State Bank of India Credit Card Complaints - FRAUD

FRAUD

This article is about the one which I read when I surfing through the details of fraud and the information breach that is happening at Banks and the kind of information misuse happening in places where we place our trust. I do present the entire bitter experience a lady has undergone.

I am working in one of the Tata companies and that's how I received my Tata SBI credit card a few years ago. Today I writing in because I am an employee at 'a' particular company but only to tell you my story in brief and my experience with the SBI credit card.

The trust and faith I put in the name - TATA and State Bank of India is immense. There couldn't have been a more perfect combination to establish trust and credibility. However, this morning Feb 22, 2010 was an absolute shock and horrifying episode for me. I got a call from 0124 3992391 saying the below-

"Hi Ma'am, we are calling from the Income Tax Department - verification unit and we would like to verify your contact details". I was caught in the middle of something at my workplace and I politely asked what was this regarding to which the guy at the other end said " we are calling from the Income Tax Department, your address details are getting 'kharab' which means spoilt and hence we need to update it. I wasn't quite sure about what was happening but on insisting thought the financial year is coming to an end and maybe Income Tax Department - Government of India needs these details. I updated my address with this guy on the phone and gave the guy my current address, when he asked for a phone number, an alternate number I was going to give my mother's but then decided to give my office number.

For some strange reason I felt that there was something amiss as I am an individual who has been dealing and handling my IT stuff through my office (which of course is reputed and managed with expertise). I decided to ask the guy some details saying where are you calling from in Income Tax etc etc. to which he started floundering and hung up. I called the guy back as I had his number on my mobile. When I asked which office is this and the guy who received the phone asked - Is this Ms XXX

Moreover, this particular number was called back on by a colleague of mine and when the person received the call on asking why he said he was from the Icome Tax Department, he said " madam humne jooth bola, main apko bata rahan huin, ye hamara kaam hain". Now, you can get all the call logs between me and this number. There were a total of 2 calls I made this morning and they called me 3 times.

I knew immediately that this was a case of fraud. These guys were calling on behalf of SBI and saying they are calling from Income Tax Department. This is the highest amount of breach of personal details/private information.

Last month when I wanted to write a cheque for almost 20,000 to pay SBI, instead of writing January (01), I wrote February (02). I didn't know this till I started getting calls from SBI. When I explained that I had put in the cheque and gave them details, they were relieved at every call but never stopped calling me. I decided to call the SBI call centre myself and questioned why they are calling me to which they said - No payment is received BUT at the same time acknowledged that they have a cheque dated Feb. for Rs 19,586. Now they know that as - as of today the payment has gone through and SBI received the payment. I got a mobile SMS confirming that.

Even if I ignore the number of calls I got harassing me for the payment, my biggest problem is the call which was made today. Government of India call - Income Tax Department calling me for some verification!!!!!! This is unacceptable and should be dealt with absolute severity!!!!!!! It's a 'FRAUD' of the first order and there is no denying that. It has completely shattered the faith I had in this collaboration.

I have called up the call centre and spoken to some Prashant and Kaustabh Banerjee (Manager) who confirmed that the call was made from one of the floors in Gurgaon and he is looking into it and that it will be taken seriously..basically all the things you say to your customer when they are annoyed at the other end. While I was in chat with the SBI call centre, another call came from 0124 3992391 (I picked it up as Prashant the SBI associate asked me to) and the person who spoke at the other end sounded like a Haryanvi criminal. I am using these words not out of bias but any associate who loses his/her tone of politeness is not fit to be doing that job (especially when I was just struggling to find out who they were). Just to let you know this particular call was just made to ask me " Kya aap hamain batayangi kya hua" when I asked which company are you calling from he said " aapko batana hain ki nahi". I said you should ask your employee to which he said "humne Abhiskek is baath kari, he said he called from Income Tax Department'. I asked him to hang up and he just banged the phone.

I feel at loss. I have given my private information to a company that has no control over its processes. I feel it was a total Quality Control breach too.

Phishing on the Indian Tax department

BANGALORE, INDIA:
Security experts in Symantec has cautioned tax payers of a large scale pishing attack just when tax payers are set to file their annual returns.

Here are inputs from Ratnamala Dam Manna, Director, Security Technology and Response, Symantec:

Situation backgrounder

As per the last count, India has a tax-paying population of 31.5 million and with citizens getting increasingly prosperous and entering the tax bracket, the number is bound to increase. Furthermore the entire process has become less cumbersome for the average tax-payer since it has gone online. Add to that, the fact that India today has a burgeoning broadband penetration and a steadily increasing tech savvy population.
The popularity of online filing has increased again this year, with online filing of returns hitting a new high. No wonder then, they have entered the radar of cybercriminals.

