Cyber criminals are stealing not only your money, but also your brain and heart

Phishing episode at Treasury

With the recent phishing episode at Sri Lanka’s General Treasury involving $ 2.5 million, alertness has been aroused among Sri Lankans that cybercriminals are on the job to trap them into seemingly genuine but fake transactions to steal their money. In the General Treasury’s case, as information in the public domain reveals, Treasury officials, who appear to be greenhorns on the job, were duped by cybercriminals into paying a routine debt repayment into a fake account rather than to the actual creditor of the loan.

As Parliamentary select Committee on Public Finance Chairman Dr. Harsha de Silva revealed on X after the CoPF meeting with top Treasury and Central Bank officials, the fake payment had been made on 10 occasions to the alleged cybercriminal gang from October 2025 through January 2026[1]. 

This is a strange debt repayment since loan repayments are not made monthly but either half yearly or annually. According to a report filed by the Criminal Investigations Department to the Courts, the Treasury officials concerned had failed to notice that the email domain used by the cybercriminals had been not the legitimate domain exportfinance.gov.au but a fake one called exportfinance.av.com [2]. This is the modus operandi of cybercriminals who use phishing to target unsuspecting individuals and drain their accounts. 

Attempts at stealing banking or credit card credentials  

This writer received an SMS from a locally registered Airtel mobile phone (+94 (75) 352 6121) recently that the parcel addressed to him could not be delivered due to incomplete address details. To verify the information to proceed with delivery, SMS had advised him to log into the website https://ln.run/6a6 which was different from the correct domain format of Government of Sri Lanka websites that end with gov.lk. Further inquiries revealed that it was a fake website purported to be by Sri Lanka Post and they had attempted to steal the credit card information belonging to the writer. Therefore, unless one is alert, one may fall prey to their horrendous schemes. 

When their request for updating the address was not heeded to, several more SMSs were followed creating a false sense of urgency that the alleged parcel will be returned or a penalty

would be charged once it is eventually delivered. They were all from different mobile numbers from the same service provider, namely, + 94 (75) 513 2360, + 94 (75) 830 9288, and +94 (75) 140 5578. Many Sri Lankans may have received this type of profitable suggestions from cybercriminals whose objective has been to steal the bank or credit card credentials of the recipients. The best way to handle them is to ignore those profitable suggestions. Several previous articles in this series had warned the readers not to fall into these schemes, now known as Pig-Butchering and DeepFakes [3]. With such knowledge now available in the public domain, it is unfortunate that the Treasury officials concerned had fallen into a trap laid by cybercriminals.

Tech-savvy Registration of Persons Department becomes a victim 

Recently, the Department for Registration of Persons, which is responsible for issuing National Identity Cards to Sri Lankans, had reported an instance of a wrongful use of its hotline call number which is also its WhatsApp number and some mobile phone numbers with criminal intentions by an unidentified group [4]. 

According to a warning notice issued by the Department, the said numbers have been used by this group to reach citizens by phone as well as via WhatsApp to collect personal information of people. This group has also misused the Department’s name by creating a mobile application using the emblem of the Government of Sri Lanka. The call recipients have been duped by the callers that the information had been sought to issue a digital identity card or an e-National Identity Card, a current project being embarked on by the Department. The Department had warned the people that it has not sought information from the public via telephone and, therefore, citizens should not fall victim to the modus operandi of such unlawful schemers. 

Why this group is collecting personal information from the public is not clear, but its criminal intention is obvious. If the telephone number belonging to a tech-savvy Government department can be stolen by cybercriminals, the safeguards which ordinary people have in protecting their personal telephone or WhatsApp numbers is extremely doubtful. 

This writer recently received a WhatsApp message from one of his contacts, a notable personality in the country, which said that he was unsuccessful at sending Rs. 100,000 to someone for urgent medical treatment and whether this writer could help him in providing this money to the aggrieved party. It also said that if it is done, the moneys paid will be refunded by the following day morning. The person who owns the WhatsApp number in this case came to know that his identity has been stolen by cybercriminals to target his contacts only when he was alerted by this writer. The danger is that there can be many instances of such phishing attacks by cybercriminals unknown to the relevant persons. 

Losing brain and heart

This is about losing our property, namely, money or valuable assets. However, the real danger that is unfolding today is not about the loss of property but our brains and hearts: brains by targeting to breach our cognitive capacities and hearts by driving us into a state of either positive or negative emotions. 

Generative Artificial Intelligence and social media are being increasingly used by interested parties to fill our brains with fake news, ideas, and slogans and use the consequential negative or positive emotional state to have their scurrilous goals achieved. The success of these gangs can be observed by the high level of resharing of such fake news items on social media, among friends and relatives, usually qualified by the statement that ‘shared as received’ without taking responsibility for the veracity of such fake news. 

Knowingly or unknowingly, they become unpaid marketing managers of those who create them for their ulterior motives. Such shared fake news items also put to test the cognitive capacity of those who receive them in subsequent rounds. Many who believe in the veracity of such fake news at the first glance without subjecting it to a critical analysis do reshare it, giving it a wider circulation and thereby helping the perpetrators to achieve their goal. This is chain publicity done free of charge for fake news with a wider outreach at each subsequent round of resharing. 

Fake news has wings 

Fake news spread faster than true news primarily because it is designed to be shocking, emotionally charged, or novel, often reaching, say a cohort of 1500 people six times faster than accurate news. 

