Udupi: Fraudsters hack email, steal Rs 1.13 cr from bank account


Daijiworld Media Network – Udupi (EP/RJP)

Udupi, Nov 25: In an addition to the prevalent cyber crimes and white collar frauds, a case has been registered at Manipal police station where the fraudsters have cheated a person named Louis D’Souza to the tune of Rs 1.13 crore.

The email account belonging to Louis D’Souza was hacked before the unknown fraudsters managed to steal money from his bank account.

Louis D’Souza is a Canada-based person who has a bank account at Syndicate Bank in Manipal.

As per the complaint, two transfers were made to his account from Canara Bank Katpady and ICICI bank totalling US$ 2,23,830.20 on January 15, 2014. On the same day a transfer of US$ 1,15,000 was made from his account to an account in Dubai National Bank. On October 27,2014, a transfer of US$ 70,000 was made from his Manipal account to an account in Abu Dhabi Islamic Bank. Both these transfers were executed based on two email requests from D’Souza’s email account.

On November 13, US$ 61,000 and Canadian dollars 9100 were transferred to Louis D’Souza’s account in Manipal. Then an email request was made to transfer money to a Bank of China account in Hong Kong. The bank officials got suspicious and assistant general manager from Syndicate Bank head office, Ramesh Nayak phoned D’Souza about the transfer request and learned that he had not made any such request.

Now the Syndicate Bank through the assistant general manager has complained to the Manipal police that an amount of Rs 1, 13, 42,937 was transferred to different accounts from D’Souza’s account by fraudulent means. Manipal police are investigating.

  

Top Stories

Comment on this article

  • Kiran, Udupi

    Sat, Nov 29 2014

    I think they got more than just email address. They might have got account information as well.

    DisAgree [1] Agree [5] Reply Report Abuse

  • Albert Rodrigues, Shiratdy/Abudhabi

    Fri, Nov 28 2014

    Is it possible from email transfer the huge amount by bank manager without cross check or inform the account holder ? where is the safety for account?

    DisAgree [2] Agree [5] Reply Report Abuse

  • BABA, BANGALORE

    Thu, Nov 27 2014

    I am surprised that the syndicate bank is making money transfers on the basis of email requests. That will surely lead to the kind of incidents that is reported here. There are far better security verified procedures for money transfers that are less amenable to infiltration by hackers. I do not see any reason why the bank has not put that sort of measures in place.

    DisAgree [2] Agree [4] Reply Report Abuse

  • Bsatheesh, udupi/dubai

    Thu, Nov 27 2014

    I am also one of the victim.I lost 6 lakh from canara bank shirva by fake cheque.I am waiting for my vacation to go india and sue them.Un professional way of dealing by the bank.

    DisAgree [2] Agree [6] Reply Report Abuse

  • Hilda, Karkal

    Wed, Nov 26 2014

    Yes. not for sure huge amounts like this...never

    DisAgree [1] Agree [3] Reply Report Abuse

  • Rudolf, Mumbai

    Wed, Nov 26 2014

    Very confusing, first why such a huge amount was transferred from two other reputed banks in the near vicinity to another bank in the same place?

    Secondly, I do not think any bank manager, with little common sense, would act on e-mail instruction and bluntly transfer such huge sums without double checking with the client by phone or asking him to send a scanned copy of a request letter with his signature, also how did the hacker know in the first place that the victim has such huge sums of money in his various accounts!!

    Bankers do transfers through email of small sums of money that too they confirm it by personally talking to the customer on his registered phone and also insisting on a scanned copy of an application for transfer!!

    In recent times, there have been increasing incidences of insiders themselves colluding with the pranksters in siphoning of the money, not that this incident too falling that category!!!

    DisAgree [1] Agree [9] Reply Report Abuse

  • Mark, udyavara

    Wed, Nov 26 2014

    There is a big goof-up here and the common man forever will think it is the fraudsters from outer world!!

    Check within the bank! May be a big surprise!! Just like every other frauds in the country, there is a big hand of god, behind all the happenings!!! Take a closer look at the staff & officers who handled the authorization.

    It is often foolish to go to the regulatory authorities to seek help for they are mere postmen! Unless you want to be harassed further....

    DisAgree [2] Agree [17] Reply Report Abuse

  • Kiran, M'lore

    Wed, Nov 26 2014

    Is it not wise for a Canada or USA based person to invest in Canada/USA rather than in a remote place like Manipal/Upupi ? What a hassle to the bank employees due to time difference !!

