Editor's Picks(1-4 of 12)
Some Essential Internet Banking Safety Rules To Follow
Cyber Crime is Closer to You Than You ThinkInternet banking is convenient and almost everyone I know these days checks their bank balance online, transfers and receives money online all from the comfort of their desktops, laptops and even smartphones. But the joyride of convenience can quickly hurtle into disaster as Kandivli resident Chinmay Dash recently found out. His bank account was emptied of Rs 1.75 lakh by cyber criminals. What was unique here is that the cyber criminals were smart enough to first find out the victim’s phone number and then took the effort to call up the bank’s call centre and deactivate the victim’s phone SIM card. Almost all banks now send an sms alert immediately to the account holder’s phone number as soon as money is debited or credited to an account. The criminals were smart enough to calculate this into their overall strategy.
Criminals are Getting Smarter. Are You Keeping Up With Them?
Deactivating the SIM card was a smart move to prevent the victim from receiving debit alerts from the bank while they were transferring the money from Dash’s account into their own. Cyber criminals are the modern day dacoits. They are educated and highly intelligent people sitting behind a computer screen and they have the ability to do anything that they set their minds upon. Their targets could range from simple individuals like Mr. Dash to multinational banks and even Governments; and you can bet your last Rupee that they can breach though all but the most stringent security firewalls and take away your last Rupee!
It was Gandhi who said ‘Never doubt that a small group of thoughtful, committed citizens can change the world; indeed, it’s the only thing that ever has’. I would say that in today’s world the same adage can be modified to -
“Never doubt that a small group of thoughtful, committed hackers can take over the world!”
Do Not Depend on The Police
It took Mr. Dash eight days simply to get his complaint accepted by the cyber crime cell at Bandra-Kurla Complex. The officers told him that they don’t have sufficient manpower and that an FIR should be registered at the police station in whose jurisdiction the victim resided. The FIR (First Information Report) was registered on December 3, but frankly, the local police neither have the technical expertise nor the training to understand cyber crimes. Lets face the truth. The manpower-starved Mumbai Police is hardly equipped to fight terrorists with guns – do you think they would be able to locate and buttonhole a sophisticated hacker who is probably one of the best computer engineers in the world?!
Besides the police or even cyber crime forensics experts can come in only after the crime has been committed. There is no guarantee that the cyber criminal who may be holed up in Latvia or Nigeria will be ever be caught – let alone recover the lost money. Point to be noted - Dash, who is between jobs, said the bank had refused to refund his money. Dash is also blaming the phone service provider who deactivated his SIM and issued a new one without his providing any documentation or signing any form. A lot of fingers will be pointed from here on. Dash is hoping to approach the consumer court now and I presume his life is going to be miserable from now onward until he resolves this issue.
Here are some tips for Secure Online Banking
I am listing below some must-do’s for ensuring that criminals do not empty out your bank account. Read them very carefully and start implementing them immediately!
Pay attention the the url.
The url is the web address. Always access your internet banking account by typing the correct URL (e.g. http://www.standardchartered.com) into your browser. Double check the url before entering your personal information. For example ICICI bank’s official website address is http://www.icicibank.com/. Fraudsters may register a url such as iciciccbank.com or icicibankingsolutions.com and design a duplicate interface thus fooling people into thinking that they are on the ICICI bank site. They will steal your user name and password from here and then easily log into your account on the real ICICI bank’s site. Also never click on a link in an email to take you to a website, or enter personal details either in the email or website.
Password and PIN security
You should always be wary if you receive unsolicited emails or calls asking you to disclose any personal details or card numbers. Your internet banking information should be kept secret at all times. Never disclose personal information to individuals you do not know.
Please remember that a bank will never contact you directly to ask you to disclose your PIN or your full password information.
If it sounds too good to be true…
It probably is. Don’t be conned by convincing emails offering you the chance to make some easy money. As with most things, if it looks too good to be true, it probably is. Be cautious of unsolicited emails from overseas – it is much harder to prove legitimacy of the organisations behind the emails.
It is important to use up-to-date anti-virus software and a personal firewall. If your computer uses Microsoft Windows, it is important to keep it updated via the Windows Update feature, equally if you use another operating system you should check regularly for updates. Do not ever use internet cafes or a computer that is not your own and over which you have no control to access your bank account.
Keep your identity private offline
Your identity can be as easily stolen offline as it can online. It is important that you comply with instructions about destroying new PIN numbers and expired bank cards.
You should also consider using a paper shredder available in any stationary shop to destroy bank and other statements that may contain sensitive personal information. It is advisable to store retained documents in a suitable locked and fireproof container. Most people are complacent about such things and only repent when tragedy strikes.
Check your statements
Again something that most people are too lazy to read – bank statements! This can never be over emphasized. There are so many cases I have come across where the clients found out months later that their bank account was compromised. And by then it was too late because in the online world just like in the real world, locating the source of a crime through a trail is easier for forensics experts when the crime has been recently committed.
It is therefore important to check your statements regularly – either your banking account’s website or through the hard copies sent to your home by the bank. It does not take much time. A quick check will help identify any erroneous or criminal transactions that might have been performed on your account without your knowledge. So the next time that envelope arrives with the bank’s logo do not just throw it in a corner of the house!
Double Check your banking session and ensure that it is secure
When undertaking any banking transaction on the internet, make sure that you are highly alert. Check that the session is secure. There are two simple indicators that will tell you if your session is secure. The first is the use of https:// in the URL. Some browsers such as Mozilla Firefox and Google Chrome change the colour of the url window when you are in a secure session. The other indicator is the presence of a digital certificate represented by a padlock or key in the bottom right hand corner. If you double click on this icon it should provide you with information about the organisation with which you have entered in to a secure session. Look at the adjacent picture. The green tab on the left of the url bar is the secure certificate. Clicking on that tab will give you more information about the encryption used implying that it is safe to log in.
Check for spyware
In addition to being protected by using up-to-date antivirus software you should also regularly use software to remove spyware from you computer, as these programs record information about your internet use and transmit it without your permission. In some circumstances this can compromise your PC security. Call up a computer service guy and get your computer cleaned once in a month.
Ensure you log off properly
It is important to completely log off from your internet banking session; simply closing the window you performed the transaction in may not close the banking session. That is a bad habit. If your computer is infected with a Trojan, your session may become hijacked by a criminal and financial transactions may be performed without your knowledge. It is also advisable to disconnect from the internet if you are not planning to use it.
Those who download a lot of music and movies from bit torrent sites should not use the same machine for internet banking. Always use a secure machine that you know is not used by anyone else but you. Do not use the family desktop computer or your children’s laptops or desktops. Kids and teenagers are always downloading music and movies from illegal sites and that is the number 1. source of viruses and Trojans.
Bottomline: Money in today’s world is just a concept. It is denoted by numbers on a computer. Billlions of dollars are transferred everyday from one account to another by just clicking a button. The cyber criminal is smart enough to recognize that which is why it is no wonder that the smartest minds today and in the future will gravitate to cyber crime precisely because of the rewards and the low chances of capture. Be very careful – It will just take one second for your life to turn from heaven to hell like it did for Mr. Chinmay Dash!