How to stay safe from online financial fraud
market. “Along with some more technical steps and social engineering, this information can be used to hack someone,” said Halde. For example, if you are using an email service, there are some security questions you have to answer to recover a password. Some of these questions, like mother's maiden name or first school are used in many places. “So, social engineering is used to get answers to your security questions,” said Halde.
These are programs that steal information while hiding somewhere on your device. “People want to download a lot of free software, videos and music; and chances are high that those files are hosting some malware,” said Doshi. The inherent nature of malware is to steal information from the device. “The malware is coded to pick up information from the device and send it to the command and control centre, which is hosted somewhere on the internet. Malware is designed smartly and does not look for non-sensitive information. It looks for sensitive information based on keywords like password, banking, or transaction. Any file having these keywords is stolen,” Doshi explained.
An advanced version of malware is ransomware. This does not even steal information. It just encrypts the data so that you cannot access it. If you want to access it, you have to pay a ransom. To avoid ransomware risk, it is a good practice to backup of your data on an external drive, which is not connected to the internet.
How to report fraud
While the risk of cyber financial fraud will remain, this does not mean that you stop transactions altogether. The Reserve Bank of India in July this year issued a notification on customer protection in case of electronic banking transactions. You can read about it in detail here: bit.ly/2tpp3r3
The RBI has clearly spelt out banks’ and customers’ liabilities in case of unauthorised electronic banking transactions. If an unauthorised transaction takes place and the bank is responsible for it, then the customer has zero liability. This means the bank will make good any losses you may suffer. If there is a third-party breach where neither the bank nor the customer was responsible and the customer responds within 3 working days, then too the customer doesn’t have any liability. But in case you don’t report within 3 days but within 4 to 7 working days, you will have some liability. This means you will incur some monetary loss for the fraud. But what if you report after 7 days? In such a situation the bank will decide what to do.
Being alert, and following basic rules like not storing passwords and PINS, having complex and different passwords for different services, not clicking on unknown links and not downloading from suspicious sources can keep you safe to a large extent.