CloudSEK, a cybersecurity agency, introduced that it has unmasked a syndicate concerned in printing and promoting counterfeit Indian foreign money. As per the agency, the group was advertising and marketing the pretend notes by way of social media platforms corresponding to Fb and Instagram, and even used genuine advertising and marketing channels corresponding to Meta advertisements. As per the report shared by the corporate, the group unfold Rs. 17.5 crore price of pretend foreign money in simply the final six months. CloudSEK was in a position to establish the group directors and geo-locate them throughout the investigation.
CloudSEK Makes use of OSINT and HUMINT Methods to Unmask Perpetrators
In a press launch shared with us, the cybersecurity agency highlighted that its Strike group performed an investigation right into a counterfeit foreign money community that was brazenly working by way of social media platforms. Throughout the investigation, CloudSEK was in a position to uncover how the group created pretend notes and the way it publicised its choices to prepared takers utilizing its XVigil platform. The researchers had been additionally in a position to establish the faces of the group directors and discover out their location.
As per the report, the group was lively on Fb, Instagram, Telegram, and YouTube and ran advertising and marketing campaigns on these platforms. They even ran paid promotions by way of Meta advertisements to solicit consumers. The group additionally made use of Fb and Telegram teams. The campaigns had been run utilizing codewords corresponding to “second foreign money” and “A1 notice”. “Some sellers even demonstrated the legitimacy of their counterfeit merchandise utilizing movies, handwritten notes, and video calls.” the corporate stated.
In whole, CloudSEK was in a position to detect greater than 4,500 promotional posts, greater than 750 accounts and pages to facilitate the sale, and greater than 410 distinctive cellphone numbers linked to sellers.
Explaining the modus operandi of the syndicate, CloudSEK acknowledged that the perpetrators produced high-quality reproduction of Indian foreign money by way of Adobe Photoshop and industrial-grade printers. In addition they used paper embedded with Mahatma Gandhi watermark and inexperienced safety threads.
After selling their notes, the group would then share proof photos with the consumers on WhatsApp, and even provide video calls to indicate stacks of counterfeit foreign money. Nevertheless, CloudSEK highlighted that the transaction by no means occurred on-line, and had been as a substitute made in particular person. The group additionally used burner telephones, pretend IDs, and pseudonyms to evade regulation enforcement.
CloudSEK researchers weren’t solely in a position to uncover the extent of the group’s operations however by utilizing open-source intelligence (OSINT) and human intelligence (HUMINT) methods, they had been additionally in a position to reveal the situation and identities of the group directors. This was finished by retrieving facial photos, cellphone numbers, GPS places, and social media handles of key suspects. The perpetrators had been stated to reside in Jamade Village, Dhule district in Maharashtra, and Pune.
Notably, CloudSEK has formally shared the small print of the investigations with regulation enforcement companies at each state and nationwide ranges. The agency suggests Meta to watch Meta Advert libraries and take away any such finance-based scams. Moreover, it additionally urges companies to work with social media platforms to takedown recognized sellers and teams.