliance
    • Governance
    • Policy Updates
    • Regulations
    TRAI

    TRAI Asked to Involve MoD in Drafting Big Data Regulations & Policies

    cybersecurity

    Cybersecurity incidents may soon be ‘uninsurable’

    Australia

    Australia Ropes in Tech Veterans to Set Up Cyber Action Plan

    Active Directory

    Prevent Ransomware: Save the Active Directory

    Privacy Penalty Bill

    Privacy Penalty Bill: Australian Parliament Approves Heavy Fines

    Zero Trust Strategy

    US Department of Defense to Embrace Zero Trust Strategy

    browser hijackers

    Researchers Find Browser Hijackers on Google Chrome Web Store

    DORA proposal

    DORA Proposal for Cybersecurity Awaits Full Approval by Council and ESAs

    Privacy penalty bill

    Australia Privacy Penalty Bill 2022: Pay a $50 Million Fine for Data Breaches

    • Regulations
    • Compliance
    • Governance
    • Policy Updates
  • Features
    • Cyber Warfare
    • Espionage
    • Workforce
      • Learning & Development
  • Business News
    • Startups
    • Mergers & Aquisitions
    • Partnerships
    • Appointments
    • Budgets
    • Research
      • Whitepapers
      • Sponsored Content
      • Market Reports
    • Interviews
      • Podcast
  • Events
    • Webinars
    • World CyberCon Middle East 2023
    • Endorsed Events
  • Advertise
No Result
View All Result
The Cyber Express
No Result
View All Result
Home Firewall Daily

Indian Rural Folks Lose Life Savings Via Fake Govt. Banking Websites

Scammers posing as village-level entrepreneurs create spoofed websites of Indian government’s banking inclusion project CSC Bank Mitra 

Vishwa Pandagle by Vishwa Pandagle
December 20, 2022
in Firewall Daily
0
CSC Bank Mitra
100
SHARES
1.3k
VIEWS
Share on LinkedInShare on Twitter

Ashutosh Yadav, 20, had the fright of his life when he realized that he had lost ₹152,000 ($1,840) to scamsters – the money he thought was safely deposited in a bank under the Indian government’s grand banking inclusion plan CSC Bank Mitra. Scamsters siphoned off the money with the spoof website of an Indian government project. 

The youth from rural central India, who runs a computer training center in his hometown, saw nothing suspicious when he logged in to the official portal of the Common Service Centers (CSC). The website appeared legit enough to fool even a computer literate like Yadav.  

You might also like

Hollywood and its Quest with Nailing Hacking Depictions

Internet Censorship and Freedom of Speech

Voice Networks are Under Attack – is Anybody Listening?

The amount, minuscule compared to the scams that hog cybersecurity news, is a year’s savings for a family that earns hardly $500 a month. “I took the money from my father’s savings and lost it,” Yadav told The Cyber Express. 

Police records in the business-rich Indian state of Maharashtra alone show that Yadav is one among the thousands duped by scamsters who tapped the opportunity 

Rural banking and scamsters 

CSC Bank Mitra, the ambitious banking inclusion plan floated by the Indian government under the Common Service Centers (CSC) Scheme, has established over 8,500 customer service points or kiosks to facilitate rural Indian entrepreneurs in extending basic banking services to unbanked consumers across semi-urban and rural India. 

Village Level Entrepreneurs (VLEs) are registered under the CSC scheme to deliver various government and non-government schemes from the CSC outlets. To be part of the scheme, a VLE must undergo a registration process on the portal register.csc.gov.in and submit documents to ascertain their eligibility. 

Yadav described that he got tricked into sending money because he saw a completely identical website to the original one. He sent the money to fraudsters this year between June and July. 

In August 2022, open-source researchers at cybersecurity company Cyble were informed by an outreach contact about this ongoing financial fraud operation.  

“In this particular scam, the entrepreneurs intending to acquire a Customer Service Point (CSP) were directed by the fraudsters to visit and register on a fake website “ecscgov.co.in”, posing as an official portal for the Common Service Centers (CSC) Scheme by MEITY, India,” read the Cyble Research Intelligence Labs (CRIL) blog post on their enquiry of the situation. 

