The dark world of illegal loan apps in India | Cybercrime
On August 12, a family in the central Indian city of Bhopal took a selfie in their home. After the photo, the father, Bhupendra Vishwakarma, gave his two sons, eight and three years old, a poisoned drink, and he and his wife took their lives by hanging themselves.
In his four-page suicide note, Vishwakarma, 35, who worked in an insurance firm, wrote that he was trapped in a cycle of debt from loan apps. Recovery agents had been tormenting him for months and the last message he received from them tipped him over the edge.
It said, “Tell him to repay the loan; otherwise, today I will strip him naked and upload it on social media.”
In his suicide note, Vishwakarma said, “Today, the situation has reached the point of losing my job as well. I can’t see a future for myself and my family. I am no longer worthy of showing my face to anyone. How will I face my family?”
Police have arrested five people involved in the scam so far even as the investigation continues.
Vishwakarma’s story is not unique. Shivani Rawat, a 23-year-old college receptionist in Delhi, faced her own ordeal. In June 2023, she applied for a 4,000 rupee ($48) loan through an app called “Kreditbe”, since her salary was delayed. Her loan request remained pending, with no funds received. Yet, within a week, she began receiving 10-15 calls demanding 9,000 rupees ($108) for repayment.
Rawat said she told the recovery agents that she hadn’t received any money in her account, “but they started using abusive language. When I stopped answering their calls, they began sending me abusive texts.”
In August, her colleagues received manipulated explicit photos of her and her family that had been sent by representatives of Kreditbe. She tried to explain the situation to her coworkers, but the next day, her manager asked her to resign because her presence made others uncomfortable.
“After losing my job, I became so depressed that I even had thoughts of ending my life,” Rawat admitted.
Al Jazeera tried reaching out to Kreditbe for a comment but there was no information available on the firm and none of the representatives who had been in touch with Rawat were available any more.
Kreditbe’s name is a rip-off of a legitimate loan app called KreditBee, a common modus operandi for these illegal loan apps which often choose names similar to reputable brands to create a sense of authenticity.
Both Vishwakarma and Rawat had borrowed money from lending apps, which offer loans to users in a convenient, few clicks and without the extensive documentation that a traditional bank loan requires. The money is credited to the borrower’s account within a few minutes, unlike the five to seven days that a bank loan takes for borrowers who meet the high eligibility bar.
These apps saw a rise in use during the pandemic as with many businesses shut or scaled back, a significant number of people were unemployed and in financial difficulties.
The average loan tickets in these apps range between 10,000 rupees to 25,000 rupees ($120 to $300) with monthly interest rates of 20 percent to 30 percent and a processing fee that can be as much as 15 percent.
Loan app representatives typically begin the recovery process 15 days after approving the loan. However, in many cases, they have been known to start harassing people just four to six days after disbursing the loan, and in Tiwari’s case, it was even before she actually received the loan.
As per Akshay Bajpai, an independent cybersecurity expert in Bhopal, currently, more than 700 loan apps are operating in the country, some of which are Indian but the majority of which are Chinese-owned and hire Indians to run them.
While some of them are outright frauds and use the promise of quick money to get fees from desperate loan seekers before disappearing in the night, others are in a grey area not just because of the malicious methods they employ to extort money from innocent people but also because they don’t follow the central bank rules on online lending including on the annual interest rate, various charges.
The Reserve Bank of India (RBI) has also clearly said that no lending institution can store customer details except some minimal data such as the name, address and contact details of the customer. However, illegal apps access contact lists and pictures, edit them and use manipulated images to blackmail borrowers to recover money.
According to a study conducted by CloudSek, a cybersecurity software company, between July 22, 2023, and September 18, 2023, their experts monitored 55 fraudulent loan apps that targeted individuals. Additionally, they identified more than 15 obscure payment gateways operated by individuals of Chinese origin who undertook those steps to evade detection.
The Chinese loan apps also employ this modus operandi in Southeast Asia and some African nations, as well. In countries where people are less aware of cybersecurity and fraud, people become easy targets for such malicious activities.
Creating fear
“Scammers instil fear in the minds of their victims by employing various tactics. Initially, they may threaten to access the victim’s contact list and make calls. If the victim resists, they may infiltrate the victim’s photo gallery, manipulate images, and send them back,” explained Pravin Kalaiselvan, founder of SaveThem India, an NGO that spreads awareness about cybercrime.
“This induces panic among the victims, ultimately leading them to comply with the scammers’ demands for money,” he added.
