Credit card hacks!

Why do cyber thieves take the time to wreak havoc? Since hackers are going after the companies that hold your information, it’s hard to stop them from getting your information. All the same, you can take steps to minimize the damage. Here’s our guideline to deal with the uncertainty.

Ask for the new card

Call your bank and demand a new card. It’s not likely to put up a fight as the bank is responsible for paying false charges. In the event that the bank does, don’t back down on your demand.

Renew your password

If you have done any online business with the affected company – or you have an account with it – change your password right away. Make it more than 8 characters and difficult to figure out. If it’s easy for you to remember, it’s easy for a hacker to crack. While you’re at it, change and strengthen all of your passwords.

                    

Filing a complaint

Call the non-emergency number of your local police department. Say that you were a victim of identity theft and wish to file a report. This makes your status as a victim official.

Block your credit

You don’t want anybody opening up new lines of credit in your name. Blocking doesn’t allow anybody to access your credit report without your approval. Creditors probably won’t approve an application without having access to the person’s credit report.

Monitoring your account online

Don’t wait to check it when the statement arrives; check today. Keep monitoring daily for at least 30 days after your new card arrives. If you see fraudulent activity, call the bank and report it immediately. Often you can dispute charges online, but calling and talking to somebody assures that the issuer has record of your dispute.
Visit- www.cibilconsultants.com
Source: Secondary

Cyber Criminals Behind E-extortion

VADODARA: When you think of cyber crime, you may usually picture a hacker sneaking into networks and installing viruses designed to destroy data and computers. But cyber crime is not just about destroying computers and data for malicious purposes. Instead it is to steal information and data for financial gain.

This is what founder and CEO of Quick Heal Technologies Kailash Katkar said here on Saturday.

Katkar stressed that cyber criminals are not just making money and robbing hard-earned money of victims, their well-networked underground activities are making even the corporate sector victims.
        

"These cyber criminals work from countries which do not have strong cyber laws and are fully involved in extortion activities. They are constantly finding new ways to make money off innocent people," said Katkar, a school dropout, who created a Rs 187 crore anti-virus software business with a seed capital of Rs 15,000.

"In fact, our threat research and response team receives over one lakh unique virus samples on a daily basis. Just six months ago, our team used to receive nearly 75,000 unique virus samples and with the passage of time this number is expected to increase," said Katkar, who in 1985 had taken up a job at a local radio and calculator repair shop to supplement his family's income.

Talking about the growth of anti-virus software industry in the country, Katkar said last year, the total market was estimated at Rs 800 crore.

"The anti-virus software industry is expected to grow because of the penetration of smart phones. While internet is costly in India and computer penetration is still much lesser compared to the developed nations, penetration of smart phones has increased tremendously. This has led to development of security solutions for mobile devices," he said.

"Computers have been able to reach to only 10 per cent of our total population against 70 to 80 per cent PC penetration in developed countries. But penetration of smart phones has increased by over 100 per cent," he said.

'Americans can be easily hypnotized'

Vadodara: Americans can be easily hypnotized compared to any other population in the world. This is what world's most experienced hypnotist and world's first ever hypnotist to appear on television Andrew Newton believes.

"My experience suggests that Americans are the most regimented people on this planet. You can find them standing in queue everywhere and getting all kinds of permits to do small little things," said Newton adding that in contrast the Australian population is a bit aggressive and difficult to be easily hypnotized.

"The United States government is easily looking into emails and text message of its citizens in the name of freedom, democracy and security threat. This spying has a commercial aspect too as the same data is used for targeted election campaigns," said Newton, who has hypnotized over 60,000 people worldwide, including many famous names in the United Kingdom and abroad.

Newton, who has over 6,000 stage and television performances under his belt, said that in the UK like in the US, hypnotism has become a massive industry.

"Thirty years ago, there were just 400 hypnotists in the UK. Now, there are over 4,500 hypnotists, including those enrolled with the UK's national health scheme," said Newton, a senior lecturer in hypnosis at the Hypnoseakademiet in Norway, Europe's premier hypnosis and EFT training school.

"The word 'hypnosis' has always brought a sense of mystery and magic in our minds, but it is a complete science of the subconscious itself. It can't cure cancer but it is very useful for dealing with stress or combat insomnia," he said.

To learn about Identity Theft, contact www.cibilconsultants.com

Source: Secondary

Partial amount recovered after a year long battle, says a cyber crime victim!

A clearing agent, who lost Rs 20 lakh in a matter of half an hour to cyber crime, has got back only a part of the amount after fighting a year-long battle. However, the police are yet to make any headway in the case and find out the culprits.

