How to stay safe from on­line fi­nan­cial fraud

Mint Asia ST - - Money -

mar­ket. “Along with some more tech­ni­cal steps and so­cial engi­neer­ing, this in­for­ma­tion can be used to hack some­one,” said Halde. For ex­am­ple, if you are us­ing an email ser­vice, there are some se­cu­rity ques­tions you have to an­swer to re­cover a pass­word. Some of these ques­tions, like mother's maiden name or first school are used in many places. “So, so­cial engi­neer­ing is used to get an­swers to your se­cu­rity ques­tions,” said Halde.

Mal­ware

These are pro­grams that steal in­for­ma­tion while hid­ing some­where on your de­vice. “Peo­ple want to down­load a lot of free soft­ware, videos and mu­sic; and chances are high that those files are host­ing some mal­ware,” said Doshi. The in­her­ent na­ture of mal­ware is to steal in­for­ma­tion from the de­vice. “The mal­ware is coded to pick up in­for­ma­tion from the de­vice and send it to the com­mand and con­trol cen­tre, which is hosted some­where on the in­ter­net. Mal­ware is de­signed smartly and does not look for non-sen­si­tive in­for­ma­tion. It looks for sen­si­tive in­for­ma­tion based on key­words like pass­word, bank­ing, or trans­ac­tion. Any file hav­ing these key­words is stolen,” Doshi ex­plained.

An ad­vanced ver­sion of mal­ware is ran­somware. This does not even steal in­for­ma­tion. It just en­crypts the data so that you can­not ac­cess it. If you want to ac­cess it, you have to pay a ran­som. To avoid ran­somware risk, it is a good prac­tice to backup of your data on an ex­ter­nal drive, which is not con­nected to the in­ter­net.

How to re­port fraud

While the risk of cy­ber fi­nan­cial fraud will re­main, this does not mean that you stop trans­ac­tions al­to­gether. The Re­serve Bank of In­dia in July this year is­sued a no­ti­fi­ca­tion on cus­tomer pro­tec­tion in case of elec­tronic bank­ing trans­ac­tions. You can read about it in de­tail here: bit.ly/2tp­p3r3

The RBI has clearly spelt out banks’ and cus­tomers’ li­a­bil­i­ties in case of unau­tho­rised elec­tronic bank­ing trans­ac­tions. If an unau­tho­rised trans­ac­tion takes place and the bank is re­spon­si­ble for it, then the cus­tomer has zero li­a­bil­ity. This means the bank will make good any losses you may suf­fer. If there is a third-party breach where nei­ther the bank nor the cus­tomer was re­spon­si­ble and the cus­tomer re­sponds within 3 work­ing days, then too the cus­tomer doesn’t have any li­a­bil­ity. But in case you don’t re­port within 3 days but within 4 to 7 work­ing days, you will have some li­a­bil­ity. This means you will in­cur some mone­tary loss for the fraud. But what if you re­port after 7 days? In such a sit­u­a­tion the bank will de­cide what to do.

Be­ing alert, and fol­low­ing ba­sic rules like not stor­ing pass­words and PINS, hav­ing com­plex and dif­fer­ent pass­words for dif­fer­ent ser­vices, not click­ing on un­known links and not down­load­ing from sus­pi­cious sources can keep you safe to a large ex­tent.

Newspapers in English

Newspapers from Malaysia

© PressReader. All rights reserved.