According to the researchers, unsuspecting consumers have no way of identifying genuine CSP business correspondents, and this ambiguity is exploited by several unverified VLEs operating their websites and portals that pretend to offer CSP Kiosk setup services. They have been duping consumers since the inception of the government-backed Digital India scheme to benefit rural parts of India, found the researchers 

“The Common Service Centers (CSC) might be aware of ongoing fraud operations. It is concurrent with the fact that there were several consumer complaints against similar fraud schemes followed by a ticker notification published on the official website csc.gov.in addressing Village Level Entrepreneurs (VLEs) to verify their credentials,” read the blog post 

CSC Bank Mitra, a low-hanging fruit 

Banking Mitra is one of classic examples of public-facing schemes that aimed for popularity at the cost of scrutiny and security, making it a low-hanging fruit for scamsters in all garbs, from data brokers to money swindlers. 

The Cyber Express in October found that archived customer data of Indian private and public sector banks, from SBI to HDFC and ICICI, have been made available on the dark web, suspected to be leaked from one of the Bank Mitra scheme websites.  

In August 2022, researchers uncovered a scheme has been apparently duping and scamming rural consumers in India in the name of Bank Mitra. Similar to the present case, trusting customers were at the risk of being duped by fraud CSP business correspondents. 

Tip of the iceberg 

Nivrrutti Bavaskar, a Police Sub-inspector at the North Cyber Police Station in Mumbai, told The Cyber Express that he has become adept at spotting the mode of operation of such scamsters because of the number of such cases that he sees frequently. The loose chink, in most of the cases, is the spoofed website itself, he pointed out. 

“Scammers often create a duplicate page and not an entire website. A legit website will have multiple pages linked to it that will have related content. However, a spoofed page or website may have a single-page, with a form-like structure that is shown to victims in order to fill in their credentials.”  

Anyone facing such a site must scroll through the page or website to its social media pages, he recommended. More often, scammers may not have their official social media handles linked. Also, it can help to check if the website starts with the URL – https. The ‘s’, which stands for secured, will be missing in most of the fraudulent websites, he added.   

 Details related to the fraudulent transactions 

  1. Spoofed website address: http://www.ecscgov.co.in/ 
  2. Mobile numbers of the imposters: +91-7699197820, +919163270984, +918292684046, +918902247758 
  3. The scammers’ mobile numbers had their number registered as a WhatsApp Business. 
  4. Email addresses: [email protected] and [email protected]
  5. Bank payment document:

 

6. Forged documents:

(Source: Cyble)
(Source: Cyble)

Transactions with the imposters’ name: 

CSC Bank Mitra
(Source: Cyble)

Forged document with victim’s details: 

Details of the imposters 

(Source: Cyble)

Researchers found details of the alleged scammers that were found to be associated with the spoofed website. The information could not be validated. The name of the person found was Sudhir Verma with the email address [email protected]. His address mentioned was 56, Nehru Nagar, Delhi – 110006, India. 

Details of the DNS search done by CRIL is shown below: 

(Source: Cyble)

Conclusion

Though the internet has managed to reach almost every corner in India, the cybersecurity status of the country, especially in the rural areas, remains unclear. As our investigation proved, even the educated are often vulnerable and easy targets for scammers, putting utmost importance on raising cybersecurity awareness and highlighting the need to be digitally secure. Inclusion at the cost of security is a vulnerability that urgently needs to be patched.

