Thai Cyber Bank Fraud Gang Busted

Uploaded on 2016-09-08 in FREE TO VIEW, GOVERNMENT-Law Enforcement, TECHNOLOGY--Hackers

In the historic City Ayutthaya 40 miles north of Bangkok, in Thailand, the police have recently just caught a gang who stole personal information of an online auto parts trader through an elaborate, Internet-enabled scam to steal close to one million baht of his money.

Early this month, Phansuthee Meeluekij, 28, an auto parts trader who operates the business online and communicates with his customers via Facebook, lodged a complaint with local police, saying a total of 986,700 baht had been stolen from his Kasikornbank account. He also complained to the Technology Crime Suppression Division and submitted evidence including an online chat history between him and the suspects and photos of suspects taken from security cameras.

Police tracked the transactions of the suspects and their mobile phone use and eventually captured six suspects including three youths aged 17. The adult suspects were identified as Ekapoj Ratanakorn, 29, of Ratchaburi; Patanarospong Kansonthi, 33, of Si Sa Ket; and Surikrai Anumas, 30, of Kanchanaburi.

The six have allegedly admitted to the crime. They said they worked as a team and contacted the victim via Facebook pretending to be potential customers. Their actual aim was to lure Mr Phansuthee into giving them his personal information such as date of birth and bank account, mobile phone and ID card numbers. They then asked the victim to sign up for a mobile banking service for use to receive money transfers from them, which the victim did.

After the victim registered for the mobile banking service, the gang used personal information they had obtained to log on to the victim's banking account and then transferred the money to several other accounts to make it difficult to trace the money later.

After that they withdrew the money and paid members of the gang their share. To start off the scam, a 17-year-old gang member contacted the victim via Facebook and pretended to be a new customer. He asked for a copy of Mr Phansuthee's ID card and his bank account, claiming he wanted to verify if the owner of the bank account and the victim really were the same person so he would not have to worry that he might be conned by the auto parts trader.

The young suspect was later paid 200,000 baht for his role in the scam.

In the next step in the scam, another gang member posed as the victim and phoned the call centre of the bank where the victim has his account to inquire about his ledger balance, also using the personal information the gang had stolen. The gang also had someone contact the victim's mobile phone carrier requesting a new SIM card to be issued for the victim's phone number. Again, the caller pretended to be the victim.

With the new SIM card, the gang was able to log in to the victim's banking account and took out his money. The victim did not realise his money had gone because his SIM card had been disabled the moment the gang had a new card issued. Mr Phansuthee no longer received short messages from the mobile banking service confirming money transfers.

Police said Mr Surikrai had opened bank accounts to receive the money transfers from the victim's account. He later withdrew the money over the bank counter. For this, the gang paid him 5,000 baht. Mr Patanarospong, who owned a pickup truck used in the scam and took Mr Surikrai to open bank accounts, was paid 199,900 baht.

Mr Ekapoj, who owned the mobile phone the 17-year-old suspect used to steal money from the victim's account and who drove Mr Patanarospong's truck to take the other gang member to get the new SIM card and withdraw the money, received his cut of 250,000 baht.

Mr Wisarut produced a doctored copy of the victims' ID card by replacing Mr Phansuthee's photo with that of Mr Sayam who then used the fraudulent copy to obtain the new SIM card. They were paid 30,000 baht each.

According to police, the gang had previously committed nine similar scams, including a fake football bookie service, and made off with more than three million baht. The gang members spent the money they stole on gambling and entertainment. They have been charged with theft and with forgery of an official document.

Head of Ayutthaya police Pol Col Surapong Thammapithak said the gang may come across as hackers when in fact they operate as scammers stealing people's identities. He cautioned people to check carefully before giving personal information over the phone to someone they have not met. The gang members can be very persuasive.

Bangkok Post

 

« Rio 2016 Olympic Games: IoT Technologies Win
Who Are We In the Cyber World? »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Duane Morris LLP

Duane Morris LLP

Duane Morris is a global law firm with offices in the USA, UK and Asia. Practice areas include Cybersecurity.

Site24x7

Site24x7

Site24x7 is an AI-powered observability platform for DevOps and IT operations.

RiskIQ

RiskIQ

RiskIQ is the leader in digital threat management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence.

Applied Risk

Applied Risk

Applied Risk is an established leader in Industrial Control Systems security, focused on critical infrastructure security and combating security breaches that pose a significant threat.

Kapalya

Kapalya

Kapalya empowers businesses and their employees to securely store sensitive files at-rest and in-transit across multiple platforms through a user-friendly desktop and mobile application.

Greensafe IT

Greensafe IT

Greensafe offer various onsite and offsite data erasure services, aimed at increasing data security whilst reducing any risk of data loss during transit.

LSoft Technologies

LSoft Technologies

LSoft Technologies is a leader in data recovery software technologies.

Concentric AI

Concentric AI

Concentric Data Risk Monitoring and Protection. Deep Learning to discover, monitor and remediate risks to sensitive data on-premises and in the cloud.

Lionfish Cyber Security

Lionfish Cyber Security

Lionfish Cyber Evolution & Empowerment Model™ empowers SMBs to prepare and protect themselves against cyber threats using a unique combination of on-demand training, support and managed services.

Bionic

Bionic

Bionic is an agentless way to get control over your increasingly complex applications so you can manage, operate, and secure them faster and more efficiently.

Darkbeam

Darkbeam

Darkbeam provides a unified solution to protect against security, brand and compliance risks across your digital infrastructure.

Eqlipse Technologies

Eqlipse Technologies

Eqlipse Technologies provides products and high-end engineering solutions to customers in the Department of Defense and Intelligence Community.

42Crunch

42Crunch

42Crunch provides API security testing and threat protection. We proactively test, fix and protect your APIs from development to runtime.

CASwell

CASwell

Caswell is an industry-leading OEM/ODM specializing in networking, security, SD-WAN, NFV, telecommunication and IoT applications.

Deimos

Deimos

Deimos is a technology, cloud, hybrid and multi-cloud focused, professional services company. Our expertise and focus is on cloud native Developer and Security Operations.

Freeze

Freeze

Freeze prevents attacks before they can start by finding, removing, and stopping the spread of information about your organization and employees.