A red flag has been raised by Crime Branch of Haryana Police when it comes to the Aadhaar-Enabled Payment System (AEPS).
As per the police, cyber criminals are conducting financial frauds by siphoning off people’s vital data from the system and cloning the fingerprints available on documents on the government website.
Currently, 400 complaints pertaining to cyber frauds that are related to AEPS are being invested by the cyber cell under the Crime Branch.
“Online Fraud With Silicone Thumb”
Crime Branch’s Additional Director General O P Singh said investigators have found that fraudsters are withdrawing money by forging biometric thumb impressions and abusing AEPS. Hence called it an “online fraud with silicone thumb”.
Singh told that “The world of cybercrime is volatile. Modus operandi are dynamic. Criminals are quick in harnessing vulnerabilities. People need to be careful”.
The Crime Branch has advised people to deactivate the AEPS facility from their accounts if they are not using them regularly and avoid registering their fingerprints on any website. It has asked the public to immediately report any act or attempt of cybercrime to the number ‘1930’ within one hour of such an activity as it will help police stop the transfer of the defrauded fund to the cybercriminals’ accounts.
A safety audit has been asked by the investigators to be conducted and find the loopholes that lead to the leakage of personal data such as thumb impressions and expose it to abuse by cybercriminals.
When a retired government employee of Palwal lost around Rs 20,000 on November 15, one such crime came to light.
Recalling the sequence of events, Hitesh, the son of the victim, said, “My mother is a retired government employee. Every year, like every pensioner, my mother has to go to the Treasury to give proof that she is alive so that the pension continues. In that process, the Treasury authorities took her thumb impression. Within a few hours, we received an OTP regarding a cash transaction. The moment we verified it, Rs 10,000 was debited from her account.” Hitesh grew suspicious and realised that the OTP was valid for five hours, while generally, it is valid only for a couple of minutes. “I immediately raised the issue with the bank authorities. The second transaction of another Rs 10,000 took place while I was in the bank, said Hitesh, who immediately got his mother’s bank account frozen. The bank told him that the money was withdrawn using an ID that was registered in Bihar.
The Fraud Cases
In same fashion, two residents of the Jhajjar district also lost money in July. Krishna lost Rs 1.2 lakh, while Ramkishan lost Rs 1.12 lakh. In the case of Krishna, the bank returned her Rs 80,000. In Hitesh’s mother’s case, the bank told him that the money was withdrawn using an ID registered in Bihar.
A Crime Branch officer said that “Cybercriminals have been found cloning thumb impressions from sale deeds available on various websites and siphoning off money from bank accounts linked with Aadhaar number through Point of Sale (PoS) machines. So far, 468 such complaints have been received in Haryana. Criminal cases are being registered on the basis of inquiry. The investigation has led to the arrest of 18 cyber criminals and recovery of Rs 14.64 lakh. Action in other complaints is in progress”.
When it comes to the complaints received, Faridabad topped the list with as high a number as 263.
Next in the line is Ambala (36), Bhiwani (2), Fatehabad (13), Gurgaon (5), Jhajjar (73), Narnaul (14), Kaithal (1), Mewat (5), Palwal (37), Rohtak (4), Yamunanagar (11), Sonipat (3) and Panipat (1).
Out of 468 complaints, 88 have been disposed of while 18 FIRs were registered and the remaining complaints are being inquired into.