Hi Everyone Today We will Talk About “The Demerits OF Using Plastic Money (i.e., Credit & Debit Cards, Internet Banking Etc)”
On 19 October, the Country Woke Up to a Banking Nightmare. In what is Possibly India’s Largest Financial Data Breach, Nearly 32 Lakh Debit Cards Across 19 Banks were Compromised. As per the National Payments Corporation of India (NPCI), 90 ATMs were Impacted and at least 641 Customers Lost INR1.3 Crore in Fraudulent Transactions. Even as the Council of Payment Card Industry Data Security Standard (PCI-DSS), An International Body that Sets Data Security Standards, has Ordered a Forensic Audit, Banks have Advised Customers to Change PINs and Use Own Bank ATMs. Customers, Meanwhile, are Worried About How Secure their Debit and Credit Cards are Now.
It’s a Justified Concern, Considering that Nearly 2.59 Crore Credit Cards Issued by 56 Banks had a Transaction Worth INR 24,341 Crore via Points of Sale (POS) and INR 202 Crore through ATMs, while 69.72 Crore Debit Cards Registered Transactions Worth INR 2.19 Lakh Crore through ATMs and INR 17,100 Crore via POS in July 2016. This is a Fortune that Fraudsters are Waiting to Tap into through Several, Ready Loopholes. Even as the RBI and Banks are Trying to Stay One Step Ahead by Introducing Several Security Features, Customers Need to take the Initiative to Prevent Being Conned.
Comfort Dining Comes With A Price Of Data Theft
“Want to Win a Contest? Or a Vacation? Do fill Out Our Form,” Say Many a Smiling Representative at Restaurants, Malls and Clothing Stores. But Filling Out that Innocuous Form Could Prove to be One of the Costliest Mistakes.
A Few Months Ago, the Lucknow Police Busted a Syndicate that had Duped 185 Customers, who had Used their Cards at a Local Restaurant. The Skimming Fraud Came to Light, When a Producer was Defrauded of INR 70000, After He Had Used His Card to Pay for his Meal. The Restaurant Staff Using a Skimming Machine had been Meticulously Recording the Card Details of All their Customers.
“After a Meal, When you Give them the Credit Card – they Could have Already Noted your Card Number and CVV. The Circuit for Fraud Gets Complete When you Give them Your Date of Birth and Full Name,” says Reshmi Khurana, Managing Director, Kroll India, A Firm that Advises Banks On Security Issues.
“There’s a Ready Black Market for Sets of Information like Name, Age, Date Of Birth.
Database Providers are One of the Main Reasons, Customers Today Get Flooded with Spam Messages from Various Retailers, E-commerce Sites, Institutions Promising Jobs and Even Engineering Colleges Offering Seats. Database Providers Obtain Hundreds of Data Sets with Name, Phone Number and Date of Birth from Malls, Shopping Outlets and Sometimes Even from Disgruntled Employees of Telecom Providers. As the Database Providers get the Data, Similarly Fraudsters & Thief’s Can also get it through the Same Channel to CONN You.
“All Banks have Been Regularly Communicating with their Customers on the Dangers of Skimming and Phishing Attacks. We Send Regular E-mails as to What To Do; What Steps to Take In Case of a Cyber Fraud,” says Venkattesh R, Executive VP and Head Operations, Technology and Human Resources, DCB Bank. But Many a Time it is the Carelessness of Customers Itself, which Leads to the Fraud. “I’ve Seen Many People Give their PIN to the Waiter When they are at an Eatery. They Think they are Secure Because their Cards are with them. But it Doesn’t Necessarily Work like that. Today, Many Online Transactions can be Authenticated with the Card Number and ATM PIN,” Says DCB’s Venkattesh.
We List Here the Ways that Cards can be Used to Commit Fraud and Steps You Can take to Steer Clear of These.
How You Can Be CONNED ?
Card Fraud Basically Involves Theft of Identity or Information On Your Cards.
The Stealing can take Place in One of the Following Ways:
Automated Teller Machines (ATMs):
The Machines have Become a Favoured Target of Scamsters. Ask Mumbai Based Rupali Pandagale, (As Seen in Pic Above) Who went for Cash Withdrawal to Another Bank’s ATM. “I Put the Card in One of the Machines, But it Wasn’t Working. So I Took Out INR 2,500 from the Other Machine and Left. 5 Minutes Later, I Got An Alert Saying Another INR 10,000 had been Withdrawn,” She says. There are Various Techniques Fraudsters Use to Steal Your Card Information:
“This Involves Attaching a Data Skimming Device in the Card Reader Slot to Copy Information from the Magnetic Strip when One Swipes the Card,” Says Mohan Jayaraman, MD, Experian India. “They Also Set Up Cameras Near the Machine to Get the PIN,” He Adds.