In the last three years, Loan Consumer Association (LCA), a group of advocates and social workers focused on combating unethical recovery practices by banks and apps, has helped almost 1,800 people stuck in these illegal loan app traps both with counselling and help them file complaints with the police.
According to Nikkhil Jethwa, a cyber-safety expert and founder of LCA, nearly 90 percent of these individuals were dealing with clinical depression and distress. Some would even panic or start shivering when their phones rang, he recalled.
Escalating complaints
Complaints about digital lending have surged since Prime Minister Narendra Modi put the country in lockdown in March 2020 in the early days of the COVID-19 pandemic, according to data from SaveThem India Foundation.
That year, the foundation received approximately 29,000 complaints filled with horror stories of intimidating calls and messages from the representatives of the loan apps. That number went up to about 76,000 in 2021. They have received 46,359 complaints in the first nine months of this year.
According to a survey conducted by LocalCircle from July 2020 to June 2022, 14 percent of surveyed Indians utilised instant loan applications in the past two years. Fifty-eight percent encountered exorbitant interest rates of 25 percent and 54 percent of the respondents reported experiencing incidents of extortion or data misuse during the collection process.
‘Government agencies unprepared’
In his suicide note, Vishwakarma wrote that he visited the Cyber Crime Office in Bhopal but received no assistance from the officers.
A senior police official from Madhya Pradesh who declined to be named as he is not authorised to speak to the media told Al Jazeera that the police was just not trained to deal with cybercrime.
“Many policemen in cyber-police stations lack even basic internet knowledge, while cybercriminals are well-equipped with the latest technology. This is why most cybercrimes go unsolved,” he said.
Interactive Voice Response is another tool used by scammers as companies that offer this service provide it without strict documentation. It’s used to target people who are not active online on sites like Facebook, where loan apps usually advertise their apps, said Kalaiselvan.
A majority of these scammers use virtual numbers from neighbouring countries like Bangladesh, Pakistan, and Nepal, making it challenging to track them down.
“Loan scammers take advantage of these services, making it hard for authorities to catch them,” Kalaiselvan said.
According to experts, these apps typically have names that include keywords like “easy”, “loan”, “Aadhar” and “emi”, making them easily discoverable through online searches (Aadhar is the unique 12-digit ID that people in India need to avail banking services).
Additionally, they promote their services on platforms, such as Facebook, and on Google via its AdSense which allows website owners to display targeted ads to expand their user base. When these apps face bans or complaints, they often alter their names and other details, reemerging with a new identity.
Loan app scammers extort money through bank accounts, but despite the availability of that record, very few scammers are apprehended, said Jethwa.
One reason is that very few Indians are digitally savvy. According to Oxfam’s India Inequality Report 2022, just 38 percent of households in the country possess digital literacy.
“The government promotes Digital India, but we lack the infrastructure and cyber-literacy programmes for the people,” said Jethwa.
Measures taken
In March, the Directorate of Enforcement (ED) seized moveable assets worth 1.06 billion rupees ($12.76m) in Bengaluru in connection with financial frauds committed by Chinese loan apps.
The ED stated that these companies swiftly offered short-term loans to the public via loan apps and other channels, imposing steep processing fees along with excessively high interest rates. They recovered amounts from the borrowers through coercive tactics, including relentless phone threats and causing emotional distress.
In a report, Google India said it removed more than 3,500 personal loan applications from its Play Store in 2022 due to their failure to comply with its policies and regulations. These apps were unlawfully accessing user data, including contacts and photos.
In September 2022, India’s Finance Minister Nirmala Sitharaman said that the RBI would make a list of legal apps, and the Ministry of Electronics and Information Technology (MeitY) would ensure only these approved apps were available on Google Play Store and Apple App Store.
On February 7, 2023, in response to a parliamentary question, the Finance Ministry said that it has forwarded a whitelist of approved digital lending apps to app stores such as Google Play Store and Apple App Store. However, that statement was debunked by local media which reported no such list had been sent.
Around the same time, central bank governor Shaktikanta Das said that digital lending apps are not under the regulatory purview of the central bank.
That same month the government banned 94 lending apps, which included names like BuddyLoan, CashTM, Indiabulls Home Loans, PayMe, Faircent, and RupeeRedee. These apps had been flagged by the RBI for various reasons, and many of them had either Chinese investors or had been involved in harassing borrowers. Some of these apps have said that they were being impersonated by scammers.
ncG1vNJzZmivp6x7orjJmrGenaKWe6S7zGicnKeepLq6e5FpaWxnYWd8c4GOrZ%2BeZZSWv6x51qippZxdpLNutculnKCZnGK5sK3NZpipqKNitq95yKebopk%3D