IOB loan fraud : ED says accused who defrauded Indian Overseas Bank paid managers' flight, hotel bills

                                 

Probing a Rs 299-crore Indian Overseas Bank loan fraud case, similar to the alleged USD 2 billion worth PNB swindle, the Enforcement Directorate has found that the accused "paid" for the air travel and hotel stay of a senior bank manager and his family as kickbacks. The central probe agency said "lapses" were also detected on the part of at least three managers — Anil Kumar, P C Rana and N Chokalingam — of the IOB branch in Chandigarh, "as well as the concurrent auditors."

The ED case is related to its criminal money laundering investigation "in a case related to buyers credit fraud of Rs 299.14 crore at the IOB, Chandigarh". The agency took congnisance of an FIR filed by the Central Bureau of Investigation (CBI), to file a case under various sections of the Prevention of Money Laundering Act (PMLA) against IOB Assistant Manager Ashu Mehra, properitor of heights international company Amanpreet Singh Sodhi, owner of vision procon company Dinesh Kumar and directors of a firm saibhakti impex Pvt ltd — Gaurav Kirpal and Aman Kirpal.

"A charge sheet was filed by the CBI against the accused revealing wrongful loss to the tune of Rs 299.14 crore to the bank on account of fraudulent unpaid LOUs (letter of undertaking) and that an amount of Rs 11.36 crore commission for 24 LOUs was also not received by the bank," the ED said. A similar modus operandi of misusing the LOUs has been alleged by probe agencies in the Brady House branch (Mumbai) of the Punjab National Bank (PNB) that led to a fraud estimated to be worth USD 2 billion, which came to light in 2018.

Diamond merchants Nirav Modi and his uncle Mehul Choksi have been alleged as the masterminds of this swindling, identified as one of the biggest case of bank loan fraud in the country. About the latest case, the ED said its probe found that the accused Amanpreet Singh Sodhi, Dinesh Kumar and Gaurav Kirpal "conspired" with IOB assistant manager Ashu Mehra "for illegal diversion of funds to the bank accounts of fraudulent buyers on behalf of Indian import firms."

"These amounts were first credited by the overseas funding bank — Bank of Baroda, Bahamas and PNB, Dubai — into the HSBC Account of the Hong Kong-based export company Colour Wave (HK) Ltd though no imports took place." "The accumulated amount in the HSBC Account was further remitted to India in the accounts of accused companies by showing it as adjustments for exports of third-party payments," the ED alleged.

It was found, the ED said, that the goods were either exported by the accused to different buyers or consignees by resorting "to gross over-valuation or in some cases there was "no export. "In this manner the accused have generated the proceeds of crime by resorting to trade-based money laundering," the ED claimed.

It was found that "payments for the air travels and hotel stays of the accused Ashu Mehra and his family members was borne by accused Dinesh Kumar and Gaurav Kirpal", the agency said. The agency has attached properties worth over Rs 91 crore of various accused involved in the case till now, with an attachment of Rs 6.03 crore being done recently.

Read More

Another PSU Bank reports Rs 1,775 cr fraud by Bhushan Power & Steel

Kolkata-headquartered state owned lender, Allahabad Bank, has reported a fraud of Rs 1774.82 crore by Bhushan Power & Steel to the Reserve Bank of India (RBI).

In a stock market notification, on July 13, the bank has alleged misappropriation of funds and manipulation in the books of accounts by Bhushan Power & Steel to raise money from a consortium of banks.

The lender further added that a provision of Rs 900.20 crore has already been made against the exposure.

“It has been observed that the company has misappropriated bank funds, manipulated books of accounts to raise funds from consortium lender banks. At present, the case is at NCLT which is in advance stage and the Bank expects good recovery of the account,” it said in a notice to the bourses.

Allahabad Bank is the second lender after Punjab National Bank (PNB) to report a fraud by Bhushan Power & Steel. Earlier this month, PNB reported a Rs 3,800 crore fraud by the company.

