Financial concerns to be aware of when traveling abroad!

Traveling to a different country raises financial concerns that don’t apply when traveling domestically. Here are some things to keep in mind if you’re planning a trip abroad:

Tracking exchange rates is easy. Thanks to the internet, it’s easier than ever to figure out the exchange rate for foreign currencies. Google has a simple converter that’s easy to use.

Get some foreign currency before you go. When you arrive in a foreign country, it’s a good idea to already have some local currency on hand to pay for expenses like transportation and meals. You can order foreign currency online through some banks and services, and most large chain branches can get you foreign currency if you give them advance notice. The rate they exchange your money for will be lower than what you see online, so you may want to shop around for the best rate.

Know how you’ll get additional cash while abroad. Check with your bank to see if your ATM card can be used at your destination to obtain additional cash, and ascertain what types of fees you’ll be responsible for. If the fees will be high, you may want to take as much cash with you as possible, but if fees are reasonable, you might want to wait to see if you actually need additional cash while you’re there.

Be aware of credit card conversion fees. You can likely use your credit card while abroad, but before you go on your trip, find out if you will have to pay any foreign currency conversion fees, or a fee for letting you make charges in a foreign currency. There are cards that don’t charge any conversion fees, so if your card issuer does impose a fee, you might want to get a new credit card before your trip. Alternatively, you can try to limit your card use while you’re abroad to locations that will charge you in dollars, rather than the local currency.

Carry a chip and PIN credit card. In other countries, merchants may only accept credit cards with chip and PIN technology because such cards are generally considered to be more secure (the card’s information is stored on the chip, rather than in a magnetic strip). If you intend to use a credit card while abroad, be sure to check which type of card is more common at your destination.

Consider the safety of your destination before departing. Some destinations, like Japan, are generally very safe for tourists, and many of the locals carry large amounts of cash without hesitation. In other countries, however, pickpockets are common, and tourists are a popular target of crime. Before you depart, check to see what kind of precautions are recommended for your destination. You may want to purchase certain types of gear, such as a money belt, to protect your valuables.

Travel with adequate insurance. Before you go abroad, check with your insurance providers – including your health insurance and driving insurance providers if you plan to drive – to make sure you’ll be covered. If your coverage is insufficient, purchase travel insurance for your trip. You hopefully won’t need it, but you’ll be happy you have it if you do.

Research the customs of your destination. Customs vary dramatically by country, so be sure to do your research before you leave home. Find out if tipping is common at your destination, and if so, is it normally added to your bill or are you supposed to calculate it yourself? How much is customary? Do merchants at your destination haggle, and if so, what’s the best practice for foreigners? If you know these types of issues before you arrive, you can avoid unpleasant surprises!

Declare your acquisitions when you return. When you return to the your country, you’ll have to fill out a customs declaration form and list what you acquired while abroad. Therefore, it can be extremely helpful to keep a list of your acquisitions as you make them, and to keep receipts for your purchases.

Visit: http://www.cibilconsultants.com/
Source- Secondary

Phishing Attacks!

What could set the alarm bells ringing for the Indian banking system is the revelation that there has been a six-fold rise in phishing attacks on the country's lenders during the last four months alone.

Phishing is a form of internet fraud that aims to steal valuable information such as credit card details, social security numbers, user IDs and passwords for financial gains.

The fraud is executed through spoof emails and fake websites that prompt users to disclose their personal details.

The 24X7 Security Response Lab of Pune-based internet security firm Symantec found that in October last year, there were 20 unique attacks on Indian banks while the figure has grown to 120 attacks as of January, 2008.

"The attacks are now becoming more localised, subtle and target-specific... The increase in the number of attacks reflects that they are getting successful," said Prabhat Kumar, director, Security Response, Symantec.

From fame, the phishers are now turning towards making a fortune, he added.
             

The Symantec lab monitors the complete threat spectrum and malware activity all across the world. It provides support in 14 languages against phishers who are extensively using sophisticated methods to install spyware, Trojans, worms and viruses.

But, it is not actually a security breach for the bank.

"The banks have put in the best possible security but it is the unsuspecting user on whose back the phishers enter the system," Singh said.

The latest Internet Security Threat Report by Symantec had ranked Mumbai as the most notorious in India in terms of phishing sites with 38 per cent, followed by New Delhi with 29 per cent.

