TRAI blocks 120 sender IDs for bulk messaging over Chinese link

Telecom authorities blocked 120 headers in the last two months as per the Union Home Ministry’s information. The group involved had ties to a Chinese entity.

Headers, or sender IDs, are utilised by various entities like banks, marketing firms, and government agencies to send bulk SMSs/texts to their customers. These are unique strings of numbers or characters that represent the brand or name of the message sender.

Indian Cyber Crime Coordination Centre (I4C) discovered that the headers came from China during their investigation.

An official from the Ministry gave an example of the West Bengal State Electricity Distribution – WBSEDC – where the header was compromised by a Chinese host. This resulted in consumers receiving messages about outstanding electricity bills containing malicious links. If clicked, these links would lead to the hacker gaining access to the person’s phone, resulting in potential financial loss.

The header of the State electricity distribution company was misused, making it easier for the hackers to dupe consumers. As per the official, consumers fell for the messages as the header was genuine, making it more difficult for them to detect the scam.

The scam has been going on for at least three years before I4C officials discovered it, according to another official familiar with the matter, reports.

“The IP addresses of all the headers that were blocked were traced to China,” said the official.

I4C investigation led to Telecom Regulatory Authority of India (TRAI) requesting telecom firms to report active or inactive headers within 30 days. The TRAI directed, on 16 February, Access Service Providers to take action against the misuse of headers and message templates by blocking un-registered ones within 60 days.

In a recent statement to Parliament, it was disclosed that the DoT disconnected over 15 lakh mobile numbers issued on fraudulent credentials. This action was taken to combat the misuse of mobile devices and improve overall security measures.

The Centre is focused on enhancing I4C, launched in 2020, with the help of the Threat Analytical Unit. The TAU examines financial crimes and frauds and shares findings with central agencies like National Investigation Agency (NIA), Enforcement Directorate, and State police forces.

The TAU has alerted the authorities about scammers using consumer redressal websites of banks and other firms to deceive people. “After hacking into consumer websites, the caller would call the affected person saying he was calling from their bank and was here to redress the complaint. The consumer readily shares information including One Time Passcode (OTP) that gives the hacker access to their bank account, losing money in the process,” said another official.

According to an official, 112 applications that were hosted on Google Playstore and Google Ads were blocked in the past two months on the request of I4C.

“These apps would pop up and promise high returns for work-from-home jobs or through gambling. To convince the victim, they would create a wallet and deposit money.

“The wallet would appear to have money deposited from the scammers. When the victim would want to withdraw the amount they will come up with some excuse and ask him/her for a certain amount as processing fee. As soon as the victim deposited the fee, they would block access and become incommunicado,” said the official.

These ads were hosted from Argentina, Nigeria, Philippines, Cambodia, and China and belonged to the same group. Swarajyamag