How a Buyer Was Duped Using Leaked Aadhaar Card, Army ID on OLX

A modus operandi for duping online customers has been thriving despite being on the authorities’ radar since June.

Sushovan Sircar
India
Updated:
Fraudsters on classified websites allegedly use Aadhaar cards and Army id cards to dupe buyers into paying to the ‘seller’.  
i
Fraudsters on classified websites allegedly use Aadhaar cards and Army id cards to dupe buyers into paying to the ‘seller’.  
(Photo: Kamran Akhter/ The Quint)

advertisement

“Jo ukhadna hain ukhaad lena.” (Try whatever you can)

A stern voice threatened on a phone call before hanging up on 25-year-old Suleiman Talha on 4 December.

Talha, a Hyderabad-based dentist, had already paid Rs 21,000 for a smartphone before he realised that he had been duped by the seller who had identified himself as an Army personnel.

The fraudster allegedly impersonated a soldier using a leaked Aadhaar card and an Army ID to earn the trust and dupe unsuspecting buyers on classified websites.
“The con person was very convincing throughout in his impersonation of an Army personnel. His WhatsApp picture, Truecaller name and PayTM also suggested that he was in the Army.”
Suleiman Talha

The incident highlighted yet again that a well-established modus operandi for duping online customers has thrived despite being exposed in June. In the last one month, such cases have been reported from across the country, including Hyderbabad, Madurai, Ghaziabad, Nagpur and Jaisalmer.

In November, the Delhi Police had arrested a suspect in a similar fraud. Portals such as OLX have previously taken down a number of advertisements, but the actions appear to have done little to halt the fraudsters.

The Modus Operandi

So, how does the scam work?

Over the last six months and till as recently as 4 December, the modus operandi was unchanged. Here’s a step-by-step guide of Talha’s case to illustrate the process:

  • A seller, posing as an Army or a CISF personnel, offers a latest smartphone at an astonishingly low price. Suleiman Talha found a OnePlus 6T phone on OLX for Rs 23,000. Its market price is Rs 41,999.
  • The fraudster establishes his credentials with pictures of an Aadhaar card and an Army canteen pass. Talha received pictures of both the cards purportedly belonging to a man named ‘Manjit’.
  • The fraudster then says that he is posted at a city airport and will not be able to deliver the package in person. In Talha’s case, the man said he was on duty at the Hyderabad airport and would be able to deliver the phone through courier.
  • The fraudster suggests posting the product through the Army postal service and asks for an advance payment and a security deposit to be made through PayTM. Talha said the man sent him photographs of the courier shop and bills with the addresses that looked genuine. “I ended up paying Rs 3,100 as advance and Rs 5,150 for the postal charges, all of which was deductible from the total amount, I was told,” Talha added.
  • The ‘courier delivery boy’ calls, saying he is in the vicinity and insists that the remaining amount has to be paid through PayTM before he delivers the product. Talha said a man claiming to be the delivery person insisted that he pay the remaining amount of Rs 12,750 as the “courier service has had unpleasant experiences of non-payment in the past.”
  • Once the full amount is paid, either the seller’s phone is unreachable or he brazenly refuses to deliver the product, citing a GST amount that is still due to him. Talha said despite paying the total amount of Rs 21,000, the ‘courier person’ asked him to pay an additional Rs 7,000 towards GST charges that would be refunded to him at the time of delivery.
“When I called up the seller to clarify, the ‘seller’ insisted that I pay Rs 7,000 extra for GST. Sensing that something was wrong, I finally told him that I was not interested in the transaction and that I wanted my money back. He refused it outright and when&nbsp; I contacted him again, he threatened me, saying: “<i>Jo ukhadna hain ukhad lena</i>” (do whatever you can to me).”&nbsp;
Suleiman Talha
(Photo courtesy: Suleiman Talha)
(Photo courtesy: Suleiman Talha)
(Photo courtesy: Suleiman Talha)

Consumer Forums Flooded with Complaints

It was only after Talha had a look at the consumer complaints website and explored the Indian Army page that he realised he had fallen victim to an elaborate con job. A scroll through the pages on consumercomplaints.in revealed that dozens of other complainants have been victims of the same fraud.

“Even when I realised that something fishy was up, I still didn’t think that the entire operation was a con job. I only suspected that the smartphone delivered to me would be faulty or fake,” Talha told The Quint.

A screenshot of the consumer complaints’ forum page.(Photo Courtesy: consumercomplaints.in)
ADVERTISEMENT
ADVERTISEMENT

Meri Aadhaar Meri Pehchaan?

A crucial aspect of the fraud is the establishment of trust between the seller and the buyer. This was earned by displaying copies of Aadhaar cards and Army ID cards, usually belonging to someone else, to the potential consumer.

So, how does one get hold of someone else’s Aadhaar card?

The answer is simpler than one would imagine. A simple Google search with ‘Aadhaar.jpg’ throws up dozens of unmasked Aadhaar cards as many organisations have stored Aadhaar numbers in open databases that can found online.

The Quint had highlighted how private entities – educational, non-profit and commercial – demanded Aadhaar numbers and stored them in databases, which are available publicly. Often the front pages of passports, PAN cards, voter ID cards, marksheets and driver’s licenses are just a Google search away.

A security lapse like this reflects the general lack of seriousness among institutions towards sensitive personal data of citizens as well as the failure to grasp the basic data protection protocols.

In Talha’s case, the fraud didn’t just affect him, but also the man whose identity was forged. The Aadhaar number was used to complete the KYC of PayTM’s Wallet.

(Photo Courtesy: Suleiman Talha)
A screenshot of the PayTM app, confirming Talha’s payment.(Photo courtesy: Suleiman Talha)

25 Percent of All Ads Rejected before Going Live: OLX

OLX has said that it uses various methods like site auditors, fraud investigators, extensive filters and educational initiatives to tackle this fraud. “Roughly 25% of the advertisements are rejected before they go live,” said Lavanya Chandan, General Counsel, OLX India.

“This happens automatically if the advertisement posts items such as drugs, pornography, arms. The other type of rejected items are those, which have high fraud propensity based on previously reported incidents, geography from which an advertisement emanates, phone numbers pertaining to other countries, suspicious IPs, kinds of advertisements, etc,” Chandan said.

However, Talha’s example has directed the spotlight on the menace that has failed to subside despite suspicious posts being taken down regularly. 

OLX to Introduce Another Safety Net

“Starting this week, you will notice a banner on the page where advertisements are displayed in the form of tiles. The banner will contain dynamic advertisements that communicate messages, which will warn users from making advance payments about offers that are too good to be true, identity frauds and meeting at unsafe locations,” added Chandan.

Those who wish to get in touch with OLX regarding the cases of fraud can call on the dedicated trust and safety helpline number to handle user complaints: +91 9999140999, email-id: safety@olx.in.

(At The Quint, we question everything. Play an active role in shaping our journalism by becoming a member today.)

Published: 07 Dec 2018,09:33 AM IST

ADVERTISEMENT
SCROLL FOR NEXT