Even Tier-II cities like Bhopal, Surat, Pune and Noida too had reports about phishing site activity.

"Surprisingly, a large number of home PC users do not even have a basic security feature," Singh said.

The report highlighted that the malicious code in India included 57 per cent worms and 21 per cent virus attacks but even complex threads like Trojan made for about 20 per cent of the attacks.

Recently, leading private sector lender HDFC Bank had filed a police complaint against a "money mule" scammer. The accused had used a bank customer as a mule to transfer money, acquired through phishing attacks, to different accounts.

Even the Reserve Bank of India (RBI) had advised the public not to succumb to the temptation of fictitious offers of large funds through e-mails from unknown entities.

"Members of public should also not make any remittance towards participation in such schemes/offers from unknown entities," it had said in a recent notification.

The RBI has issued the warning to caution individuals who initially receive tempting offers of large funds on various pretexts from unknown overseas entities through e-mails and letters and are later requested to remit a small amount as commission for transfer of the money.

To learn about Identity Theft, contact www.cibilconsultants.com
Source: Secondary

Improved Technology Increases Vulnerability To Cyber Crime, Cops

Technology has made life easier for all, but this has also increased vulnerability to cyber crime. For instance, with smartphones and easy accessibility of the internet on it, Thane cyber crime cell has seen an increase in cyber crimes.

Cyber crime includes crime done through mobile phones, social networking sites, credit and debit card transaction.

On the condition of anonymity, an officer from cyber cell said, "Though the internet was introduced to minimise time, today many people are misusing it. With young children getting access to smartphones easily, they start surfing various sites and in turn indulge in unlawful activities."

"Parents should not give mobile phones to kids unless there is some emergency," he adds.

Specifying the types of crime committed through the internet, he says, "Facebook and bank fraud casea are on the rise. People make fake profile and then lure someone for cash and for other purposes. Crimes through WhatsApp and other software are, however, very less."
                 

He added, "There was a juvenile boy who used to call on unknown number and when we identified him he accepted watching porn clips on his father's cell phone. As his father was not tech savvy, he was not aware of what his son was up to. The matter came to light when one day this boy called a random girl and asked her for sexual favours. The girl approached the police and got the boy arrested. He was later sent to remand home."

Deputy commissioner of police (cyber cell) Sudhakar Pathares said, "The cases have increased in the last three years. By the time we come up with an efficient way of detecting the culprits, they come up with the new a tactic. We are trying to curb such activities, but technology is growing at a faster rate and it is not easy to control them."

He added, "We have tracked so many cases and are trying to minimise cyber crimes, but with changing technology and new software it's a challenge. For instance, on WhatsApp allows you to seen when the person was last seen. This helps us detect some cases."


To learn about Identity theft, visit- www.cibilconsultants.com
Source: Secondary

Internet Leading To Increase In Cyber Crime,says Parliament Study

New Delhi: The hacking and defacing of websites in India has “highly perturbed” a Parliamentary Committee which examined the issue of cyber crimes and cyber security and found that 3,911 India’s websites were defaced or hacked upto June 2013 and majority of these which was around 2667 out of 3911 attacks were the ‘.in’ domain whose servers were in India.

In its 52nd Report, the Standing Committee on Information Technology tabled in Parliament on Wednesday found that while the usage of internet has facilitated transparency and greater accountability, it has at the same time led to increasing forms of cyber crime and cyber threat each day with newer challenges for data protection and security.

This assumes significance since the internet user base has increased to 100 million and total broadband subscriber base has increased to 12.69 million. The target for broadband connections in the current year is 22 million.

Today the country has 134 major ISPs, 10 million registered domain names of one million are  ‘.in’  domains and over 260 data centers all over the country.

In its 83-page report, the Committee chaired by Rao Inderjit Singh expressed concern over the consistent increase in cyber crime cases in the country during the last five years.
           

It said according to the record of  cyber-crime data maintained by the National Crime Records Bureau (NCRB), a total of 420, 966, 1791 and 2876 Cyber Crime cases were registered under the Information Technology Act during the years 2009, 2010, 2011 and 2012 respectively.