The Ballard Pier Metropolitan court recently ordered release of Rs4.89 lakh to Rajesh Rele from one of the banks, where the stolen money had been transferred in smaller amounts via net-banking. Rele has been asked to furnish a personal bond, which means that he is under the obligation of returning the money if any claimant comes forward and is notified as the rightful owner.

Gamdevi resident Rele is a partner in M/s Eastern Clearing and Forwarding Agency. To make payment towards custom duties he had activated the phone banking option, allowed by his bank in Fort.
              

On May 16, 2013, Rele received a missed call on his mobile phone. When he returned the call, he found that an unknown person was on the other side. Few hours later, Rele's mobile phone services were suspended. Concerned, he contacted his mobile operator. He was surprised to learn that his service had been deactivated on 'his' request.

Rele informed his mobile operator that he had not placed any request to deactivate his service. It was then he was asked to check whether his bank account was secure. To Rele's dismay, a total of Rs 20 lakh had been usurped and the money had been transferred to different accounts in bank in Delhi and Kolkata through netbanking.

He rushed to his bank and directed the accounts to be freezed. A Delhi account where Rs 7 lakh was transferred was with the same bank as his. Thus the amount was claimed within few days. However, the remaining money had been moved to accounts in private banks and to accounts of individuals.

Advocate P Runwal, who appeared for Rele, told the court that his though his client went to the cybercrime police station at Bandra Kurla Complex, they refused to entertain his complaint. Rele then approached the MRA marg police station, which a registered an FIR after 12 days.

"Till now there has been no headway in the investigation and the only assistance received from the police is that they wrote letters to the bank to freeze the accounts," Runwal informed the court.

Rele then started writing to banks regarding recovery of his money. A private bank that had received Rs4.89 lakh in the account of one of its customers from Rele's account asked him to get a court notice before it could share the client's details. Notices were then sent to the person, asking him to appear before the court.

After a hearing over months the court finally accepted Runwal's arguments that even after serving notice to the person, in whose account Rs4.89 lakh had been deposited, there was no response and thus the money should be released.
To learn about Identity Theft, visit www.cibilconsultants.com
Source: Secondary

Improved Technology Increases Vulnerability To Cyber Crime, Cops

Technology has made life easier for all, but this has also increased vulnerability to cyber crime. For instance, with smartphones and easy accessibility of the internet on it, Thane cyber crime cell has seen an increase in cyber crimes.

Cyber crime includes crime done through mobile phones, social networking sites, credit and debit card transaction.

On the condition of anonymity, an officer from cyber cell said, "Though the internet was introduced to minimise time, today many people are misusing it. With young children getting access to smartphones easily, they start surfing various sites and in turn indulge in unlawful activities."

"Parents should not give mobile phones to kids unless there is some emergency," he adds.

Specifying the types of crime committed through the internet, he says, "Facebook and bank fraud casea are on the rise. People make fake profile and then lure someone for cash and for other purposes. Crimes through WhatsApp and other software are, however, very less."
                 

He added, "There was a juvenile boy who used to call on unknown number and when we identified him he accepted watching porn clips on his father's cell phone. As his father was not tech savvy, he was not aware of what his son was up to. The matter came to light when one day this boy called a random girl and asked her for sexual favours. The girl approached the police and got the boy arrested. He was later sent to remand home."

Deputy commissioner of police (cyber cell) Sudhakar Pathares said, "The cases have increased in the last three years. By the time we come up with an efficient way of detecting the culprits, they come up with the new a tactic. We are trying to curb such activities, but technology is growing at a faster rate and it is not easy to control them."

He added, "We have tracked so many cases and are trying to minimise cyber crimes, but with changing technology and new software it's a challenge. For instance, on WhatsApp allows you to seen when the person was last seen. This helps us detect some cases."


To learn about Identity theft, visit- www.cibilconsultants.com
Source: Secondary

Internet Leading To Increase In Cyber Crime,says Parliament Study

New Delhi: The hacking and defacing of websites in India has “highly perturbed” a Parliamentary Committee which examined the issue of cyber crimes and cyber security and found that 3,911 India’s websites were defaced or hacked upto June 2013 and majority of these which was around 2667 out of 3911 attacks were the ‘.in’ domain whose servers were in India.

In its 52nd Report, the Standing Committee on Information Technology tabled in Parliament on Wednesday found that while the usage of internet has facilitated transparency and greater accountability, it has at the same time led to increasing forms of cyber crime and cyber threat each day with newer challenges for data protection and security.

This assumes significance since the internet user base has increased to 100 million and total broadband subscriber base has increased to 12.69 million. The target for broadband connections in the current year is 22 million.

Today the country has 134 major ISPs, 10 million registered domain names of one million are  ‘.in’  domains and over 260 data centers all over the country.

