From Chief Justice of India D Y Chandrachud to Union Finance Minister Nirmala Sitharaman, several high profiles leaders of the country have fallen prey to WhatsApp impersonation cases over the past three years. A recent investigation into the cases has revealed that the impersonators used IP addresses of Pakistan, Hong Kong and Nigeria to carry out the offences.
According to a report by The Indian Express, cyber crime police of New Delhi district had lodged an FIR earlier this week under BNS Section 204, pertaining to pretending to hold any particular office as a public servant and 66 (C) of the IT Act. The FIR was filed based on a complaint by Pawan Kumar, an inspector of the security wing of the Supreme Court, who alleged that someone was pretending to be CJI Chandrachud on social media platform X and demanding money from people.
An officer told the publication that the SIM cards used by the impersonators were obtained from West Bengal, Odisha, Punjab, Haryana, Delhi, Gujarat and Maharashtra. However, there was no use of VPN or proxy.
"Details of WhatsApp accounts involved in offences were obtained, which revealed IP addresses of Nigeria, Hong Kong and Pakistan. IP addresses were analysed on an open source tool and it was found no VPN or proxy was used,” the officer told The Indian Express.
Modus operandi
As per the report, the suspects first obtain a picture of the target from social media or the internet and then create a WhatsApp account with the picture.
Messaging app Telegram has also plays a crucial role in helping the accused in these scams. “The accused sniffs OTPs of Indian phone numbers either using SMS forwarding apps or purchases them from Telegram groups. During analysis of phone numbers of some suspects, whose phone numbers were used in this offence, an SMS forwarding app, ‘Thermal Camera app’, was found installed,” the officer said.
Explaining what the Thermal Camera app does, the officer said that the malicious app is used to bombard the target's phone for OTP requests in a short span of time which can lead to disruption in the normal functioning of the phone.
After obtaining all the details and creating a fake account, the accused messaged relatives and friends of the target, asking them to purchase e-gift cards on the pretext of an emergency.
“After opening a fake account (using target’s details), the suspect sends messages to those who know the target, asking them to purchase e-gift cards from e-commerce sites on pretext of emergency and ask them to share it. Some of them buy and send them to the suspect, who sells them on Paxful or Telegram,” the officer told.
Since 2022, the Delhi Police have registered several cases after suspects pretended to be Lok Sabha speaker Om Birla, former Vice President M Venkaiah Naidu, Union Ministers Kiren Rijiju, Hardeep Singh Puri, Mansukh Mandaviya, Delhi L-G V K Saxena and several other top politicians and judicial figures of the country.