When a team of cybercrime police officers from Hyderabad recently apprehended a 60-year-old woman NGO operator from Mainpuri in Uttar Pradesh, they were surprised to see that a battery of over 10 lawyers appeared for her, contesting the prisoner’s transit request they had submitted. The lawyers also tracked her down to Hyderabad to challenge her judicial remand.
The woman, Kamlesh Kumari, who contested general elections on a major political party’s ticket last year, is accused of receiving Rs 1.90 crore illegally siphoned off from a 70-year-old businesswoman in Hyderabad.
Details of the crime emerged about a month ago when the businesswoman, a resident of Basheer Bagh, noticed that her bank account had been cleaned out without her knowledge, officers said. She was clueless as to where her hard-earned money had gone. After alerting the bank, she quickly approached the police. On Friday, Hyderabad police announced that the entire money had been traced and frozen in multiple bank accounts that the cyber crooks had used to commit the crime.
The accused NGO operator Kamlesh, who was sent to 14 days’ judicial remand by a Hyderabad court, was in dire straits — owing to multiple loans she had availed — when someone approached her with a plan. According to the police, cyber fraudsters offered Rs 35 lakh to Kamlesh if she let them use her NGO account to receive proceeds of cyber crimes.
Investigation by the police revealed that she is an accused in two more cases registered at North Rohini police station in Delhi and Khatodara police station in Gujarat. Investigators found that she is involved in at least five other similar offences.
Sub-Inspector (cyber crime) Vinay Kumar said, “This is nothing but APK fraud. These cyber criminals operate in gangs. While Kamlesh received the money, there would be persons who were each in charge of sending out APK files, hacking the phones of victims, carrying out internet transactions using VPNs, arranging mule accounts, withdrawing funds, etc. In this case, Kamlesh was about to withdraw Rs 35 lakh that was offered to her as commission when she was nabbed.” He added that a team led by Inspector Satish Reddy was still searching for the rest of the accused.
APK fraud refers to scams that exploit Android Package Kits (APKs), the files used to install apps on Android devices. Cybercriminals distribute malicious APKs disguised as legitimate apps to trick users into installing them. These fake apps can steal personal data and banking credentials, or even take control of the device. In this case, the complainant is not even aware of downloading any such files, while the accused was quick enough to redistribute the money to several other bank accounts.
Story continues below this ad
The entire sum of Rs 1.9 crore was siphoned off in nine transactions and the complainant did not even receive OTPs in her phone. Police say this is because criminals ensured that they had full access to her phone and deleted OTPs as soon as they arrived. Even though the criminals never used their original credentials and relied on VPN to mask their IP addresses, the police used advanced technical analysis to trace the beneficiary’s bank account and then used a mobile tower location to track the accused to Mainpuri in Uttar Pradesh.
“Rs 35 lakh from one of the bank accounts is being refunded immediately and the rest will be refunded through the court in due course. We have successfully managed to put on hold the entire money that was siphoned off,” said Dara Kavitha, Deputy Commissioner of Police (cyber crime) in Hyderabad. She added: “We were surprised to see about 10 lawyers fight for her in court to prevent the arrest and transit from UP and even the remand process in Hyderabad. They tried their best to convince the court that she is an aged woman unaware of these accusations.”
The police then took out details of all transactions in the woman’s bank account to prove that her NGO had never received such huge funds from any source and that she was aware of the fraud since she was about to withdraw her share of Rs 35 lakh.
“People should be careful about what links they click on their phones. Links that are suspicious and appear in unknown WhatsApp groups and unverified sources should be avoided,” the DCP added.