In its 83-page report, the Committee chaired by Rao Inderjit Singh expressed concern over the consistent increase in cyber crime cases in the country during the last five years.
           

It said according to the record of  cyber-crime data maintained by the National Crime Records Bureau (NCRB), a total of 420, 966, 1791 and 2876 Cyber Crime cases were registered under the Information Technology Act during the years 2009, 2010, 2011 and 2012 respectively.

The report said that a total of 276, 356, 422 and 601 cases were registered under Cyber Crime related sections of Indian Penal Code (IPC)  during  2009, 2010, 2011 and 2012. respectively.

The Committee found it disquieting that the quantum of financial loss and privacy related cases in the country due to cyber attack and fraud in the last few years have increased.

The Report said that according to the Reserve Bank of India in the last five years though the number of fraud cases reported by Banks on account of ATM Debit Cards/Credit Cards and Internet have decreased from 15018 in 2010 to 8322 in 2012, yet the amount involved had increased from Rs 40.48 crore to /Rs 52.67 crore in 2012.

However, the Committee was of the view that the reported number of cases involving financial fraud due to cyber related cases is just the tip of the iceberg as a number of cases go unnoticed and unreported.

The Committee expressed unhappiness over the involvement of too many agencies maintaining separate data on cyber crime cases and felt that there should be one single, centralized cell or agency to deal with all cases of cyber crime or threat in the country.

Having one agency to look after cyber crimes and cyber threats, the Committee said would not only help the Department in knowing the pattern of the crime but also prevent recurrence of same kind of crimes with newer strategies.

It felt that the Department of Electronics and Information Technology (DIETY) should work in this direction and apprise the Committee of the action taken in this regard.
To learn about Identity theft, visit- www.cibilconsultants.com
Source: Secondary

Cyber crime can be hold in by Hackers.

RANCHI: Identifying the potential of cyber threat in future warfare, a group of ethical hackers led by cyber buff and founder National Anti-hacking Group (NAG) Vineet Kumar in partnership with Jharkhand police, state Unicef and NGO Citizen foundation launched Cyber Peace Foundation here on Saturday.

The foundation aims at creating awareness about the potential risks involved in handling of internet and internet-based services among commoners and government organizations. With widespread awareness, the group expressed confidence about the introduction of suitable legislation and norms for regulations to safeguard vital installations.

S N Pradhan, additional director general, CID, Jharkhand police, who has been instrumental in the establishment of the country's first cyber defence research cell (CDRC) in the state said cyber space is a network that integrates government and private organisations as well as individuals throwing the system open to attacks and a concerted effort was necessary to counter attacks.

          

"Many countries have engaged thousands of hackers just to gate crash into vital information from government installations, which have no practical wall to be protected once they are working on the platform of internet communication," he said. Further, explaining the potential threat, Vineet said as part of a project taken up by CDRC Jharkhand, as many as one lakh computers, most of them being used by cyber cafes and private individuals were found to be afflicted with 'botnet', which is a term used in the cyber world for robotic hackers.

"Since the number of pirated software being used in Jharkhand is quite high, the vulnerability of the computers is also high and they could be easily compromised by hackers to attack on any vital installation within or outside the country," he said.

While the CDRC received huge number of complains related to credit and debit card fraud, impersonation on social networking sites and webcast of explicit material without consent, the cyber peace foundation expressed concern about bigger threats ahead. "Though we do not have evidence due to limitations of investigation conducted, experts of cyber world are almost confident that the historical failure of northern grid in July 2012 was masterminded by hackers who gained access to the control system," said Pradhan.

To begin with, the foundation has launched a cyber peace month for which a campaign vehicle was flagged off by Pradhan and state head, Jharkhand Unicef chief Job Zachariah, who joined the drive in consideration of children who fall prey to sexual offence emanating on the virtual platform. "The Prevention of Children from Sexual Offence Act, 2012 mentions punitive clause for exposing children to such contents on the internet and awareness is necessary for effective implementation of the act," he said.
To learn about Identity Theft, visit www.cibilconsultants.com
Source: Secondary

Financial services in danger because of cyber crime

Cyber crime is a “growing threat” globally and the second most commonly reported economic crime affecting financial-services firms, according to a survey by PricewaterhouseCoopers.

It accounted for 38% of criminal incidents for financial companies compared with 16% in other business sectors, the accounting firm said in a report.

About half of the financial-services respondents said the potential risk of cyber attacks has risen over the past 12 months compared with 36% in other sectors. “Cyber crime puts the financial sector’s customers, brand and reputation at significant risk,” Andrew Clark, forensic services partner at PricewaterhouseCoopers said in the statement. “Regulators are increasingly viewing cyber crime as a key area of focus and financial institutions are expected to have appropriate systems and controls in place.”
                  

