Cybersecurity researchers have found that Chinese scammers are using illegal instant loan apps to lure thousands of victims in India with false promises of substantial loans and easy repayments, a new report said on Friday.

These scammers then vanish after extracting personal information and fees.

According to the cybersecurity company CloudSEK, these scammers are evading actions by law enforcement agencies by using Chinese payment gateways and Indian money mules.

“A notable trend we’ve observed is scammers exploiting Chinese payment gateways due to their relative ease of use and limited regulatory scrutiny. These gateways offer a convenient bridge to funnel funds outside India, leveraging sophisticated techniques that blur jurisdictional lines, making it challenging to track and intercept the money trail,” said Sparsh Kulshrestha, Senior Security Analyst at CloudSEK.

The investigation, initiated on September 8, began when researchers discovered cybercriminals advertising a malicious app impersonating a prominent bank headquartered in Tamil Nadu with a reported revenue of $23 million.

Buy Me A Coffee

From July to September, cybercriminals collected around Rs 37 lakh by posing as a bank through fraudulent Chinese payment gateways.

Over 55 harmful Android apps have been distributed through various channels, the report found.

The researchers identified over 15 payment gateways operated by Chinese individuals involved in this fraudulent scheme.

According to the report, Chinese individuals operate these fraudulent payment gateways in multiple countries, including Indonesia, Malaysia, South Africa, Mexico, Brazil, Turkey, Vietnam, the Philippines, and Colombia.

READ
Microsoft Alerts on China-Based Quad7 Botnet Targeting SOHO Routers for Credential Theft

The modus operandi of Chinese scammers includes creating fake instant loan apps, promoting illegal apps, demanding personal information and processing fee payments, and then disappearing after payment.

The researchers urged all stakeholders, including financial institutions, regulatory authorities, and law enforcement agencies, to remain vigilant and work together to combat this growing threat to India’s digital payment ecosystem.