Hello,
copying below an important article from DNA.
Today, with technological know-how growing leaps and bounds, almost
everything is just a click away on the internet, be it paying bills,
booking tickets, buying insurance, net banking or filing income tax
returns.
However, the internet does have its perils and we should know and learn
to
tackle online identity theft scams.
Phishing scams: Phishing scammers send fraudulent emails disguised as
an
official email request from a bank to gain private and sensitive
information. Recipients are lured into believing the mail and they
click
on a link that leads them to a fake website that looks similar to the
bank's actual website. This way, the fraudsters capture confidential
details such as customer ID, IPIN, credit/debit card numbers, card
expiry
date and CVV number.
Customer's email address is obtained by the fraudster through
untrustworthy sites where the customer would have revealed his email
address or shared it in chat rooms, blogs or mailing lists.
On its website, HDFC Bank suggests that when customers realise they
have
been victims of a phishing scam, they should immediately access their
netbanking account and change the IPIN and verify recent transactions
in
the account. If no fraudulent transactions are observed, then they must
forward the phishing email to the bank for future reference.
Vishing: This is a combination of voice and phishing. The fraudster
sets
up an automatic dialer and when the phone is answered, a pre-recorded
message is played that tells the customer that his/her credit card has
had
illegal activity and the customer should call the recorded phone number
immediately.
When the customer calls the number, it is answered by a
computer-generated
voice that instructs the customer to enter his/her 16-digit credit card
number. Once the customer begins to follow instructions, the customer
falls prey by giving his personal details like date of birth, passport
number and mother's maiden number. Hence, in case of any suspicion, the
customer should disconnect the call and immediately report it to the
bank.
An ICICI Bank spokesperson warns, "Do not leave any personal or account
details on any telephone system that you are directed to. When a
telephone
number is given, you should first call the phone number on the back of
your credit card or on your bank statement to verify whether the given
number actually belongs to the bank. We generate awareness amidst our
customers through our communication on the website, advertisements,
mailers and statements."
Zeus: Zeus is a Trogan that infects the end users machine. Today, its
one
of the most common Trojan impacting bank customers. The Trojan gets
downloaded on the user's machine and when the he clicks on a link, an
attachment opens from an unknown website. The Trojan gets installed and
if
the person starts his net banking activities, the Trojan captures the
customer's confidential details, which leads to fraudulent activities.
Therefore, it is the responsibility of the end user to ensure that his
anti-virus is updated and his machine is notinfected.
Use a virtual keypad: While carrying out net banking activities through
public computers, there are chances that your user id and password may
be
hacked through a spyware or Trojan that may be installed purposely in
certain computers to leak personal details. "When you use the keyboard
and
enter your password, hackers may be able to capture your password via
advanced key loggers (Hidden malicious software that capture key
strokes).
Usage of virtual keypad provides you a better protection of your
passwords
against key loggers, as the password is entered using the mouse and as
the
keyboard layout on the virtual keypad is random," says CVG Prasad, CIO,
ING Vysya Bank.
"Cyber cafes should be strictly avoided for online transactions because
the connectivity and systems of an internet cafe are not secure and
chances of viruses capturing data from terminals in internet cafes are
higher. The counterfeit software installed at cyber cafes might inject
key
loggers, spywares, which collect all the login credentials with
keystroke
entries and search for password related files and send them to the
fraudsters who can misuse the information and cause huge damages," says
Shalini Mehta, executive vice president, Kotak Mahindra Bank.
Pirated softwares: Sometimes they comprise malwares and some sort of an
automated virus initiated while copying content. There are no security
upgrades available, hence it leads to the software being vulnerable and
prone to be exploited by the present Trojans. This also leads to
computers
behaving erratic, since the softwares are injected with virus.
