A 26-year-old civil engineer from Panvel lost ₹60,000 to a cyber fraudster while generating the PIN of a new credit card. The fraudster asked him to download the Any Desk app on mobile and scan a QR code on the back of the credit card. However, soon after scanning the QR code, Rs 60,915 was deducted from the card.
The complainant received a credit card from a financial company on January 8 and he visited a bank website www.rblbank.com/cardpin to generate a PIN. On the website, he got details about the PIN activation and a mobile number. The same day, the complainant made a call to that number where a person identified himself as customer care of the bank and asked him to download the AnyDesk app on mobile.
Victim asked to scan QR code back on the credit card
After downloading the app, the man asked him to scan a QR code back on the credit card to get the PIN. After scanning the QR code of the card, he ended the call.
However, after some time, he received a message regarding the deduction of ₹60,915 from his credit card. The complainant tried at the same mobile number to talk to customer care, but no one received the call. He then called the bank customer care and registered a complaint.
Later, the complainant approached the Khandeshwar police with a complaint. The police registered a case against an unidentified person under section 420 of IPC and section 66 D of the IT Act and started an investigation.
Screen sharing App
According to officials from the Cyber Cell, on analysing and studying a number of complaints, they found that cyber-criminals are using mobile applications such as Any Desk, Quick Support, Team Viewer and Airdroid. These are basically screen-sharing applications and once the victim downloads these applications, the cyber-criminals get unauthorised control of their mobile phone system. Cyber-criminals are posing as bank officials and induce victims to share their bank account and card details. They then send links carrying these mobile applications to the victims and induce them to download these applications and share the OTPs.