Bengaluru: Investigators probing a recent FedEx fraud in eastern Bengaluru have traced the suspects to Singapore before the trail went cold.

The investigation revealed two IP addresses from Singapore and Hong Kong, indicating a larger syndicate of cybercriminals operating from Southeast Asia.

DH has learned that in this case, cybercriminals used SIM boxes to reroute phone calls through Voice over Internet Protocol (VoIP) and satellite communication to cover their tracks. 

The cybercrime was reported on May 23 at the East CEN Crime police station. A 26-year-old woman lost Rs 31.30 lakh after being held under duress by scammers posing as cybercrime officials from the Mumbai police. At 5.38 pm on May 20, she received a phone call from people claiming to be FedEx courier services’ support staff.

She was told there was a package in her name containing five passports, one laptop, clothes weighing five kg, and 200 grams of MDMA, a prohibited drug, which was being moved to Taiwan from Mumbai. She was informed that a case had been registered, and the call was then transferred to the “Andheri East Cyber Police Station”. 

Next, a person claiming to be Balsingh Rajputh, Deputy Commissioner of Police, connected with her on a Skype call and convinced her to transfer the money in her bank accounts to an “RBI” account for verification, alleging money laundering under her name. The impersonator assured her the money would be returned after verification.

Between May 20 and 23, she transferred Rs 11.30 lakh, Rs 4.69 lakh, and Rs 15.30 lakh from her ICICI bank account to SBI, HDFC and RBL Bank accounts. She approached the police on May 23 after the money wasn’t returned.

Cybercrime investigators immediately launched an investigation to trace the money and track the digital trail. On June 1, they received the IP logs of those who accessed the mule accounts. An IP address pinging to Singapore featured prominently as the one used for the last transactions from the accounts. A Hong Kong IP address was also discovered, used by the scammers to call the victim on May 20.

“We found that SIM boxes obtained illegally were used to make the calls, which can reroute using the internet or satellite connection,” an investigator said. “These don’t connect to local providers, and when we checked the call records, it showed no such device was found.”

A SIM box is a physical device that contains several SIM cards and lets its user reroute the connection through VoIP or other methods. Investigators believe a separate syndicate is involved where SIM cards are procured locally in different parts of India and smuggled abroad, especially to Cambodia, Hong Kong and other places in Southeast Asia.

Recently, Bengaluru police arrested a man from Visakhapatnam for attempting to smuggle 24 SIM cards procured locally "to be sent to Cambodia — most probably for cyber offences". 

The investigators also found that three bank accounts were mule accounts used by scammers to move the money. "The mule accounts are operated in several layers, making them difficult to trace," another investigator said.

Officials managed to freeze nearly Rs 16 lakh in the mule accounts, of which Rs 7 lakh belonged to the victim. The money was released following a court order. "The balance amount suggests that part of it belonged to other victims,” a police official said, adding that those in whose names the accounts were opened were unaware that criminal activity was taking place.