Scammers offer you Tax Refunds

Fraudsters never seem to rest. They now have turned their attention towards phishing on the Indian Income Tax Department. It is the season of tax returns in India and it is known that people will file their income tax returns during this time of fiscal year in India. Hence, phishers have chosen the right time to phish the market as most of the users are not aware of these attacks.

Attackers send emails with subject line as “ Tax Return!“ with the below content:

“Dear applicant, After the last annual calculation of your fiscal activity we have determined that you are eligible a tax refund of XXX Rupees. To access the form for your tax refund please click here.”

There is a link as “Tax Refund Online Form” in this email that leads to a phishing site which is a spoof of the Indian Tax Department site “incometaxindia.gov.in”. The webpage ask customers to submit their sensitive information like personal information, bank and credit card details.

After submitting the information the page redirects to the legit site of Indian Tax Department. The domain name of the fraud site is hosted on US based servers.

Internet users are advised to follow best practices to avoid phishing attacks. Here are some basic tips for avoiding online scams:

Caution:
* Please be careful regarding such kind of emails and URLs.
* Do not visit any links in the emails.
* Do not enter any of your details this kind of sites.
* Please use the legit site of http://www.incometaxindia.gov.in/ for any help regarding the income tax refund.

Facebook, PayPal pair up

Facebook members will soon be able to use PayPal to make purchases, the two companies said last week, reports SFGate.

Facebook and PayPal, a unit of eBay, said they have agreed to a strategic relationship that will allow Facebook advertisers to offer the PayPal online payment system as an option.

Facebook will also offer PayPal for members to purchase virtual goods through its own Facebook Credits, which the Palo Alto social media giant has been testing for some games and applications.

Suppliers defend chip, PIN

Banking industry suppliers have lined up to defend chip and PIN, following the release of research last week from Cambridge University demonstrating how cyber crooks might be able to bypass security controls on credit and debit card transactions in shops, says The Register.

A four-man team from Cambridge University demonstrated how it might be possible to make 'verified by PIN' transactions using stolen (but uncancelled) cards without knowing the correct PIN number. The man-in-the-middle works by tricking a card into thinking a chip-and-signature transaction is taking place while the terminal gets a signal that a correct PIN has been entered.

But suppliers such as Thales and The Logic Group point out that chip and PIN has been a success in driving down the levels of fraud in retail transactions, while acknowledging that plastic card fraud has been displaced to the Internet and overseas ATM machines, rather than reduced, since the introduction of chip and PIN.

Mobile banking to double

The number of people subscribing to mobile banking services is set to annually double over the next five years, according to new reports, states BCS.

By 2015, the number of people around the world who will carry out financial transactions via their mobile devices will be approximately 407 million, a study by ABI Research found.

While growth in the sector has so far been slow in Europe and North America, Asia-Pacific markets have already increased hugely in number, led by India. There are currently already 52.2 million people who subscribe to mobile banking services within the Asian continent.

RBI to ramp up credit monitoring

RBI's NEW MOVE
The Reserve Bank of India is making a habit of making very strong and significant moves that are, in short, overhauling, streamlining and strengthening the credit market. All this augurs well for the banking system in India as it helps us field tight economic situations and come out strong each time.

A few days ago, RBI introduced the base rate system to address downward stickiness of loans and to keep a check on lending habits that could trigger and create problems akin to the United States' housing bubble crisis in future.

Now, RBI is taking it to the next level by introducing more credit information bureaus into the credit monitoring system. As the first step, it has now made official the in-principle approval it had provided Experian, a popular credit agency which has global operations.

In India, Experian started laying the ground for active operations in November 2009 when the Experian Credit Information Company of India Private Limited was formed. The company represents a joint venture with seven of India's leading public and private sector banks and non-banking financial institutions; Axis Bank, Federal Bank [ Get Quote ], Indian Bank [ Get Quote ], Magma Fincorp, Punjab National Bank [ Get Quote ], Sundaram Finance [ Get Quote ] and Union Bank of India [ Get Quote ].

RBI under the CICRA Act of 2005 has granted a full licence to operate an Indian credit bureau to Experian on February 18 under new regulations.

RBI has already granted in principle approval for two more agencies namely Equifax Credit Information Services and Highmark Credit Information Services, along with Experian Credit Information Company.

The other agencies are likely to follow suit with a formal licence in place from RBI.

