CloudSEK Uncovers Social Media Counterfeit Currency Network
CloudSEK, a leading cybersecurity firm, has exposed a sophisticated network involved in the printing and distribution of counterfeit Indian currency. The syndicate utilized social media platforms, including Facebook and Instagram, to market and sell fake notes, even leveraging Meta ads to reach a wider audience. According to CloudSEK’s report, this group circulated an estimated Rs. 17.5 crore worth of counterfeit currency in the last six months alone. The investigation successfully identified and geolocated the administrators of this illicit network.
OSINT and HUMINT Techniques Lead to Discovery
CloudSEK’s Strike team employed a combination of Open-Source Intelligence (OSINT) and Human Intelligence (HUMINT) techniques to infiltrate and dismantle the counterfeit currency operation. Their XVigil platform played a crucial role in uncovering the group’s methods of producing and promoting fake notes. The researchers were able to identify key individuals within the network and pinpoint their locations.
Social Media as a Marketplace for Fake Currency
The counterfeit currency network actively operated across multiple social media platforms, including Facebook, Instagram, Telegram, and YouTube. They launched marketing campaigns, even utilizing paid Meta ads, to attract potential buyers. These campaigns often employed codewords such as “second currency” and “A1 note” to evade detection. To establish credibility, some sellers provided video demonstrations, handwritten notes, and video calls showcasing the counterfeit currency.
CloudSEK’s investigation revealed a significant scale of operation, with over 4,500 promotional posts, 750 accounts and pages used for sales, and 410 unique phone numbers linked to the sellers.
Modus Operandi: Production and Distribution
The syndicate produced high-quality replicas of Indian currency using advanced techniques, including Adobe Photoshop and industrial-grade printers. They even incorporated security features such as the Mahatma Gandhi watermark and green security threads to enhance the authenticity of the counterfeit notes.
- Production Techniques: Use of Adobe Photoshop and industrial printers.
- Security Features: Replication of Mahatma Gandhi watermark and security threads.
- Marketing Tactics: Use of codewords and promotional videos on social media.
Building Trust and Conducting Transactions
To gain the trust of potential buyers, the group shared proof images and offered video calls showcasing stacks of counterfeit currency via WhatsApp. However, CloudSEK emphasized that transactions were conducted in person to minimize the risk of online detection. The group employed burner phones, fake IDs, and pseudonyms to further evade law enforcement.
Key Findings of the Investigation
- The syndicate operated openly on social media platforms.
- They utilized advanced printing techniques to create high-quality counterfeit notes.
- They built trust with buyers through proof images and video calls.
- Transactions were conducted in person to avoid online detection.
Identifying and Locating the Perpetrators
CloudSEK’s researchers successfully identified the administrators of the counterfeit currency network using OSINT and HUMINT techniques. They retrieved facial images, phone numbers, GPS locations, and social media handles of key suspects. The perpetrators were located in Jamade Village, Dhule district in Maharashtra, and Pune.
| Data Type | Source |
|---|---|
| Facial Images | Social Media, Public Records |
| Phone Numbers | Online Forums, Contact Lists |
| GPS Locations | Social Media Check-ins, Geolocation Data |
| Social Media Handles | Facebook, Instagram, Telegram, YouTube |
Recommendations and Actions
CloudSEK has formally shared the details of its investigation with law enforcement agencies at both state and national levels. The firm recommends that Meta actively monitor its ad libraries and remove any finance-based scams. CloudSEK also urges agencies to collaborate with social media platforms to identify and remove sellers and groups involved in the counterfeit currency trade.
- Recommendations for Meta: Monitor ad libraries and remove finance-based scams.
- Recommendations for Law Enforcement: Collaborate with social media platforms to takedown identified sellers and groups.
