Most people have been victims of online fraud at some point in their lives. Another type of spam that’s doing the rounds lately is the FedEx scam calls, which have been targeting people. To understand what, how, and when this scam takes place, The Pioneer’s Tejal Sinha connects with the experts who take us through and explain the same in detail.
Spam, online scams and fraud, identity theft, and problems with online purchases are all serious issues that everyone has gone through in the internet world. Navigating the internet while avoiding these hazards might be difficult.
The Internet is frequently touted as a marvellous tool, an engaging environment, and a liberated experience, but for whom? Many of us face the risk of being victims of the rising pool of crooks who expertly browse the Internet. Cyberspace, often known as the World Wide Web, is an intangible and dynamic world.
On a regular basis, we come across several cyber frauds and scams, and now one of those that happened late is all over the news — the FedEx parcel scam. So what is this scam? FedEx staff and law enforcement officers are impersonated by the ‘FedEx courier’ fraudsters. The crooks behind the phoney call operation prey on people’s concerns and anxieties. They use Interactive Voice Response (IVR) devices to successfully replicate automated FedEx, phoney customs, and Mumbai police calls.
The callers speak of a stopped cargo being thoroughly scrutinised at Mumbai airport customs, which resulted in the finding of cocaine hidden among the merchandise. They compel their victims into paying a large ‘fine’ ranging from Rs 1 lakh to Rs 10 lakh in order to avoid legal trouble.
To understand the scam and how the fraudster operates and commits cybercrime, The Pioneer connected with Moutan Sarkar, Service Delivery Manager, Cyber Security Practice at TCS, who also trains the Law Enforcement Agency officers, Army, Navy, and Intelligence officers. According to her, these calls are made to individuals at busy times of the day. She said, “The calls are made in haste and exactly when you may not have much time to think, and the emotional side of the person can be taken advantage of. We, as humans, are vulnerable; I don’t believe in categorising only women or elderly citizens, etc. We are all full of emotions, and we all, as humans, are available. This makes social engineering easy.
We might have antivirus installed on our mobile phones and laptops or a firewall in our network. But at the same time, we also have to harden our emotions (brain and heart). So the fraudsters are not choosy; they just make calls. I have seen educated, well-earning white collar friends of mine fall prey to such cases.”
These scams have existed for quite a while, and Rupesh Mittal, founder and director of Cyber Jagrithi, shares that they have also dealt with similar cases. Taking us through one of the cases, he says, “There was a case where a lady got a call from a person claiming to be a Blue Dart delivery agent and mentioned that the address provided was incorrect and gave a Google form to fill out with correct address details.The form also asked for details of payment for a charge of Rs. 10 for address change. Later, she was asked to install SMS forwarder and screen sharing applications like Quick Support, Anydesk, and TeamViewer, and she lost nearly 30 thousand.”
He further adds, “It is very sad to say that the data of the citizens is not processed safely, due to the fact that the DPDP Act has come into force, but still, we have a long wait to see these come into action.” The crucial point here is to find out where there is leakage of data. A few situations we have found are:
Fake websites doing e-commerce on social media platforms like Facebook and Instagram, offering heavy discounts, collect the information, which the fraudster uses further.
The actual delivery agents have customer information and make a database out of it.
The security guards’ entry book, which has information on who has received what type of delivery, is also a database for these fraudsters.
What basically happens in this scam to intensify the pressure on the victims is that the victim is advised that their call will be routed to the Mumbai Police Cyber Cell, ostensibly due to unlawful materials in the box. This manoeuvre is intended to create a sense of impending legal danger. After the initial call, victims receive a Skype call from someone masquerading as a police officer. The fraud takes a dangerous turn when the victim is informed that their Aadhaar number is linked to various bank accounts that are involved in money laundering activities.
This assertion heightens the fear of impending legal peril.
A citizen needs to become a netizen who has knowledge of safe usage of the internet. Maybe today, to solve this issue, we have some measures to take, but the bigger problem is to be ready for the future. One needs to understand the mechanism of the fraud and beware of falling prey to these fraudsters.
“Tackling something fake really needs skill and patience. For a layman having no knowledge of technology, I would suggest that he have access to the nearest police station and report such documents. Most of the police stations have knowledge of these crimes happening and would be the appropriate person to guide you better, and trust me, it does not need any technical knowledge or expertise in any domain to do so. Fear has been a tool that these fraudsters have been using to execute these frauds.
One needs to understand that if he is not wrong, the law will protect him. Interestingly, many deliberations and modus operandi have been seen in this way of fraud; one is via deep fake AI technology videos are made; the next is identity theft, which is used to do such crimes. A police officer never interacts on video calls or any medium; mostly, you are called for questioning at the police station.
If he is not from a local police station, immediately report him to your local police station, because if he is also genuine, he has no powers to do anything outside of his jurisdiction,” shares Rupesh.
Now here also comes another Jamtara model. Well, that has nothing to do with the Netflix series titled Jamtara. During Moutan’s days in the Police Department, she shares, “Jamtara Police Station was the most high-end station. We saw police from 22 states visiting the Jamtara Police Station on a regular basis. This is just like any other BPO job. The boys are trained on what to say and how to say it, and that’s all; they are all set to commit the crime. It’s a two-day training, and then the criminals are all set to blow up innocent people.
Awareness is the only thing out along with presence of mind on every call you take, every email you read, or social media time.”
Meanwhile, getting more in-depth about the Jamatara model, Rupesh shares that it is a voice-based phishing model in which a person impersonates an official of a bank or a fintech company like Paytm, Gpay, etc. and offers you either a KYC expiry, card upgrade, or any such scenario and becomes a helping hand to execute it.
On the other hand, Moutan shares that when it comes to the Aadhar Card fear, 100 percent security is a myth. Thus, “This cannot be guaranteed that your Aadhaar number or Pan card is completely safe. But then there is nothing to be afraid of. We have our own system in place. We have law enforcement agencies, regulations for e-commerce sites, and logistics companies. If we haven’t done anything wrong, then why fear? We need to have trust in our system that we are not going to be behind bars when we haven’t done anything wrong. Also, we need to avoid filling up those forms we get in parking, restaurants, and malls asking for phone numbers for lottery, discounts, or lucky draws. This is where we expose our phone numbers to such fraudsters.”
By default, our bank accounts have AEPS (Aadhaar Enabled Payment Service) enabled. Rupesh urges the readers to approach the banks and get it disabled. Keep the phone number linked to the Aadhaar updated, and disable or lock the fingerprint using the MyAadhaar app.
Once the victim realises that he or she has been fraudulent, time is very crucial to recovering the money. Timely reporting to the bank and the police can help in the recovery of the money.
National Cyber Crime Portal: 1930 (cybercrime.gov.in)
If you are sure that you are not at fault, then after reporting to the bank and if there is a non-satisfactory response, you can utilise the option of an Ombudsman by the RBI.
Official Statement by FedEx
FedEx does not request personal information through unsolicited phone calls, mail, or email for goods being shipped or held unless requested or initiated by customers. If any individual receives any suspicious phone calls or messages, they are advised not to provide their personal information and instead should contact our customer service hotline at 1800-22-6161 or 1800-209-6161 for verification.