The competition in this arena is expected to further strengthen the infrastructure capabilities of CIBIL, which currently has the first mover advantage and a huge database to its credit, not to mention a huge list of banks and financial institutions as its members.

On the other hand, the new entrants come with the rich experience of having handled various facets of credit agency activities in a different geographical setting. CIBIL has also been granted permission by RBI to maintain a telecom and insurance database going forward - which means phone bills and insurance premiums also need to be paid on time by the consumers!

In May 2009, CIBIL launched the new Personal Loan Score. So what does this actually mean? Well, this is nothing but an evaluation based on the most recent personal loan data available in the past few years.

Essentially this data pool will help the bank ascertain whether a person is eligible for a loan in terms of past repayment track record. Of course, this is largely dependent on the fact that the person applying for a new loan has already taken a personal loan in the past.

Based on the track record of how effectively that particular loan was repaid, the bank will decide on whether to approve the individual's loan application or not. If the person has defaulted or has faltered in between, etc., then based on the bank's discretion the interest rate they end up paying maybe higher.

This launch was done quickly, mainly to address the concerns surrounding rising loan defaults in recent times.

Further, to cement the process and to weed out or reduce the percentage of defaults going forward, more such initiatives are likely to be made available soon. Included among them are a home loan repository and a fraud repository.

As the names indicate, home loan repository will contain relevant and recent home loan data of individuals to help the bank decide on such aspects as refinancing an existing loan, providing top up loan etc. This is especially significant when an individual wishes to apply for a refinancing loan or a new home loan with a different bank.

A fraud repository is something related to weeding out people who indulge in fraudulent activities related to credit. This record will help weed out individuals who take loans never intending to repay etc. If a pattern is observed in certain individuals in the manner of taking a loan and not repaying willfully etc., their track record will prevent them from further misusing credit.

All these aspects are expected to further strengthen the credit system, weed out regular defaulters, eradicate fraudsters and help save the money that can go to genuine loan consumers who utilize the credit in the most appropriate manner.

In general, a repayment history of around six months is essential for a credit score to be assigned to an individual. Credit can be in the form of EMI (equated monthly instalment) payments for loans or credit card payments as well.

However, in the case of a personal loan score or a home loan repository data relevant only to these loans will be present. In such a scenario, the next step is to evaluate their credit score on the basis of their credit card repayment history.

If this data is also not available then an individual score may not have relevance. Other aspects like net worth, salary, employment details, etc will then come into the picture to evaluate loan eligibility.

All these measures are being taken to establish the credit worthiness of the potential borrowers. The entire credit information bureau scenario is also likely to get a face lift not only due to the introduction of these initiatives by CIBIL but also by the introduction of new credit agencies like Experian and the rest into the Indian credit monitoring system.

With RBI having granted consumer access to credit reports now, this will usher a new era to the way loans are being applied and granted.

This is expected to bring about a transparency in the credit system along with the base rate system to ensure there is a methodical inflow and outflow of money in the lending cycle.



BankBazaar.com is an online marketplace where you can instantly get loan rate quotes, compare and apply online for your personal loan, home loan and car loan needs from India's leading banks and NBFCs.

IT officials involved in scam

Five persons, including three Income Tax department officials and a television artist, have been arrested on charges of duping the department to the tune of Rs three crore by filing fake I-T returns of PAN card holders and illegally transferring refunds in their own accounts, CBI said here on Sunday.

The accused were identified as Dilip Vyas, I-T inspector Pramod Prabhakar, senior tax assistant Rajesh Pillai, I-T employee Raju Nagpure and television artiste Manoj Sangtiyani, CBI officials said.

While the main accused Vyas was nailed on February 17, the rest were arrested today, they said, adding that four more accused Mohan Ghadge, Sandeep Roy, Nidan Dalvi and I-T employee Shrikant are still absconding.

The officials said although Rs three crore fraud has come into light so far, the cheating amount may go over Rs 14 crore.

Explaining the modus operandi, CBI Joint Director (west zone) R R Singh said, "Vyas, posing as a chartered accountant, has collected PAN card numbers from 23 persons and bank account details and blank post-dated cheques signed by them.

"He then prepared fake IT returns, computation sheets and other related documents of these PAN card holders and provided the details to his aide Prabhakar.

"Subsequently, Prabhakar entered the said data into the computer system of IT department and generated e-refund which was electronically transferred to bank accounts of the PAN card holders."

