AHMEDABAD: A major cyber fraud linked to the National Eligibility-cum-Entrance Test (NEET-UG) refund process has come to light after Ahmedabad Cyber Crime officials arrested a 19-year-old boy from Bihar for allegedly diverting refund money meant for around 150 students into his own bank account.
The accused, identified as Naveen Yadav from Bihar’s Gaya district, allegedly exploited weak passwords and security loopholes in the NEET portal to gain unauthorised access to hundreds of student accounts. Investigators said he specifically targeted candidates eligible for refunds and altered their banking details so that the money would be transferred to accounts under his control instead of reaching the rightful beneficiaries.
The incident has once again raised serious concerns over cybersecurity measures surrounding one of India’s largest entrance examinations. The NEET examination has already been under intense scrutiny following paper leak allegations and technical issues over the past few years, making this latest cyber fraud another setback for authorities responsible for conducting the examination.
According to Ahmedabad Cyber Crime Branch officials, the accused allegedly attempted to target more than 350 student accounts. Out of these, he successfully gained access to nearly 150 accounts by using brute-force techniques that exploit predictable or weak passwords. A brute-force attack is a trial-and-error hacking method in which cybercriminals repeatedly attempt different password combinations until they gain access to an account.
Investigators revealed that after entering the students’ accounts, the accused identified candidates eligible for refunds and replaced their registered bank account information with his own account details. Each candidate was eligible for a refund of approximately ₹1,700, which could have collectively resulted in a significant amount being siphoned away if the fraud had gone undetected.
The fraud was uncovered after complaints regarding suspicious refund transactions reached the Ahmedabad Cyber Crime Branch. Authorities subsequently sought assistance from the National Testing Agency (NTA), which provided crucial information related to the beneficiary bank accounts receiving the funds. Technical analysis, transaction tracking and digital footprints eventually helped investigators identify the suspect and trace him to Bihar, where he was arrested.
Officials said the NTA’s Chief Information Security Officer played a key role in helping investigators detect unusual activities linked to the NEET portal. By analysing login patterns and suspicious modifications to bank account details, authorities managed to stop the fraud before it expanded further.
The case has also highlighted vulnerabilities within online examination systems. Police officials noted that the NEET portal previously lacked robust multi-layer authentication systems, making it easier for attackers to exploit weak passwords. Since the incident surfaced, security upgrades have reportedly been implemented, including improvements in authentication mechanisms to strengthen account protection.
Authorities have urged NEET candidates and their parents to immediately review their account security practices. Students have been advised against using easily guessable passwords such as dates of birth, mobile numbers, names or common numerical combinations. Experts recommend creating strong passwords that combine uppercase and lowercase letters, numbers and special symbols.
Officials have also warned candidates never to share their application numbers, passwords or one-time passwords (OTPs) with anyone. Students have been instructed to rely only on official NTA websites for all examination-related updates, applications and refund procedures. Authorities cautioned against responding to messages, calls or links received from unofficial sources claiming to provide refund assistance.
Key Developments In The Case
Cyber Fraud Method
- The accused allegedly used brute-force hacking techniques.
- Over 350 accounts were targeted.
- Around 150 accounts were successfully accessed.
- Bank account details were altered to divert refund money.
Security Measures And Student Advisory
Authorities Have Recommended:
- Use strong and unique passwords.
- Avoid sharing login credentials and OTPs.
- Verify all refund-related communications through official NTA platforms.
- Regularly monitor account information for suspicious changes.
The investigation remains ongoing, and police are now examining whether the accused acted alone or was part of a larger cyber fraud network targeting examination systems across the country. Authorities are also investigating whether he may have been involved in similar offences elsewhere.