The report said that a total of 276, 356, 422 and 601 cases were registered under Cyber Crime related sections of Indian Penal Code (IPC)  during  2009, 2010, 2011 and 2012. respectively.

The Committee found it disquieting that the quantum of financial loss and privacy related cases in the country due to cyber attack and fraud in the last few years have increased.

The Report said that according to the Reserve Bank of India in the last five years though the number of fraud cases reported by Banks on account of ATM Debit Cards/Credit Cards and Internet have decreased from 15018 in 2010 to 8322 in 2012, yet the amount involved had increased from Rs 40.48 crore to /Rs 52.67 crore in 2012.

However, the Committee was of the view that the reported number of cases involving financial fraud due to cyber related cases is just the tip of the iceberg as a number of cases go unnoticed and unreported.

The Committee expressed unhappiness over the involvement of too many agencies maintaining separate data on cyber crime cases and felt that there should be one single, centralized cell or agency to deal with all cases of cyber crime or threat in the country.

Having one agency to look after cyber crimes and cyber threats, the Committee said would not only help the Department in knowing the pattern of the crime but also prevent recurrence of same kind of crimes with newer strategies.

It felt that the Department of Electronics and Information Technology (DIETY) should work in this direction and apprise the Committee of the action taken in this regard.
To learn about Identity theft, visit- www.cibilconsultants.com
Source: Secondary

Cyber crime can be hold in by Hackers.

RANCHI: Identifying the potential of cyber threat in future warfare, a group of ethical hackers led by cyber buff and founder National Anti-hacking Group (NAG) Vineet Kumar in partnership with Jharkhand police, state Unicef and NGO Citizen foundation launched Cyber Peace Foundation here on Saturday.

The foundation aims at creating awareness about the potential risks involved in handling of internet and internet-based services among commoners and government organizations. With widespread awareness, the group expressed confidence about the introduction of suitable legislation and norms for regulations to safeguard vital installations.

S N Pradhan, additional director general, CID, Jharkhand police, who has been instrumental in the establishment of the country's first cyber defence research cell (CDRC) in the state said cyber space is a network that integrates government and private organisations as well as individuals throwing the system open to attacks and a concerted effort was necessary to counter attacks.

          

"Many countries have engaged thousands of hackers just to gate crash into vital information from government installations, which have no practical wall to be protected once they are working on the platform of internet communication," he said. Further, explaining the potential threat, Vineet said as part of a project taken up by CDRC Jharkhand, as many as one lakh computers, most of them being used by cyber cafes and private individuals were found to be afflicted with 'botnet', which is a term used in the cyber world for robotic hackers.

"Since the number of pirated software being used in Jharkhand is quite high, the vulnerability of the computers is also high and they could be easily compromised by hackers to attack on any vital installation within or outside the country," he said.

While the CDRC received huge number of complains related to credit and debit card fraud, impersonation on social networking sites and webcast of explicit material without consent, the cyber peace foundation expressed concern about bigger threats ahead. "Though we do not have evidence due to limitations of investigation conducted, experts of cyber world are almost confident that the historical failure of northern grid in July 2012 was masterminded by hackers who gained access to the control system," said Pradhan.

To begin with, the foundation has launched a cyber peace month for which a campaign vehicle was flagged off by Pradhan and state head, Jharkhand Unicef chief Job Zachariah, who joined the drive in consideration of children who fall prey to sexual offence emanating on the virtual platform. "The Prevention of Children from Sexual Offence Act, 2012 mentions punitive clause for exposing children to such contents on the internet and awareness is necessary for effective implementation of the act," he said.
To learn about Identity Theft, visit www.cibilconsultants.com
Source: Secondary

Financial services in danger because of cyber crime

Cyber crime is a “growing threat” globally and the second most commonly reported economic crime affecting financial-services firms, according to a survey by PricewaterhouseCoopers.

It accounted for 38% of criminal incidents for financial companies compared with 16% in other business sectors, the accounting firm said in a report.

About half of the financial-services respondents said the potential risk of cyber attacks has risen over the past 12 months compared with 36% in other sectors. “Cyber crime puts the financial sector’s customers, brand and reputation at significant risk,” Andrew Clark, forensic services partner at PricewaterhouseCoopers said in the statement. “Regulators are increasingly viewing cyber crime as a key area of focus and financial institutions are expected to have appropriate systems and controls in place.”
                  

