Romanian frauds, Rs 49 thefts

The operation

Data grabbed by the wireless skimming device and passwords captured by the camera while customers were using the ATM are suspected to have been sent wirelessly to a computer. After the gang had stolen account data for around 30 cards, they fled Thiruvananthapuram. Once outside Kerala, they are suspected to have cloned ATM cards with the stolen data, and withdrawn cash from the accounts. Marian was arrested in Navi Mumbai on August 10 — three other gang members, all Romanians, are, however, believed to have left the country before that.

Skimming

The operation was classic “skimming” of data from cards in one location and the use of cards cloned using the data in another location. While this is probably the first time that foreigners have been linked to such data theft, card cloning is widespread in Indian cities, cyber crime officials say. Police in Bengaluru, which has seen several such offences, say it is difficult to track because almost all cases have an inter-state or international dimension, and courts often do not take a serious view of these crimes.

Manoj alias Akshay

A name that has cropped up in cloning offences in Jaipur, Chennai, Hyderabad, Mumbai and Bengaluru in the last two years in Manoj Kumar alias Rajesh Sharma alias Akshay Kumar. He has been accused of multiple card data theft crimes, allegedly using different identities at different locations.

In December 2015, Manoj Kumar, 40, and his wife Neeta Shanthilal, 35 were accused by Bengaluru cyber crime police of running a credit card cloning racket using stolen data supplied by online operatives. The racket came to light after a software engineer complained his card had been used in UB City mall for purchases worth nearly Rs 2 lakh even though the card was with him.

Using CCTV footage, police reached the couple and arrested Neeta and her father, but Kumar remains at large. They found that gangs operated by Kumar — using different identities — had carried out thefts using cloned cards in Chennai, Hyderabad, Mumbai, Jaipur and Bengaluru on several earlier occasions. According to police, he bought stolen credit card data from online suppliers based in the US, UK and other countries, and used them to clone cards. They have seized nearly Rs 2 crore parked in various bank accounts, and have traced assets worth over Rs 20 crore, including flats and high-end foreign cars, linked to Kumar.

Kumar, who had been arrested earlier by the Tamil Nadu CB-CID in connection with a major credit card cloning fraud in Chennai, is also suspected to have masterminded a cloning fraud in Jaipur in 2013-14, where several banks were cheated to the tune of Rs 1.50 crore through fake transactions.

“We think it is an organised crime but are yet to find a way to tackle it. The number of such cases is constantly growing. It is very difficult for customers to identify Electronic Data Capture (or card swiping) machines or ATMs with skimmers installed. More involvement from banks and greater vigilance from customers can help,” M D Sharath, deputy supertintendent of police at the Cyber Crime Cell of the Karnataka CID, said.

Unsolved mystery

A case that is vexing investigators is the disappearance, over a weekend in the first week of April, of Rs 76 lakh from 2,200 accounts of State Bank of Mysore in Karnataka, in sums of Rs 49 each.

“On April 3, after 4 pm, I received nearly 200 SMSes saying “Thank you for using your SBM Debit Card 504XXXXXXX for a purchase worth Rs 49 on POS 00216882 at MOBIKWIK Gurgaon IND txn#040307480663,” said customer Vinay Kumar. He tried desperately to stop the transactions, but in the end, Rs 8,918 was gone from his account. Another account holder in Bengaluru saw Rs 21,000 disappear from her account in 430 transactions of Rs 49 each as she continuously received SMSes from 3.30 pm to 7.30 pm.

The cyber crime cell in Bengaluru found the payments had been routed to the e-wallet service Mobikwik by individuals who were probably aware of flaws in the computer systems at the bank or the e-wallet service.