Vyas then transferred the I-T refunds in his and aides' bank accounts in United Bank of India and Kotak Mahindra Bank using signed cheques issued by the PAN card holders, leaving one per cent of the refund amount in the holders accounts, Singh said.

"In this manner, the accused have transferred about Rs three crore in their account in the last seven months. The accused had another 70 PAN card holders' details. The fraud might go over Rs 14 crore," he said.

The cheating came to light when one of the I-Ts top officials were tipped off about it on January 19, Singh said.

"Prabhakar knew all loopholes in the Information Technology Department and practises of the I-T department and took advantage of them to execute their plan," Singh said.

Stating that the software of the I-T is incapable of making online checking of the TDS payments, Singh said the officials should also regularly change their passwords to prevent misuse of the system.

CBI is also probing if the 23 genuine PAN card holders had any idea about the fraudulent practice by the accused, he said.

PAN card holders play conspirators in I-T fraud

Mumbai Be careful who you share your PAN (permanent account number) card details with. There are ways in which it can be misused. One of them, as the Anti-Corruption Bureau of the Central Bureau of Investigation (CBI ACB) recently found, is to file fake income tax returns and obtain illegal refunds in the name of a PAN card holder, all this with the help of I-T officials.

In mid-February, the CBI unearthed such a scam allegedly involving a small-time television actor, a senior tax assistant and officials of the income tax department. The fraud so far amounts to Rs3 crore, but investigating officials believe the figure is likely to touch Rs14 crore.

The CBI ACB arrested Dilip Vyas, a Dahisar (East) resident and the lead player in this case, on February 17. He has been remanded to police custody till March 3. On Sunday, television artiste Manoj Sangtiyani, senior tax assistant Rajesh Pillai and I-T officials Pramod Prabhakar and Raju Nagpure were also held. It is learnt that Vyas and Sangtiyani were business partners, involved in bill discounting and supply of construction materials. Mohan Ghatge, Ninad Dalvi, Sandeep Roy and another I-T official identified only as Shrikant, are still wanted in the case.

Interestingly, there were no ‘real’ victims in this case. Vyas, it appears, had used the PAN details of only those who were known to him, superintendent of police, CBI ACB, Anil Modak, told DNA. “He told the PAN card holders that he wanted to use their bank accounts to deposit some money and had promised one per cent of the deposited amount in return,” Modak said. Given their acquiescence in this conspiracy, even the real PAN card holders may be charged with abetting the crime.

Modak said that Vyas and Sangtiyani, with the help of their
assistants Dalvi and Roy, collected the PAN and bank details of 23 persons, as well as blank signed cheques from them. He then made fake income computations of the PAN card holders, stating fake transactions through which income had been generated. He then used these documents to file fake I-T returns on those PAN cards. The transactions shown were those that reduced the tax liability, thereby generating refunds. The e-refunds were then deposited in the concerned bank accounts.

The network grew after Vyas, who also claimed to be a chartered accountant, met Sangtiyani, who was known to Prabhakar and Nagpure at the terminal branch of the I-T department, at the Bandra Kurla Complex, Modak said.

Vyas provided PAN numbers, bank details and the fake I-T returns along with enclosures to Prabhakar (the I-T officials) through Sangtiyani,” said CBI joint director (west zone) Rishiraj Singh.

A CBI officer explained that Prabhakar, along with his assistants Nagpure and Shrikant, visited the BKC branch where they managed to break into the network access of the department, known as RSA Code. “But in order to access it, they required an identity and password. Pillai played a crucial role here, as he was close to an I-T official working there; they used his ID and password to log in,” he said.

They then entered the said data into the computer system and generated the e-refund, which would be electronically transferred to the respective bank accounts, said the official. “The money was then withdrawn and deposited by the accused into their bank accounts. There was no income tax deposited against these returns,” Singh said.

About Rs3 crore was credited to the bank accounts of the 23 PAN holders which was then withdrawn by using signed blank cheques. The bank accounts were mainly with the United Bank of India, Dahisar branch, and Kotak Mahindra Bank, Kalba Devi branch.

The scam came to light because of the amount of e-refunds generated.“Since such huge e-refunds are never migrated from the Central Circle office, this raised suspicion among senior I-T officers, who then informed the I-T commissioner about the fraud. He then got in touch with the CBI ACB,” said a CBI official, requesting anonymity.

How well do you know your CA?
How safe is the money of a common man who files his income tax returns, trusting his chartered accountant? “In this fraud, the PAN holders were close to the accused and had permitted them to use their documents and bank accounts through the greed of money (as they had been promised a commission). The common man should understand to what extent a person can be trusted as far as filing tax returns or getting refunds is concerned,” said Anil Modak, SP, CBI.