Cyber crime involves the use of computers or the internet and includes the theft of personal information, industrial espionage, reputational damage, financial theft and the disruption of services. About 29% of financial-firm respondents didn’t receive cyber security training, PricewaterhouseCoopers said.

Asset misappropriation such as embezzlement and deception by employees remains the most popular way of committing fraud in an organisation, the survey found.
To learn about Identity Theft, visit www.cibilconsultants.com
Source: Secondary

Are you Safe On The Internet?

Gone are the days when you had to stand in long queues to pay your electricity bills, phone bills, income tax returns and almost everything. But easy access to the internet and availability of these services online not just provide relief but of course helps in saving time. At the same time users are also exposed to the threats of identity theft, loss of personal information and spams.

           

If we follow a few golden rules we can easily protect our personal information and greatly reduce the possibility of fraud. Here are some of them:

Security suites

Outpost Security Suite: This is the only free security suite that offers antivirus, firewall and anti malware in a single package. It even offers email and web surfing security for online protection and monitors application behavior to keep a check on malicious infections. Being free, it does have some limitations — only one auto update is allowed in a day. Others need to be manually done. Also, it does not include identity theft protection or technical support.

Norton 360 (v 6.0): As an all-in-one suite, Norton 360 (Rs 1,649) is pretty complete. Apart from protecting against local threats, it has a set of tools for online identity theft protection, to tune up your PC, Email and instant message monitoring as well as browser plugins to warn you of harmful websites & downloads. It even has parental controls to track Internet usage and keep kids safe from online threats. Finally, the price includes 2GB cloud storage. Norton 360 can automatically take a regular backup of important files to the cloud.

Firewalls

Comodo: The free Comodo firewall uses cloud-based data to to protect your computer against online threats and programs. It is capable of detecting most trojans, worms, hacker attacks and even has a sandbox mode where new programs can be run in a protected, virtual environment to make sure that they are not harmful. In 'game mode', Comodo works silently in the background — useful if you don't want to be disturbed while playing a game or watching a movie. Finally, a built in 'TrustConnect' Wi-Fi feature encrypts and safeguards data transfers when connected to a public network.

ZoneAlarm Pro: The Pro version of ZoneAlarm's Firewall (US$ 30/year) protects your computer against hackers and makes it invisible online by hiding your information. It has a built-in anti-phishing tool that stops fake/infected websites from opening on your system and it even authenticates websites to show you which ones are secure and which are not. If an active download is infected, the firewall automatically suspends the download for protection. It even gives you 2GB online storage where the program uploads and backs up important data that can be restored if required.

Mobile

Avast for Android: Avast's free app provides real time antivirus protection and even offers a firewall that can stop any app from accessing the Internet. It even offers SMS/call filtering, an app task manager and can show access rights of each app installed to detect any data stealing. The app has a strong set of anti-theft features that include lost notification on the phone, SIM lock, SIM change notifications, remote restart, remote wipe as well as the option to remotely locate your phone using GPS. The only thing that this free app skips out on is any sort of data backup service.

VirusBarrier for iOS: This $2.99 app can do on-demand scans of content downloaded on to your iOS device. The program scans for malware, adware and hacker tools on the iOS device which might get transferred and then infect the computer (Windows/MAC/Unix) when the device is connected to it. It can scan through zip files, email attachments, files stored online in Dropbox or on FTP severs and can also scan websites for phishing links or other online threats.

More options for advanced users:

Stay safe while downloading: Using Torrents is not illegal - sharing of copyrighted information is. Having said that, if you are a torrent user and are fed up of internet service providers clamping down on torrent speeds or are wary about your privacy being compromised (because of over-zealous media industry watchdogs), you should consider services like www.peerblock.com and www.btguard. com.

BTGuard's paid service completely hides your computer's IP address and provides a secure, encrypted route for your torrent data. PeerBlock is open source and works in conjunction with www.iblocklist.com. It essentially blocks your computer's communication with advertising or spyware oriented servers, computers monitoring torrents or computers which have been 'hacked' ( botnets).

To learn about, Identity Theft, visit- www.cibilconsultants.com
Source: Secondary

SIM card block? It could be online fraud!