Cyber crime involves the use of computers or the internet and includes the theft of personal information, industrial espionage, reputational damage, financial theft and the disruption of services. About 29% of financial-firm respondents didn’t receive cyber security training, PricewaterhouseCoopers said.

Asset misappropriation such as embezzlement and deception by employees remains the most popular way of committing fraud in an organisation, the survey found.
To learn about Identity Theft, visit www.cibilconsultants.com
Source: Secondary

Identity Theft in India

As the cyber world unveils websites that let you live a ‘second life’, fake identities and identity thefts are fast emerging a menace giving spurt to hate mails and even serious crimes.

Identity theft remains unrecognised by many Indians, but many may already be becoming targets even without realising it, experts say.

One of the fastest growing crimes in the developed nations like United States, it is spreading in developing economies too. According to a website that monitors cyber crimes, in 2006, identity theft complaints made up thirty seven per cent (37%) of all fraud complaints.

With extensive use of social networking sites in India, the young population chatting for hours, however is unaware of the risks involved. Sharing personal information on social networking sites like Orkut, Tagged, hi5, etc. can be hazardous. The delinquents will have no difficulty in using someone’s personal information for their vested interest, cyber experts say.
                                 

There has been number of cases reported in the country where the people were cheated after sharing their personal information on Internet. Latest among them is one of a youth from Mumbai who was murdered, after pals on the net abducted and then killed him, having won his confidence through the network chatting.

“People discuss sex, try to find a dating partner or indulge in ‘cyber romance,’ falling prey to social networking sites. As a result, most of them undergo emotional abuses and have long lasting psychological effects. At least ten victims visits my clinic everyday seeking counselling on ‘abuses’ they had experienced on vast net-world,” says Dr Roma Kumar, Clinical Psychologist with Sri Ganga Ram Hospital.

“Youngsters, mostly school goers are unaware of the risk involved in sharing personal details on Internet. Some do it for fun rest to explore answers to their queries. But most of them later suffer owing to ignorance and lack of information,” she says.

“We receive 10-20 cases of identity thefts mainly on cyberfrauds monthly. The cases of cyber-crimes are increasing in the country,” says Sanjay Singh, CEO of Indian Detective Agency.

“We get number of inquiries asking us for the tips to protect against identity theft,” he adds.

“Once I got a call from a person asking me about legal proceedings pertinent to cyber crimes. He was actually duped by an imposter who posed herself as a Bollywood actress and asked him some money citing personal reasons and said that she (Imposter) would marry him, if he agrees to pay the asked amount. That person got carried away and deposited money in the bank account given to him. Later, as obvious, it was found to be a cyber fraud and he was robbed off with his money”, says G Venkatesh Rao, a Supreme Court lawyer.

“People should be careful while using networking sites. They should avoid using very personal information like mobile number, credit card and bank account detail, date of birth to avoid identity theft,” says Rao.

To learn about Identity Theft, visit- www.cibilconsultants.com
Source: Secondary

Magnet for hackers: Internet connected devices

2013 has been an eventful year in the information security space, as information became the most valuable and challenging asset for organisations while being border less and dispersed, as cloud, mobility and “bring your own device” took a stronger hold on businesses. Information security has been immensely threatened with businesses, government and individuals relying on the internet for dynamic needs and cyber criminals have devised more sophisticated methods to trap victims. Blurring boundaries between consumer and business, sophistication in enterprise attacks and dispersion of authority for security within the ecosystem has led to growing concerns over data, financial information and critical infrastructure.

The threats observed throughout the year were in line with the predictions first made by Symantec which saw conflicts between nations, organisations and individuals; using evolved social engineering techniques and cloud based attacks aimed at financial gains, IP and in some cases to bring down the critical infrastructure. Symantec’s report findings also points at India as among world’s top five countries for the highest number of incidences of cyber crime such as ransom ware, identity theft and phishing. India also witnessed a 280% increase in Bot infections, with a sizable percentage coming from cities emerging cities such as Bhubaneswar, Surat, Cochin, Jaipur, Vishakhapatnam, Indore, Kota, Ghaziabad and Mysore.

                                 

As the New Year approaches, we predict that this trend will only further increase as cyber criminals continue to employee more sophisticated and targeted techniques. They will continue to focus their attacks on data stored on the cloud vs. data stored on the network, thus putting a massive challenge for enterprises to handle. Below are Symantec’s top predictions in 2014:

Targeted attacks will increase.

In 2013, we reported on a sophisticated social engineering attack implemented at a French-based MNC who got francophoned, where the administrative assistant to a vice-president received an e-mail referencing an invoice hosted on a popular file sharing service and subsequently received a phone call from another vice-president within the company, instructing her to examine and process the invoice. However, the invoice was a fake and the vice president who spoke to her with authority was an attacker. Incidents like these were observed and we predict that in 2014, these attacks will become commonplace and attackers will further refine these targeted attack tactics to make financial gains.

