In the last few years, India has seen a surge in the usage of digital wallets and online payments systems such as BHIM, Google Pay, Paytm, and Phonepe. So much so that, Unified Payments Interface (UPI) recorded a whopping 10.8 billion transactions in 2019, becoming the most preferred payment method, well ahead of IMPS, debit, and credit cards. Touted as the fastest product to reach 1 billion transactions a month, people have made a habit of using UPI for daily payments. However, this has encouraged scammers to defraud the Indian public by exploiting UPI users.
Recently, CloudSEK’s digital risk management tool XVigil identified a mobile number: +91 9004676782 that is linked to various UPI related scams. We found that scammers often use this number in conjunction with other mobile numbers, many of which we have identified. Based on the mobile numbers, our research team uncovered a large group that is operating a gamut of UPI related scams. From the mobile numbers, we estimate that the group has at least 3 branches, 1 each, in West Bengal, Uttar Pradesh, and Maharashtra.
Our research indicates that the scamming group is performing various scams apart from UPI fraud alone. Among them, two interesting ones are hosting fake e-commerce websites and fake justdial pages for legitimate businesses. They are targeting various business sectors, including e-commerce, banking, and aviation. Despite complaints on the internet, news coverage of their scams, and First Information Reports (FIRs) lodged by victims, the group continues to operate successfully, with impunity. In this article, we detail our research findings on the scamming group’s operations and tactics, along with attributing them to individuals likely running the scams.