 Bhushan Power & Steel defaulted on Rs 47,700 crore worth of loans in 2017 and was one of the 12 cases referred for resolution under Insolvency and Bankruptcy Code.

Read More

Fraud detected by psu bank against Bhushan Power & Steel

Punjab National Bank on Saturday said it has detected a fraud of₹3,805.15 crore by Bhushan Power & Steel Ltd and has reported it to the Reserve Bank of India.

The exposure of ₹3,800 crore includes domestic exposure of ₹3,191 crore, overseas exposure of $49.71 million at the bank's Dubai branch and $38.51 million at its Hong Kong branch.

PNB said the company misappropriated bank funds and manipulated books to raise funds from consortium lenders.

"On the basis of Forensic Audit Investigation findings and the CBI filing an FIR on a suo moto basis, against the company and its directors, alleging diversion of funds from the banking system, a fraud of ₹3,805.15 core is being reported by the bank to the RBI," the bank said.

The state-owned bank also said that it has made provision of ₹1,932.47 crore against this account.

BPSL is one of the 12 accounts identified by the RBI for insolvency proceedings. JSW Steel has offered to pay ₹19,350 crore to financial creditors, which implies a haircut of around 60% for lenders.

The state-owned bank reported the fraud at a time when it is already recovering from the Nirav Modi scam, where it was defrauded of ₹11,400 crore.

Read More

How ATM card related frauds are happening, Know Do's & Don't for such transactions

In all ATM transactions we opt for printed slip (most of us including customer) throw the printed slip in dustbin without tearing off or destroyed properly. All these slip have last digits of ATM card as well as account Number and balance of account. When the fraudsters disclose account balance,  we get confidence in the caller without suspicion. Sol ID mentioned in the slip confirm branch name.

Any person having little smartness can find branch Name with the help of sol ID. In all POS transactions only last four digit is printed on slip for customer convenience. If the caller is having all the details than why he or she wants OTP number and why we have to trust ? OTP number should not be disclosed to any one at any cost. RBI gives advertisement every day on TV advising not to share card number, password,OTP etc with any one.

Bank has referred few number of callers to be blocked by the telecom service providers with the help of cyber crime branch of Mumbai police. But blocking few numbers can not resolve the problem.

We all are happy to share our personal details on social media like Facebook, whatsapp, twitter etc. We also download lots of apps and allow the apps to access our address book, messages , camera, photos etc. Even we allow the apps knowingly or unknowingly to reset or change the mobile settings, which starts sending all the personal details to the criminals or fraudsters.

We happily provide details to the shopping mall to win surprise gift through lucky draw which includes our mobile number as well as email address. We provide correct date of birth on social media and forward sms at the request of fraudsters which enables them to clone the sim also. We search branch number on google map instead of Banks website which is like inviting the fraudsters at home.

Some times customer writes complete account number and card number on social media specially on Face Book page. In case of sim clone the fraudsters get account balance and wins the customer confidence.

Never share any information to any caller (known + unknown) regarding your ATM CARD and / or account details.

Read More

PSU bank fraud: Which banks tops with most employees caught in the act

India’s largest bank State Bank of India has topped the list of PSU banks with maximum number of actions taken against officials involved in fraud in the last three years. All these actions pertain to frauds involving a sum of one lakh rupees or more.

In last three years (2015-2017), action has been initiated against 1,287 officials of State Bank of India for their involvement in fraud. This is over 9% of the total cases involving bank staff in public and private sector banks, Shiv Pratap Shukla, minister of state in the ministry of finance, informed the Rajya Sabha in his written reply.

Punjab National Bank figures at the second position in the list with 1,127 officials or 8% of the total 13,949 officials allegedly involved in fraud. Manipal based Syndicate Bank figures at the third position in the list with action taken against 894 officials of the bank.

While SBI has been fighting court cases against high profile accused and liquor baron Vijay Mallya to recover the loans given to Mallay’s now-defunct airlines Kingfisher, several top officials of Punjab National Bank have been accused of helping diamond baron Nirav Modi and his uncle Mehul Choksi in securing loans through fraudulent means.

