Cybersecurity firm cloudsek has identified a large-scale fraud operation in India that involves the generation of fake know your customer (KYC) Documents. Dubbed ‘printsteal’, the operation involved the use of several fake domains that impersonated government websites. The scammers reportedly generated over 1.67 lakh fake documents, generating more than Rs. 40 lakh in the process. The firm also found that the fraudulent documents were generated using personally identified information (Pii) Harvested from Documents provided by UNSUSPECTING Customers.
‘Printsteal’ fraud operation imituated legitimate cscs to trick users
In a detailed post explaining how the fraudulent scheme was executed, the cloudsek reports that the scammers set up over 50 websites that were designed to imitate the government ‘SENTES CENTES CSCS (CSCS). CSCs are an important part of the e-Governance mechanism in the country, and the fraudulent websites would use the domain names that were similar to the ones used by official cscs.
A print portal dashboard used by the fraudsters (tap to expand)
Photo Credit: Cloudsek
The fraudsters would then use social media, search engine optimization, chat apps, and even cybercafés to promote the fake websites. When users Visit these sites, they are asked to provide a lot of pii, including their physical address, phone number, Aadhaar Number, Photographs, Date of Birth, Date of Birth, PAN CARD DATAILS, And EVANGIR IDES Bank Information.
As the fake websites were designed to copy Legitimate Government Websites, Unsusucting Users would think that they are sharing their data with an official website. The Security Firm States that Once The Information was provided by a user, the system would generate fraudulent documents that reesmble geneuine ones, soch as a pan card, aadhaar card, driven a voter ID.
QR codes on the fake documents lead to fraudulent sites (tap to expand)
Photo Credit: Cloudsek
The firm said the Threat actors would charge a fee that ranged between rs. 20 to Rs. 35 to generate a single document. Their associates, involved in the distribution of these documents, would charge the customer a higher Amount to make a profit. The fake kyc documents even incidence Qr codes that lead to a website that displays the document, in order to fool customers into thinking, they are visited a Legitimate Government Website.
DURING Its Investigation, The Firm also discovered that fake kyc documents generated by the scammers Were stored on cloud storage services like imgbb and imgpile, IMGBB and imgpile Cold potentially be used to sell some of these fraudulently created documents.
A screenshot of the scammer warning associates about investigations
Photo Credit: Cloudsek
Cloudsek estimates the fraudsters generated Rs. 40 Lakh in Revenue from the Identified Network of Websites, which has generated over 1,60,000 fake documents. It also warned that it had detected similar sites, with over 1,800 domains – 600 of these are currently active. These platforms are set up using predesigned templates and external apis.
The Fraudulent Operation Cold Pose Several Risks, Including Financial Fraud and Identity Theft, as these documents are typical issued by the government affection verification. Cloudsek also points out that they could Pose a Risk to National Security, If these fake documents are used to hide Identifies while Committing Serious Crimes.
Some of the firm’s recommendations include prosecution of key actors, cross agency (and interactive) collecting, website and domain takedowns, shutting down local networks, two-costor Authentication for verification, real-time verification, public awareness, and the use of ai and machine learning to detect fraud.
For details of the latest launches and news from Samsung, Xiaomi, Realme, OnePlus, Oppo and Other Companies at the Mobile World Congress in Barcelona, Visit OR MWC 2025 Hub,
(Tagstotranslate) Printsteal Cloudsek Fake Kyc Document Scam Report Crime (T) Cloudsek (T) Printsteal (T) Online Fraud (T) Cybercrime