Online banking cheating cases on the rise in city, warn experts

A 35-year-old software engineer working with an information technology (IT) company in Chinchwad got an SMS that her ICICI Bank debit card had been used to make purchases worth Rs93,000. She almost fainted because she had never made any such transaction. But her nightmare did not end there. A short while later she received another SMS saying her debit card had been used to make another purchases of Rs 5,000.

The cases of online banking and mobile transactions are on the rise in the city. The officers of the cyber crime cell (CCC) of Pune police claimed people are not aware about fraudsters and their tricks. As a result, the cases have increased in the city.

The CCC officers said that people do not have adequate knowledge of safety and security measures for online transactions. They said as many as 60 such cases are being registered at different police stations in the city.

Fraudsters are using the technique of blocking the SIM card of the victims’ cellphones to ensure they don’t get alerts from the bank. Senior police inspector Sarjerao Babar of CCC told dna, “The present modus operandi of the fraudsters is to block the SIM card with the help of the telecom company employees. Thereafter, they send an application to the telecom company for a new SIM card on the victim’s name. Once the fraudsters get the new SIM card, they get the bank alerts.”

On that basis, fraudsters submit fake know your customer (KYC) forms on the name of the victim and open new accounts in their name and make transactions. “Thereafter, the fraudsters immediately transfer money to their different accounts,” Babar said.

Analysing the causes for the rise in number of cyber crimes in Pune, Babar said, “As more people use the Internet and cellphones for banking, the number of people falling prey to cyber crimes is increasing. People carrying out bank transactions using the Internet are falling prey to economic offenders on the prowl.”

Deputy commissioner of police (cyber) Sanjay Shinde told dna, “People do not have adequate knowledge of safety and security measures to be taken while carrying out online transactions. We have been trying to spread awareness by giving safety tips in dos and dont’s format. However, many Internet users do not pay enough attention to our advice. In recent cases, we have observed that if the SIM card was blocked, the victims could have contacted the nearest telecom office and get a confirmation on it, but they did not. As a result, the fraud took place.”

                       
Shinde said they had asked bank authorities to create awareness among customers about the latest security measures. “But the banks are slowly proactive in security aspects related to mobile banking,” Shinde said.

Besides, a major chunk of cyber crimes pertain to credit /debit card frauds.

Banks authorities asked to step on it

Deputy commissioner of police (cyber) Sanjay Shinde claimed that they had asked bank authorities to create awareness among customers about the latest security measures and to be vigilant during submission of KYC forms to weed out fake accounts. “But the banks are slow in responding to security aspects related to mobile banking,” he said.

Online shopping tips:

1.  Shop with merchants you know and trust
2.  Check whether the shopping website is secure
3.  Be cautious of unsolicited phone calls or emails from merchants
4.  Read merchant’s refund and exchange policies before making any purchase
5.  Do not share your password
6.  Always print and keep the order confirmation documents
7.  Read the privacy statement
8.  Never enter your personal information on a pop-up screen.

Internet Banking tips:

1.  Keep your passwords/PIN codes safe and memorize them
2.  Check if the online banking website is secure
3.  Log out immediately after you complete your online transaction
4.  Do not copy or click on any links that are not from a known source
5.  Do not respond to emails asking for personal or banking related information
6.  Read privacy and policy statements to ensure that no unauthorized transaction has taken place
7.  Check your account statements regularly

To learn about Identity Theft, visit- www.cibilconsultants.com

Source: Secondary

Magnet for hackers: Internet connected devices

2013 has been an eventful year in the information security space, as information became the most valuable and challenging asset for organisations while being border less and dispersed, as cloud, mobility and “bring your own device” took a stronger hold on businesses. Information security has been immensely threatened with businesses, government and individuals relying on the internet for dynamic needs and cyber criminals have devised more sophisticated methods to trap victims. Blurring boundaries between consumer and business, sophistication in enterprise attacks and dispersion of authority for security within the ecosystem has led to growing concerns over data, financial information and critical infrastructure.

