One doesn’t know how much does the story of cybercrime bewilders a reader. Unlike the gruesome criminalities of the yore, which helped weave many a stories of dacoits, pirates, serial killers and celebrity thieves, cyber delinquents are a class apart.
One can know them if only one has a real-time encounter with them. Their smooth talk, their intelligence to engage a reluctant listener and above all their skills with the internet makes case for, as novelist Vikram Seth would put it, ‘A Suitable Boy’. But alas! Beneath the genteel fascia is a hardened felonious mind which goes around clinically executing the criminal act.
The cyber reconnaissance carried out by them on the potential prey is something which the best of the valuation firms would marvel at. So here is sharing a first-hand experience with one such suave criminal mind.
In the midst of checking personal mails in the evening at your home in NCR, one is surprised to see the True Caller app flashing a number of the power distribution company back home in Patna. Given the identity provided by a dependable security app, one decides to take the call to check if all was well at the locked home more than one thousand kilometres away.
The caller speaks in the tone and tenor which the call-centre executives generally speak back home. Their way of speech is very different from what you keep hearing ‘loan-giving’ call centres. This adds to the quotient of belief in the caller being genuine.
Further points of trust are added when he mentions about a smart electricity meter which was installed and that one had ‘defaulted’ in not updating it. The way forward, he said, was to download an app, purportedly belonging to the state electricity board, place a request and pay a meagre sum Rs 13 to ‘update’. Given the small amount and also the need to download the app from Google Play store adds further to belief. But then having been fed on police literature on cybercrime, which now one realises how outdated they are, one decides to ask why should one believe the caller.
Quick comes the repartee, “Sir we would neither ask the OTP (one-time payment) number nor your mode of payment, you just have to tell us that payment has been made and you have received the SMS from electricity board and give us the payment reference number.”
It all looked good and one felt safe and took the bait. Suddenly one realises that one has inadvertently pressed (or hand been made to press) request for disconnection of the meter and here panic sets in. The caller on the other end sympathising offers to help, gets connected through a screen sharing app and before one could realise takes control of the phone.
He keeps you engaged with ‘genuine concern’ for next one hour. In the meanwhile there is call from the concerned bank’s customer care number, which I realise later that he disconnected. One starts losing patience and also faith, not in his ‘genuine concern’ to help but the ability to resolve the problem.
One says that somebody would be sent to the power board office next morning to resolve the issue but he insists to help but one disconnects hesitantly. While one disconnects one realises that messages are flashing and disappearing from the phone screen. A younger member of the family, on seeing it says that it’s a fraud attempt and the caller has the phone in his control.
Next the phone is immediately put on the flight mode. Thereafter the screen sharing app and the power company’s apps are uninstalled. Quickly bank’s customer care is called to block the debit card and the internet services. On checking mailbox one realises that bank was continuously sending mails about attempt being made to hack the account.
Author and president, Centre for Reforms, Development & Justice