Holes in the I-T dept’s computer system
According to the CBI, this scam has revealed inherent loopholes in the income tax department’s computer system. For instance, even after one logs out of the network facilitating refunds, the machine will remain valid for processing for about four hours. In this time, any person having knowledge of the username and password of the assessing officer can access the network. What’s worse is that the officers do not change their passwords as required. They prefer to function on the default which is known to many, including their assistants.

A year of UID: Much more than a number

The Unique Identification Authority of India (UIDAI), set up to issue a unique identification (UID) number to all 1.2 billion Indian residents, completes a year this month.

“We will be issuing the first set of UIDs between August 2010 and February 2011,” asserts former Infosys co-chairman Nandan Nilekani, who now heads the UIDAI. It’s a little over six months since he took charge, and he expects to issue 600 million UIDs over the next five years.

His team is being expanded; the headquarters is in Delhi and it has eight regional offices. During the 2009-10 budget, Rs 120 crore was allocated.

The project is also breathing life into other areas. For instance, the human resource development ministry will take its help to introduce educational reforms. Foremost among its goals is to use UID to bring the over eight million “out of school” children into the education system. Nilekani was also recently asked to head a National Highways Authority of India panel to select a technology to unify toll plazas across the country.

Discovery of Indians
Key points about the UID project
* Enrolment will not be mandated: The UIDAI approach will be a demand-driven one, where the benefits and services that are linked to the UID will ensure demand for the number. This will not however, preclude governments or Registrars from mandating enrolment
* The UIDAI will issue a number, not a card: The Authority’s role is limited to issuing the number. This number may be printed on the document/card that is issued by the Registrar
* The number will not contain intelligence: Loading intelligence into identity numbers makes them susceptible to fraud and theft. The UID will be a random number
* The Authority will only collect basic information like name, date of birth, gender, photo and fingerprints
* Process to ensure no duplicates: Registrars will send the applicant’s data to the central repository. The CIDR will perform a search on key demographic fields and on the biometrics for each new enrolment, to ensure that no duplicates exist

The bid to eliminate duplicate and fake identities, reasons Nilekani, could annually save the government exchequer upwards of Rs 20,000 crore. As an example, he says the ministry of petroleum could save the Rs 1,200 crore a year in subsidies now reportedly lost on cooking gas cylinders registered under duplicate or ghost identities.

The project is also expected to become a catalyst to achieve financial inclusion, he says. For instance, online authentication could be done even through a cellphone. And banks could have business correspondents (BCs) in villages, equipped with a mobile phone, a finger print reader and an ATM kind of software, to enable cash transactions in the village itself. Any NREG worker, notes Nilekani, could go to any BC and withdraw money, because UID would be an open architecture. Any shop owner could be appointed a BC, and there is no need to open branches in mofussil areas.

The approach
UIDAI leverages the existing infrastructure of government and private agencies. It will be the regulatory authority managing a Central ID Data Repository (CIDR), which will issue UID numbers, update resident information, and authenticate identities as required. “Tenders have been floated for various purposes. This is an ongoing process. The tender for a Consultant for the CIDR has already been called,” says Nilekani.

Registrars will be state governments or central government agencies such as the petroleum ministry and Life Insurance Corporation. Registrars may also be private sector participants such as banks and insurance companies. “The process of entering into MoUs with state governments is underway,” says Nilekani. He has also enlisted the assistance of close to 30 information technology professionals in the task, with the help of software body Nasscom.

The UID number will be issued to all residents who satisfy the verification procedure, explains Nilekani. “The number does not confer citizenship or nationality. Its primary purpose is to establish the identity of the person,” he clarifies. While enrolment into the UID system will not be online, authentication of identity will be online. The UIDAI itself will not be issuing cards.

How will it work?
Based on initial estimates, the enrolment of each resident may cost between Rs 20 and Rs 25, leading to a potential total enrolment cost of Rs 3,000 crore. The strategy will explore if the various beneficiaries could fund this. The Registrars have the option here of charging for the cards they issue. UIDAI may issue guidelines around such pricing.

Once the UID number is assigned, the authority will forward the resident a letter which contains his/her registered demographic and biometric details and a tearaway portion with the UID number, name, photograph and a 2D barcode of the fingerprint minutiae.

Residents can also update their information with UIDAI. The UID number is a lifetime number, but the biometric information contained in the central database will have to be regularly updated. Children may have to update their biometric information every five years, while adults do so their information every 10 years.