The threats observed throughout the year were in line with the predictions first made by Symantec which saw conflicts between nations, organisations and individuals; using evolved social engineering techniques and cloud based attacks aimed at financial gains, IP and in some cases to bring down the critical infrastructure. Symantec’s report findings also points at India as among world’s top five countries for the highest number of incidences of cyber crime such as ransom ware, identity theft and phishing. India also witnessed a 280% increase in Bot infections, with a sizable percentage coming from cities emerging cities such as Bhubaneswar, Surat, Cochin, Jaipur, Vishakhapatnam, Indore, Kota, Ghaziabad and Mysore.

                                 

As the New Year approaches, we predict that this trend will only further increase as cyber criminals continue to employee more sophisticated and targeted techniques. They will continue to focus their attacks on data stored on the cloud vs. data stored on the network, thus putting a massive challenge for enterprises to handle. Below are Symantec’s top predictions in 2014:

Targeted attacks will increase.

In 2013, we reported on a sophisticated social engineering attack implemented at a French-based MNC who got francophoned, where the administrative assistant to a vice-president received an e-mail referencing an invoice hosted on a popular file sharing service and subsequently received a phone call from another vice-president within the company, instructing her to examine and process the invoice. However, the invoice was a fake and the vice president who spoke to her with authority was an attacker. Incidents like these were observed and we predict that in 2014, these attacks will become commonplace and attackers will further refine these targeted attack tactics to make financial gains.

Perils of social networking

It is tempting to believe that you can move to a new neighbourhood and all your old problems will go away. They don’t in real life and they won’t when it comes to social networking. Any new social network that attracts users will also attract scammers. It has been observed that individuals are increasingly choosing convenience over safety and constantly exhibiting a potentially risky behaviour online. According to the latest Norton Report 2013, 18% social media users connect with people they do not know and 61% access their social network account over unsecure Wi-Fi. Therefore it is important to protect yourself by using security best practices no matter where you are on the internet or how you connect to it .

Internet of vulnerabilities

With millions of devices connected to the internet, in 2014, they will become a magnet for hackers. Security researchers have already demonstrated attacks against smart televisions, medical equipment and security cameras. Already we’ve seen baby monitors attacked and traffic was shut down on a major tunnel in Israel, reportedly due to hackers accessing computer systems via a security camera system. Major software vendors have figured out how to notify customers and get patches for vulnerabilities to them. The companies building gadgets that connect to the internet don’t even realise they have an oncoming security problem. These systems are not only vulnerable to an attack—they also lack notification methods for consumers and businesses when vulnerabilities are discovered. Even worse, they don’t have a friendly end-user method to patch these new vulnerabilities. Given this, we are going to see new threats in ways in which we’ve never seen before.

Cyber criminals will target the weakest links

Third party consultants, suppliers and partners outside the enterprise network as well as business associates in the ecosystem will be the easy targets for attackers as they are the weakest links in the information exchange chain. This includes consultants, contractors, vendors and others who share sensitive information or even have access to the networks of large organisations and government entities. And, it has been repeatedly observed that only a few of these partners have sufficient defenses.

Watch out for dangers in the cloud

Increasingly enterprises and individuals are using public clouds to store and access data. As per the latest Norton Report 2013, 29% individuals in India and 24% across the world are already practicing this trend. And with rise in usage of these platforms for both personal and private information, it is highly likely that we will see this as an easy target for cyber-criminals to penetrate these data-rich cloud platforms for profitable motives.

To learn about Identity Theft, visit- www.cibilconsultants.com
Source: Secondary

Signs that shows You've Been Hacked

In today's threats cape, antivirus software provides little piece of mind. In fact, anti malware scanners on the whole are horrifically inaccurate, especially with exploits less than 24 hours old. After all, malicious hackers and malware can change their tactics at will. Swap a few bytes around, and a previously recognized malware program becomes unrecognizable. 

To combat this, many anti malware programs monitor program behaviors, often called heuristics, to catch previously unrecognized malware. Other programs use virtualized environments, system monitoring, network traffic detection, and all of the above at once in order to be more accurate. And still they fail us on a regular basis.

Here are 11 sure signs you've been hacked and what to do in the event of compromise. Note that in all cases, the No. 1 recommendation is to completely restore your system to a known good state before proceeding. In the early days, this meant formatting the computer and restoring all programs and data. Today, depending on your operating system, it might simply mean clicking on a Restore button. Either way, a compromised computer can never be fully trusted again. The recovery steps listed in each category below are the recommendations to follow if you don't want to do a full restore -- but again, a full restore is always a better option, risk-wise. 