Perils of social networking

It is tempting to believe that you can move to a new neighbourhood and all your old problems will go away. They don’t in real life and they won’t when it comes to social networking. Any new social network that attracts users will also attract scammers. It has been observed that individuals are increasingly choosing convenience over safety and constantly exhibiting a potentially risky behaviour online. According to the latest Norton Report 2013, 18% social media users connect with people they do not know and 61% access their social network account over unsecure Wi-Fi. Therefore it is important to protect yourself by using security best practices no matter where you are on the internet or how you connect to it .

Internet of vulnerabilities

With millions of devices connected to the internet, in 2014, they will become a magnet for hackers. Security researchers have already demonstrated attacks against smart televisions, medical equipment and security cameras. Already we’ve seen baby monitors attacked and traffic was shut down on a major tunnel in Israel, reportedly due to hackers accessing computer systems via a security camera system. Major software vendors have figured out how to notify customers and get patches for vulnerabilities to them. The companies building gadgets that connect to the internet don’t even realise they have an oncoming security problem. These systems are not only vulnerable to an attack—they also lack notification methods for consumers and businesses when vulnerabilities are discovered. Even worse, they don’t have a friendly end-user method to patch these new vulnerabilities. Given this, we are going to see new threats in ways in which we’ve never seen before.

Cyber criminals will target the weakest links

Third party consultants, suppliers and partners outside the enterprise network as well as business associates in the ecosystem will be the easy targets for attackers as they are the weakest links in the information exchange chain. This includes consultants, contractors, vendors and others who share sensitive information or even have access to the networks of large organisations and government entities. And, it has been repeatedly observed that only a few of these partners have sufficient defenses.

Watch out for dangers in the cloud

Increasingly enterprises and individuals are using public clouds to store and access data. As per the latest Norton Report 2013, 29% individuals in India and 24% across the world are already practicing this trend. And with rise in usage of these platforms for both personal and private information, it is highly likely that we will see this as an easy target for cyber-criminals to penetrate these data-rich cloud platforms for profitable motives.

To learn about Identity Theft, visit- www.cibilconsultants.com
Source: Secondary

Traditional Probe Turning Ineffective Because Of Cyber Crime Complexicity

New Delhi: The complex structure of cyber crime which thrives on mostly private infrastructure spread globally is making "archaic" investigation techniques ineffective, CBI Director Ranjit Sinha said Wednesday. 

"Cyber crime causes serious damage to victims and bring huge losses to global economy. Due to its specific features, cyber crime has proven to be a challenge to the effectiveness of archaic law enforcement mechanisms," he said. 

Speaking during the signing of an agreement with Data Security Council of India here, Sinha said, "The complexity of its structure, consisting mostly of privately-owned infrastructure and numerous layers of different factors across jurisdictions, coupled with the relative anonymity it allows, may render traditional methods of investigation ineffective." 

CBI signed the MoU with DSCI to use its expertise in updating its officials with new technologies to tackle the menace.

                  

Giving details, CBI spokesperson said the MoU seeks to establish collaboration between law enforcement agencies through CBI and the IT Industry through DSCI for the capacity building of its officers on building up security standards. 

She said the MoU will enable sharing the best practices among various enforcement agencies globally, finding solutions to emerging challenges in cyber crime prevention, detection, investigation and prosecution and preparing the stakeholders in their ability to educate and update themselves in emerging computer and information technologies. 

"There is a great need for constant capacity building of law enforcement officers in this area.

Cooperation between specialized agencies is the need of the hour to combat highly sophisticated faceless criminals in cyber space," the CBI director said.

To learn about Identity theft and related issues on www.cibilconsultants.com

Source: Secondary

Banks seeking insurance cover because of rising online frauds

MUMBAI: Indian banks are increasingly seeking insurance cover against fraudulent online transactions, including those involving credit cards, as a rising use of plastic money and the ease of Internet business potentially increase lenders' exposure to cases of data breach.

Data from insurance companies show that large banks are opting for policies worth Rs 500 crore to shield against fraud, including online, while mid-sized banks are going for policies in the range of Rs250-300 crore. "Demand for insurance policy against phishing, skimming and Internet hacking has gone up in the last one year," said TR Ramalingam, head of underwriting at Bajaj Allianz General Insurance. "Inquiries have gone up and we are working on how to price the product and working on the wording."

