sortiwa
[ad_1]
I was recently at a family gathering, usually a melting pot for various conversations ranging from cooking, health, children’s education to finances, with people often soliciting advice on something they’re going through. Being a security evangelist, I receive my fair share of queries on computer viruses, hacking, and so on. Just then, I met an old friend who had no idea how his credit card could have been used in another corner of the world and exclaimed “My credit card was billed somewhere in the US recently, whereas I haven’t left the country in years. How could this happen?”
Going beyond the physical barrier
The digital world is basically an uninterrupted series of 0s and 1s, and your credit card is nothing but a set of numbers in the digital world, that is, ‘age-less, name-less, time-less and place-less’. One doesn’t even need to even leave the physical boundaries of a country to get scammed. Your card details can be compromised at any POS (Point of Sale) – like a restaurant, an online site or even a petrol bunk. Afterall, anyone with malicious intent, can make a note of your card details such as name, CVV, expiry date and end up using it against you.
There looms a misconception that only if a card is swiped, will a person be able to transact using a credit card, and that they are safe from scams and frauds, if their card is physically with them. Fraudsters don’t need to have your card – physically. Anyone, anywhere, anytime could use your card details to make a transaction. To make matters worse, scammers are deploying malware to steal payment and personal data from a range of sources, from food kiosks to online shopping portals.
Additionally, beyond the realm of the Internet that we access, there also exists an unchartered territory of the Internet that can be accessed only using special tools. Known as the Dark Web, this untraceable part of the Internet it is a one stop shop to buy and sell financial data such as credit card numbers, bank accounts and other personal information Staggeringly, one of the biggest card dumps in recent years, nearly 1.3 million debit and credit card data of Indian banking customers, likely to fetch close to $130 million were available for sale on the Dark Web. This only goes on to further establish the fact that physical access to a credit card is irrelevant to execute financial frauds.
Security threats can come from anywhere
Fraudsters are creative and constantly come up with ways to embezzle personal information to ruin your hard-earned credit. We have all received popups like ‘Your card will not be charged; the details are necessary to confirm your free item’- this could potentially be a point of compromise. Your card details are all they need. Once stolen by cyber criminals, they could use your “card” to not only make large purchases, but to also empty out your account in a jiffy. They could purchase something online or at any retail store, this could be in Texas or Timbuctoo, it doesn’t matter.
- This compromise can happen through skimming or copying your card details, by either using a device called a ‘skimmer’ or simply noting down your card details and then supplying it to criminals. You could also fall prey to social engineering techniques – such as phishing, by clicking on a bad link, leading you to a fraudulent website.
- There could also be a malicious app on your device that is ‘key-stroke logging’ whatever you type, transmitting your account and password details to a computer that could be in your neighbourhood or, the North Pole.
- Another common method of theft is through a data breach. This is when hackers gain access to an organisation’s database, allowing them access to all kinds of data, including their customers’ names, addresses and card information. Sometimes, the websites you have accounts on could get hacked, leading to your credit card details and personal information getting leaked.
- In simpler scenarios, you may have revealed your password intentionally or inadvertently to someone and compromised yourself.
Beating them at their own game
Addressing the elephant in the room – Is using a credit card unsafe? Absolutely not. Convenience and benefits like financial backup during emergencies outweigh the concerns. In line with the saying, ‘There’s no such thing as a free lunch’, don’t be tempted by unbelievable offers online or otherwise. Fraudsters use a variety of ways to exploit you at your weakest – your emotions like greed, anxiety and fear. As was the incident with my friend, he had no idea that he’d fallen victim to a credit card fraud.
It is strongly recommended to review your bank and other online accounts regularly. Check your phone banking or wallet alerts for incoming transactions and keep an eye out for those you didn’t make. In case you don’t recognise a transaction, check with your bank and ask for a card block immediately. Do not hand over personal information like passwords, OTPs to anyone, other than for a legitimate authentication process. Never leave your card lying around or hand it over to someone you don’t trust. Also, avoid transacting on websites that are lesser known, particularly those that do not use ‘https’ or valid certificates.
As always, ensure you have a licensed security software on any device used to transact. This will warn you even before you get into a website and will identify malicious applications such as key-stroke loggers.
In my experience, bad actors essentially exploit two factors – Man and Machine vulnerabilities. With common sense and a basic level of vigilance, you can greatly reduce the ‘Man’ risk, and when you use the right tools in the right manner – you reduce the ‘Machine’ risk. By consciously implementing the two, you can significantly lessen your exposure to fraud in the digital world.
(The author is Vice-President of Engineering and Managing Director, McAfee India.)
[ad_2]
Source link
