NEW DELHI: A Nepali national, 25, who had worked as a contractual agent with two banks, would secretly install a remote access application (app) in mobile phones of his customers he had helped obtain credit cards and would later use the app to withdraw money from their accounts, the Delhi Police said, Hindustan Times reported.
The arrested accused has been identified as Mukesh Okheda, a native of Nepal, who had moved to Delhi from Bengaluru late last year in search of a job.
Okheda allegedly started committing these frauds from February after he was employed as an agent by credit card departments of two banks. “His job was to look for customers, who wanted new credit cards. Initially, he would convince his customers to take new credit cards and later facilitate the process of obtaining the cards for them,” said a Delhi Police investigator, who didn’t wish to be identified.
Okheda allegedly took advantage of the card issuance process.
“He would get hold of a customer’s mobile phone during the card issuance process on some pretext. Then, he would secretly install a remote access app in the customer’s mobile phone and return the device to him (the customer),” said the investigator.
All that Okheda needed to carry out a fraudulent transaction was a one-time password (OTP) since he had the other credit card details of his victim.
The rule stipulates that an OTP must be sent to a customer’s mobile phone number to validate a transaction.
Okheda would use that app on his own mobile phone to gain remote access to the victim’s mobile device and then steal the OTP.
Okheda would delete the OTP from the victim’s mobile phone after making a bogus transaction, the investigator said. Okheda would never leave behind any trail of evidence about his crime and the victim would be unaware that his mobile phone and privacy was breached to defraud him, he added.
The police have arrested the suspect following a six-month hunt.
The suspect’s modus operandi was uncovered after he had gained illegal access to the mobile phone of an Indian Army personnel in the national capital and withdrew Rs 69,334 from the latter’s credit card account, said Devender Arya, deputy commissioner of police (DCP) (south-west), Delhi Police.
Okheda got busted after the Indian Army personnel approached the Delhi Cantonment police station authorities on March 9 after he had lost Rs 69,334 through a fraudulent transaction.
“The Indian Army personnel found out that Rs 69,334 was withdrawn from his credit card even though he didn’t share the card and OTP details with anyone,” said DCP Arya.
Delhi Police’s cyber cell in the south-west district was assigned the case, and they approached the bank that had issued the credit card to the victim. “The bank authorities informed us that the money was transferred to two online payment apps and from there to a bank account registered in the name of Okheda. Some mobile phones registered in Okheda’s name were also recharged using the duped money,” said the DCP.
Okheda had allegedly been changing his address repeatedly to evade arrest, the police said.
Finally, acting on a tip-off, the police nabbed him from Baprola village in Dwarka on Wednesday.
A probe is in progress to ascertain how many other credit card holders were allegedly cheated by Okheda, the police said.
(With inputs from Hindustan Times)
Comment