How to protect your Confidential Personal Data and Money from fraudsters in view of rising Cyber Frauds?
On the one hand digital
transactions are Rewarding, Instant, Easy, Hassel free and Low cost whereas on
the other hand careless and insecure usage can expose ourselves to its
vulnerabilities. With most of us now making financial transactions over mobile
apps, it’s all the more important to know how Fraudsters can rob you.
Nature of Frauds: SIM Cloning, Phishing, Vishing, Cyber Stalking, Cyber Extortion, Identity theft, Malware Attack, Email Spoofing..etc.
Now Let’s clear the terms
first, then we will look at the most common ways.
What Is Phishing?
Phishing is an act of sending
a fraudulent e-mail or creating a forged screen pop-up, in an attempt to
capture customer’s confidential personal details like User Id, Password, 3D
Secure PIN, Date of Birth, CVV number, etc.
What is Vishing?
Vishing is an attempt where a
fraudster uses the phone to lure the people in revealing their confidential
bank details.
What Is Con-Artist?
A person who cheats or tricks
others by persuading them to believe something that is not true.
What is Email spoofing?
Email spoofing is the creation
of email messages with a forged sender address. Because the core email
protocols do not have any mechanism for authentication, it is common for spam
and phishing emails to use such spoofing to mislead or even prank the recipient
about the origin of the message.
What is Cyberstalking?
The repeated use of electronic
communications to harass or frighten someone, for example by sending
threatening emails.
What is Malware Attack?
A malware attack is when
cybercriminals create malicious software that's installed on someone else's
device without their knowledge to gain access to personal information or to damage
the device, usually for financial gain.
Phishing: Phishers are churning out
much more convincing and effective emails. Not only are the most persuasive
specimens well-written, but they are also often personalized, addressing the
recipient by name. In addition, they replicate the look and feel of authentic
emails from legitimate businesses down to the fonts, footers, logos and
copyright statements those companies use in electronic correspondence with
their customers. With many startups operating in the payment space, it has
become easier for con artists to masquerade as agents for the company, asking
you to divulge your Aadhaar or payment IDs. As phishing schemes become more
sophisticated, with Phishers being able to convince up to 5% of recipients to
respond, it becomes increasingly important to be vigilant in identifying and
protecting yourself from these scams.
App Phishing: As Google allows anyone to upload an app on Play Store, a lot many Fraudsters are uploading apps with names very similar to government-backed apps. One example is BHIM. First-time users are scammed as they download an app with the suffix BHIM.It requires them to give all personal details including bank account information and card number. In other instances, some apps require you to disclose your Aadhaar number.
Please follow the below steps before opening any unknown mail:
1) Delete suspicious messages immediately.
2) Don’t click on any links in the message.
Instead, DO copy and paste the URL into a new browser window.
3) Never respond to an unsolicited email, or supply
personal information as requested by an email, even if the message looks real.
4) Never supply your passwords or other sensitive
information via an email message.
App Phishing: As Google allows anyone to upload an app on Play Store, a lot many Fraudsters are uploading apps with names very similar to government-backed apps. One example is BHIM. First-time users are scammed as they download an app with the suffix BHIM.It requires them to give all personal details including bank account information and card number. In other instances, some apps require you to disclose your Aadhaar number.
Also Read:Kaspersky Internet Security for Android Mobile Phone
Hence first check the app maker and confirm whether it is a legit company.
What is SIM
Swapping/Jacking?
SIM swapping or SIM Jacking
involves a hacker duping your cell provider into believing that you're
activating your SIM card on another device. In other words, they're stealing
your phone number and associating it with their SIM card. The way this works is
that one way or another—either as call center or via an app—scammers try to get
your personal details. Most scammers are looking for your Aadhaar details. In
the age of WhatsApp, most people forget to check their messages and this
further helps scammers. Once they acquire your details, they go to a friendly
mobile store and get a new SIM issued on this ID. Once that is done, your phone
would stop working and all OTP and other details would go to your new SIM
number, making it easier for scammers to wipe out your account.
4) Do
not put your mobile number on public display on social media or any other
websites.
How to be safe from SIM swap fraud?
1) The first warning signal can be your mobile network. If your phone is out of
network continuously for a few hours, it's an alert and you should complain the
same to your mobile operator immediately.
2) Check
your bank account statement regularly. The best way to avoid this is to
subscribe to SMS and email alerts. More importantly, keep checking your messages. You
can also keep a different notification tone for bank messages.
3) The
20 digits SIM number mentioned on the back of the SIM card is crucial. Never
share it with anyone.
Falling Victim!