Sudhir Kumar Jain, the then chairman and managing director of Syndicate Bank was arrested by the Central Bureau of Investigation in August 2014, for his involvement in ‘bribe-for-loan scam’, involving Prakash Industries and Bhushan Steel which were probed by the anti-corruption agency in the coal block allocation scam.

Central Bank of India figures at the fourth position in the list with action taken against 728 of its officials followed by the Bank of Baroda with action taken against 674 of its officials.

During this period, action has also been initiated against 618 officials of Canara Bank, 555 officials of UCO Bank and 515 officials of Corporation Bank.

While the action was initiated against 5,785 officials in 2015 for their involvement in fraud, the figure for 2016 and 2017 was 4,360 and 3,804 officials.

Read More

Fake bank apps may have stolen data of thousands of customers: Report

Fake apps of SBI, ICICI, Axis Bank, Citi and other leading banks are available on Google Play, which may have stolen data of thousands of bank customers, claims a report by IT security firm Sophos Labs. 

These fake android apps have logo of respective banks which makes it difficult for customers to differentiate between the fake and original apps, it said. The report further said that the deceptive malware in these apps may have stolen thousands of customers' account and credit card details. 

When contacted some of the banks mentioned in the report said they have not come across any such fake apps. However, some banks have started inquiry and also informed the CERT-In -- the national nodal agency for responding to computer security incident. The fake apps target total seven banks like SBI, ICICI, Axis, Indian Overseas, BoB, Yes Bank and Citi Bank, the report said. 

Another lender Yes Bank said it has informed the bank's cyber fraud department about the matter.  However, the country's largest lender State Bank of India's response was awaited. There were no immediate comments from ICICI Bank and Axis Bank. 

According to the report, the apps lured victims to download and use them, either by masquerading as Internet apps or e-wallets, promising rewards, including cash back on purchases, free mobile data or interest free loans. 

Some even claimed to be providing a too-good-to-be-true service, enabling users to withdraw cash from an ATM and have it delivered to their doorstep. 

"Deceptive malware may have stolen thousands of Indian sub-continent bank customers account data or credit card numbers," said Pankaj Kohli, threat researcher, SophosLabs. 

Fake apps are not new to Android and this sort of malware will continue to find its way into the android app store, it said. 

"Some are blatant copies of real apps, while a few are much more dangerous as they seed malware and steal data from user accounts. Users should always use antivirus software, which provides malware protection and internet security to keep users protected and stop these fake apps from stealing data," it said.

Source- Economic Times

Read More

Private Bank's relationship manager siphons off Rs. 1.5 Cr elderly couple's a/c

A retired businessman had a forgettable experience of availing doorstep banking services when his relationship manager used his documents and allegedly siphoned off Rs 1.5 crore from his and his wife's accounts. 

The manager employed by a private bank has been arrested. However, cops are yet to recover the amount the 85-year-old man lost. Other officials in the bank are being probed to ascertain their involvement in the case. 

In his complaint, the senior citizen alleged that his signatures were forged by the suspect and unnamed accomplices to forge documents and create fake bank accounts. Money was illegally withdrawn, sometimes from ATMs and through cheques, from the accounts to pay insurance firms premium of policies bought by the suspect and his family members. The man lives with his wife in New Friends Colony and kept his money in the bank after selling off his business before retiring. The bank provided the couple with its doorstep delivery of services because of their advanced age. 

Suspect names daughters as nominees in fake accounts

The senior citizen told cops that he had opened three saving accounts in the bank in 2011 and the suspect had been known to them ever since. He used to come to their house for the purpose of updating them about the bank statements and transactions done on a month to month basis.

In May 2018, the complainant received a call from a prominent insurance company which intimated him about an insurance policy his wife had recently bought.

