How a Buyer Was Duped Using Leaked Aadhaar Card, Army ID on OLX

“Jo ukhadna hain ukhaad lena.” (Try whatever you can)

A stern voice threatened on a phone call before hanging up on 25-year-old Suleiman Talha on 4 December.

Talha, a Hyderabad-based dentist, had already paid Rs 21,000 for a smartphone before he realised that he had been duped by the seller who had identified himself as an Army personnel.

The incident highlighted yet again that a well-established modus operandi for duping online customers has thrived despite being exposed in June. In the last one month, such cases have been reported from across the country, including Hyderbabad, Madurai, Ghaziabad, Nagpur and Jaisalmer.

In November, the Delhi Police had arrested a suspect in a similar fraud. Portals such as OLX have previously taken down a number of advertisements, but the actions appear to have done little to halt the fraudsters.

The Modus Operandi

So, how does the scam work?

Over the last six months and till as recently as 4 December, the modus operandi was unchanged. Here’s a step-by-step guide of Talha’s case to illustrate the process:

• A seller, posing as an Army or a CISF personnel, offers a latest smartphone at an astonishingly low price. Suleiman Talha found a OnePlus 6T phone on OLX for Rs 23,000. Its market price is Rs 41,999.
• The fraudster establishes his credentials with pictures of an Aadhaar card and an Army canteen pass. Talha received pictures of both the cards purportedly belonging to a man named ‘Manjit’.
• The fraudster then says that he is posted at a city airport and will not be able to deliver the package in person. In Talha’s case, the man said he was on duty at the Hyderabad airport and would be able to deliver the phone through courier.
• The fraudster suggests posting the product through the Army postal service and asks for an advance payment and a security deposit to be made through PayTM. Talha said the man sent him photographs of the courier shop and bills with the addresses that looked genuine. “I ended up paying Rs 3,100 as advance and Rs 5,150 for the postal charges, all of which was deductible from the total amount, I was told,” Talha added.
• The ‘courier delivery boy’ calls, saying he is in the vicinity and insists that the remaining amount has to be paid through PayTM before he delivers the product. Talha said a man claiming to be the delivery person insisted that he pay the remaining amount of Rs 12,750 as the “courier service has had unpleasant experiences of non-payment in the past.”
• Once the full amount is paid, either the seller’s phone is unreachable or he brazenly refuses to deliver the product, citing a GST amount that is still due to him. Talha said despite paying the total amount of Rs 21,000, the ‘courier person’ asked him to pay an additional Rs 7,000 towards GST charges that would be refunded to him at the time of delivery.

Consumer Forums Flooded with Complaints

It was only after Talha had a look at the consumer complaints website and explored the Indian Army page that he realised he had fallen victim to an elaborate con job. A scroll through the pages on consumercomplaints.in revealed that dozens of other complainants have been victims of the same fraud.

“Even when I realised that something fishy was up, I still didn’t think that the entire operation was a con job. I only suspected that the smartphone delivered to me would be faulty or fake,” Talha told The Quint.

Meri Aadhaar Meri Pehchaan?

A crucial aspect of the fraud is the establishment of trust between the seller and the buyer. This was earned by displaying copies of Aadhaar cards and Army ID cards, usually belonging to someone else, to the potential consumer.

So, how does one get hold of someone else’s Aadhaar card?

The answer is simpler than one would imagine. A simple Google search with ‘Aadhaar.jpg’ throws up dozens of unmasked Aadhaar cards as many organisations have stored Aadhaar numbers in open databases that can found online.

The Quint had highlighted how private entities – educational, non-profit and commercial – demanded Aadhaar numbers and stored them in databases, which are available publicly. Often the front pages of passports, PAN cards, voter ID cards, marksheets and driver’s licenses are just a Google search away.

In Talha’s case, the fraud didn’t just affect him, but also the man whose identity was forged. The Aadhaar number was used to complete the KYC of PayTM’s Wallet.

25 Percent of All Ads Rejected before Going Live: OLX

OLX has said that it uses various methods like site auditors, fraud investigators, extensive filters and educational initiatives to tackle this fraud. “Roughly 25% of the advertisements are rejected before they go live,” said Lavanya Chandan, General Counsel, OLX India.

“This happens automatically if the advertisement posts items such as drugs, pornography, arms. The other type of rejected items are those, which have high fraud propensity based on previously reported incidents, geography from which an advertisement emanates, phone numbers pertaining to other countries, suspicious IPs, kinds of advertisements, etc,” Chandan said.

OLX to Introduce Another Safety Net

“Starting this week, you will notice a banner on the page where advertisements are displayed in the form of tiles. The banner will contain dynamic advertisements that communicate messages, which will warn users from making advance payments about offers that are too good to be true, identity frauds and meeting at unsafe locations,” added Chandan.

Those who wish to get in touch with OLX regarding the cases of fraud can call on the dedicated trust and safety helpline number to handle user complaints: +91 9999140999, email-id: safety@olx.in.