We Indians are increasingly using digital means to transact and invest. Unfortunately, many of us don’t take online safety and internet hygiene seriously. Lack of awareness or careless behaviour can cost us a pretty penny in the world of digital wallets, mobile apps, internet banking and online shopping.
Online safety starts with behavioural safety.
Almost all of us were taught as children not to talk to strangers. But, in the digital world, the real trouble starts when a stranger communicates with you as one of your acquaintances. In general, such attacks are called ‘phishing’ attacks when clubbed together. Unless you are alert, fraudsters can trick you. You might end up losing money and sharing your sensitive personal information with attackers.
Mediums fraudsters often use
Countries vulnerable to phishing attacks…
Did you know?
According to RSA, out of total cyber fraud attacks detected by RSA in Q3, 2018, 50% stemmed from phishing activities and another 24% from fraudulent mobile apps. India ranked 4 only behind Canada, the US and Netherlands on the list of countries facing the most phishing attacks.
Motives of Phishing attacks…
It’s crucial to know more about the modus operandi of attackers
Attackers would seldom target just one individual. They would target as many customers of a bank or an e-commerce website as they can. If they use emails as a medium, they will undertake the following series of actions.
They will copy the genuine mailers sent out by a bank or an e-commerce website and make changes.
As a next step, they will change all the original links and insert the malicious ones.
Possibly they will also change the contact numbers as well.
If you respond to any of these communications, or click on the links or make a call, you might start sharing all sensitive information that you shouldn’t share with anyone.
If you click on the link, it will redirect you to the original website only after stealing your login credentials or may even direct you to a fake website that pretends to be the original one.
Fraudsters might send you a mailer, posing as a brokerage house, an e-commerce website or even a travel aggregator and make you divulge your personal information to make financial gains.
Can you do anything about it?
Of course you can.
As said earlier, behavioural safety is your best defense. Before you entertain any mail in your inbox, inspect it closely.
Here’s how you can safeguard yourself from phishing attacks
Beware of rogue mobile apps
Along with email phishing attacks, crooks are also taking advantage of the popularity of apps to trick gullible people. If you download a wrong (fake app) you might end up giving away access to crucial data on your phone to fraudsters.
Therefore, when downloading a new app, pay attention to the number of downloads. Rarely will fake apps have a high number of downloads. Similarly, please bother to check who’s offering it. You would be better off using a paid app advisor which will weed out defrauding apps and issue you warnings about potential data sharing an app might be undertaking at the back-end.
Dealing with fraudsters smarter than victims…
With time, fraudsters are getting smarter. Gone are the days when somebody from the remote corners of India contacted you as a representative of the bank you have an account with. People are getting smart and avoiding such calls. But, fraudsters have become smarter too.
There have been umpteen instances wherein borrowers and investors were lured to make outbound calls. A racket trying to defraud people creates a fake identity, sets up a rogue website, does search engine optimisations and gives you the impression that it’s a genuine company. Such rackets even get landline numbers or alter their names for apps such as Truecaller.
If you call them on their landline, they will start talking to you as genuine employees of the organisation and one fine day you would realise you have been duped.
Beware of free stock recommendations coming from unknown sources
If you are a stock market trader/investor, crooks might share with you unsolicited recommendations through SMS’ and make you do an outbound call at a fake number. If you contact them, you would open a can of worms for yourself.
The best way to avoid getting trapped is to block all numbers sending you any free recommendations without having a business relationship with you.
Please remember, there are no free lunches.
Using your debit and credit cards online safely
Unless a website uses bank-grade encryption, don’t undertake any transaction on it. If you are using a reputed browser, the browser will depict whether or not the communication between you and the website is secure and private. You might use an additional layer of browser safety by using third-party browser extensions that protect you from phishing and spoofing attacks.
Develop good habits to ensure safety of data
If you deal with any company that doesn’t care about the safety of your data, your data can get leaked to scammers without any fault on your side. We all use our email ids to login at various websites. If any of these websites fail to protect your data, a data leakage can happen.
Are you scared of your online account getting compromised? Don’t worry you can check that here.
Using a digital medium to transact and invest is just like using a highway to drive your car. If you follow traffic rules and safety measures, you will have a pleasant experience in digital India.
Have a safe journey on digital highways!
We, Ventura Securities Ltd, (SEBI Registration Number INH000001634) its Analysts & Associates with regard to blog article hereby solemnly declare & disclose that:
We do not have any financial interest of any nature in the company.
We do not individually or collectively hold 1% or more of the securities of the company.
We do not have any other material conflict of interest in the company.
We do not act as a market maker in securities of the company.
We do not have any directorships or other material relationships with the company.
We do not have any personal interests in the securities of the company.
We do not have any past significant relationships with the company such as Investment Banking or other advisory assignments or intermediary relationships.
We are not responsible for the risk associated with the investment/disinvestment decision made on the basis of this blog article.