Pakistan’s ‘dark web’ sells your sensitive personal details for peanuts


If you think your personal details are safe with the National Database Registration Authority (Nadra), you are in for a surprise.

Sensitive
data, including key information such as your date of birth, family tree
details, and even your fingerprints could be on offer on one of the many
WhatsApp groups run by con artists, and at a price that beggars belief.

The extent
of the privacy violations doesn’t stop there, as revealed by a recent
investigation by the Federal Investigation Agency. The people who are using
personal information to scam unsuspecting individuals also have access to
people’s call detail records (CDR).

This
data is mostly used to register SIM cards from which these scammers would make
calls under false pretences in order to dupe the person on the other line, explains
Faizullah Korejo, who is an additional director for the Sindh and Balochistan
region for FIA’s cyber-crime wing.

“During
an intensive operation in rural areas of different districts of Punjab
province, 16 cyber criminals were booked on seven different counts,” he revealed
during a press conference last week.

The
action was taken, said Korejo, after an alarming increase in the number of
complaints from bank customers against fake callers who introduced themselves
as representatives of the State Bank, the country’s central bank, or as members
of the armed forces.

Using
the information they had acquired illegally, these conmen tricked bank
customers into revealing details of their personal accounts and then drained their
account in a methodical manner, with one elderly woman form Karachi deprived of
almost Rs2 million within a 24-hour period.

“Initial
investigations reveals that all the fake calls were made from a few districts
of Punjab, including Gujranwala, Hafizabad and Rahimyar Khan,” he said.

The suspects,
currently in FIA custody, revealed that the cell phones used for fake calls
were activated using information available on WhatsApp groups.

“I
was responsible for providing the biometric machines allotted to cell phone
franchises and Haris, a resident of Sahiwal, was the mastermind,” said Hassam,
one of the accused who is from Gujranwala.

He
claims that he met Haris on a WhatsApp group, where he was added after an
interaction with some others on a Facebook group for ‘golden numbers’.

“Haris
bought the soft fingerprints of citizens on the same WhatsApp group where I
first came across him. He would then ask me to provide the biometric machine to
a third individual,” says Hassam, claiming he was unaware of what they did with
it next.

According
to another official who is a part of the investigation, the accused are holding
back key information but the investigators remain confident of connecting the
dots. “This is the tip of the dark web substitute that is thriving in
Pakistan,” he says, adding that they are looking at the nexus of criminals
within government agencies as well as employees of cellular companies and banks
who could possibly be working with the conmen.

“Currently,
we have people in custody who appear to be small fry and the middlemen, used by
the big fish as a layer to conceal their involvement,” he says.

A
Nadra official, when asked about the possible breach, expressed surprise. “Stolen
fingerprints are quite concerning. It is the sole responsibility of the
centralized Data Protection Center located in Islamabad,” he said while
requesting anonymity. “The matter in question is out of my jurisdiction.”



Source link

Leave a Comment

Your email address will not be published. Required fields are marked *