If you’re the victim of a SIM
swap scam, it’s not the end of the world. Inform the bank or phone company as
soon as you have any suspicions to reduce the impact of the attack. Never
forget to inform your Local Police Station.
Prevention Is Better Than Cure
Falling victim to such fraud
cases can be frustrating, hence, take measures to avoid being a victim of
Internet Banking / Credit card fraud in the first place.
Credit Cards:
1) Use
exclusively separate Credit Card with a low credit limit for all online
transactions instead of Debit Cards. In terms of security, you're better off
using a credit card in place of a debit card, as you will get some time in
between credit card issuing bank settles with merchant establishment.
2) Instead
of carrying only one credit card, carry 2-3 cards and set a particular credit
limit to each card. Use the different cards to make payments at a different
location. Doing this will make sure that even if any fraud happens, you will
lose only some amount of money, not a huge sum. The rest of the money will
remain safe in other cards.
3) The most common type of cyber fraud happens when you make payment in a restaurant
or from the Hotel room through debit/credit card. Instead of giving away the
card to the waiter or service executive, ask him to bring the machine to your
table/room to make payment so that you have a fair idea of where your card is being
used.
4) Disable
international usage if you are not traveling. This way you limit yourself from
out of the country scammers. It can be done through the mobile banking app, net
banking or by calling the customer care of the bank.
5) Having
insurance against any mishap can protect you and the same can be done in
contact with your card issuing bank.
Internet Banking:
1) While using internet banking, check for URL begins with https:// instead of http://
and Padlock Icon on your internet browser when accessing your account. It
indicates the console is running in secure mode.
2) When
you go to a website to make any transaction, look out for the logo of Payment
Certification Industry (PCI) at the top of the page. It is a globally renowned
industry. Having its certification means that the website owner is concerned
about user security and your bank details are in safe hands.
3) Most
of the cyber fraud happens because you make payment on vulnerable, unsafe
websites. These websites hold a high risk of getting hacked, giving away all of
your credentials to the hacker.
4) Use
advanced anti-malware programs. It will protect both classified and
unclassified attacks on your computer and other digital devices you are using.
Make sure your anti-malware program is updated or its auto-update option is
“on”. Make sure that the antivirus program is able to detect newly created and
mutated malware threats even before it’s included in the database of the
automatic updates.
Saving Card Details
and Password:
1) Use
a combination of upper and lowercase letters, numbers, and special symbols.
Instead of choosing a complete word, consider using a unique and uncommon
acronym or phrase, which could make it harder for a hacker to identify.
2) Many
times, people save their important passwords and bank account credentials in
the E-Commerce website, applications...etc. These applications may use the
details in carrying out cybercrimes. So, avoid storing your passwords and bank
account credentials in the E-Commerce website and unstable applications.
Don't Stay Logged In:
Logging out ends your session and can reduce the odds of someone being able to
steal your information.
Avoid Public Computer
/ Wi-Fi:
1) Using
public Wi-Fi that isn't password-protected could potentially expose your
account details to hackers if they're able to tap into the network.
2) In
order to maintain security during online transactions, make sure that you’re
using your own computer or mobile device. Do not use the computers installed at
public libraries or internet cafes, as these computers can easily be
manipulated by tweaking its hardware or software.
Social media websites: Never share your personal
details like Date of Birth, Mothers Name..etc at social media websites as same
along with your log-in credentials can go directly to the hacker and he can use
it adversely. For instance, if you post your pet’s name or reveal your mother’s
maiden name, you might expose the answers to two common security questions.
Never share personal
details to Unknown People: No bank official will ever call you and
ask for your bank account details without giving any official intimation.
Confidential information such as card number, card expiry date, CVV number,
OTP, card PIN or Internet banking password, should not be shared. So, avoid
talking to such fraudsters and DO NOT share your account credentials with
anyone.
Be extra cautious while
sharing photocopy of KYCs for any Loan/Credit Card Application..etc. Never give
a photocopy of your existing debit or credit cards while making an application
for your second card.
Fraud Tele Calling and
Messages: We
keep receiving messages saying your bank account has been credited with a large
sum of money, provide your account details to receive the payment and thus
seeking your confidential card information, password or OTP. Avoid falling into
such traps as they are mostly fake and can wipe out all the money from your
account. Do not reply to emails or SMS asking for personal information.
Bank Reconciliation: Stay alert of SMS’s or
transaction alerts or OTPs that are sent to your registered phone number, by
the Bank. Review your card and bank statements regularly, and in case of any
discrepancy, report it to the Bank. Report to the bank immediately in case of
any discrepancies.