Share this:

  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Reddit (Opens in new window)
  • Click to share on Twitter (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • More
  • Click to email a link to a friend (Opens in new window)
  • Click to share on WhatsApp (Opens in new window)

Related

Tags: CSC fraudcyber express newsentrepreneurial cyber security news December 2022spoofed website fraudThe Cyber ExpressVLE India fraud
Previous Post

RansomExx Kept Its Word, Hit Norway’s REC Silicon

Next Post

‘Incident Not Caused by Vulnerability’: Atlassian Refutes Cybersecurity Company’s Cyber Attack Claim

Vishwa Pandagle

Vishwa Pandagle

Vishwa Pandagle is a Technical Writer at The Cyber Express. She writes cybersecurity news related to data breaches, ransomware, phishing, and best practices among others. She also writes about cybersecurity developments and likes interacting with experts in this field. When not working, she likes self-reflecting, meditating, volunteering, and going for long walks.

Related Posts

Hacking depiction in hollywood
Features

Hollywood and its Quest with Nailing Hacking Depictions

by Editorial
February 5, 2023
Internet Censorship and Freedom of Speech
Features

Internet Censorship and Freedom of Speech

by Editorial
February 5, 2023
Voice Networks
Features

Voice Networks are Under Attack – is Anybody Listening?

by Editorial
February 4, 2023
Firewall Daily

Anonymous Sudan Declares War on American Corporate Giants with Devastating DDoS Onslaughts

by Ashish Khaitan
February 4, 2023
Dominic Alvieri
Firewall Daily

After Hive, Will More Ransomware Groups be Taken Down in 2023?

by Vishwa Pandagle
February 4, 2023
Next Post
Atlassian

'Incident Not Caused by Vulnerability': Atlassian Refutes Cybersecurity Company’s Cyber Attack Claim

Latest Issue is Out. Subscribe Now

Ai in Cybersecurity - Cybersecurity Magazine by The Cyber Express

Download Now



Follow Us On Google News

Never miss an update. Subscribe!

* indicates required

Recommended

Anonymous Sudan Declares War on American Corporate Giants with Devastating DDoS Onslaughts

February 4, 2023
GoTo Confirms User Data Stolen With Encryption Key

GoTo Confirms User Data Stolen With Encryption Key

January 27, 2023

Categories

Don't miss it

Voice Networks
Features

Voice Networks are Under Attack – is Anybody Listening?

February 4, 2023
Firewall Daily

Anonymous Sudan Declares War on American Corporate Giants with Devastating DDoS Onslaughts

February 4, 2023
LockBit. Ion Group
Cybersecurity News

LockBit Claims Ransom From ION Group, Firm Declines To Comment

February 4, 2023
Dominic Alvieri
Firewall Daily

After Hive, Will More Ransomware Groups be Taken Down in 2023?

February 4, 2023
McEwan Fraser Legal
Data Breach News

ALPHV Ransomware Hits UK Realty Firm McEwan Fraser Legal, 300GB Data On The Line

February 3, 2023
Kewal Kiran
Firewall Daily

Indian Apparel Manufacturer Kewal Kiran Clothing’s Data Out For Sale

February 3, 2023

About

The Cyber Express

Cybersecurity News and Magazine

The Cyber Express is a handbook for all stakeholders of the internet that provides information security professionals with the latest news, updates and knowledge they need to combat cyber threats.

Follow The Cyber Express

Contact

For editorial queries: [email protected]

For marketing, PR & media partnerships: [email protected]

For media kit and digitals sales: [email protected]

For Sponsorship/Event Partnership: [email protected]

For Conferences related information: [email protected]

Our Address

We’re remote friendly, with office locations around the world:

San Francisco, Atlanta, Rome,
Dubai, Mumbai, Bangalore, Hyderabad,  Singapore, Jakarta, Sydney, and Melbourne

 

Headquarters:

The Cyber Express LLC
555 North Point Center E
Alpharetta, GA 30022, USA.

Tel: (678) 578-8838

Subscribe to Our Feed

RSS Feeds

Follow Us On Google News

© 2022 The Cyber Express (Cybersecurity News and Magazine) | By Cyble Inc.

No Result
View All Result
  • Firewall Daily
  • Business News
  • Cyber Essentials
  • Features
  • Cybersecurity Magazine
  • Events
    • World CyberCon Middle East 2023
    • Webinars

© 2022 The Cyber Express (Cybersecurity News and Magazine) | By Cyble Inc.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.