Pages

Search This Blog

Monday, June 8, 2020

HOW TO DEFEND AGAINST PHISHING ATTACK.

Today, along with keeping oneself safe from the corona virus, one has to be mindful of cyber criminals. These criminals are especially targeting users taking the digital route to conduct financial transactions.



One of the classic ways in which fraudster's try to scam people is by convincing them to share their UPI PIN and/or OTP over the phone. Once they have the details, they can authenticate UPI transactions and steal money from the customer's account.One of the channels seeing a rise in frauds is the Unified Payment Interface (UPI), a digital payment platform that facilitates cashless, real-time transactions via mobile phones.

Several banks have issued advisories on their social media platforms warning customers of the same and have asked them to practice 'safe banking'.




How fraudster's can trap you

Phishing is an example of social engineering techniques being used to deceive users.Phishing is the fraudulent attempt to obtain sensitive information such as usernames, passwords and credit card details ,banking details by generating fraud links to oneself as a trustworthy entity in an electronic communication.

Scammers often update their tactics, but there are some signs that will help you recognize a phishing email or text message

Scammers use email or text messages to trick you into giving them your personal information. They may try to steal your passwords, account numbers, or Social Security numbers. If they get that information, they could gain access to your email, bank, or other accounts. Scammers launch thousands of phishing attacks like these every day — and they’re often successful.


PRECAUTIONS



  • UPI eases payment transactions for consumers in a cashless manner.You should be careful and never forward any of your OTP messages to anyone in any case, as that is another way for fraudsters to authenticate fraudulent transactions. You need to be alert and attentive while using UPI apps to stay safe from fraudsters.
  • Never respond to any such mails which says Dear customer Dear sir etc as if the message is from a known and genuine source they should have your name in their records.
  • A spoofed message often contains many mistakes that expose its true identity. These can include spelling mistakes or changes in domain names. Users should also stop and think about why they’re even receiving such an email.
  • Always use TWO FACTOR AUTHENTICATION (2FA) is the most effective method for countering phishing attacks, as it adds an extra verification layer when logging in to sensitive applications. 2FA relies on users having two things: something they know, such as a password and user name, and something they have, such as their smartphones. Even when employees are compromised, 2FA prevents the use of their compromised credentials, since these alone are insufficient to gain entry.
  • Never provide your personal, credit card or online account details if you receive a call claiming to be from your bank or any other organisation. Instead, ask for their name and contact number and make an independent check with the organisation in question before calling back.




No comments:

Post a Comment

WhatsApp hijack and blackmailing

The recent extortion of a few people through their compromised  WhatsApp  accounts has put the spotlight back on a  hacking  tool that had...