Online scammers target desperate loan seekers using online fraud

(Image credit: Shutterstock / Sapann Design)

Hackers are stealing money from gullible victims looking for a flash loan and moving it into China, experts have warned.

A new report from cybersecurity experts CloudSEK has suggested such activity means there is a need for greater international cooperation in order to stop this type of fraud.

As per the report, hackers (which CloudSEK believes are Chinese) have created over four dozen Android apps, impersonating popular Indian banks. These apps are hosted on different third-party app repositories and standalone websites. Then, they are “aggressively” advertised through social media. The advertisements promise quick and substantial loans, and easy repayments.

Thousands of dollars stolen

Gullible consumers who fall for the trick are then asked to share personal information, such as their name, address, phone number, and bank account information. Furthermore, they are asked to pay a processing fee, usually 5% of the loan they are applying for. When that happens, the app goes dark, the loan never makes it to the victim’s bank account, and the money is gone.

Apparently, the hackers managed to steal more than $44,000 this way. The worst part is that the money is quickly moved across the border and into China, where the lack of proper regulatory scrutiny allows the attackers to hide their tracks effectively. This is made possible with the use of various payment gateways, not just Chinese, but also Indonesian, Malaysian, South African, Mexican, Brazilian, Turkish, Vietnamese, Philippino, and Colombian. 

"A notable trend we've observed is scammers exploiting Chinese payment gateways due to their relative ease of use and limited regulatory scrutiny. These gateways offer a convenient bridge to funnel funds outside India, leveraging sophisticated techniques that blur jurisdictional lines, making it challenging to track and intercept the money trail,” said Sparsh Kulshrestha, Senior Security Analyst at CloudSEK. 

“This enables scammers to sidestep the legal and financial roadblocks, making it imperative for authorities to enhance cooperation and adopt advanced measures to counter this sophisticated threat."

More from TechRadar Pro

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.