Case Study
1. Overview of the Call Spoofing Scam
Call spoofing is a cybercrime technique where scammers manipulate Caller ID information to display a trusted phone number, such as that of a bank, government agency, or law enforcement authority. Victims are tricked into sharing sensitive data or making payments, believing they are speaking to a legitimate entity.
2. Modus Operandi (How the Scam Works)
A. Caller ID Spoofing
- Scammers use VoIP (Voice over Internet Protocol) services and special software to alter the displayed caller ID.
- The victim sees a legitimate-looking phone number (e.g., a bank or police station), making the call seem authentic.
B. Impersonation of Authorities
- Fraudsters pretend to be bank officials, government agents, or tech support executives.
- They claim there is an issue with the victim’s bank account, Aadhaar card, or PAN number, creating urgency.
C. Extracting Sensitive Information
- Victims are asked to verify their identity by sharing personal information such as bank details, OTPs, or passwords.
- In some cases, scammers convince victims to install remote access software, gaining full control over their devices.
D. Financial Fraud
- Once they obtain the victim’s details, scammers initiate unauthorized bank transactions or steal digital assets.
- Victims often lose lakhs of rupees before realizing they have been duped.
3. Real-Life Incident: Noida Businessman Loses ₹40 Lakh in Call Spoofing Scam
A. Incident Details
- A Noida-based businessman received a call from a number appearing to be from his bank’s fraud prevention department.
- The caller claimed that his account had been compromised and required urgent verification.
- Trusting the number, the victim provided his banking credentials and OTPs over the phone.
- Within minutes, ₹40 lakh was transferred to multiple fraudulent accounts.
B. Investigation & Response
- The victim reported the fraud to cybercrime authorities.
- Investigators traced the call back to a call center operating from Jharkhand, using spoofing software.
- Multiple arrests were made, and authorities warned the public against sharing sensitive information over phone calls.
News Source:
Times of India
4. Law Enforcement Actions
- Cybercrime units in India have been actively tracking and shutting down illegal call centers involved in spoofing scams.
- The Ministry of Home Affairs (MHA) has launched initiatives to monitor suspicious VoIP calls.
- Telecom Regulatory Authority of India (TRAI) has been working to curb caller ID manipulation through stricter regulations.
5. Preventive Measures
A. Verify Calls from Official Sources
- If you receive a suspicious call, hang up and call back using the official helpline number.
- Banks and government agencies never ask for OTPs or passwords over the phone.
B. Enable Call Blocking Features
- Use apps like Truecaller to identify potential spam or spoofed calls.
- Activate Do Not Disturb (DND) services through your mobile provider.
C. Avoid Clicking on Suspicious Links
- Scammers often send follow-up phishing links via SMS or email after a spoofed call.
- Never download apps or files from unknown sources.
D. Report Scams Immediately
- Dial 1930 (Cybercrime Helpline in India) or report fraud at cybercrime.gov.in
6. Conclusion
Call spoofing scams are increasingly sophisticated, making it essential for individuals to remain vigilant and skeptical of unsolicited calls. By verifying caller identities, avoiding sharing personal information, and reporting suspicious activity, people can protect themselves from financial and data theft.