Rupin Sharma, IPS
Let us continue our journey on to other forms of cyber-crimes.
(l) CATFISHING:
Criminals use social media platforms like Facebook, WhatsApp etc. and pretend to be rich foreign nationals;
They play an emotional card – disturbed family life or device or loneliness to convince the victim/ target that he is undergoing an emotional crisis;
After gaining some trust, they send photos of some expensive gifts for target;
These gifts are projects as evidence/token of friendship;
They then say that the gifts have been detained at customs, airport etc. and ask the target to send money for release;
To send money, they may give account numbers or even send fake URLs which direct the targets to fake websites for money transfers. These websites (fake) can easily be made to mimic those of the original government agencies;
The victim ends up paying money to the criminal or a member/ associate of the criminal gang;
Cautions:
- Be careful about friend requests from strangers;
- Check the number of users/ followers in the profile of the person sending the request usually the numbers of friends of such fraudsters are very small – fewer friends on social media;
- Do not share personal details on social media;
- Do not become emotionally attached to a social media friend or user whom you do not know personally;
- Set your privacy settings to friends only;
- There is no reason for a stranger to send any experience gifts to you if he/she is emotional;
- Do not pay for airport charges or transportation or exercise charges or customs or courier chargers;
RANSOMWARE ATTACKS:
Abduction or kidnapping for ransom is a widely prevalent crime in real world. Here, the criminals usually kidnap or abduct a person – an adult or any person and keep him/her in captivity. The criminals then ask the victim’s family members to cough up exorbitant funds to secure his release.
In the virtual world too, acts of seeking RANSOM are extremely commonplace. Sextortion is a form of seeking ransom, however, ransomware attacks are different.
In ransomware attacks, the cyber criminals send malicious softwares, which when run/installed, create various problems for users.
Usually, the ransomware disrupts or disturbs the normal functioning or operation of the victim/ target’s computer/ phone;
With the ransomware, the cyber criminals are able to obstruct the target from using or accessing his files.
The criminals then contact the target and seeks some monetary compensation in lieu of restoring the targets access to his computer and its files.
Ransomware is actually EXTORTION in another form;
Usually, ransomware is spread through phishing attacks which replicate the ransomware exceedingly fast.
Once the money is released, the criminals can help decrypt the ransomware to enable the target to access his files;
Cautions:
- Avoid phishing emails and clicking on URLs from strangers;
- Keep the anti-virus updated;
- Back-up and keep important files OFF-LINE on external hard-disks or media;
- Use spam filters for email accounts;
- Immediately report incidents about large scale disruption in services or detection of corrupted files to police or CERT.in.
Though I have tried to discuss some important types of cybercrimes, the list is endless. Numerous variations exist and newer modus operandi and tricks are devised by criminals every day. I have discussed some cautions while dealing with different crimes but let me list out a few general tips and precautions again: -
GENERAL TIPS & CAUTIONS:
[A] HARDWARE TIPS
- Try and buy genuine products from authentic sources;
- Keep the details of your Laptops/PCs/Smartphones readily secure;
- Do not misplace your Laptops/Pcs/Smartphones;
- Do not leave your hardware unattended;
- Do not sell your hardware WITHOUT CLEANSING it of all data;
- Keep your Laptops/PCs/ Smartphones – LOCKED WITH PASSWORDS;
- Do not allow access to your devices to untrustworthy persons;
- Do not allow untrustworthy persons to use your devices or use CDs or pen drives on your devices;
- If connected on LAN/WAN, have secure firewalls installed for the entire network;
[B] SOFTWARE TIPS
- Always download and install genuine software and OS not pirated ones;
- Pirated softwares can have viruses, trojans or malware;
- Always keep your devices updated with latest version of genuine software and security patches;
- Protect your systems with login passwords at opening and access;
- Protect your systems with anti-virus and update AV-Softwares;
- Only download applications or softwares from genuine and trusted software manufacturers;
- Do not share your device PIN or Password/Passcode with anyone;
- Do not share your net banking or mobile banking passwords or PINs with anyone;
- Do not share OTPs with anyone under any circumstances;
- Do not share ATM, Debit or Credit Card PINs with anyone;
- Do not allow anyone to see your CVV on credit/debit Cards. Secure off the CVV from the cards and memorize;
- Always link your mobile number and email addresses to bank accounts and enable notifications for all transactions – whether the transactions are deposits or drawals;
- Joint bank accounts for spouses are an added security;
Cautions:
- Transaction notifications will go to both account holders allowing you to confirm whether a transaction has been made;
- Never click on any links/ URLs received on email or by SMS or by social media accounts like Facebook, WhatsApp or Telegram or Messenger or any chat applications;
- Do not fall into traps of persons making promises like lottery, bounty, unclaimed money, job scams, free gifts, bonus offers or discounts etc. from unknown persons or strangers;
- Always try to call up the person on audio-visual call rather than trusting a caller who makes an enticing or lucrative offer which may be fraudulent;
- Always consult some ‘educated’ friend when you receive a lucrative offer from an unknown source or source you have recently befriended;
- Change password of your Wi-Fi router and create a fresh and strong password;
- Do not continue with default login name and password combinations of routers;
- Use virtual keyboards for net-banking, if possible;
- Always be sure to logout properly if you have used public computers;
- Clear the browsers of the passwords if you use computers at public places or cyber cafes or at the house/ office of any other person;
- Scan all email attachments for viruses/ malware before downloading and using/ opening them;
- Do not open attachments from unknown/untrusted sources;
- Be careful about putting too much personal info on social media accounts like Facebook/ WhatsApp/ Instagram etc.
- Be careful about sharing documents to strangers by email/physical sharing unless you know the identity of the person;
- Note IMEI number of your smartphone #06# just in case you lose your mobile phone;
- If you lose your mobile phone – smartphone or SIM, immediately block the account transactions connected to the SIM Card; inform the bank through helpline; inform police;
- Immediately change your passwords for banks if you lose your mobile or SIM card – someone who has your phone can receive OTPs can withdraw money;
- When using ATMs be careful about other persons looking over your shoulders to know your PIN numbers;
- When using ATMs be careful to look for hidden cameras or skimmers or even fake ‘Card Slots’ to capture your card details and PIN numbers;
- Avoid accessing pornographic sites or links/URLs;
- Do not click on all advertisements;
- Read app permissions carefully before downloading or installing new apps;
- Be careful to download Apps from TRUSTWORTHY source
- Before clicking on SUBMIT or AGREE, carefully read the message dialogue and understand its meaning, sometimes, the message may be worded in such a manner that the AGREE is disagree and vice-versa.
- Do not be greedy when you receive offers which is lucrative or very good; you can be the commodity for sale;
- If there are any sextortion or ransomware attempts, do not pay – report to police. A payment can put you into an unending spiral of abyss of having to pay every time.