Humans, rather than bots, are the primary drivers, sharing sensational content that triggers fear, disgust, or surprise, according to a study done by a group of researchers at the Massachusetts Institute of Technology [5]. According to the researchers, the most common subject matter was false political news. Other popular topics included urban legends, business, terrorism, science, entertainment and natural disasters. The research study has concluded that falsehood diffuses significantly farther, faster, deeper, and more broadly than the truth in all categories of information, and in many cases, by an order of magnitude. 

Since the spread of false news is done by humans and not bots, the solution lies in appropriate behavioural interventions aiming at educating the public. The MIT study has suggested that if some people are deliberately spreading false news, while others are spreading so unwittingly, it is a two-part problem requiring multiple tactics to address the issue. This involves the creation of measurements or indicators that could become benchmarks for social networks, advertisers and other parties. The spread of false news faster than true news is like a virus that should be eliminated through the joint action of governments, civic organisations, and private businesses. 

Popularity of fake news

There are several reasons for false news to travel faster than true news. 

First, false news has an emotional appeal strengthened by its novelty. Therefore, they become more interesting and self-serving to share than boring truths. Second, as found by the above-mentioned MIT study too, humans driven by emotions are more likely to reshare false news. Third, fake news has a sensational content and social media reward such false news by making it readily visible. Fourth, there is a widened circular reporting of false news with multiple agents reprinting or resharing it, giving the exposed persons a false sense that it has been verified by previous sharers in the chain. 

However, people tend to share false news, not because they lack intelligence but because they harbour a need to feel empowered, gain attention, or protect loved ones. This psychological motive is amplified by the action of online bots who make misinformation or false news look popular and trustworthy. According to American Psychological Association, exposure to false news increases the odds that people will believe it, which in turn increases the odds that they will spread it [6]. 

Even when people know that the news is false, they still spread it to signal their political affiliation, disparage perceived opponents, or accrue social rewards. Thus, people are more likely to share or reshare false news when it aligns with personal identity or social norms, when it is novel, and when it elicits strong emotions. 

Susceptibility to fake news is an issue throughout history

Human beings, though they are called Homo sapiens or Man the Wise, have been susceptible to shocking false stories throughout the history. 

Kautilya, the 3rd Century BCE Indian economics Guru, advises the king that the widely prevalent black magic and sorcery at that time should be exploited by the king for his purposes. One way of exploitation was to hoodwink the gullible people to collect money for the depleted Treasury [7]. Hence, the exploitation of gullible people through false stories in the present AI driven era is not a new development. But its danger is that the false stories spread faster than they had spread in the olden times, causing them a wide outreach, robbing both the brains and hearts of the victims. 

Using the good names of notable people

In the recent past, there had been two instances of this writer’s credentials being used by cybercriminals to dupe gullible people.

In the first instance, this writer was presented as a promoter of a clandestine but super profitable investment scheme [8]. It had falsely said that this writer had been using the said investment platform for several years and therefore he recommends it to everyone. Some Sri Lankans who had been misled by this fabricated story had contacted this writer asking how they should join the scheme. 

In the second instance, a fabricated news item had been created by presenting a statement made by this writer to an unknown news channel called ‘TTV News.lk’ that the officials at the Treasury who have made the wrong debt repayment to cybercriminals had not done their job properly. This had been posted to Facebook, and many Facebook members had reshared it. The worst outcome had been the offensive comments made by members below the posted news item. But this writer had not made such a statement to this clandestine news channel. Thus, the brains of those who had reshared it had been stolen by the person or persons who have created this story. The hearts of those who had made offensive comments, a group of emotion-driven people, too had been stolen by them.

Need for ridding ourselves of emotions 

Thus, cybercriminals are stealing not only our physical properties but also our soul, our ability to think critically as Homo sapiens. 

Both will cause irreversible losses to us, the former ridding us of our assets and the latter ridding us of our cognitive powers as Homo sapiens. But the solution also rests with us. 

So long as we are driven by petty emotions like fear, hatred, jealousy, greed, or suspicion, we present ourselves as a fertile ground for these cybercriminals to hook and manipulate us. Here, if we develop critical thinking, that is, questioning ourselves why we hold a particular emotional view, whether positive or negative, and rid ourselves of it, we no longer become ready victims. This requires continuous wise counsel at all walks of life and all levels of professional positions.

Like Continuous Professional Development which is being harboured by professional bodies for their members, Continuous Wise Counsel should be a part and parcel of living in modern societies. This should be done specifically for school children who readily fall victims and lose their critical thinking, a malaise that would create bots who are willing to believe anything they are bombarded with. 

(The writer, a former Deputy Governor of the Central Bank of Sri Lanka, can be reached at [email protected] )

(Endnotes)

1 https://x.com/HarshadeSilvaMP/status/2049870112463995162 

2 https://www.facebook.com/watch/?v=995983632850632 

3 See: https://www.facebook.com/watch/?v=995983632850632 ; https://www.ft.lk/columns/Beware-of-the-newest-cyber-scam-Pig-Butchering/4-784717 ; and https://www.ft.lk/columns/Be-warned-of-thieves-and-nuisance-makers-in-AI-space/4-781986 

4 https://drp.gov.lk/en/home.php 

5 https://news.mit.edu/2018/study-twitter-false-news-travels-faster-true-stories-0308 

6 https://www.apa.org/topics/journalism-facts/how-why-misinformation-spreads 

7 Kautilya, The Arthashastra, L N Rangarajan Translation, 1992, Penguin Books, pp 55-6

8 https://finpao.com/landers/LK_offer_var1_iRev/?sub=d7fjccdajbfc73f9agbg&fn=BlizzerdPro&us=Berg&c=LK