    DisAgree [3] Agree [18] Reply Report Abuse

  • Hilda, Karkal

    Wed, Nov 26 2014

    Yes. not for sure huge amounts like this...never

    DisAgree [2] Agree [6] Reply Report Abuse

  • Charles D'Mello, Pangala

    Wed, Nov 26 2014

    Its all depends on Managers of the bank. When manager becomes a damager no body can stop it. I had experienced this Canara bank, Bangalore, Padmanabha nagar bank, Previous manager mr. Prakash Pai was good and it was taken over by some Gururaj. and i almost could have lost IRS 13 lakhs because of his lethargic administration at the bank.

    DisAgree Agree [14] Reply Report Abuse

  • Richard, Mangalore

    Wed, Nov 26 2014

    This has happened to me. Someone hacked my e mail , copied my earlier mail to canara bank and requested a transfer to an account in Malaysia. Account name is of a muslim lady.
    However the smart manager of Canara Bank Suratkal contacted me first and then replied to the hacker that some amount is shorter to make the transfer and asked him to credit that amount . Hacker never again responded. Hats off to Manager,Canara Bank Suratkal.

    DisAgree Agree [18] Reply Report Abuse

  • Neville Fernandez, Mangalore/Antigua, West Indies

    Wed, Nov 26 2014

    I feel very sorry for this gentleman. I would strongly advise the readers of this column to use two factor authentication to login to their email. More information on two factor authentication is available here
    http://www.zdnet.com/how-to-use-an-authenticator-app-to-improve-your-online-security-7000036049/

    DisAgree Agree [2] Reply Report Abuse

  • Nanu Marol, Thottam

    Wed, Nov 26 2014

    Being in Similar Industry and Done the Transfers of My Client for Millions of Dollars....I feel It's entirely a Lapse from bank.....They can't ute this High value Transactions without Cross Checking with Clients......Daal Mein Kuch Kaala hai....

    DisAgree Agree [10] Reply Report Abuse

  • Santhosh, Uppoor/ Dubai

    Wed, Nov 26 2014

    If i access bank account by internet immediate sms we receive in our International phone, that is good thing canara bank internet bank having. also funds credit or debit sms we receive. WHY D'SOUZA NOT RECEIVING????? when transferring funds really surprise!!!!!!!!!

    DisAgree [1] Agree [8] Reply Report Abuse

  • Rems, Qatar

    Tue, Nov 25 2014

    NRI's beware !! Employees of Private banks usually snoop on accounts holding big sums and try to sell them insurance policies and other useless products. Some of them might be too ambitious. In the above case, it is possible one such employee is behind this operation. How did the people who hacked the email, came to know Mr.Dsouza's account had so much money in the first place ? And secondly how did the bank transfer money on mere email request ?

    DisAgree [2] Agree [27] Reply Report Abuse

  • Ajith Dcosta, Halealve/Muscat

    Tue, Nov 25 2014

    Banks official must have called immediately when the email received requesting transfer. Its bankers fault no doubt about it.

    DisAgree Agree [27] Reply Report Abuse

  • RSRB, Kundapura / Singapore

    Tue, Nov 25 2014

    Dear Louis D’Souza

    Do not worry...
    I was also the victim of such fraud but there is a way to get your money back, full money back.. DO NOT WORRY and do not get worried at any point of time.

    Approach Banking Ombudsman by e-mail and also online registration of your complaint...
    Email ID: bobangalore@rbi.org.in
    Website: bankingombudsman.rbi.org.in/
    Tel.No.: 91-80-22210771/22275629
    Fax No: 91-080-22244047
    (you can find this in google also)

    Write a complaint online and take file reference number..
    Mail to Banking ombudsman, Bangalore
    There is one person Ms. Mehrnaz Contractor. She is so good that you feel surprised to see a government officer working better than private hospitality companies..

    But there is a clause before complaining to Banking Ombudsman..
    That is you have to request the bank to restore your money and wait for a month for the positive responses...
    If bank is found delaying and trying to put the blame on you for loosing your mail account (normally bank does it to show customer is at fault and to down the morale of customer)

    If anything more is required, I am quite frequently available in the forum....

    If you do not get money, I will give that to you from my personal capacity..
    I am that much sure that you will get your money back....

    DisAgree [4] Agree [41] Reply Report Abuse

  • Lydia Lobo, Kadri

    Tue, Nov 25 2014

    RSRB,

    Your advise to Mr. D'Souza caught my attention and made me to Google about a phishing mail I have been receiving about amount being released from RBI. I blocked the sender but it still cropped up with an extension in the ID and continued to circulate the information.

