Hyderabad: Be smart against malware, increase awareness on digital security
What you need to know as basic banking processes and transactions move on to mobile devices.
Hyderabad: An IT worker with IBM in Hyderabad recently installed a third-party app on her mobile phone only to later discover that Rs 80,000 had vanished from her bank account. It’s believed that the hackers took control of her personal device through a third-party app, gaining access to secured information such as usernames and passwords.
In another case, a Mumbai-based businessman lost about Rs 32 lakh from his HDFC bank account after his daughter, used his personal mobile to download images for a school project. But malware called XcodeGhost managed to sneak into the phone and hackers were soon able to gain access to confidential banking data stored inside the businessman’s phone.
As transactions and various aspects of banking move onto mobile devices, various studies done by Computer Emergency Response Team and other organisations are calling for an increased awareness on digital security.
Cybercrime expert claim about 60 per cent of smartphone users are not aware of malware threats from malicious software. “There is no real solution, except for installing powerful anti-viruses on mobile devices. Users must also avoid visiting obscure, suspicious links,” Hyderabad Cyber Crimes ACP Mr. Raghuveer said.
To assist customers against malicious software, the Reserve Bank of India too has issued certain guidelines. Banks are also asking customers to be aware of new threats while transacting over mobile devices.
The all India Bank Employees’ Association’s Telangana president B. Seetha Rambabu acknowledged that there have been cases of m-commerce frauds.
“Such cases are resolved at the Ombudsman level. In most of these cases, the Ombudsman directed banks to compensate victims. Currently, banks are sending advisory messages to customers on the matter,” he said.
Nearly 15 cases, along with the two above, were traced by a Hyderabad-based cybercrime consultant. In all the cases, malicious malware helped hackers gain access to One Time Passwords (OTP) whenever they arrived on phone during a transaction. Earlier, fraudsters used to call victims to get their OTPs but now, through software, they are gaining fully automated access.