Don’t be conned by cyber-criminals

Arvind Jayaram | Updated on January 26, 2013 Published on January 26, 2013

illus 124.jpg

Our financial transactions have undergone a sea change in the last decade, thanks to the Internet. We can now pay our utility bills, buy clothing items from overseas and dabble in the stock market from the comfort of our homes.

But these added financial freedoms come with significant risk as well. According to computer security firm Norton’s ‘Cybercrime 2012’ report, 18 adults become a victim of cyber-crime every second. Consequently, 556 million adults globally were targeted on the Internet during the year – roughly half the population of India.

This does not mean you should abstain from Internet-based transactions altogether. Rather, you must take precautions just like you would when visiting your brick-and-mortar bank branch for a deposit or withdrawal.

We take a look at some of the common cyber scams that you are likely to be exposed to on a daily basis, as reiterated by the Reserve Bank of India.

‘You’ve won the lottery’

This scam can take a variety of forms, ranging from a winning lottery number (though you never bought a ticket) to a Saudi Arabian prince seeking to move a large cache of unclaimed funds with your assistance. Intimation of the “special deal” often comes from an email ID that looks genuine, but is fraudulent.

The catch is to access these “winnings” you have to pay a special transaction fee or clearance charge to an account. And once you do that, the cyber-criminal will do his best to milk more money from you.

It should be noted that remittance in any form toward lottery schemes is prohibited under the Foreign Exchange Management Act in the first place. This restriction also extends to remittances for money circulation schemes or for the purpose of securing prize money or awards.

So falling prey to this scam could also put you under the RBI’s eagle eye for FEMA violations. The best response to a fraudulent email is to delete it and use a filter to prevent such messages.

Phishing for information

‘Phishing’ is an attempt to acquire information such as usernames, passwords, credit card details and sometimes even money by posing as a trustworthy entity in an electronic communication. Phishing emails may contain links to Web sites infected with malware, or might direct users to enter their details at a fake Web site almost identical to the legitimate one.

One of the more recent scam emails doing the rounds is purportedly signed by RBI. The mail claims to offer a “new online security protection” dubbed ‘Netsecured’ through an attachment. Instead of securing the account, the software will steal your personal and banking information.

All that glitters…

Are you the recipient of an email promising you a new mobile phone at a throwaway price? Or have you visited a Web site where the prices of goods are lower than seems plausible? There are a few variations to the fraud, which could even be combined. Say you key in your credit card details into the site while making payment. In some cases, you may not be sent the product at all and lose your money. In others, your card details may be stolen and used to make purchases elsewhere. In a third scenario, you might be paying prices for cheap knock-offs or even stolen merchandise.

The first thing to remember is if something is too good to be true, it isn’t. When shopping online, check to see whether the site has a secure payment mechanism, such as Verisign or Paypal. Also, always use a card that has a low balance to offset any potential damage by fraud. Do a little Web research to find out other people’s experience with these sites.

A cold cyber-romance

Single and looking for a partner? The Internet may not be the best place to search, because unscrupulous cyber-criminals will have no remorse about playing with your feelings if they can get your money. Some common approaches adopted by cyber-criminals are to pose as a man or a woman looking for love just like you.

Initial email exchanges could even be done using ‘bots’, which are essentially bombarding hundreds of thousands of email IDs or Web chat accounts in the hope of getting a response from someone.

Once someone bites the hook, the cyber-criminal steps in to steer the conversation. And once your trust has been won, the requests for money will start, usually to pay for a medical emergency or a flight.


Published on January 26, 2013
This article is closed for comments.
Please Email the Editor