In recent times, hackers have developed ingenious methods using unique and complex arrays of cyberattacks to outwit security systems. They can be seen gaining sensitive financial information of individuals from banking servers or personal devices of an individual.
Here are some common types of cyber threats that are taking place these days:
In this, the hacker sends an email to the victim claiming to be a trusted sender (such as a bank or online shop), or set up a fake website that claims to be genuine. The hacker may also attach a banking Trojan to the email. Once the victim downloads and opens it, the Trojan steals activities and information, said Khushhal Kaushik, Founder- Lisianthus Tech in interaction with CNBC-TV18.
Another method, Kaushik said, involves hackers first purchasing real account information in bulk amounts from the dark web and then re-targeting those accounts using phishing emails.
“In such phishing emails, the disguised hackers request the victim to follow some simple procedures on a web page, which has been set up by the hackers to deliberately steal login information and other important credentials,” he explained.
Another common is fraud is using banking trojans.
Hackers also employ what is known as macro malware which is developed using programs such as the VB Script programming language used for MS-Word and MS-Excel. Legitimate-looking files are usually sent via phishing emails that contain malware-infected attachments such as cover letter reports by job seekers in the form of CVs and MS Word files, Kaushik said.
“Even any advanced antivirus programs not easily detect macro viruses. So, hackers are staying ahead of the game. Malware can comfortably hide within a system for long periods of time which gives hackers enough time to infect users’ systems. Using free Wi-Fi is like requesting hackers to invade privacy. User data is shared by a person on the Internet can be intercepted by a hacker. This includes valuable personal data, such as usernames/passwords for online bank accounts,” he added.
In fact, Kaushik further said, a user would find it difficult to differentiate between free Wi-Fi provided by an authorized agency and one installed by a hacker. Because of this, many banks have started using two-factor-authentication methods to keep their transactions secure. However, there are some advanced Trojans, which can circumvent these security measures. One such Trojan, Bankbot, mimics real banking applications to steal the login details of users.
So, how can customers secure themselves while using banking?
Kaushik said that it’s always advisable to avoid opening or downloading any attachments on the device without knowing the context.
How can corporates and government strengthen their cyber security?
On this, Kaushik said that the systems will remain weak unless the technical foundation of the internet system is strengthened as some of the technical products that we use in our day to day work are still dependent on other countries.
To secure the Internet in a foolproof manner, Kaushik said that the hardware devices should be indigenously built with built-in security features.
“Unless this is achieved, the government’s Cyber security will remain ‘porous’ and vulnerable. There should be multi-factor authentication to track all logins across companies. If a company uses third party vendors for any services etc, they should make sure that they have their own security auditing or test reports. There should be dedicated cyber security and IT, support person, for the company. While it’s important to use cloud-based and physical backups of important files, it’s even more important to audit those backups regularly, he told CNBC-TV18.
In case of cyber fraud, what should customers do?
According to Kaushik, they should first freeze their bank accounts and credit cards and then change the internet and mobile banking passwords.
Disclaimer: The views and investment tips expressed by investment experts on CNBCTV18.com are their own and not that of the website or its management. CNBCTV18.com advises users to check with certified experts before taking any investment decisions.
(Edited by : Abhishek Jha)
First Published: IST