    I found out on Google that such mails can be forwarded to rbiforeignexchangedep@ymail.com to report the spam to RBI.

    Hope readers who have been victims of such phishing will benefit from this.

    DisAgree [6] Agree [9] Reply Report Abuse

  • S Shetty, Dubai

    Tue, Nov 25 2014

    Let's take this as a learning lesson...Especially those people think "These will never happen to me type".... Both yahoo & Gmail has two step security system. That is, if you open your account other than your computer/laptop, it will accept only after instant 'password' sent by the service provider. Thus, even your account information gets leaked or stolen you need worry as only that cannot help a fraudster to misuse your account. As password will be sent every time you log in from a different account to your phone thus will also help you to detect it. Hope you guys find this info useful. click the link of google to know more https://www.google.com/landing/2step/ or of Yahoo https://help.yahoo.com/kb/activate-sign-in-verification-sln5013.html

    DisAgree [1] Agree [1] Reply Report Abuse

  • Sudhakar Pai, Katapadi

    Tue, Nov 25 2014

    This is not the first instance of such forgery. Many banks in the Middle East have experienced this in the recent past and have stopped acting on emails although they hold indemnities from the customers. I for one have advised my banks in India not to ute any funds transfers based on email messages even if the email is received purportedly from my own email ID registered with them

    DisAgree [4] Agree [12] Reply Report Abuse

  • S.M. Nawaz Kukkikatte, Dubai

    Tue, Nov 25 2014


    Strange!! how can they transfer such a huge amount to another account just an Email Text?

    DisAgree [5] Agree [38] Reply Report Abuse

  • Suleman Beary, Udupi

    Tue, Nov 25 2014

    It is strange to hear
    "As per the complaint, two transfers were made to his account from Canara Bank Katpady and ICICI bank totalling US$ 2,23,830.20 on January 15, 2014. On the same day a transfer of US$ 1,15,000 was made from his account to an account in Dubai National Bank."

    If bank had a common sense, why the account holder is transferring same day to another bank instead of transferring directly from Canara branch or ICICI to Dubai?
    In addition the amount requested to transfer is huge, why there is no fool proof procedures when it international transfer?

    DisAgree [4] Agree [23] Reply Report Abuse

  • vijay, Mangalore

    Tue, Nov 25 2014

    Internet Security is weak in our Banking system. Online portals are not secured/d. They have to strengthen the IT security in banks and alert customers when they see such huge transactions. When there is more than one Immediate transaction an alert call needs to be made by support team/monitoring team if the amount has exceeded certain limit. Also, online banking need to enable per day transaction limits which can be edited by customer with multi-factor authentication and security code received through SMS. Strong passwords having alpha numeric and special characters should be kept mandatory. If the email is hacked,the user must have surely used weak password/viewing spam mails/opening attachments from unknown source which in turn inject any malicious script or used a compromised system . When we opt for online banking we need to make sure our system is secured,strong passwords & security questions,enable code verification.
    The Banks should compulsory take the responsibility of educating customers on online banking and how to keep it secured. There are novice customers unaware of security and opt for internet or sms banking, Banks need to build awareness in these customers.

    All those who use online banking kindly make sure to change passwords/security questions every 2-3 months.Clear doubts with IT dept in banks and report for any suspicious activity, so that banks can take necessary steps to mitigate such risks.
    Also, please dont share sensitive/personal information over emails,online applications..

    DisAgree [3] Agree [9] Reply Report Abuse

  • Koti, Kundapura

    Tue, Nov 25 2014

    Transfers with registered customer email id in bank, supported by the copy of instruction letter with customer signature is possible its nothing new. But in this case looking at the amounts and destinations bank should have cross checked with customer before.

    If the email id is not registered with the bank, bank is at fault.

    If email ID is genuine then how the password of the account holder retrieved by fraudsters is questionable. If the email password is hacked then this is a fraud.

    Truth will come out only with thorough investigation.

    DisAgree [6] Agree [18] Reply Report Abuse

  • Ravi B Shenava, Mangaluru

    Tue, Nov 25 2014

    As the international transactions are involved with many countries in this particular case, this seems to be the handy-work of Russian Gang or Nigerian Gang. Such International Cyber Crime gangs from Russia and Nigeria are very active in India just like Jharkhand gangs within India.

