#Thread We started our series on online bank frauds and data security with @LukasStefanko 's revelation on three fake Indian bank apps stealing sensitive data of hundreds of Indians. (1/n)

We also published an exclusive email interview with @LukasStefanko in which he alarms India regarding the upcoming bank frauds. (2/n)

We were shocked to know that per day bank frauds are looting 1.5 lakhs from Kerala. In 8 months starting from last August Rs 3 crores went to their accounts. Ernakulam and Trivandrum tops in the list with 80 and 70 lakhs respectively. (3/n)

It's a fact that police could recover only 10 percent of the total amount looted from Kerala. In some cases banks gave compensation. (4/n)

This is how fraud happened through fake bank apps of ICICI, HDFC,RBL banks. The shocker is that these fishy apps were available in Google play store. The second screenshot shows the data which was leaked. (5/n)

The app screens are so closely similar to their originals. These apps offered a provision to increase the credit card limit. Frauds looted details including card details (with cvv) and internet banking credentials. (6/n)

The phishing sites of Flipark and Amazon are so common. Most of us are aware of these stuffs, but statistics shows something different! Indians are so vulnerable to cyber frauds. (7/n)

On the second day we exposed the fraud behind the SMS regarding Income tax refund. Security expert @bajpab helped us to decompile the app came along with the link and we found that its another RAT (Remote Access Trojan) (8/n)

The link redirected to a phishing site of Income Tax dept and later redirected to fake bank login pages. The visitors counter in the site shows 5 cr+ which is shocking if true! (9/n)

We revealed all possible threats these malicious sites and apps can bring. I was like 'OMG' seeing the number of people sharing their details in this particular scam. (10/n)

See the permissions the so called 'T-Mobile' app. After looting the bank credentials they take the control or your phone. They can read and receive SMS even sitting miles away (11/n)

Third day we had special write-ups on Jamtara (Jharkhand), the capital of cyber frauds. In Trivandrum renowned builder lost one crore rupees to a fraud group which offered huge amount as Bitcoin. Police is still investigating the case. (12/n)

Fourth day we dealt with malicious apps even in Google play store (Thanks to @LukasStefanko). Also explained why SMS is 2FA is not fully secure in the wake of recent Reddit hack. (13/n)

Another interesting stuff came up in between was the money involved in data sale. We approached a data seller claiming as a digital marketing agency. He was ready to dump several confidential databases. (14/n)

Everything is available readymade! Some of the sellers send us the sample data sets. They offered the DB of plus two students in Kerala at Rs.4000. Sample excel sheet was mailed. (15/n)

This is the mail we got from one seller. When we told him that 4k is bit, he was 'happy' to reduce it to 3k. He was so restless that he wanted the deal to be completed soon. (16/n)

#Alert If you are in Kerala and you turn victim in an online bank fraud, here is the 'How to Guide'. This Whatsapp based facility is developed by @TheKeralaPolice which includes nodal officers from various banks and wallet companies. (17/n)

Statistics sums up everything (18/n)

Here's a telephone guide to all cyber police wings in Kerala. Rushing to police without loosing a second might help you recover the money. The series was prepared by Team Manorama (K Jayaprakash Babu, Ajish Muraleedharan, Jerry Sebastian, VR Prathap, Joe Jacob and myself) (19/n)

Even ministers are not spared. Kerala Revenue minister E.Chandrasekharan got fraud calls claiming that his ATM card is blocked and they need the PIN to reset it. Police registered case. #Manorama

Another story in today's Manorama. A doctor in Trivandrum lost 50k through a different kind of ATM fraud. Police remains clueless. #Manorama