Lakhs of Indians have joined the online community with India’s ambitious ‘Digital India’ campaign. Furthermore, as the demonetization wave hit India in November 2016, e-wallets and online payments took off like never before! Consequently, the country has seen a sharp rise in online financial frauds. Here are 10 easy ways to protect yourself from online financial frauds.
Digital India Initiative Has Brought an Overwhelming Number of Indians Online
India has witnessed a massive upsurge in the use of digital transactions in India in the last couple of years. Did you know that in September 2018, the National Payments Corporation of India’s Unified Payments Interface (UPI) has documented over 400 million digital transactions in India? Digital transactions carried out by Indians rose by 30% from August 2018 to September 2018.
As more and more join the digital fraternity, the obvious question that arises is whether digital transactions are safe?
A report by Experian’s Digital Consumer Insights 2018 shows that 1 in 4 online banking consumers is a victim of online financial frauds. Also, 24% experienced fraud directly while engaging in online/digital transactions.
In fact, a recent RBI report shows a rise of over 20% between 2016-17 and 2017-18 in online banking frauds involving digital transactions of more than INR 1 lakh!!!
A Ranking That India Didn’t Aspire For
As per a global survey conducted by a financial technology services firm, FIS, Indians are the most frequent victims of online banking frauds. In a survey conducted in 2017, 18% of Indians reported being a victim of online financial frauds.
Interestingly, people in the age group 27-37 are more susceptible to online banking frauds as per the survey. Incidentally, this is the age group that comprises maximum users of digital transactions. In another survey, 25% of people in this age group experienced an online financial fraud at least one time.
Ravi Shankar Prasad, Minister for Information Technology, publicly declared the number of online financial frauds in India in 2017 as 25,800. These resulted in the theft of close to 1.8 billion rupees!!!
Step 1 to Protect Yourself from Online Financial Frauds – Know How Online Banking Frauds Happen
The sharp rise in the number of online banking frauds is a clear indication of the loopholes in the modes of digital transactions. A cognizance of how these frauds occur is important to protect yourself from online financial frauds.
Here are some common ways in which fraudsters execute online financial frauds.
1. A Software That Tracks Your Keystrokes on a Keyboard
Cyber fraudsters use a special software called key logger for recording the keystrokes made by a user on a keyboard. Key logger can record static passwords such as bank passwords or 3D PINs typed using a keyboard even without the user’s knowledge! Thus, it is better to use a dynamic PIN for digital transactions or an app having an inbuilt secure swipe option.
2. Shoulder Surfing
We all have the notion that OTPs or One Time Passwords are secure since they have a limited validity. However, OTPs mostly appear in the form of pop-ups on mobile phones or email notifications. Furthermore, the mobile popup is clearly visible even with the mobile in a locked condition. If a person manages to look over your shoulder, he/she can easily view your OTP. Thus, such digital transactions are susceptible to a breach.
3. Social Engineering
Beware of fake and fraudulent calls from banks! Social engineering is widely used by fraudsters to cheat people by making a call to them as fake bank representatives. Often, the technique used to defraud cardholders is to request them to share an OTP for confirming their online transaction. Once divulged, the fraudster makes a fraudulent transaction with the victim’s credit or debit card. Also, one can longer contact or trace the caller!
Remember that no bank official shall ever call and request you to share an OTP or any other confidential details.
4. OTP Accessibility on Smartphones
An OTP is the backbone of digital transactions. However, they can also be an easy gateway to online financial frauds. Most of the times, digital transactions involve OTPs sent as an SMS. What is noteworthy here is that many apps on our smartphones can access our SMS messages. Thanks to the privileges that we ourselves give to those apps when we install and run them!!
Therefore, there are chances of the misuse of an OTP by a malicious app on your phone. So, be careful of the access that you give to apps to the data available on your phone. Look at the reviews and number of app downloads before installing any random application on your smartphone!
5. Electronic Data Capture Machines
We have some bad news. Swiping your card on Electronic Data Capture or EDC machines is not as safe as you thought! Such machines are vulnerable to a breach and once compromised can record the details of the card that is swiped. Even though a PIN verification process follows a card swipe, a compromised machine can store the static PIN of credit/debit cards. This allows fraudsters to misuse your personal data for online banking frauds.
Step 2 to Protect Yourself from Online Financial Frauds – Handy Tips for Digital Transactions
First of all, we reiterate the basic thumb rule to protect yourself from online financial frauds. DO NOT ever share your password and OTPs with ANYONE. And, by ANYONE we literally mean anyone! Additionally, when choosing a password, ensure that you have a strong alphanumeric one with interspersed symbols.
Apart from the above, here are 10 tips that you must keep handy to protect yourself from online financial frauds.
1. Avoid Installing 3rd Party Applications
Abstain from installing random 3rd part apps, cracks or software on your personal computer or mobile phone. This is to protect your phones and computing devices from malware that have the potential to steal confidential data.
2. Avoid Clicking Suspicious Links
DO NOT click on clinks from arbitrary, suspicious or anonymous sources received as an SMS or email or even on your social media accounts.
3. Use Virtual Keyboard
Try to practice the habit of using a Virtual Keyboard when typing passwords during digital transactions.
4. Activate SMS & Email Notifications
Activate both SMS as well as email notifications for all your transactions. This will help you respond instantly by keeping you notified of fraudulent transactions.
5. Be Careful While Using Public Networks
Avoid using net banking or engaging in digital transactions when connected to a public network or hotspot. Likewise, avoid any activity involving your confidential personal/financial data when using public or shared computers.
6. Use 2-Factor Authentication
Make sure you set up account notifications and employ 2-factor authentication for your accounts.
7. Create a Strong Password
As already stated, make sure you create a strong password and keep changing it on a regular basis. Keep your password a smart mix of upper and lower case alphabets, numbers, and special characters.
8. Never Disclose Financial Details
NEVER disclose your financial details or OTPs to anyone, even if they claim to be a bank representative. Similarly, NEVER click on suspicious emails purportedly sent from your bank that requests your financial details. This could be a phishing email to cheat you of your money!
9. Install an Effective Anti-virus Software
Install authentic anti-virus software on your phone and computing devices. Also, make sure that you update it at regular intervals. Updating your internet browsers and operating systems to the latest versions also contribute to keeping online banking frauds at bay.
10. Use Secure File-Sharing
AVOID sharing personal details such as account numbers, email signatures, passwords etc. via email. We suggest you to use a secure file-sharing service to send documents containing sensitive data. Better still, resort to the good old practice of relaying information verbally!
Cyber Security Training & Awareness with ARDC
The Center for Advanced Research in Digital Forensics and Cyber Security or ARDC is a cyber and digital forensics research organization located in Bangalore and Chennai. ARDC aims to keep law enforcement agencies and other organizations up-to-date on cyber defense mechanisms with its research on the latest cybercrime and cyber security trends.
ARDC engages in cutting-edge research on mobile forensics, computer forensics, and network forensics to provide crucial insights on reinforcing the cyber security of the nation as a whole.