               

Earlier, insurance policies did not include computer-related frauds, but now insurers expect it to be big in coming days. The premium, which depends on several factors, ranges between 1% and 2% of liability the bank is looking to insure. In 2012-13, domestic banks lost Rs17,284 crore on account of fraud, according to information obtained through the Right to Information Act. During the period, 62 banks filed a total of 26,598 cases related to online frauds. The situation has compounded the woes of the bank sector where lenders are facing huge non-performing assets. "The policy covers cyber extortion and breach of data privacy," said M Ravichandran, president, Tata AIG General Insurance. "There is a lot of talk around cyber insurance and people are actively looking to secure these exposures."

While companies like Tata AIG have underwriting capabilities for these policies, for others, it is reinsurance driven. Cyber extortion policy pays a ransom to a person who has hacked into the bank's website with a threat to divulge, destroy or steal confidential information. Last year, ATM cards of a leading private sector bank's customers were skimmed and about Rs15.48 lakh stolen from accounts.

If your Credit Score have been hampered because of Identity Theft, contact us- www.cibilconsultants.com

Source: Secondary

Signs that shows You've Been Hacked

In today's threats cape, antivirus software provides little piece of mind. In fact, anti malware scanners on the whole are horrifically inaccurate, especially with exploits less than 24 hours old. After all, malicious hackers and malware can change their tactics at will. Swap a few bytes around, and a previously recognized malware program becomes unrecognizable. 

To combat this, many anti malware programs monitor program behaviors, often called heuristics, to catch previously unrecognized malware. Other programs use virtualized environments, system monitoring, network traffic detection, and all of the above at once in order to be more accurate. And still they fail us on a regular basis.

Here are 11 sure signs you've been hacked and what to do in the event of compromise. Note that in all cases, the No. 1 recommendation is to completely restore your system to a known good state before proceeding. In the early days, this meant formatting the computer and restoring all programs and data. Today, depending on your operating system, it might simply mean clicking on a Restore button. Either way, a compromised computer can never be fully trusted again. The recovery steps listed in each category below are the recommendations to follow if you don't want to do a full restore -- but again, a full restore is always a better option, risk-wise. 

Sure sign of system compromise No. 1: Fake antivirus messages 

In slight decline these days, fake antivirus warning messages are among the surest signs that your system has been compromised. What most people don't realize is that by the time they see the fake antivirus warning, the damage has been done. Clicking No or Cancel to stop the fake virus scan is too little, too late. The malicious software has already made use of unpatched software, often the Java Run time Environment or an Adobe product, to completely exploit your system. 

Why does the malicious program bother with the "antivirus warning"? This is because the fake scan, which always finds tons of "viruses," is a lure to buy their product. Clicking on the provided link sends you to a professional-looking website, complete with glowing letters of recommendation. There, they ask you for your credit card number and billing information. You'd be surprised how many people get tricked into providing personal financial information. The bad guys gain complete control of your system and get your credit card or banking information. For bad guys, it's the Holy Grail of hacking. 

What to do: As soon as you notice the fake antivirus warning message, power down your computer. If you need to save anything and can do it, do so. But the sooner you power off your computer, the better. Boot up the computer system in Safe Mode, No Networking, and try to uninstall the newly installed software (oftentimes it can be uninstalled like a regular program). Either way, follow up by trying to restore your system to a state previous to the exploitation. If successful, test the computer in regular mode and make sure that the fake antivirus warnings are gone. Then follow up with a complete antivirus scan. Oftentimes, the scanner will find other sneak remnants left behind. 

Sure sign of system compromise No. 2: Unwanted browser toolbar 

This is probably the second most common sign of exploitation: Your browser has multiple new toolbar with names that seem to indicate the toolbar is supposed to help you. Unless you recognize the toolbar as coming from a very well-known vendor, it's time to dump the bogus toolbar. What to do: Most browsers allow you to review installed and active toolbar. Remove any you didn't absolutely want to install. When in doubt, remove it. If the bogus toolbar isn't listed there or you can't easily remove it, see if your browser has an option to reset the browser back to its default settings. If this doesn't work, follow the instructions listed above for fake antivirus messages. You can usually avoid malicious toolbar by making sure that all your software is fully patched and by being on the lookout for free software that installs these tool bars. Hint: Read the licensing agreement. Toolbar installs are often pointed out in the licensing agreements that most people don't read. 

Sure sign of system compromise No. 3: Redirected Internet searches 

Many hackers make their living by redirecting your browser somewhere other than you want to go. The hacker gets paid by getting your clicks to appear on someone else's website, often those who don't know that the clicks to their site are from malicious redirection. You can often spot this type of malware by typing a few related, very common words (for example, "puppy" or "goldfish") into Internet search engines and checking to see whether the same websites appear in the results -- almost always with no actual relevance to your terms. Unfortunately, many of today's redirected Internet searches are well hidden from the user through use of additional proxies, so the bogus results are never returned to alert the user. In general, if you have bogus toolbar programs, you're also being redirected. Technical users who really want to confirm can sniff their own browser or network traffic. The traffic sent and returned will always be distinctly different on a compromised computer vs. an uncompromised computer. What to do: Follow the same instructions as above. Usually removing the bogus toolbar and programs is enough to get rid of malicious redirection. 

