There is a sophisticated criminal network involved in the mass production and distribution of fraudulent Know Your Customer documents across India.
According to cybersecurity company CloudSEK, which exposed the operation dubbed 'PrintSteal', it targets the Indian government's Common Service Centre initiative, creating unauthorised websites that impersonate legitimate CSC portals. These websites offer critical KYC services, such as Aadhaar downloads and address updates, at minimal fees while bypassing standard security protocols.
CloudSEK investigations revealed that the PrintSteal operation has been active since at least 2021 and often uses local mobile shops and cyber cafes to distribute the fraudulent documents. CloudSEK urged the public to be vigilant and avoid providing personal information to unverified websites or individuals. The company also encouraged anyone with information about the PrintSteal operation to contact law enforcement authorities.
How PrintSteal Scam Works
Fake Websites: Scammers create websites that look like official government sites (like the CSC) to trick people.
Easy Access: These fake websites offer quick and easy “services” to get KYC documents like Aadhaar cards or PAN cards for a small fee.
Hidden Network: The scammers work with local shops and internet cafes, who act as middlemen to bring in customers.
Data Input: When someone wants a document, these middlemen enter the person's details into the fake website.
Document Forgery: The website uses this information and pre-existing templates to create a fake document that looks real.
Fake QR Codes: To make documents seem more real, they add QR codes that link to other fake websites.
Profit Sharing: The scammers charge the middlemen a small fee for each document, and the middlemen charge the customers a higher fee, pocketing the difference.
Staying Hidden: The scammers are careful to hide their activities. They use secure messaging apps and change websites frequently to avoid getting caught.
Criminal Network Spread Across 24 Indian States
Key findings of the CloudSEK investigation include:
Massive Scale: The fraud has been linked to over 1,800 domains, with at least 600 active websites generating fake KYC documents.
Geographic Reach: Fraudulent activity has been confirmed in 24 states across India. Bihar (55.9%) and Uttar Pradesh (22.6%) have the highest percentage of fake documents.
Fake Document Factory: Over 167,391 fake documents generated on the crrsg.site platform, including over 156,000 fake birth certificates.
Criminal Network: Over 2,727 registered operators on the crrsg.site platform alone, utilising local mobile shops and cyber cafes.
Financial Gain: The platform under investigation, crrsg.site, has generated an estimated Rs 40 lakh in revenue.
Sophisticated Infrastructure: The operation employs encrypted communication via Telegram, illicit APIs to access Aadhaar and PAN data, structured payment system, and pre-built templates for quick document generation.
Essential Business Intelligence, Sharp Market Insights, Practical Personal Finance Advice, Daily Fuel, Gold and Silver Prices and Latest Stories — On NDTV Profit.
