The Telecom Regulatory Authority of India (Trai) has blocked up to 120 headers operated by a group linked to a Chinese entity in the last two months, according to data released by the Union Home Ministry.
Headers (also known as sender IDs) are combinations of characters or numbers used by various banks, marketing firms, utility providers, and government offices to send bulk SMS messages to consumers. These IDs are used to identify the sender's brand or company name.
Meanwhile, an investigation by the ministry's Indian Cyber Crime Coordination Centre (I4C) revealed that the headers were hosted from China, The Hindu reported.
Giving an example, a ministry official said that the header of West Bengal State Electricity Distribution (WBSEDC) was compromised and taken over by a Chinese host, resulting in fraud with consumers who received messages about their outstanding electricity bills.
"The SMS contained malicious links, which, when clicked, would lead to financial loss for the consumer as the hacker would get access to the person’s phone. Consumers would fall for it as the header genuinely belongs to the state electricity distribution company," the official was quoted as saying by The Hindu.
Another official mentioned that the scam was running for a minimum of three years and was only recently brought to the attention of I4C officials.
The origin of the blocked headers' IP addresses was traced to China, said the official.
After I4C's investigation, Trai contacted telecom providers, requesting a response within 30 days regarding active or inactive headers.
Earlier on February 16, Trai issued instructions to Access Service Providers to curb header and message template abuse. They were directed to re-verify and block unregistered headers and message templates within 30 and 60 days, respectively.
I4C has been a priority for the Centre to strengthen since its inception in 2020. The I4C's Threat Analytical Unit (TAU) analyses financial crime and fraud patterns and reports to central agencies such as the National Investigation Agency (NIA), the Enforcement Directorate, and police forces.
According to TAU reports, scammers have been using consumer redressal websites of banks and commercial firms to defraud people.
Scammers hack into these companies' websites before contacting victims and claiming to be from their bank and offering to resolve their complaints. Unfortunately, many consumers fall for this ruse and provide sensitive information, such as their One-Time Passcode (OTP), giving the scammer access to their bank account and resulting in a loss of funds, according to an official who spoke to The Hindu.
An official reported another instance of fraud, stating that I4C had requested the removal of 112 applications from the Google Play Store and Google Ads in the last two months.
These apps promised high returns via online gambling or work-from-home opportunities. Scammers would deposit money into a wallet that appeared to have been transferred by the victim in order to gain their victims' trust. When the victim requested a withdrawal, the scammers would ask for a processing fee and then disappear once the payment was received, said the official, adding that these ads were hosted from Argentina, Nigeria, Philippines, Cambodia and China and were linked to the same group.