A Bengaluru-based tech professional recently lost Rs 4.35 lakh to a cybercrime scam disguised as a Diwali gift request. The victim, Rakesh Kumar (name changed), was tricked into purchasing Apple gift vouchers by a fraudulent message purportedly from his boss, as per reports.
The incident highlights the increasing sophistication of cyberattacks, which often exploit urgent requests and festive seasons to deceive unsuspecting individuals.
“I am currently engaged in a conference call meeting and I need you to run a quick assignment. We need to provide our clients in India with some gift cards, can you confirm if we can get apple app store cards from Paytm…,” read a WhatsApp message on October 13 from his superior.
Leveraging a popular payment app, Kumar promptly purchased the gift cards, incurring a cost of Rs 4.35 lakh. He subsequently shared the voucher codes as directed.
The fraudulent nature of the request only came to light when Kumar casually mentioned the “gifting gesture” to his HR department during a routine check-in. It was then that the alarming reality surfaced: the request had not originated from his actual boss.
The victim promptly reported the incident to the authorities and filed an FIR at the Bellandur Cyber Crime branch the following day. Local law enforcement is currently investigating the matter and urging the public to exercise caution against similar scams.
“Apple’s customer support operates only from 9 AM to 6 PM, Monday to Friday, significantly hindering victims’ ability to seek immediate assistance. I was unable to block the IDs or recover the misused funds promptly and had to wait for Apple support to open the next morning,” the victim shared.
Gift cards have become a favored tool for cybercriminals due to their ease of purchase, transfer, and the difficulty in tracking and recovering funds once spent. Scammers employ various tactics, including phishing and impersonation, to coerce victims into purchasing gift cards from popular platforms like Google Pay, Amazon Pay, Paytm, and PhonePe.
The ease with which gift cards can be redeemed and the anonymity associated with their usage make them an attractive target for fraudsters. While banks have implemented measures to detect suspicious P2P transactions, it remains challenging to intervene when legitimate users purchase and share gift card codes with scammers. Once these codes are shared, the funds are immediately lost and often laundered through untraceable cryptocurrencies.
Scammers may physically alter gift cards by copying their numbers, replacing the back with a similar sticker, and activating them to steal the funds. In some cases, they may even overlay the original barcodes with their own to redirect funds to their accounts.
Romance scams pose another significant threat, with an estimated 43% of Indians falling victim to such schemes. Fraudsters create fake profiles on dating apps, cultivate emotional connections with their targets, and then exploit these relationships by requesting gift cards as gifts or for supposed emergencies.
Festive seasons often witness a surge in such scams. Fraudsters may offer fake temporary or remote job opportunities, send fraudulent checks, and instruct victims to purchase prepaid gift cards and share the details with the purported employer. Once the fraudulent check bounces, the victim is left to bear the financial loss.