What is it?
A common form of phishing (pronounced “fishing”) is the email you would have received from a website that mimics, as precisely as possible, a genuine one belonging to a reputed establishment such as a bank. The difference could be very subtle—www.icic.com (the missing letter ‘i’ at the end) or www.paypa1.com (the numeral ‘1’ instead of the letter ‘l’).
What you need to be extremely careful about is that the sender will invariably ask you to verify your online password, credit card number, personal identification number, date of birth or other personal information to dupe you.
If you comply with the request, the information that you pass on could be used in some other part of the world to transact in your name.
Phishing attacks could also infect your system with malicious software such as a remote-access Trojan (RAT), spyware that records and transmits every transaction you execute on your computer to the cybercriminal.
There are other variants of phishing that essentially play on a range of emotion such as generosity, greed, fear and even lust to trap an unsuspecting user
Also Read: Laws relating to cybercrime are adequate
As a thumb rule, never provide financial or personal information in response to unsolicited messages, says Bala Girisaballa, vice-president and head of marketing and product management at iViZ Techno Solutions, an information security company with its headquarters in Kolkata.
Keep in mind, he says, that your bank will never ask you for any such details. Girisaballa also offers the following tips:
1. Do not open attachments received from an unverified source.
2. Report suspicious emails as spam. Service providers such as Hotmail and Gmail offer a facility to report spam and phishing attacks.
3. If it has come to your company email id, inform your IT department.
4. Protect your computer with open-source anti-virus software such as Clam or free anti-virus software such as AVG or anti-spam software from organizations such as McAfee and Symantec.
Captain Raghu Raman, CEO, Mahindra Special Services Group, a firm that specializes in corporate security management, also advises net users to type in the desired URLs instead of clicking links, and cautions against transacting online at cybercafés.
But what about those who’ve been hit? Says Girisaballa: “You don’t have many redress options. However, if a bank’s credit card is involved, inform them of the transaction immediately. Often, credit card transactions can be waived and the card can also be blocked. Having said that, the best option is to ensure you are transacting only on legitimate websites.”
Also report the matter to the cybercrime cell of the police. They might just be able to track the fake website by back checking with the ISP (Internet service provider) if it is an amateur hacker who is involved.
What is it?
This is a more dangerous cybercrime in which the user is directed to a fake website even though he has typed the correct URL. One way attackers do this is by infecting the DNS (domain name system) server with malicious codes. DNS servers resolve each URL into a unique numerical identity that you can type in to get to the site. For instance, you can also type in 220.127.116.11 to log on to yahoo.com. But if the DNS is infected, chances are that you will get to another site than the one you intended to go to.
Once you get to the fake site, Trojans and other malware such as keyloggers (See connect) make a note of every transaction you conduct online and pass on the details to the attacker.
Currently, the most efficient way to prevent pharming is for users to transact on sites that have secure web connections and by verifying authenticity of certificates, says Girisaballa. Sites with URLs prefixed with https (instead of simply http) or those with a padlock icon at the bottom right hand corner are usually secure. The yahoo.com mail service has both the https and the padlock.
Girisaballa says users should only accept valid public key certificates issued by trusted sources such as Verisign and Thawte, which are two of the biggest in the business. A certificate from an unknown organization or an expired certificate should not be accepted for crucial business. This includes the so-called active cookies that provide for a server-side detection tool as well.
It is similar to phishing, but the medium is the mobile phone. A typical attack could come as an SMS with an embedded link. When someone with a web-enabled cellphone visits the malicious link, the Trojan that gets downloaded allows hackers to control the phone. The hackers then use it for stealing data and for sending SMSes from the infected phone.
The preventive measures here is simple—delete the SMS without responding to it and inform your cellphone service provider.
This involves copying the identity of one mobile phone to another. Calls made by an attacker using his own handset and SIM are billed to the owner of the cloned phone. The cloner is also able to make effectively anonymous calls, which attracts another group of interested users.
Girisaballa says both GSM and CDMA users are susceptible and advises handset owners never to share their instruments. If they are giving their handsets for repair, they must insist on having the service rendered in their presence.
He says such a crime was first detected in January 2005 when the Delhi police arrested a person with 20 cellphones, a laptop, a SIM scanner, and a writer. The accused would use the CDMA phones he had cloned to provide cheap international calls to Indian immigrants in West Asia.
In the latest generation cellphones, new security measures make cloning difficult, but customers still have to be careful about protecting their cell numbers and electronic serial number (ESN), the unique identification number found on the microchip in a wireless phone.
How rampant is cybercrime in India and how efficient is the law enforcement machinery in tracking down faceless crooks who are finding newer ways to fleece you of your hard-earned money? Log on to www.livemint.com/cybercrime.htm for an interview with Captain Raghu Raman, chief executive officer at Mahindra Special Services Group.
The RSA token is a method of two-factor identification. It is a small device that displays an access code number that changes every 60 seconds. As a customer of an establishment that has issued you the token, you can transact only if you authenticate your user ID—or some other identification—online, and also the code during the 60 seconds for which it is valid. As a customer, your interests are better protected. Even if a keylogger were to track the code, chances of it being used successfully by a cybercriminal are reduced substantially because of the frequency with which the code changes. Namit Gupta
Keylogger is a software that tracks every stroke on a computer keyboard. Cybercriminals use it to capture user names, passwords and other identification numbers. This information can then be used by the attacker to impersonate the victim and transact on his account or credit card. So how do you protect yourself? You could have a different password for each site on which you transact and could change your password frequently. But that is cumbersome, isn’t it? Some websites offer a virtual keyboard that requires you to click on the desired letter or number on the computer screen itself instead of striking the desired keys. Namit Gupta
If you are planning to buy health insurance, ask yourself these questions:
• How much is my premium?
• What percentage of my medical costs will be reimbursed?
• Do I need a medical check-up before buying a policy?
• If I use the services of a hospital not included in the insurance firm’s network, would I be reimbursed less? If so, how much?
• Do I ask for insurance cover for all my medical costs or just for the major spends? Compare the costs of plans offering the same benefits. This can save you a lot of money.
• What is the company’s reputation in settling claims and how many days does it take to settle a claim?
• What are the factors that determine the premium payable for health insurance? Ajay Bimbhet
Write to us at firstname.lastname@example.org