The Biometrics Standards Committee set up by UIDAI has also given its recommendations. The UIDAI would be taking the face, all 10 fingerprints and both iris scans for the biometrics of each person.

It will employ a GIS internet-based visual reporting system to track enrolment trends and patterns across India, as the project is rolled out. The GIS system will show all UID enrolments by state, as well as by Registrar. The system will also be able to drill down within states and into districts.

Revenue potential
UIDAI pegs its annual revenue potential, through both address verification and biometrics confirmation, at Rs 288 crore. It has identified three transaction types. The basic ID confirmation will be free, where the potential user agencies could be, for instance, the airlines which do passenger check-ins. The second type of transaction is that of ‘address verification’, which will cost Rs 5 and can be levied by banks when users open accounts. The third one comprises ‘biometrics confirmation’, which will be charged Rs 10. Its potential user agencies can be credit card companies.

Registrars and service providers will also be able to charge for the cards they issue residents with the UID number. Such pricing will be within UIDAI guidelines, states a draft paper.

Business opportunity
Biometrics (which includes fingerprint, face and iris recognition) and computing power hold the keys to the UID project, which is estimated to offer a Rs 15,000-20,000 crore opportunity to computing, database, smartcard and storage vendors besides systems integrators. For every rupee of IT spend on the project, industry experts estimate, around 60 per cent of this will go to hardware vendors.

Nilekani also speaks of “online authentication which has not been done anywhere in the world till date”. Online authentication is currently being tested out by researchers in institutes abroad. This will require added computing power, data connectivity.

The real business opportunities will start flowing once various government departments start using UID numbers to issue smartcards to citizens, says Ashok Chandak, Senior Director, Global Sales & Management, NXP Semiconductor.

Many government departments, for instance, will have to issue smartcards — for driving licences, for health insurance, for ID cards, etc., — and all these smartcards will draw on the UID database. Many other companies like Genpact, Microsoft, Google, TCS, Wipro and even Infosys have evinced interest in the project.

Privacy concerns
Experts are sceptical about the protection of the private data once the rollout of UID numbers begins towards the later half of the current calendar year. They fear the UID number which will be issued based on personal information given by a person might be leaked to various other agencies.

“If the UID is used by 10 different agencies for 10 different purposes, then a cross-linking of that data will, some time or other, happen. A common man won’t be able to take legal measures for the violation of privacy happening out of the data leakage,” cautioned Dinesh Charak, legal counsel for Nokia in India, at a recent discussion.

The UID Authority says it is trying to collect personal data in a very limited manner, to make sure there is no leakage. “We are not going to collect information about a person’s religion, but only names, gender, date of birth and address. It is just the basic information, whereas a lot of countries have loaded up their ID cards with a lot of (more) information,” says Deepika M of its legal team

Lankan national held for credit card fraud

The Chennai City Police on Wednesday arrested a 30 year old Sri Lankan national involved in a string of credit card frauds across the southern states.

One Sanjay Kanth hailing from Sri Lanka was picked up by sleuths of the Central Crime Branch(CCB) of the Chennai City Police at a shop on Pantheon Road, in Egmore , where he was trying to purchase a laptop and computer peripherals.

According to CCB officials, Sanjay is a B.Com graduate who was staying in a rented house in Alapakkam. On Wednesday afternoon, he went to a shop in Egmore to purchase a laptop and other accessories. When the three credit cards he gave in succession did not work, the shop owner grew suspicious and informed his bank.

The bank's risk manager informed the CCB, sleuths came to the store and nabbed Sanjay. Police then raided Sanjay's house and seized a laptop, pen drive, credit card encoding machine, 177 credit cards and Rs 1.63 lakh Indian currency, among other things.

"This person ran a fake credit card unit at home. He got details of bank accounts of people living abroad through his friends,' said a police officer.

"He encoded the same using the machine in his house, and would then use the fake card to withdraw money from ATMs in Chennai", the official added.

Sanjay has made purchases in Karnataka, Andhra Pradesh, Kerala and Tamil Nadu, and is said to have been involved in credit card fraud since 2001.

This is not the first instance of a Sri Lankan being arrested for credit card fraud. On December 24, 2009, CCB sleuths nabbed Vijay Kanth (29), another Sri Lankan national, for possessing fake credit cards and indulging in illegal business for seven months

IT officials involved in scam

Mumbai, Feb 21 – The Central Bureau of Investigation (CBI) has arrested one person and detained four income tax (IT) department officials in connection with a Rs.30 million-IT refund scam, a top official said here Sunday.

