With the rise in Internet speeds there has been tremendous amount of increase in the speed with which the cyber scams are happening with the masses. It is not only the case with India or other developing countries but it’s also a huge concern for the developed countries as well.
As per the a recent study, the world loses billions of dollars each year which is expected to reach 15 trillion dollars by 2025 with a CAGR of 15% year on year. This is more than the GDP of several nations put together.
With the rise in internet speeds across the world and accessibility of the internet has empowered the population but at the same time it has made them even more vulnerable to such cybercrimes. The scams mostly happen when the user itself gives consent or access to the scammer to sneak into their phones, account information, PINs etc.
There are cyber security tools to save users/businesses from cyber-attacks however scams can be prevented only through cybersecurity awareness. So by saying human touch in cyber security doesn't mean that we need human intervention in cyber security or just having the powerful tools will be enough. Here the need of the hour is to educate the people with those powerful tools and create general awareness.
Why we need awareness?
Below instances will definitely would make you feel the need of the hour to educate the wider audience.
Let’s talk about the few real life instances of many which has affected many users across the globe.
- First we are going to talk about the scam that happened which was a very unique in nature which happened in Mumbai. Many people reported that there EPF accounts were being withdrawn without their consent the matter came up when a lot of people complaint to the police. Various complaints has been reported in Mumbai only and upon investigation it came up that these people who were trying to withdraw their money they reached out to the EPF office in Mumbai and they shared the details. So the question arise is that how a scam like this can happen when you are contacting EPFO office and your money is getting withdrawn. So the trick here is the scammers changed the contact information on the Google page of the EPFO office. While we have the tendency to contact the businesses that are listed on Google page is directly from the information mentioned over there, many times we don't bother to go in to the website and go to their contact information page and then contact through that particular number. The scammers here what they did was they changed the number to their personal number and whenever any person who used to contact the EPF office from the Google page it was redirected to the scammers phone number and the scammers used to take all the confidential information with regards to your account and withdraw the money.
-
So the another scam that was identified was with respect to the PM cares which is Prime minister Citizen assistance and relief in emergency situation fund. It was started on 28 March 2020. So what scamsters were doing that they were modifying the UPI address of pm care funds and sending the messages to all the citizens of India through various platforms like Facebook, WhatsApp messages etc. Because of this funds contributed towards PM care was not going to actual pm cares it was going to scamsters bank account that too in the name of pm cares fund. What the scamsters were doing that they literally created advertisements/banners exactly like the original pm cares fund and because of this everyone was sending money to them thinking it would be helpful in this pandemic situation. Also these fake ID’s were not able to be identified because there was very minute difference between the actual ID and the fake ID for example the actual ID was pmcares@SBI, and the fake IDs are like pmcareS@SBI, PMcares@SBI, pmcaresfund@SBI etc. In this way they were creating multiple ids and scamming the people. Also this scam was not only happening in one state but it was happening in entire India in different states of India and one of the most famous name from where it was operated was Jamtara which is really very famous for such types of cyber-crime. In the response to this all the fake UPI IDs were blocked but scamsters were creating a new one which can do another scam like this so we will need a solution so that we didn't fall into such scam in.
-
Scam using TeamViewer
There have been cases when users get a call from a scammer who’s impersonating a support executive pretending to help the user on software subscription renewal/purchase etc. the scammer asks user to install a screen sharing / remote access app like TeamViewer, Any Desk etc. on your phone and takes the access of their device remotely. Once the access is given the scammers start transferring the money to their accounts.
-
Scams using Loan Apps
In the past few years there have been increase in the quick loan apps which offers loans without any documentation. The user does get money instantly in their accounts; however, the catch is when the user installs these apps the app owner asks for permission to access contacts and device storage. Once, the user grants access the scammers extract entire data from the phone. In an organized lending business, the interests are charged monthly, however in these cases the interests are sometimes charge on weekly basis and that the ROI could rise to whopping 40%. This makes user unable to repay debt and make the sit on a massive pile of interest.
Now when the users are not able to repay the scammers then start
blackmailing the user by texting all their phone contacts with derogatory comments about the person. With the fear of losing face value in the society the user keeps on repaying and gets stuck in the endless cycle of repayment.
How can we spread awareness?
Educating people is one of the best ways to reduce the cyber-attacks :
-
Cybersecurity Tips for Parents and Children to prevent hazardous effects for the same.
-
-
Teach Passwords and Privacy: Help your children password protect all devices and online accounts. Teach them why creating strong passwords is important and never to share them.
-
Monitor and Communicate: Communicate what comprises an acceptable, respectable (to themselves and others) online post and take the time to monitor your child’s online activity as often as possible.
-
Protect Identity and Location: Disable photo geotagging on your phones and remind your child not to share any personal info online like age, school, address, phone number, last name or any personally identifiable data.
-
Use Secure Wi-Fi: Ensure that your home’s Wi-Fi includes encryption and a strong password to restrict outside access, and only share your password with those that you know and trust.
-
Utilize Parental Controls: Many kids are given their first tablet or internet- connected device before they can fully comprehend the power in their hands. Try using built-in parental control features to start taking precautions and monitor their usage as early as possible.
-
-
We can create app for educating purpose to raise awareness and to protect the wider audience from falling prey to cyber-attacks.
-
App should focus on different age groups and their related traits to focus on.
- Children's
- Youth
- Old age
- We can have animated short videos for do’s and don’ts while using internet.
-
We can add different vulnerable apps to our app which can add one secure layer around it through our app.
- Live sessions :
We can conduct live sessions in schools colleges to raise awareness.
- Webinars:
Online sessions can be one of the best ways to reach wider audience irrespective of the geographic location.
Author Details: Swapnil Kanthale (Swapnil.kanthale1@ibm.com)
Reviewer Details: Boudhayan Chakrabarty (bochakra@in.ibm.com)