Sure sign of system compromise No. 4: Frequent random popups 

This popular sign that you've been hacked is also one of the more annoying ones. When you're getting random browser pop-ups from websites that don't normally generate them, your system has been compromised. I'm constantly amazed about which websites, legitimate and otherwise, can bypass your browser's anti-pop-up mechanisms. It's like battling email spam, but worse. What to do: Not to sound like a broken record, but typically random pop-ups are generated by one of the three previous malicious mechanisms noted above. You'll need to get rid of bogus toolbar and other programs if you even hope to get rid of the pop-ups. 

Sure sign of system compromise No. 5: Your friends receive fake emails from your email account 

This is the one scenario where you might be OK. It's fairly common for our email friends to receive malicious emails from us. A decade ago, when email attachment viruses were all the rage, it was very common for malware programs to survey your email address book and send malicious emails to everyone in it. 

These days it's more common for malicious emails to be sent to some of your friends, but not everyone in your email address book. If it's just a few friends and not everyone in your email list, then more than likely your computer hasn't been compromised (at least with an email address-hunting malware program). These days malware programs and hackers often pull email addresses and contact lists from social media sites, but doing so means obtaining a very incomplete list of your contacts' email addresses. Although not always the case, the bogus emails they send to your friends often don't have your email address as the sender. It may have your name, but not your correct email address. If this is the case, then usually your computer is safe. 

What to do: If one or more friends reports receiving bogus emails claiming to be from you, do your due diligence and run a complete antivirus scan on your computer, followed by looking for unwanted installed programs and toolbars. Often it's nothing to worry about, but it can't hurt to do a little health check when this happens. 

Sure sign of system compromise No. 6: Your online passwords suddenly change 

If one or more of your online passwords suddenly change, you've more than likely been hacked -- or at least that online service has been hacked. In this particular scenario, usually what has happened is that the victim responded to an authentic-looking phish email that purportedly claimed to be from the service that ends up with the changed password. The bad guy collects the logon information, logs on, changes the password (and other information to complicate recovery), and uses the service to steal money from the victim or the victim's acquaintances (while pretending to be the victim). What to do: If the scam is widespread and many acquaintances you know are being reached out to, immediately notify all your contacts about your compromised account. Do this to minimize the damage being done to others by your mistake. Second, contact the online service to report the compromised account. Most online services are used to this sort of maliciousness and can quickly get the account back under your control with a new password in a few minutes. Some services even have the whole process automated. A few services even have a "My friend's been hacked!" button that lets your friends start the process. This is helpful, because your friends often know your account has been compromised before you do. If the compromised logon information is used on other websites, immediately change those passwords. And be more careful next time. Websites rarely send emails asking you to provide your logon information. When in doubt, go to the website directly (don't use the links sent to you in email) and see if the same information is being requested when you log on using the legitimate method. You can also call the service via their phone line or email them to report the received phish email or to confirm its validity. Lastly, consider using online services that provide two-factor authentication. It makes your account much harder to steal. 

Sure sign of system compromise No. 7: Unexpected software installs 

Unwanted and unexpected software installs are a big sign that your computer system has likely been hacked. In the early days of malware, most programs were computer viruses, which work by modifying other legitimate programs. They did this to better hide themselves. For whatever reason, most malware programs these days are Trojans and worms, and they typically install themselves like legitimate programs. This may be because their creators are trying to walk a very thin line when the courts catch up to them. They can attempt to say something like, "But we are a legitimate software company." Oftentimes the unwanted software is legally installed by other programs, so read your license agreements. Frequently, I'll read license agreements that plainly state that they will be installing one or more other programs. Sometimes you can opt out of these other installed programs; other times you can't. What to do: There are many free programs that show you all your installed programs and let you selectively disable them. My favorite for Windows is Autoruns. It doesn't show you every program installed but will tell you the ones that automatically start themselves when your PC is restarted. Most malware programs can be found here. The hard part is determining what is and what isn't legitimate. When in doubt, disable the unrecognized program, reboot the PC, and reenable the program only if some needed functionality is no longer working. 