The IT officials work in the information technology and other departments of the department in Mumbai, said CBI Western Region Director Rishi Raj Singh.

One of them had managed to secure the confidential password of the IT refunds assessing officer and it was used to process many forms using the IT PAN Card details of 23 ordinary people, he said.

‘By this, the accused managed to transfer over Rs.30 million worth of IT refunds to their personal accounts,’ Singh said.

The officials detained were Pramod Prabhakar, a senior IT inspector, Rajesh Pillai, Raju Nagpure and Manoj Santgiyani. They were undergoing CBI interrogation.

Their associate – Dilip Vyas, who acted as middleman in the scam – has been arrested.

The CBI is on the lookout for Vyas’ associates Sandeep Roy, Mohan Ghatge, an IT official Shrikant and one Ninad Dalvi who arranged the PAN cards.

‘The fraud was possible due to loopholes in the internal information technology systems of the IT department,’ Singh observed.

Investigations into the fraud are still underway and the IT department expects it to touch Rs.100 million and the number of PAN cards used in the scam could be more than 100.

The CBI acted on a complaint lodged by the IT Department Feb 4. The accused have been charged under various Indian Penal Code sections pertaining to cheating and committing fraud.

PIN NO MORE A SECURITY MEASURE

A fatal flaw in the chip and PIN technology that is supposed to guarantee the security of millions of credit and debit cards has been identified by scientists.

The loophole means stolen cards can be used in shop terminals and bank cash machines without being identified, it is claimed.

In theory, thieves would be able to make purchases and cash withdrawals without needing to key in the four digit PIN or being detected.

The chip and PIN system became universal on Valentine's Day 2006, replacing the use of signatures to authorise purchases.

At the time banks said the introduction of the PIN system would reduce card fraud because even if a card was stolen it could not be used by a thief who did not know the number.

Card fraud did fall initially, however, the figure rose 43 per cent by the end of 2008 to £610million and is thought to have risen even higher last year.

Professor Ross Anderson, from the Cambridge University Computer Lab, has uncovered a number of ways in which the system can be beaten. However, he claims the latest discovery is shocking in its simplicity.

Prof Anderson claims the banks may now need to rewrite the security software around the entire chip and PIN system in order to make it fully secure.

The researchers discovered that a small circuit board containing a computer chip and transmitter can be attached to the chip on the plastic card and concealed up the sleeve.

This communicates with a computer stored in a backpack worn by the criminal when using the card at a till or cash machine.

When the user is asked for the four digit PIN to authorise the transaction, they only need to key in a random code.
The software attached to the card then signals to the till terminal that a correct PIN has been used.

'We think this is one of the biggest flaws that has ever been uncovered against the PIN system and I have been in this business for 25 years,' said Prof Anderson.

Details of the flaw were revealed on BBC's Newsnight programme last night. It showed how four different cards could be authorised for purchases in a Cambridge University canteen by using a fake PIN of 0000.

Consumer lawyer, Stephen Mason, told the programme: 'The loopholes in the chip and PIN system are serious and I don't think they have been properlyaddressed by the banks. They really have to think about this seriously.'

The introduction of chip and PIN brought with it a greater risk that victims of card fraud would have to carry the cost of any losses.

Some banks have refused to refund losses where they argued consumers had been careless with their cards or failed to keep their PIN a secret.

Prof Anderson added: 'The banks have been lying about the security of their systems and the industry regulators have been completely gullible.'

But the banks trade body, the UK Cards Association, denied the discovery was serious.

'We believe that this complicated method will never present a real threat to our customers cards,' it said.

Valentine's Day- Be careful

February 14 or Valentine's Day is that day of the year when you are encouraged to express your love to the special person in your life. Love is such a powerful emotion that can blind even the most vigilant among us to fall into traps set online by unscrupulous elements. In this article, we will give you a few tips that will help you tread carefully on this Valentine's Day and could possibly save you from unwarranted heartaches.

Stay safe on social networking websites

As Valentine's Day is fast approaching, the number of Valentine's related apps on social networking websites such as Facebook have gone into hundreds. These applications offer their providers the opportunity of making money through affiliate marketing and also let them gather information about you. Because it is difficult to ascertain their true motives, it is best to steer clear of such apps, especially if they ask you to grant access to your private information on the social networking website.

Another way of conning unsuspecting people is by the means of apps that supposedly unlock hidden social network site functions, enticing people into going for giveaways or donating to bogus charities. If you see an anonymous message in your inbox with a subject similar to "AnonymousValentine", the only sensible thing to do is to delete the message because it may contain malware.

