Saturday, October 26, 2013

DO’S AND DON’T’S FOR ONLINE BANKING


DO’S :
1)      Keep track of your bank account and bank activity every few days.
2)      Ensure your FIREWALL Settings secure.
3)      Install good ANTI-VIRUS SYSTEM in your PC / Laptop / Mobile / Tablet / Phablet etc.
4)      Use secured networks always to make online payments or transactions.
5)      Websites that starts with https:// must be accessed mostly for better security.
6)      Alert the bank immediately, if there is any problem while accessing your online banking facility.
DON’TS :
1)      Do not keep your bank account/s inactive for a longer period.
2)      Do not share your passwords / pin with anybody.
3)      Do not access your online banking facility / online payments from unsafe networks such as Cyber-cafes, Wi-Fi networks etc.
4)      Do not use unsecured networks for banking facility or for online payments.

5)      As far as possible avoid using normal looking http:// websites.
Posted by at No comments:

Friday, October 25, 2013

NEWS REPORT FROM THE TIMES OF INDIA-JAIPUR-25TH OCTOBER 2013

In their new modus operandi, cyber criminals send fraudulent emails to bank customers and con them into providing their bank account details. Hackers design a fake page of the bank's original website and host it on a hacked website's server.

This HTML page's link is sent to people via email. The hackers posing as an administrative officer of the bank ask people to fill up a form on the website page citing some security reason for the exercise.

The customers believe the genuineness of the email when they see that the design of the website page is exactly similar with the their bank's original website. Hence they fill up the forms and provided their transaction IDs, passwords, debit and card PIN numbers and other account details.

The form generates an email which is received by the hackers will the details. This information is then used for online transaction from the victim's account.

The cyber police officials have cautioned people against such emails after some such cases were reported recently.

As the fake page of the bank is hosted on a hacked server, it becomes difficult for the police to reach the criminals.
Posted by at No comments:

Thursday, October 24, 2013

E-FRAUD AND PRECAUTIONS TO BE TAKEN

First time the cyber fraudsters have tampered with Know-Your-Customer information of bank and swindled money.

MODUS OPERANDI OF THE FRAUDSTERS OR E-FRAUD:

1)      The fraudsters able to get the victim’s bank account details, such as, login and password from illegal source or databases.
2)      Then they hacked into the bank’s KYC i.e. Know-Your-Customer database of the victim’s bank. Thereafter they removed the victim’s mobile no. from the available database and replaced the same with their own mobile no.
3)      Thereafter they logged into victim’s bank account by using a Nigerian IP address and generated a One-Time-Password i.e. OTP.
4)      After receiving the OTP on their mobile phone, they used it to transfer that hacked money to various bank account in India. The said accounts were belonging to “MULES” (mules are those people who transfer money which is acquired illegally.)
5)      Before that they already set up agents, to withdrew this cash and gave them 10% of the “mule” accounts or the loot they made from this transactions.

THE USUAL METHOD OF E-FRAUD:
1)      Most of the financial hacking attacks start with ‘phishing’ (a term is used to describe an online scam, where fraudsters steal a victim’s personal information by sending out e-mails that appear to have originated from legitimate financial institutions.)
2)      Which ask for user’s update or validation of his bank account information after clicking on a link given in the said e-mail, which is to be a fraud link.

HOW TO KEEP SAFE?
(The Security Steps to be taken by us to avoid such type of frauds)

1)      Those who are using Internet Banking or Online Transactions should maintain two separate bank accounts – one for online banking transactions and second for offline banking transactions.
2)      In Online Banking Account, only maintain such amount that is needed for handling online transactions only, such as paying online bills of Electricity (BEST), Telephone (MTNL) or Railway / Air / Bus ticketing at (IRCTC) sites* , Online booking of movie tickets, Online Purchase etc. Never keep more than enough money anytime in this account.
3)      Always keep your extra money in your offline account only or in Fixed Deposit Receipts.
4)      If you are exhausted money in your Online Account, then you can transfer your Offline money, only such amount that you need, into your Online Account. This can be done through transferring to Online account or DD, Cheque or by Cash etc.
5)      If possible, visit your bank branch and ask them to issue you chip-based credit/debit cards to prevent such type of offences or cloning of your cards.
6)      As far as possible, avoid mobile banking/mobile payment gateway till the standards, rules and regulations are formed.

WHAT ACTION TO TAKE?
(If you hit by online fraud or net banking fraud)

1)      A letter to be written to the concern bank manager, keeping an acknowledgement of the said letter with you for future reference, correspondence or action.
2)      File an Online Complaint with bankingombudsman.rbi.org.in
3)      File an F.I.R. with nearest police station.
4)      File a case with the state adjudication officer appointed under section 46 of the IT Act, 2000 with the help of technical lawyer.

 * these are Indian Institutions.
Posted by at No comments:
Subscribe to: Posts (Atom)