–Aditya Narang, Co-Founder and CBO, Safehouse Tech
Ever since Kovid-19 knocked in India in 2020, since then, it has increased rapidly. digital payment Fraud due to the adoption of this technology. Digitization saw a huge increase, as most people preferred this channel for online shopping/payments, as there was a risk of transmission through people or through shared surfaces like cash or cards. The subsequent lockdown also accelerated the use of digital payments and fueled the digital payments industry across India.
As more and more people go digital, fraudsters are adopting innovative ways to cheat vulnerable consumers. Many consumers are falling prey to these scams whereby their sensitive information is being exposed and their hard earned money is being stolen. Cybercrimes like phishing, malware, OTP fraud, fake UPI links, and many more are seeing a rise as more people are using contactless payments. The Minister of Electronics and Information Technology has also quoted that the number of phishing incidents in India has more than doubled in 2021.
Additionally, data from the government’s cybercrime department states that the government received at least 61,100 complaints of digital payment fraud in May 2022. More than 50% of these complaints were related to UPI fraud. Adding to this, as per the recent industry estimates, around 80,000 frauds worth Rs 200 crore are committed through UPI every month. Needless to say, with increasing digital payments, hackers are fooling users to transfer money unknowingly.
While the digital payments sector is booming, there are risks for all of us who use it. There is a dire need for mobile security as most of the apps and our private data like photos, banking apps, emails and messages are on our mobile phones. Therefore, it becomes imperative for users to take extra precautions to keep their online transactions and personal information secure. Although mobile phones face similar threats or are more prone to cyber attacks, we don’t really take mobile security as seriously as traditional computers or laptops. For example, you cannot secure your mobile devices with a security application or solution as you do with your personal or work computer/laptop.
When you make digital payments at merchant stores online or offline, not following cyber security best practices can leave you at risk. Remember that malware and ransomware are just as likely to attack your phone as your computer if you don’t have any kind of data protection enabled on your device.
Here are some of the dangers you should be aware of and guard against when using digital payment options:
Mobile Malware: This is malicious software designed to target the operating system of a smartphone. It sabotages the operating system and leaks the private data stored on the phone. Fraudsters can access your banking details on your phone through banking apps or other data that you may have saved elsewhere on the phone. They can conduct transactions using your financial information, which can cause you to lose all your money. Mobile malware is becoming a challenge for the cyber security industry as attacks increase in frequency and strength.
Phishing: This is an attack designed to reveal confidential/sensitive data to the user. For example, an SMS or email that says you have won a prize or lottery. When you respond to this SMS or email or click on a link claiming a prize, the attacker asks for important information such as your banking PIN or login information. Once they gain access to your bank account, your money will be gone before you can!
Physical theft: Through theft, thieves gain physical access to your ATM/debit/credit card, other documents you can use to verify your identity, or even the smartphone you use for banking. Huh. Thieves can steal any of these items and misuse your financial information to cause financial loss. It is important not to carry any written PIN and login credentials along with your card and other documents.
data extraction: Fraudsters are constantly coming up with new ways to extract your data from the digital payments ecosystem. This means that without strong cyber security measures and robust malware protection software, your data is always at risk of being stolen. All of your digital devices that connect to the Internet must have anti-virus and anti-malware software installed so that you can protect any data you save in them.
Copy Sim leaves: If the attacker stole your mobile device, they can easily copy your SIM card. You will no longer receive calls and messages, but all the data in your SIM gets copied to the duplicate SIM. The duplicate SIM “simulates” the exact behavior of your original SIM, which means that the attacker can perform transactions related to the use of the data stored on your SIM card.
Debit/Credit Card Fraud: Just as scamsters or hackers can cause Internet banking fraud, they can also perform unauthorized transactions using your ATM, debit or credit card. As a user, we may take necessary measures to keep ourselves away from these frauds. Simple steps like remembering your CVV and scratching the card to avoid misuse and never save the ATM PIN or other password on your phone.
Yes, while these attacks and methods are quite surprising, here is what you can do to secure yourself and your device:
Avoid using public networks: All digital payments require that you be connected to the Internet to process transactions. Avoid using open Wi-Fi connections on public networks such as cafes or in unknown open networks as they are more vulnerable to fraudulent activities. It’s best to use your mobile data when you’re out and about on your private home Wi-Fi. However, make sure that your Wi-Fi connection has a password protection system enabled.
Two-factor authentication (2FA): 2FA is a dual-factor authentication that ensures two layers of security to keep your sensitive data secure. This authentication requires additional credentials like OTP apart from just username and password, making it impossible for hackers to access the account.
Never save or share banking details: Avoid saving your card details or passwords on your phone or other Internet-connected devices. Just like you will not save the details digitally, you should never share the details with anyone. Remember, legitimate companies don’t ask for your password, OTP, or any information that is supposed to be private.
Beware of Fraudulent Links and Apps: Do not open links to unknown sources or advertisements and do not download apps that appear to be fraudulent. You can recognize them by their lack of a ‘verified’ badge, poor reviews, and a low number of downloads.
Other things you can do: Enable passwords for your devices, create unique passwords for digital wallets, always install the latest system updates, use a remote lock or data-wipe system on your phone, and report a fraudulent transaction if it still occurs And learn the solution process.
FacebookTwitterinstagramKu APPyoutube