Good to know that we have the IP table available. VPN and other masking services make it hard to tack if not impossible. Since the transaction was done via PhonePe, it should be linked to a Ph/bank account no. That said, technically it's possible to nab that fraud. The bigger question is, does the Cycer Cell has enough manpower/motivation to pursue a case like this?We do have IP traces available but with vpns and cell phone networks - the ip numbers are not conclusive.
But yes if needed we can provide the table of IP Addresses from which the FM has logged in.
.
In the meantime, we should take this episode as learning adhere to the best practices to minimize this kind of incident in the future.
- Don't set your profile id as login id (preferably email)
- Use complex password (12 characters and combination of No, S/C letter, and special characters)
- Enable 2 FA
- Don't transfer the whole amount immediately, take a cooling period of 24 hours
- Mod should force the users to change their password every 30 days