    DisAgree [4] Agree [22] Reply Report Abuse

  • Flavian, Mangaluru/Kuwait

    Tue, Nov 25 2014



    It is Syndicate Bank's responsibility to protect/secure the client’s bank account. In this case they are at fault. There looks to be some insider’s foul play in disclosing the available balance in the account.

    If hard earned money disappears like this what is the future for that guy. It show causes us to spread your savings in different banks.

    DisAgree [3] Agree [18] Reply Report Abuse

  • Lawrence Misquith, Mangalore

    Tue, Nov 25 2014

    Banks must not transfer money from bank accounts based on emails. It should be done only through online banking or the account holder must visit the bank personally and then give the instructions to the bank

    DisAgree [2] Agree [23] Reply Report Abuse

  • K.Fernandes, Dubai

    Tue, Nov 25 2014

    NO, I will not agree with u Mr.Shekar. It is full responsibility of bank even though after siphoning huge amount they have noticed it. As per my knowledge, since two years, email instruction to fund transfer within own account but with other bank is stopped. In these circumstances, how could that much huge amount transferred that too foreign country as well as within country? Why do we have net banking system with most secured transaction PW and OTP? Do the emails for fund transfer have signed by account holder? If email instruction is enough to transfer fund, then why the Bank implemented net banking? Cheque book,withdrawal slip ete are not required. Just send E mail by any hand held data phone, go to casher and collect the cash. Syndicate bank has to reimburse the fund to the account holder. Furthermore, any transaction takes place, an SMS or e mail(Chosen option by account holder) alert will be send to the account holder (Canara bank has both option SMS and Email to registered ID, even as soon as log-in to account, get alert SMS).WE trust at bank our hard earned money is safe.If this is the case, we may have to opt the olden days method, bury underground.

    DisAgree [5] Agree [18] Reply Report Abuse

  • Jaimini P.B., Manipal,Sharjah

    Tue, Nov 25 2014

    Bank Manager is in big big trouble now...But can he refund Rs. 1.13 crore ? Who will bear this loss ?

    1. Syndicate Bank Management
    2. Bank Manager
    3. Account Holder

    DisAgree [7] Agree [21] Reply Report Abuse

  • K.Fernandes, |Dubai.

    Tue, Nov 25 2014

    ONlY and ONLY Syndicate Bank, either the manager or management should bear the lose.but NO WAY the account holder to bear the lose

    DisAgree [4] Agree [34] Reply Report Abuse

  • Rita, Germany

    Wed, Nov 26 2014

    @ Jaimini Mangalore ,dont worry Banks will not get bankrott.They are good insured.Insurance pays it.Only they try to make the customer to make unsure and try to give them the fault.Only the account holders should be careful when they use their smartphones on the road or in Internet cafe to deal with bank.and be careful to cover camera while dealing.Through it hackers can do many things.

    DisAgree Agree [5] Reply Report Abuse

  • Flavian, Mangaluru/Kuwait

    Tue, Nov 25 2014



    Banks are not supposed to effect transfer of funds from holder’s account on e-mail instructions. I believe the transfers are allowed through net-banking where only the account holder with due passwords (P.W. transaction ID) can make a transaction. Furthermore, if the Cell number is registered, the account holder should have received auto message when the account is accessed.
    How the third party came to know about his bank balance?
    It is better to check account balance on a regular basis (if you have e-banking facility).

    DisAgree [3] Agree [16] Reply Report Abuse

  • prakash, Bhatkal

    Tue, Nov 25 2014

    Dear All,
    Let me explain you all one more incident which happened in my company. Person hacked mail of our company and one of Iran Distributor. Our single invoice not less than 1 M USD. Fraudsters sent mail to distributor saying our company changed bank account and asked him to transfer amount to fraudsters created account in same company name in Hungary. Even they sent mail to my company asking new invoice. We got suspicious and called our distributor and came to know its fraud. Luckily distributor didn't transfer any amount and saved from this big scandal.

    DisAgree [4] Agree [8] Reply Report Abuse

  • ABUSHAMOON, DAMMAM

    Tue, Nov 25 2014

    One similar case in our company a week before. Some one hacked the email of our supplier from Korea and send one email to our company on sunday stating that they have stopped all transaction in their Korean bank due to annual audit and asked us to transfer the due balance to china bank a/c. we got suspicious because sunday was the dayoff for them. Next day when we asked the suppleir about the mail, they were shocked.

    DisAgree [2] Agree [6] Reply Report Abuse

  • Af, mangaluru

    Tue, Nov 25 2014

    With a email request no money can be transferred from any bank,
    for e transfer there is a lot of formalities other than PIN,
    something fishy in this story.