Sure sign of system compromise No. 8: Your mouse moves between programs and makes correct selections 

If your mouse pointer moves itself while making selections that work, you've definitely been hacked. Mouse pointers often move randomly, usually due to hardware problems. But if the movements involve making the correct choices to run particular programs, malicious humans are somewhere involved. Not as common as some of the other attacks, many hackers will break into a computer, wait for it to be idle for a long time (like after midnight), then try to steal your money. Hackers will break into bank accounts and transfer money, trade your stocks, and do all sorts of rogue actions, all designed to lighten your cash load. What to do: If your computer "comes alive" one night, take a minute before turning it off to determine what the intruders are interested in. Don't let them rob you, but it will be useful to see what things they are looking at and trying to compromise. If you have a cellphone handy, take a few pictures to document their tasks. When it makes sense, power off the computer. Unhook it from the network (or disable the wireless router) and call in the professionals. This is the one time that you're going to need expert help. Using another known good computer, immediately change all your other logon names and passwords. Check your bank account transaction histories, stock accounts, and so on. Consider paying for a credit-monitoring service. If you've been a victim of this attack, you have to take it seriously. Complete restore of the computer is the only option you should choose for recovery. But if you've lost any money, make sure to let the forensics team make a copy first. If you've suffered a loss, call law enforcement and file a case. You'll need this information to best recover your real money losses, if any. 

Sure sign of system compromise No. 9: Your antimalware software, Task Manager, or Registry Editor is disabled and can't be restarted 

This is a huge sign of malicious compromise. If you notice that your antimalware software is disabled and you didn't do it, you're probably exploited -- especially if you try to start Task Manager or Registry Editor and they won't start, start and disappear, or start in a reduced state. This is very common for malware to do. What to do: You should really perform a complete restore because there is no telling what has happened. But if you want to try something less drastic first, research the many methods on how to restore the lost functionality (any Internet search engine will return lots of results), then restart your computer in Safe Mode and start the hard work. I say "hard work" because usually it isn't easy or quick. Often, I have to try a handful of different methods to find one that works. Precede restoring your software by getting rid of the malware program, using the methods listed above. Sure 

Sign of system compromise No. 10: Your bank account is missing money 

I mean lots of money. Online bad guys don't usually steal a little money. They like to transfer everything or nearly everything, often to a foreign exchange or bank. Usually it begins by your computer being compromised or from you responding to a fake phish from your bank. In any case, the bad guys log on to your bank, change your contact information, and transfer large sums of money to themselves. What to do: In most cases you are in luck because most financial institutions will replace the stolen funds (especially if they can stop the transaction before the damage is truly done). However, there have been many cases where the courts have ruled it was the customer's responsibility to not be hacked, and it's up to the financial institution to decide whether they will make restitution to you. If you're trying to prevent this from happening in the first place, turn on transaction alerts that send text alerts to you when something unusual is happening. Many financial institutions allow you to set thresholds on transaction amounts, and if the threshold is exceeded or it goes to a foreign country, you'll be warned. Unfortunately, many times the bad guys reset the alerts or your contact information before they steal your money. So make sure your financial institution sends you alerts anytime your contact information or alerting choices are changed. 

Sure sign of system compromise No. 11: You get calls from stores about nonpayment of shipped goods 

In this case, hackers have compromised one of your accounts, made a purchase, and had it shipped to someplace other than your house. Oftentimes, the bad guys will order tons of merchandise at the same time, making each business entity think you have enough funds at the beginning, but as each transaction finally pushes through you end up with insufficient funds. What to do: This is a bad one. First try to think of how your account was compromised. If it was one of the methods above, follow those recommendations. Either way, change all your logon names and passwords (not just the one related to the single compromised account), call law enforcement, get a case going, and start monitoring your credit. You'll probably spend months trying to clear up all the bogus transactions committed in your name, but you should be able to undo most, if not all, of the damage. Years ago you could be left with a negative credit history that would impact your life for a decade. 
These days, companies and the credit reporting agencies are more used to cyber crime, and they deal with it better. Still, be aggressive and make sure you follow every bit of advice given to you by law enforcement, the creditors, and the credit-rating agencies (there are three major ones- CIBIL, Equifax, Experian). 

Malware vector trifecta to avoid:

The hope of an antimalware program that can perfectly detect malware and malicious hacking is pure folly. Keep an eye out for the common signs and symptoms of your computer being hacked as outlined above. And if you are risk-adverse, as I am, always perform a complete computer restore with the event of a breach. Because once your computer has been compromised, the bad guys can do anything and hide anywhere. It's best to just start from scratch. Most malicious hacking originates from one of three vectors: unpatched software, running Trojan horse programs, and responding to fake phishing emails. Do better at preventing these three things, and you'll be less likely to have to rely on your anti malware software's accuracy -- and luck.

If your Credit Score have been hampered because of Identity Theft, contact us- www.cibilconsultants.com

Source: Secondary