"I had no knowledge about this as my wife had never invested in such a policy. I contacted my relationship manager and after initially avoiding the conversation, he admitted of investing some amount in insurance policies. He promised of getting the entire amount along with the interest credited into my wife's account," the complainant told cops, adding that following this, he went to the bank and checked his account statements.

To the couple's surprise, they discovered multiple withdrawals made from their accounts without their knowledge. The senior citizen alleged that these entries were specifically hidden when he was shown the statements at his house.

The suspect allegedly named his own daughters as nominees of the fake accounts created in the senior citizen couple's name. 

Read More

Cosmos Bank loses Rs 94 crore in malware attack, How hackers siphoned?

Few outside Maharashtra would have heard of Cosmos Bank. But hackers did — and they targeted the over-a-century-old Pune-headquartered co-operative bank in a multi-pronged attack to transfer over Rs 94 crore over multiple days to foreign bank accounts. 

About Rs 78 crore was withdrawn in more than 12,000 ATM transactions in 28 countries between 3 pm and 10 pm, India time, on Saturday, Cosmos Bank said. Another 2,800 transactions were made in different places within India, amounting to about Rs 2.5 crore, during the same period. On Monday, Rs 13.5 crore was transferred to a Hong Kong-based entity using the Society for Worldwide Interbank Telecommunications (SWIFT) facility.

Milind Kale, chairman of the 112-year-old cooperative bank, said the illegal withdrawals were enabled by a malware attack which authenticated debit card transactions bypassing the bank’s computerised core banking system (CBS). This would have been preceded by another cyber attack, resulting in data theft of hundreds of the bank’s debit cards. The information on these debit cards would then have been cloned on to fake cards used in physical withdrawal of cash from ATMs across the world.

Payment experts say the fraud involved breaching the firewall in servers that authorize ATM transactions. After this, a proxy server was created and transactions authorized by the fake or proxy server. This meant that the ATMs were being directed to release money without checking whether the cards were genuine or whether there was a bank account. 

Target 1: The first attack, on August 11, is thought to have targeted the bank’s debit cards and the ATM Switch — a system that lets, among other things, withdraw cash from, and change card pins of, your bank account at an ATM of a different bank. Most banks in India uses the National Financial Switch (NFS) ATM system of the NPCI.

Method: The hackers are thought to have cloned VISA and RuPay (of NPCI’s) debit cards to make the transactions, and attacked the switch to verify them. Bank says the cards were not customers’, but dummy cards — suggesting hackers “linked” the dummy cards to the bank using the compromised switch. A total of 14,849 transactions of value over Rs 80 crore — 12,000 transactions of Rs 78 crore on VISA cards outside India and the rest of RuPay cards — were made using the method. VISA says it was “able to identify the issue quickly, enabling the financial institution to take appropriate action”. 

Target 2: Once this was flagged, hackers, on August 13, attacked another payment system banks use: SWIFT, which validates international money transfer. On August 13, hackers transferred Rs 13.94 crore from Cosmos to an account with a Hong Kong-bank.

The hunt: The bank has registered an FIR at the local police station; and says the preliminary probe shows the attack originated in Canada. But the sophistication of the attacks suggests the hackers are no amateurs, and thus less likely to leave a trace. (Hackers use proxy servers to mask the location of their computers)

Cosmos Bank chairman Milind Kale said, “The bank turned off its servers and all internet banking applications after noticing several erratic and abnormally high transactions. These transactions happened over two hours and 13 minutes and were spread across 28 countries where cloned cards were used to debit several amounts ranging from $100 (Rs 6,900) to $2,500 (Rs 1.7 lakh).”

‘Customer money is safe in their accounts’

Cosmos Bank reassured its customers on Tuesday that their money was safe in their accounts and they would be able to access it digitally and via ATMs once the systems are restored in a few days. For now, the bank has made provisions for NEFT and RTGS payments through its branches. Pay-in slip payment and cheque disbursals will continue as earlier. The bank said the fraud appears to have originated in Canada. 

Source-Times of India

Read More