India is still dealing like an infant with cyber crimes, says Expert

India is still in infancy in the field of cyber crimes and police, prosecutors and lawyers are not well-versed in handling them as well as digital evidence, a Cyber crime expert said here today.

"Information Technology Act in India is of recent origin and the officials like police, prosecutors and lawyers are not well versed in handling cyber crimes as well as digital evidence, since these have recently emerged and the younger generation is more tech savvy," said Dr J R Gaur, Principal Scientific Officer (Life Sciences), Bureau of Police Research and Development while speaking at seminar at Amity University.

He said the pattern of crime has changed over a period of time and the commission of crime by scientific methods makes it difficult for the executioners to bring perpetrators behind the bars.

"In cyber crimes, India is still in infancy. ATM frauds are increasing. Effective forensic investigation at the scene of crime can bring criminals to book. The importance of the knowledge of forensic evidences specially traces of hair, fibre etc found at the site, have to be ingrained in the officials dealing with cyber crimes," he said.

Stressing that banks need to take steps to install modern security and vigilance gadgets and equipments including the CCTV cameras in the ATMs since most of the times, they record low resolution images which are difficult to identify once enlarged.

Addressing the seminar, Rakshit Tandon-Advisor, Cyber Crime Cell, Gurgaon Police and CEO A&R Info Solutions Pvt said there has been a significant rise of 60 per cent in Cyber Crimes from 2011 to 2012 in NCR.

"Maximum number of perpetrators in cyber crimes are very young, who are unaware of law and proudly proclaim themselves as 'Ethical Hackers'," said Tandon.

He said that in 2011, over 1,630 perpetrators for cyber crime were arrested and out of these, 928 were college going students and over 65 were school going children.

Stressing that "cyber laws in India needs transformation, he said at present, under Information Technology (Amendment) Act, 2008, the accused is punished for imprisonment, which may extend to three years or with fine, which may extend to five lakh rupees or both, irrespective of the magnitude of the crime committed.

"Cyber Laws have to be made stringent to restrict youngsters from indulging into them," said Tandon.
To learn about identity theft visit: www.cibilconsultants.com
Source: Secondary

Fraudsters evolve new methods says, Cyber Crime reports

MUMBAI: Cyber crimes on debit or credit card usage have more than doubled as fraudsters evolve new cloning methods to stay ahead of banks which are improving security features with chip and pin cards, according to preliminary industry data. 

The number of such crimes has increased by about 125% since a year ago, a senior official from the National Payments Corporation or NPCI, a settlement platform for e-payments, told ET on condition of anonymity. 

Every month there are up to 50 cases of travelers who have used their cards in smaller towns and when they leave it gets swiped again even though they are carrying their original card, according to data provided by cyber crime experts. 

"The rate of cyber crime on debit/credit card usage is tremendously rising at the national level," said Rakshit Tandon, Director - A&R Info Security Solutions & Advisor- Cyber Crime Unit, Uttar Pradesh Police, Agra. "Awareness about security measures is abysmally low from both customers and banks. People are falling victim either of cloning or identify theft." 

On an average there are about between 40 and 50 cases compared with between 10 and 12 cases Tandon had to deal with every month two years ago. 

It was not a joke played out on April 1, when Delhi's Santosh Pandey had read six cash withdrawal texts on his mobile phone in the morning wiping out Rs 80,000 in just five-ten minutes during midnight from Navi Mumbai ATMs, the place he has not visited even once in life. 

The country's largest lender, the State Bank of India BSE -0.73 %, will shortly make two security mechanisms fully operational: a one-time password or OTP and SMS card block facility with a brief narration. Besides, SBIBSE -0.73 % is set to run a media campaign on do's and don'ts for a customer to protect the person from any cyber attacks. 

"We have been running extensive campaigns to create awareness among customers and will pace it up. We are compliant to all RBI guidelines in this regard," said SBI's Pulak Sinha, general manager (payment solutions). The bank keeps on receiving complaints of debit card cloning, he said. 

NPCI runs a system called Fraud Monitoring Solutions where 45 scenarios have been fed to detect any possible manipulation. "It will decline transactions in such scenarios. Cloning related frauds are on the rise," said the NPCI official on condition of anonymity. But this will not trace transactions where debit cards are used within the parent bank's ATM network. 

Most of us are using debit cards encrypted with black magnetic strip on the flip side, which can easily be cloned unlike a chip-enabled card. "The entire industry hardly has one or two percent cards with chip and pin. This will not expand unless it is mandated by the regulator," said a head of a public sector bank. 

Here's how some ploys work: 

A cyber swindler typically uses skimmers, a device to take image of your cards. There are several innovative ways to use such tool. This mostly happens with travelers. 

For example, a customer uses card to pay her bills at restaurants, bars, hotels and malls. Now, a person with malicious intentions, will drop her card deliberately and bent to pick it up when the skimmer planted on his shirt pocket will take images within fraction of seconds. The same image is transferred to personal computer and then, given to manufacturers to get a duplicate card. 

For password, fraudsters take the help of "shoulder surfing", where one can trace password closely observing finger movements standing just behind user's shoulder. 

Similarly, a customer leaves potential space for skimmers when he gives his card to a third party at a petrol pump to pay bills. 

The most latest con game is that some glue is put below the key pad at ATMs so that the circuit does not function properly even if you press button but the ATM can read your card data once it gets swiped in the machine. Later, when you exit from ATM terminal, the prowler will immediately enter the same and remove the glue and will receive the desire access but for only one time. 

Con men can also get your card data cloned from the ATM slips, which almost every user drops at dustbin without destroying it completely.

