How Chinese loan apps are scamming, laundering crores by exploiting UPI, fake payment gateways

Chinese scammers have found a new way to exploit Indians, and people in other developing countries. What’s worrying though, in India’s case, these Chinese scammers are exploiting India’s digital payments ecosystem, mainly UPI, to not only scam Indian citizens, but also to get them to launder their loot to China.

But how exactly are these Chinese scammers exploiting people? By posing as instant loan apps, real-money gaming apps, and fraudulent investment apps.

By now we have heard of stories and seen countless news articles on how certain loan apps have duped people into taking a loan from then and then wrecked their lives.

Instead of going through the trouble of actually paying loan seekers and then unleashing their collection agents after them, Chinese scammers have now found a new way.

Trapping people using loan offers, games
An investigative report from CloudSEK has revealed that scammers are now using illegal instant loan apps to lure thousands of victims with false promises of substantial loans and easy repayments. To process the loans, these apps just ask for a few basic details, and about 5-10 per cent of the loan amount as a processing fee. And because these loan apps promise instant loans od up to 5-10 lakhs, the processing fee can be a substantial amount.

In some cases, these scammers pose as a real-money gaming app, which first lures in victims using a small reward, and then gets them to invest real money into the game.

Once they collect the processing fee, they then vanish. These scammers are evading actions by law enforcement agencies by using Chinese payment gateways. In certain cases, it was found that the money was sent to an Indian bank account, which was then routed through several mule accounts before it was finally laundered out of India to China.

Rs 37 Lakhs laundered in two months using just one app
During their investigation, CloudSEK also found that there are at least 55 such harmful Android apps have been distributed through various channels. Furthermore, several scammers get their victims to sideload apps that are not found on the Google PlayStore. CloudSEK was able to identify about 15 Chinese gateways that these apps directed to.

Furthermore, the investigation also revealed that between July 22, 2023 – September 18, 2023, a total of Rs 37 Lakhs was looted and laundered to China, from just one one these apps. CloudSEK also emphasises that this figure was from just one app, and this was an amount they could verify. CloudSEK believes the actual amount laundered must be substantially high.

“A notable trend we’ve observed is scammers exploiting Chinese payment gateways due to their relative ease of use and limited regulatory scrutiny. These gateways offer a convenient bridge to funnel funds outside India, leveraging sophisticated techniques that blur jurisdictional lines, making it challenging to track and intercept the money trail. This enables scammers to sidestep the legal and financial roadblocks, making it imperative for authorities to enhance cooperation and adopt advanced measures to counter this sophisticated threat.” said Sparsh Kulshrestha, Senior Security Analyst at CloudSEK

The curious case of Indian money mules
CloudSEK’s investigation also exposed some of the loopholes that we have in our banking systems. Scammers based in China, open up several fraudulent payment gateways, which are primarily hosted in China. These gateways exploit UPI’s QR code, by generating fake QR codes that redirect victims to legitimate UPI apps like PhonePe and GPay, linked to bank accounts of money mules.

The scammers recruit individuals via Telegram, offering them a commission to provide their bank accounts as a place to direct the money to, and to park it there. Instead of getting people to open up new accounts, these scammers look for people who already have bank accounts in small, cooperative banks as these banks, don’t usually have the infrastructure to flag suspicious activities.

These recruits are then instructed to change the associated mobile numbers with banks, granting the scammers full remote control over the accounts. These compromised bank accounts are then used to receive payments from victims through the fraudulent payment gateways, which is then distributed through a bunch of similar accounts and finally laundered to China through hawala systems.



from Firstpost India Latest News https://ift.tt/YepNPtg
Mehul Reuben Das

Comments

Popular posts from this blog

Both COVID-19 vaccine doses needed for good protection against B16172 variant

New coronavirus variant emerge in India: How should our COVID response change?

120 flights delayed, 30 trains running late; Delhi fog & cold wave continue to give shiver to travellers