Since the government’s move to demonetise old ₹ 500 and ₹ 1000 notes last year, usage of digital money has drastically increased in the country. As India takes the cashless route and emerges as the biggest digital economy in the world, it also opens up many opportunities for cyber criminals.
According to Norton Cyber Security insight report 2016, those who were not careful have experienced negative consequences including identity theft, money stolen from bank accounts, credit cards issued in their names and unauthorised apps installed on their devices.
Data from Ministry of Finance in India shows that about 50 leading banks in India have lost around ₹ 4.85 billion between April 2013 and November 2016 because of cyber frauds. Fifty six per cent of this money was lost due to net banking thefts and credit/debit card cloning. Discussed in this article are some possible security threats and what you can do to avoid these.
Debit/credit card fraud
A debit or credit card fraud occurs when a criminal gains access to your debit/credit card details and the PIN to make purchases or withdraw money from your account. To safeguard your card, follow the steps given below.
Sign up for banking alerts.
Signing up for banking alerts that are delivered as SMSes to your registered mobile number or email ID can help you keep track of your account transactions.
Safeguard your PIN.
Never write down your PIN or save it on your mobile phone. And, while entering your PIN at an ATM or while paying for stuff at a shop/restaurant, cover it using your hand or body so that no one else can view it. Also, change your PIN regularly.
Use credit cards instead.
For purchases, use credit cards instead of debit cards, because the former offer greater protection. You can also block credit cards at any time.
Stick to own bank ATM.
It is preferable to use your own bank’s ATMs instead of a different bank’s. This also saves you from paying transactions fees that you might have to pay after a certain number of transactions.
Avoid saving card data.
Most online vendors offer card saving options for easier and faster transactions in the future. Avoid doing so wherever you can.
Do not let anyone else use you card.
At shops or restaurants, always swipe your card yourself or have it swiped in front of your eyes. This is a good way for criminals to otherwise get access to all your details.
Online wallets are easy targets. Many a time these do not have very advanced security measurements. This makes these vulnerable to attack. Many wallets need only one-time login to carry out the transactions, and these keep you signed in. This helps hackers to access your account easily.
Wallets usually have a simple one-click feature for easy operation. So if you lose your phone, anyone who lays hands on it can control your mobile wallet. Let us see what you can do to protect your digital wallet.
1. Install a basic antivirus and malware scanner on you mobile phone.
2. Check for the rating and credibility of the app before installing it.
3. Use a one-time password (OTP) instead of a regular password.
4. Log out of the mobile wallet after the transaction is complete.
5. Make sure the wallet provider has a customer support wing that can help in case of fraud.
6. Do not use the same password for all accounts.
7. Avoid installing third-party software shown on pop-up advertisements while using apps.
8. Double-check the details while transferring money. Even if the wallet has a possibility of threat, it is still safer than using a credit/debit card for online transactions.
Threats in Internet banking
Even though banks provide a lot of security measures, online banking services (NEFT/RTGS) are not free from the menace. Security threats include phishing, spyware and adware, viruses, trojans and key-loggers, among others.
Phishing and spam emails look like these have been sent from the bank itself, and ask for personal details such as usernames and passwords.
Spyware and adware are a special type of software created by hackers to collect sensitive information. These track your Internet habits and interests, and provide the same to marketing companies. This is how you end up with spam in your inboxes.
A virus attaches itself to a program by clubbing with another program in the computer by using different resources of the computer. An email virus is a special type of virus that gets embedded in an email and when you open the email, it replicates your information and distributes it.
A trojan can also be categorised as virus but it does not replicate itself and does not need any particular program to attack. It is a destructive program that acts as a harmless application, such as as helpful software claiming to get rid of unwanted software or virus. Instead, it attacks your information and makes it vulnerable.