To learn about Identity Theft visit www.cibilconsultants.com
Source: Secondary

Youth's Appeal: Stay Away From Cyber-crime

AURANGABAD: In an attempt to curb the rising incidents of sexual harassment, the Vishakha Committee at Milind Science College has organised a workshop on Wednesday for sensitizing youth towards gender issues. The programme, was primarily aimed at addressing gender sensitisation and women's development issues.

"To create awareness about the Supreme Court guidelines on Vishakha judgement, the Milind Science College organised a workshop under the aegis of People's Education Society, Mumbai. We are emphasising on sensitization as well as awareness programmes," said Milnd Science College Vishakha Committee co-ordinator Bharati Bhandekar.

While briefing about the amendments to law in case of Juvenile Justice Act, Archana Kotapalle, lecturer at Miling Law College, said, "A draft bill amending the Juvenile Justice Act has been approved by the law ministry recently, which says those above 16 years of age will be considered ?adults' when they are accused of rape or equally severe crimes."

She added, "Gender sensitisation and women's development primarily aims at addressing contemporary socio-economic issues? Education plays a very important role in this, with institutions playing a bigger role."

Kotappalle also guided students on ethical use of internet and how to prevent from being a part of cyber crimes. "Students should stay away from calls for online transactions, sites calling for ATM passwords and also pornography sites. The youngsters need to be cautious in posting pictures and other details on the net, besides using the social media? They should be aware that anything done for fun could translate into a crime."

Bhandekar warned the male students that eve-teasing, clicking pictures of girls on mobile phones and sending messages to them on their cell phones are considered as cyber crimes, which can destroy their future.

Learn about identity theft at www.cibilconsultants.com

Source: Secondary

Punching card PIN at shops may prove to be risky

As per the guidelines of the Reserve Bank of India (RBI), effective from December 1. The debit card holders will have to punch in their personal identification number (PIN) every time at Point-of-Sales (PoS) at merchant outlets to minimize frauds.

But many bankers as well as merchants in the city pointed out that this is far from fool-proof and the system has an alleged drawback of lack of privacy.

First, the debit card holders will have to enter the PIN of their ATM cards in the swipe machine and then sign on the transaction slip, for any purchase at any shop.

This may prove to be risky, as thieves may misuse the system by keeping an eye during the swipe, memorize the PIN, clone the card to easily withdraw large sums of cash from any nearby ATM .

But it has been found that none of the merchant outlets in the city have made arrangement for privacy of the customers while punching the ATM PIN while purchasing goods.

Glenn Serrao, the son of a hotel owner in sector 17, Vashi, said, "Debit and credit cards are accepted only on the first floor of our restaurant premises. Around 80% of our regular customers do not mind revealing their PIN to the waiters, who in turn, swipe the cards to pay the bill and issue the payment slip for the customer's signature. If any customer demands privacy to punch their PIN, then we will surely provide that service."

Pradeep Kumar, the manager of IDBI bank, Vashi branch said, "Logically, due to lack of privacy at shops, there is a possibility of misuse of the system. Now, to resolve this alleged lacunae in the customer service, our bank will suggest to our product team that the shops need to provide a secluded place for the ATM card swipe machine which should offer adequate privacy for the customer while punching his/her PIN." The product team will then forward the suggestion to the RBI authorities for corrective measures in the guidelines.

"Anyone who thinks that this system can be misused by miscreants, should come forward with their suggestions on the RBI's website, as well," added Kumar.

Susaant Patnaaik (41), an LIC consultant said, "The need for privacy to use one's debit or even credit card is a must. The swipe machine should be kept separately near the establishment manager's counter and be hidden by a partition to prevent onlookers from reading the secret digits being punched by the customer. "

Patnaaik also said that the banks have warned their ATM debit card holders not to read out or enter their PIN when someone is standing behind them.

"One must never swipe in front of any onlookers to ensure the safety of their card," he added.

Learn more about identity theft at www.cibilconsultants.com

Source: Secondary

ATM Thefts

It's any time money not just for depositors but also for thieves.

If India puts not just a man on the moon but also the first ATM, the next day's headlines could announce that the money withdrawn by the country's first lunar bank customer was swiped seconds later by an anonymous compatriot who had managed to get there on his own steam.

ATM thefts are one area where India is not lagging behind the developed world. It's not just in Japan that there are reports of the yakuza (gangsters) using trucks with sophisticated construction equipment to uproot ATMs. India's Silicon Valley of Bangalore has also witnessed amateurish attempts to carry away ATMs, lock, stock and barrel.

And so what if, according to some media reports, India holds the record for the world's highest installed ATM some 4,000 metres above sea level and around the Nathu La Pass in Sikkim. There are also reports that the Agricultural Bank of China has installed the world's highest ATM at around 4,500 m in Tibet. There are no reports however of the highest ATM theft. Whether the record is jointly held by Chindia is not known.

ATMs are hitting the headlines for all the wrong reasons. It is not just the customer who no longer has to go to the bank to withdraw money but can swipe a smart card (with an embedded chip containing a unique number) at an ATM. Likewise, instead of holding up a bank like the gangster John Dillinger used to do in the days of the Great Depression in America, the 21st-century thief can source his daily requirements by swiping someone else's money at the nearest friendly neighborhood ATM which is open 24x7.

The ATM has not just enabled the individual customer to have transactions with his own account without accessing the bank's entire database. It has also decentralized bank thefts since the individual thief can operate at a micro level and swipe someone else's hard-earned money by circumventing the customer-identity integrity systems by attaching fake keypads or card-readers on ATMs, to record confidential data like the depositor's PIN. Technological devices have been developed to detect foreign objects on ATMs.

Learn about identity theft at www.cibilconsultants.com

Source: Secondary