Phishing Scams - An Affliction to the Cyber World

Author: Salagala Maneesh

A computer crime is an unlawful activity which is done by using a computer. This definition can extend to traditional crimes that are committed with the machine, such as counterfeiting money, but it also includes more tech-savvy crimes like phishing or logic bombs. Using a computer in this way, a criminal may be able to conduct unlawful activity with more anonymity and may be able to get away with more before he is caught. If a computer is used for Stalking, soliciting sex, and counterfeiting they are also considered to be computer crimes. These crimes can be committed with or without a computer, but they are only considered as computer crimes when the computer is used in the process of committing them. For example, if a criminal uses a graphic design program to counterfeit money, it could fall under this category, as would a person who cyber stalks another by using a computer to harass them.

Internet fraud has an interesting method to defraud individuals and companies. In case of phishing, a person pretends to be a legitimate association as a bank or an insurance company or pertaining as a bank in order to extract personal data from a user like access codes, passwords etc., which are then used to his own advantages, misrepresentations on the identity of the legitimate party. Phishing scam involves persons who pretend to represent online banks and siphon cash and e-banking account after conning consumers into handing over confidential banking details. These days, internet is full of scams and cybercrimes. E-mails that from the basis of phishing attacks pose a security check. These messages trick user into handing over their account details and passwords. The quoted details are subsequently used for fraudulent transfers. Phishing scams started appearing from 2003 onwards.

In case of Pune Citibank call centre fraud it has happened that, US $ 3, 50,000 from accounts of four US customers were dishonestly transferred to bogus accounts. This will give a lot of ammunition to those lobbying against outsourcing in US. Such case happen all over the world but when it happens in India it is a serious matter and we cannot ignore it. It is a case of sourcing engineering. Some employees gained the confidence of the customer and obtained their PIN numbers to commit fraud. They got these under the guise of helping the customers out of difficult situations. Highest security prevails in the call centers in India as they know that they will lose their business. There was not as much of breach of security but of sourcing engineering.

The call centre employees are checked when they go in and out so they cannot copy down numbers and therefore they could not have noted these down. They must have remembered these numbers, gone out immediately to a cyber café and accessed the Citibank accounts of the customers. All accounts were opened in Pune and the customers complained that the money from their all accounts was opened in Pune and the customers complained that the money from their accounts was transferred to Pune accounts and that’s how the criminals were traced. Police has been able to prove the honesty of the call centre and has frozen the accounts where the money was transferred. There is need for a strict background check of the call centre executives. However, best of background checks cannot eliminate the bad elements from coming in and breaching security. We must still ensure such checks when a person is hired. There is need for a national ID and a national data base where a name can be referred to. In this case preliminary investigations do not reveal that the criminals had any crime history.  As said by Talwant Singh Additional District and Sessions Judge of Delhi in his article Cyber Law and Information Technology, Customer education is very important so customers do not get taken for a ride. Most banks are guilt of not doing this.

Remedies for cyber crimes:

1)    One should always stop himself from entering into doubtful websites.

2)    Links that come to e-mails or to mobile phones with puffing advertisement shouldn’t be blindly opened. If want to open them one should keep the firewall active on the computer to regulate the corrupt websites.

3)    One should never give his email details & passwords regarding his mail ID’s to anyone.

4)    Sharing of one’s bank account details or any other known person’s account details shouldn’t be done even with any of your close bodies. Sharing or passing his or others personal details even shouldn’t be done with strangers or either with any of your close bodies.

5)    One should very well make himself sure by checking authentication of website he wants to open.

6)    Secrecy among your friends or colleges or any of your close bodies regarding the details of net banking or online security passwords or emails or passwords or pin numbers of your debit/credit cards.

7)    Erase the data from history on the personal computer where money transactions or net banking takes place even if it is a personal laptop because there might be a chance of some hacking to take away the passwords & confidential details after the transaction is completed.

8)    One should always avoid money transfers or confidential related details in a public computer. If used in emergency, erasing of all the browsing data history before leaving that computer is a must.

9)    One should always use difficult passwords. Numerical values and uppercase passwords give extra security to your passwords. Changing the passwords for every short period also gives an extra protection to the personal data as well as making it difficult for hacker. Repetition of previous passwords must never be practiced.

10) Always using double way authentication method in case of online trading or online banking or online money transferring gives better protection & helps in keeping away from hackers.

11)  For every now and then laptops/computers should be cleaned properly and have a complete check on entire data for any viruses, if found then immediately they have to be deleted.

12) One should always keep genuine anti-virus software installed in his or her laptop/computer to avoid computer hack jacks because now days a computer can never be imagined without internet & many organizations purposefully are sending harmful viruses which can crash your computer either send each and every information you use on the internet to the organization. Anti-virus safe guards from such viruses & keeps computer/laptops virus free. Ensure that your system has the current security software applications like; anti-spam, anti-phishing, anti-virus and anti-spyware and proper firewall.