Stay away from phishing scams

Mails with marketing schemes aimed at this occasion suddenly start arriving in your inbox and most of them are aimed at getting the unwary user to divulge personal or financial details. This can be in the form of an email stating that the gift of flowers or candy you ordered cannot be delivered unless you log in and re-enter for confirmation, your financial details- usually your credit card number. Needless to say, the information you provide will end up with a scammer who can empty your credit card or bank account in just about no time. A better way to gift flowers or other items is to go to the online shopping portal of a well-known florist such as Ferns N Petals or for chocolates, to a known shopping website such as Moksha Chocolates.

Beware of e-card scams

E-cards have been around since the advent of the internet and these are the means of expressing love for many lovebirds. Scammers are well aware of this and therefore e-cards become a very viable means of conning people. This usually starts when you receive an email with a link to open an e-card sent to you by your loved one. Since you know that you have the world's best antivirus installed on your computer, you become careless enough to open the link. A website opens prompting you to do something like updating your Flash player by asking you to allow the installation of an ActiveX control. What actually happens is that a Trojan or backdoor worm gets installed, siphoning all your vital information for the perusal of the scammer. The best and safest way to protect you from such attacks is by not opening and simply deleting such emails.


Don't fall prey to online dating scams

For those who are yet to be bitten by the love bug, online dating sites pose a potential danger. What happens in this case is that the scammer creates a fake profile, which may have all the things you would want in a potential date and this will surely lure you in. When you actually contact the person, you will be more than likely be pleasantly surprised that the person is ready to adapt to however and whatever you want. Your likes and dislikes match perfectly and slowly but surely the scammer gains your trust. Soon enough you will lose your power of discretion and be enticed into actually falling prey to any financial scheme proposed by the supposedly "ideal date". This can be in the form of the scammer asking you to help him/her make emergency payment for a supposedly sick relative or to transfer funds to his/her accounts to let him/her buy tickets so that the two of you meet. You must use your common sense in such cases and being skeptical is always helpful.

Say no to unrealistic savings offers on gift items

Many online shopping sites feature gift articles that are priced at an unrealistically low price and many people fall prey to these ads. Sellers usually offer a piece of jewelry such as a diamond pendant or necklace with exquisite design for very low prices. The advertisements have photographs of the said items and they do look attractive. More often than not, these sellers are with unverified credentials. To make sure about the reputation of a seller, you must make sure that you read comments made by other people. Since even the comments can be forged, it is always better to play safe and not make the mistake of paying for these gift articles.

You should use your common sense to deduce that a gold ornament will cost at least as much as the price of the gold in it plus the cost of designing it. If the price comes to anything less than this, it is definitely a scam and you will surely not be gifting the same thing to your loved one as is claimed in the advertisement.

In conclusion, we would like to say that the best way to gift anything to your Valentine is to go to a shop, buy the gift and hand it over personally to him/her. The look on his/her face is something you would never want to miss.

Internet Fraud

A United Nations officer issued a cheque on his nationalized bank account. The cheque bounced despite his having deposited a big sum a few days back. He complained to the bank only to be told that Rs 75,000 was withdrawn in a number of transactions in Romania, a country he has never visited.The police suspect that the account was hacked on internet.

This is not the lone case of fraudulent activity in an Indian bank. Bank fraud is a big business in today's world. With more educational qualifications, banking is becoming impersonal and an increase in banking sector has given rise to this white collar crime. In many cases, the involvement of bank officials, as deliberate colluders, is also suspected.

The frauds have cost the depositors Rs 779 crore in 2004-05. It almost doubled to Rs 1381 crore the next year. In 2008-09, the figure rose to Rs 1883 crore. The figures given - Rs 4,043 crore in these deals - are again not conclusive. The actual figure may be much more. Both bank and forensic officials are baffled at this massive level of fraud. In 2004-05, there were 96 cases in which over Rs 1 crore was swindled away in each transaction. This rose to 212 in 2008-09.
Apparently no depositor is safe. Chances of swindling increase seemingly with the size of the bank. A multi-crore fake cheques scam estimated to the tune of Rs 52 crore was exposed in the Kanpur main branch of the State Bank of India last August. Seven bank officials, including one assistant general manager and two chief managers were suspended. The bank's audit team found that the fraud involved clearing of fake cheques in the bank account of an influential petrol pump owner. He is believed to have fled the country. This is stated to be the biggest fraud in the Kanpur-Lucknow region.