The Bureau of Police Research and Development (BPRD) has issued an advisory cautioning citizens regarding various scams occurring via the messaging platform WhatsApp.
The police think tank, functioning under the Union Ministry of Home Affairs, also outlined a set of "do's and don'ts" in a published note on its website, addressing the prevalence of "data-breach acts". The advisory further mentioned that the social media intermediary, WhatsApp, has been notified about these incidents, and several government bodies and Ministry officials are actively addressing the issue.
Given that India boasts over 400 million users, making it one of WhatsApp's largest markets, the advisory aims to make citizens vigilant about such acts which "aim to menace the victim and lead them to severe situations".
Types of WhatsApp scams
Of late, India has been witnessing an uptick in cybercrime cases, with WhatsApp serving as a common channel for many such activities. As per the Indian Cyber Crime Coordination Centre (I4C), a total of Rs 10,319 crore has been lost to cyber frauds from April 1, 2021, to December 31, 2023.
The year 2023 witnessed a significant surge in cybercrime complaints, with approximately 15.5 lakh cases reported, a stark increase from the 26,049 complaints recorded in 2019. Over the past five years, a total of 31 lakh cybercrime complaints were filed, resulting in First Information Reports (FIRs) being lodged in 66,000 cases.
Some of the WhatsApp scams enlisted by the BPRD advisory include-
- Missed calls
In this scam, bad actors initiate by giving missed calls on WhatsApp, followed by messaging job offers or business opportunities to them. Hackers employ code-scripted bots to identify active users and subject them to various cyber threats.. “Mostly, such numbers start with +254, +84, +63, +1(218) and others. These are country codes and belong to [numbers of] Vietnam, Kenya, Ethiopia and Malaysian origin,” the advisory read.
In light of the scam, Decode had interviewed cyber expert Ritesh Bhatia, who talked us through its modus operandi, where this scam ultimately traps individuals in a cycle where they cannot not withdraw the money despite apparent earnings displayed.
- Video calls
These incidents primarily involved "sextortion-oriented nude video calls," which were subsequently employed to intimidate the user. In such cases, scammers leverage compromising content to extort money from the user through blackmail.
Last year, Decode also covered these sextortion scams happening from the Mewat region, approximately 100 kilometers from New Delhi. The scammers, operating in a group, targeted individuals by posing as police officers and threatening arrest for creating pornographic content. The victims were coerced into sending money, with the scammers using recorded videos and explicit content for blackmail.
- Investment plans
According to BPRD, many victims have received messages from various numbers, with the sender portraying themselves as trading experts assuring profitable trading calls and suggestions. These individuals offer unauthorised Android applications (unavailable on the Google Play Store) as a means for users to invest and significantly boost their trading profits.
Explaining the scam, the advisory read, "In the initial phase, they provide some penny profits to gain user faith and when he invests big amounts, the hackers just terminate their contact numbers and go off."
- Impersonation scam
Explaining the modus operandi, the advisory noted that, here the scammer initiates contact with the victim, assuming the identity of CEOs or senior officers within their organisations. Their primary targets are officials in top management roles such as CFOs, COOs, CTOs, and high-ranking officers in police and government bodies.
Following this, they gather personal information about the individuals they impersonate by exploring their social media profiles and publicly available data, subsequently creating similar profiles. To establish credibility, they often mention their participation in crucial business meetings or cite issues with their previous phone numbers.
This, according to BPRD, is a tactic aimed at convincing the victim of their authenticity. Subsequently, the scammers share web links, requesting sensitive information or urgently soliciting payments. They assure the victim of reimbursement for any funds provided.
In April last year, BOOM had spoken to victims of these 'CEO scams', wherein, individuals received e-mail and WhatsApp messages from someone pretending to be from the top management of their company, asking for money, data, password, and other sensitive information.
Within the ambit of this elaborate scam, also known as call forwarding scam, scammers use a trick to take control of someone's WhatsApp. They figure out the victim's phone number and gather information about them. The scammer calls the victim, convincing them to enter a specific code (MMI code) during the call. This activates call forwarding on the victim's phone, directing calls to the scammer.
While this is happening, the scammer registers the victim's number on their own phone for WhatsApp. They choose to get the OTP (verification code) via a phone call. Since the victim's line is busy, the OTP call goes to the scammer's phone, giving them full access to the victim's WhatsApp.
Once in control, scammers may pretend to be the victim, ask for money from their contacts, share links for cryptocurrency investments, or engage in other criminal activities.
- Screen share scam
This scam entails WhatsApp's recently launched screen share functionality, in which users can share their mobile screen with another person on video call. As per BPRD, numerous frauds were witnessed where scammers get victim’s screen access fraudulently and commit illicit activities.
Elaborating on the scam, the advisory said, "On successfully convincing the victim to share the screen, the scammers surreptitiously install malicious app/software to get their sensitive information like bank details, passwords and even the access to their banking services."
In light of this scam, Decode also covered how bad actors, posing as Flipkart customer care executives were exploiting WhatsApp screen share feature to gain real-time access to the personal data of the customers of the e-commerce platform.
The do's and don'ts
As part of the "do's and don'ts", the advisory recommended enabling 'two-factor authentication or 2FA' on their WhatsApp accounts. Simultaneously, it recommended refraining from responding to or answering suspicious or unfamiliar WhatsApp calls. Users were encouraged to report and block any numbers that approached them under questionable circumstances.
"As a precautionary measure, unknown communications on WhatsApp without verifying their authenticity should be avoided. Still, any appropriate solution to such problems is not yet recognised," it said.