A senior Indian Army officer stationed in Pune has become the latest victim of a sophisticated cyber fraud, losing a substantial sum of money to scammers impersonating traffic police. The incident highlights the growing threat of online payment scams targeting citizens across India.
The Deceptive Message and Immediate Loss
The colonel, who is in his late 40s and posted at a defence establishment in Pune, received a text message late on Monday night. He opened the message on Tuesday morning, which contained a link. Upon clicking it, he was directed to a webpage that claimed a payment of Rs 590 for a traffic violation challan against his vehicle was pending.
Believing it to be legitimate, the officer proceeded to fill out an online form with his financial details. He then clicked to generate a One-Time Password (OTP). Moments after this action, he was shocked to see an unauthorised transaction alert. A whopping 32,939 Hong Kong Dollars (approximately Rs 3.81 lakh) had been deducted from his credit card as payment to a hotel in Hong Kong.
Police Action and Common Modus Operandi
The officer immediately approached the authorities. An FIR in the case was registered at the Chatushrungi police station on Wednesday. Investigating officials have noted that this fraud follows a familiar pattern seen in other scams involving fake gas or electricity bills.
These scams typically operate by sending deceptive SMS, emails, or WhatsApp messages that appear to originate from government bodies, transport authorities, or utility providers. The messages create a sense of urgency by stating that a bill or challan payment is overdue and include a link for resolution.
The linked website is a clever replica of an official portal, designed to trick victims into entering sensitive information. This includes:
- Personal identification details
- Credit or debit card information
- One-Time Passwords (OTPs)
Once scammers obtain this data, they swiftly execute unauthorised transactions, drain bank accounts, or misuse credit cards.
A Broader Threat: Spyware and Remote Access
Investigators also warn of a more dangerous variant of such scams. In some cases, merely clicking the malicious link can install spyware or remote-access software on the victim's device. This grants cyber criminals unauthorised control, allowing them to monitor activity, capture passwords and OTPs, and access online banking or payment apps directly.
This access can lead to significant financial theft, often without the victim's immediate knowledge, as the fraudsters operate stealthily from a remote location.
The Pune police have reiterated their appeal for citizens to exercise extreme caution while making online payments. They advise verifying the authenticity of any payment link directly through official websites or helplines and never sharing OTPs or card details on unsolicited links received via message.
