CloudSEK, a cybersecurity company, has reported on a growing scam in India that exploits the UPI (Unified Payments Interface) instant transfer system, similar to Thailand’s PromptPay. This scam ring utilizes loan-giving apps to deceive victims into paying fees upfront for loans that they never receive. Within just a few months in the third quarter of this year, over 40,000 individuals have fallen victim to this scheme, resulting in a minimum loss of 1.6 million baht.
The strategy employed by these criminals resembles that of the money-laundering networks in Thailand, which attempt to conceal funds through multiple layers of shell accounts. Furthermore, the major players in this group rely on Chinese payment gateway services that allow them to receive money through phone numbers without adequate anti-money laundering processes.
Although the system may seem similar to Thailand’s PromptPay, CloudSEK highlights several flaws in the UPI process, particularly the ease with which one can change the phone number associated with the receiving account without verifying if the number actually belongs to the account owner.
TLDR: CloudSEK warns about a rising scam in India that exploits the UPI system, similar to Thailand’s PromptPay. Fraudsters deceive victims through loan-giving apps, tricking them into paying fees for loans that they never receive. Over 40,000 individuals have already been swindled, resulting in a minimum loss of 1.6 million baht. This scam shares similarities with the money-laundering networks in Thailand and highlights flaws in the UPI system, such as the easy manipulation of phone numbers associated with receiving accounts.