    DisAgree [3] Agree [19] Reply Report Abuse

  • Ronald D, Udupi

    Tue, Nov 25 2014

    Unlike many other banks, Syndicate bank informs its customer by SMS on every transaction taken place! May be Louis Dsouza did not opt for this service or may be some other reason! Syndicate Bank Manager in my native village has told me about such fraud emails last year and he does not entertain email transactions. For emergency requirements he calls and makes sure the address is correct in the email attachment.

    DisAgree [3] Agree [15] Reply Report Abuse

  • Shekar Moily Padebettu, Udupi/India

    Tue, Nov 25 2014

    It is an amazing incident wherein merely on the basis of e-mail instructions such a huge amount has been transferred by the by the well known bank without any authenticity.Strange.At least bank officials should have sensed something fishy in the beginning itself when such a big amount is being transferred continuously.Bank should have the courtesy to confirm from the account holder.Thanks god finally assistant manager got suspicious about the transactions and alarmed.Now whom to be blamed for the lost money? Bank,account holder or hackers?Can the bank re-reimburse the lost money to the account holder.How we can trust the banks under this circumstances.What I suggest is that whenever such a transaction of huge amount take place,account holder should be notified first for confirmation and then carry out the transactions.Merely based on some fake instructions,SMS messages bank cannot and should not entertain such transactions.Because bank is the sole authority,who knows clients secrete/personal data bank,which is strictly confidential and private and cannot be disclosed to anybody.I don't blame bank exclusively now but even account holder also should be always alert and have a periodic glance on his/her account in order to avoid any such frauds,pilferages.

    DisAgree [2] Agree [24] Reply Report Abuse

  • nelson pinto, udupi / oman

    Tue, Nov 25 2014

    Without signature proof bank will not transfer the amount........

    DisAgree [3] Agree [21] Reply Report Abuse

  • RSRB, Kundapura / Singapore

    Tue, Nov 25 2014

    nelson pinto, udupi / oman

    As I am the victim, I can say how fraudster makes this...
    After hacking the e-mail account, he checks the attchments in your mail...
    He finds some document or your passport copy, where your signature is available...
    They copy that signature and make a letter...
    Such letter they scan it and send to bank using your alreayd hacked mail ID...

    DisAgree [4] Agree [9] Reply Report Abuse

  • Jossey Saldanha, Mumbai

    Tue, Nov 25 2014

    All net banking transactions should be confirmed by account holders return SMS approving the transaction ...

    DisAgree [1] Agree [50] Reply Report Abuse

  • gm, mlore

    Tue, Nov 25 2014

    Since more than one year no bank is transferring the funds by an email request. How come such a big amount transferred many times and also to overseas accounts?

    DisAgree [2] Agree [41] Reply Report Abuse

  • Sachin, Mangalore

    Tue, Nov 25 2014

    How can bank transfer money thru email request. They have e-banking sites... what is its use? This shows weaknesses of banking system!!! To woo NRI customer such practices are made. RISKY!

    DisAgree [2] Agree [33] Reply Report Abuse

  • ISMAIL K PERINJE., PERINJE.

    Tue, Nov 25 2014

    It is a strange transactions and finally Bank officials stopped it before further erode in BB!!For simple E- Mail such transactions possible?All transactions done through official banks which could traced I believe?CHINA-ME-INDIA..where these principal amount goes?For terrorist activities?In 21th century we have still security laps in our banking business like this one which is embarrassing and challenge to financial institutions

    DisAgree [2] Agree [37] Reply Report Abuse

  • geoffrey, hat hill

    Tue, Nov 25 2014

    It's rightly said 'digital security is the most unsafe thing in this world' and miscreants are always a step ahead.

    DisAgree [4] Agree [33] Reply Report Abuse


Leave a Comment

Title: Udupi: Fraudsters hack email, steal Rs 1.13 cr from bank account



You have 2000 characters left.

Disclaimer:

Please write your correct name and email address. Kindly do not post any personal, abusive, defamatory, infringing, obscene, indecent, discriminatory or unlawful or similar comments. Daijiworld.com will not be responsible for any defamatory message posted under this article.

Please note that sending false messages to insult, defame, intimidate, mislead or deceive people or to intentionally cause public disorder is punishable under law. It is obligatory on Daijiworld to provide the IP address and other details of senders of such comments, to the authority concerned upon request.

Hence, sending offensive comments using daijiworld will be purely at your own risk, and in no way will Daijiworld.com be held responsible.