This is a Barb that Retains the Card When You Insert it in the Machine and the Card is Retrieved Later.
If You Find Friendly Bystanders in the Room or Outside Who Try to Help You If Your Card Gets Stuck or Peer Over Your Shoulder, Beware. They are there to Get You to Reveal Your PIN.
If You Write Your PIN On the Card and Forget it in the ATM Kiosk, It’s a Virtual Invite to be Scammed.
The Ease of E-Shopping or Online Bill Payment is Matched by the Felicity with Which Identity Theft Can be Carried Out On Computer or Smartphone. Mumbai Based Girish Peswani Knows it Well. “I Was in My Office When I Got Alerts About Online Transactions Abroad Made Using My Credit Card,” He Says. There are Various Ways this Card Information Could Have Been Stolen.
In This Technique, Fraudsters Reroute you to a Fake Website that Seems Similar to the Original. So Even as You Conduct Transactions and Make Payment Via Credit or Debit Card, the Card Details Can Be Stolen.
Here, You Unintentionally Download a Software, Which Allows the Fraudster to Trace Your Key Strokes and Steal Passwords or Credit Card and Net Banking Details.
If You are Used to Carrying Out Transactions On Your Smartphone, Public Wi-Fi Makes for a Good Hacking Opportunity for Thieves to Steal Your Card Details.
This is a Malicious Software that Can Damage Computer Systems at ATMs or Bank Servers and Allows Fraudsters to Access Confidential Card Data.
Merchant or Point-Of-Sale (POS) Theft:
This is Perhaps the Most Effective form of Stealth, Wherein Your Card is Taken by the Salesperson for Swiping and the Information from the Magnetic Strip is Copied to be Illegally Used later.
Phishing & Vishing:
While Phishing Involves Identity Theft through Spam Mails which Seem to be from a Genuine Source, Vishing is Essentially the Same through a Mobile Phone Using Messages or SMS. These Trick You into Revealing Your Password, PIN or Account Number.
SIM Swipe Fraud:
Here the Fraudster Contacts Your Mobile Operator with Fake Identity Proof and Gets a Duplicate SIM Card. The Operator Deactivates Your Original SIM and the Thief Generates One Time Password (OTP) On the Phone to Conduct Online Transactions.
Mobile Apps other than those from Established Stores Can Gain Access to Information On Your Phone and Use it for Unauthorised Transactions.
Lost or Stolen Cards, Interception:
Transactions are Carried Out Using Stolen Cards, those Intercepted from Mail Before they Reach the Owner from the Issuer, or by Fishing Out Information like PINs and Passwords from Trash Bins.
Cards Using Other Documents:
New Cards are Made by Fraudsters Using Personal Information Stolen from Application Forms, Lost or Discarded Documents.
Mobile Payments are Leaving Some Users Exposed to Frauds
I am Hoping My Kids Don’t Do It,” Says Sarah Jane Hughes. The Professor of Commercial Law in the US isn’t Alluding to Sex or Drugs. She’s Talking About the Dangers of Mobile Payments Services. She’s Not the Only One Sounding An Alarm: Almost Half of About 900 Members of Isaca, An Association of IT Professionals and Risk Managers, Said Mobile Payments Aren’t Secure.
Why Using A Digital Wallet Is Like Leaving A Door Open
In 2016, 148 Million People Around the World Will Reach for their Handsets to Make Payments at In-Store Point-Of-Sales (POS) Terminals, Sccording to a Report from Juniper Research. Many Millions More Will Use Payment Apps to Send Money to Friends and Businesses.
The Boom is Creating Opportunities for Hackers and Thieves, and Security Gaps in Some of the Apps are Leaving Buyers as Well as Sellers Exposed.
Along with a Handful of Well Known Companies such as Apple, Google and Samsung, the Mobile Payments Field has Attracted Thousands of Thinly Capitalized Startups.
Mobile App Security Provider Bluebox Found Vulnerabilities in All the Roughly 10 Unnamed US Mobile Payment Apps it Examined. “Most of the Time, the Apps Themselves Aren’t Using Any Kind of Encryption to Protect the Data On the Phone or to Protect the Data in Transit,” Says Andrew Blaich, Bluebox’s Lead Security Analyst.
Mobile Payments Technology is Evolving Faster than Regulation, Leaving Some Users Exposed to Fraud.