Cyber Security Awareness Campaign

There has been an outpouring of usage of digital payment in recent years; especially post the Covid-19 induced lockdowns. As the pace and ease of doing financial transactions have improved, the number of frauds reported has also shot up. Fraudsters have been using innovative ways to defraud the common people of their hard-earned money, especially the new entrants in the use of digital platforms who are not completely familiar with the techno-financial ecosystem.

 

Dishonest elements are defrauding and misleading the public by using various modus operandi including social media techniques, mobile phone calls, etc. In view of this, it is imperative that we become extra vigilant of fraudulent messages, spurious calls, unknown links, false notifications, unauthorized QR Codes, etc. that promise to help in securing concessions / expediting response from banks and financial service providers in any manner.

Fraudsters attempt to get confidential details like user ID, login/transaction password, OTP (one-time password), debit/credit card details such as PIN, CVV, expiry date and other personal information. Some of the typical modus operandi being used by fraudsters are:

• Vishing – phone calls pretending to be from banks / non-bank e-wallet providers/telecom service providers in order to lure customers into sharing confidential details under the pretext of KYC-updating, unblocking of account / SIM card, crediting or debited amount, etc.

• Phishing – spoofed emails and/or SMSs designed to dupe customers into thinking that the communication has originated from their bank/e-wallet provider and contains links to extract confidential details.

• Remote Access – by luring customers to download an application on their mobile phone/computer which is able to access all the customers’ data on that customer device.

• Misuse the ‘collect request’ feature of UPI by sending fake payment requests with messages like ‘Enter your UPI PIN’ to receive money.

• Fake numbers of banks/e-wallet providers on webpages / social media and displayed by search engines, etc.

The Reserve Bank of India has recently published a booklet, titled BE(A)WARE – Be Aware and Beware, that is compiled from various incidents of fraud reported as also from complaints received at the offices of RBI Ombudsmen to provide maximum practical information of value, especially to those who are inexperienced, or not so experienced, in digital and electronic modes of financial transactions. The booklet is available in soft copy on the RBI website and is intended to create awareness among the members of the public about the modus operandi adopted by fraudsters to defraud and mislead them, while also informing them about the precautions to be taken while carrying out financial transactions.

Below mentioned are some of the precautions that you should be aware of:

General Precautions

• Be wary of suspicious-looking pop-ups that appear during your browsing sessions on the internet.

• Always check for a secure payment gateway (https:// – URL with a padlock symbol) before making online payments/transactions.

• Keep the PIN (Personal Identification Number), password, credit or debit card number, CVV, etc., private and do not share confidential financial information with banks/ financial institutions, friends or even family members.

• Avoid saving card details on websites/devices / public laptops/desktops.

• Never open/respond to emails from unknown sources as these may contain suspicious attachments or phishing links.

For Device / Computer Security

• Install antivirus on your device(s) and install updates whenever available.

• Always scan unknown Universal Serial Bus (USB) drives/devices before usage.

• Configure auto lock of the device after a specified time.

• Do not install any unknown applications or software on your phone/laptop.

• Do not store passwords or confidential information on devices

For Safe Internet Browsing

• Avoid visiting unsecured/unsafe/unknown websites.

• Avoid entering secure credentials on unknown websites/ public devices.

• Do not share private information with anyone, particularly unknown persons on social media.

• Always verify the security of any webpage (https:// – URL with a padlock symbol), more so when an email or SMS link is redirected to such pages.

For Safe Internet Banking

• Always use a virtual keyboard on public devices since the keystrokes can also be captured through compromised devices, keyboards, etc.

• Log out of the internet banking session immediately after usage.

• Update passwords on a periodic basis.

• Do not use the same passwords for your email and internet banking.

• Avoid using public terminals (viz. cyber cafes, etc.) for financial transactions.

For Debit / Credit Card Safety

• Deactivate various features of credit/debit cards, viz., online transactions both for domestic and international transactions, in case you are not going to use the card for a while and activate the same only when card usage is required.

• Similarly, Near Field Communication (NFC) feature should be deactivated, if the card is not to be used.

• Before entering a PIN at any Point of Sale (POS) site or while using the card at an NFC reader, you must carefully check the amount displayed on the POS machine screen or NFC reader.

• Never let the merchant take the card away from your sight for swiping while making a transaction.

• Cover the keypad with your other hand while entering the PIN at a POS site / ATM.

For E-mail Account Security

• Use a combination of alphanumeric and special characters in your password.

• Keep two-factor authentications for all your accounts, if such a facility is available.

• Change your passwords periodically.

• Avoid having your date of birth, spouse's name, car number etc. as passwords

Whilst India is steadily moving ahead in becoming an exhaustively digital economy and with the Government of India proposing to introduce Digital Currency in near future, there is a strong need for us to keep educating and updating our own selves and also our relatives and friends who may or may not be completely familiar with the digital environment of today in keeping one’s personal information, particularly the financial information, confidential at all times. Be aware of unknown calls/emails/messages, practice due diligence while performing financial transactions and change the secure credentials/passwords from time to time.

As well said, Precaution is always better than cure! Be updated and at the same time be alert and beware!

Complaint to Cyber Police Station

• Please visit Cyber Crime Portal