Sure sign of system compromise No. 1: Fake antivirus messages 

In slight decline these days, fake antivirus warning messages are among the surest signs that your system has been compromised. What most people don't realize is that by the time they see the fake antivirus warning, the damage has been done. Clicking No or Cancel to stop the fake virus scan is too little, too late. The malicious software has already made use of unpatched software, often the Java Run time Environment or an Adobe product, to completely exploit your system. 

Why does the malicious program bother with the "antivirus warning"? This is because the fake scan, which always finds tons of "viruses," is a lure to buy their product. Clicking on the provided link sends you to a professional-looking website, complete with glowing letters of recommendation. There, they ask you for your credit card number and billing information. You'd be surprised how many people get tricked into providing personal financial information. The bad guys gain complete control of your system and get your credit card or banking information. For bad guys, it's the Holy Grail of hacking. 

What to do: As soon as you notice the fake antivirus warning message, power down your computer. If you need to save anything and can do it, do so. But the sooner you power off your computer, the better. Boot up the computer system in Safe Mode, No Networking, and try to uninstall the newly installed software (oftentimes it can be uninstalled like a regular program). Either way, follow up by trying to restore your system to a state previous to the exploitation. If successful, test the computer in regular mode and make sure that the fake antivirus warnings are gone. Then follow up with a complete antivirus scan. Oftentimes, the scanner will find other sneak remnants left behind. 

Sure sign of system compromise No. 2: Unwanted browser toolbar 

This is probably the second most common sign of exploitation: Your browser has multiple new toolbar with names that seem to indicate the toolbar is supposed to help you. Unless you recognize the toolbar as coming from a very well-known vendor, it's time to dump the bogus toolbar. What to do: Most browsers allow you to review installed and active toolbar. Remove any you didn't absolutely want to install. When in doubt, remove it. If the bogus toolbar isn't listed there or you can't easily remove it, see if your browser has an option to reset the browser back to its default settings. If this doesn't work, follow the instructions listed above for fake antivirus messages. You can usually avoid malicious toolbar by making sure that all your software is fully patched and by being on the lookout for free software that installs these tool bars. Hint: Read the licensing agreement. Toolbar installs are often pointed out in the licensing agreements that most people don't read. 

Sure sign of system compromise No. 3: Redirected Internet searches 

Many hackers make their living by redirecting your browser somewhere other than you want to go. The hacker gets paid by getting your clicks to appear on someone else's website, often those who don't know that the clicks to their site are from malicious redirection. You can often spot this type of malware by typing a few related, very common words (for example, "puppy" or "goldfish") into Internet search engines and checking to see whether the same websites appear in the results -- almost always with no actual relevance to your terms. Unfortunately, many of today's redirected Internet searches are well hidden from the user through use of additional proxies, so the bogus results are never returned to alert the user. In general, if you have bogus toolbar programs, you're also being redirected. Technical users who really want to confirm can sniff their own browser or network traffic. The traffic sent and returned will always be distinctly different on a compromised computer vs. an uncompromised computer. What to do: Follow the same instructions as above. Usually removing the bogus toolbar and programs is enough to get rid of malicious redirection. 

Sure sign of system compromise No. 4: Frequent random popups 

This popular sign that you've been hacked is also one of the more annoying ones. When you're getting random browser pop-ups from websites that don't normally generate them, your system has been compromised. I'm constantly amazed about which websites, legitimate and otherwise, can bypass your browser's anti-pop-up mechanisms. It's like battling email spam, but worse. What to do: Not to sound like a broken record, but typically random pop-ups are generated by one of the three previous malicious mechanisms noted above. You'll need to get rid of bogus toolbar and other programs if you even hope to get rid of the pop-ups. 

Sure sign of system compromise No. 5: Your friends receive fake emails from your email account 

This is the one scenario where you might be OK. It's fairly common for our email friends to receive malicious emails from us. A decade ago, when email attachment viruses were all the rage, it was very common for malware programs to survey your email address book and send malicious emails to everyone in it. 

These days it's more common for malicious emails to be sent to some of your friends, but not everyone in your email address book. If it's just a few friends and not everyone in your email list, then more than likely your computer hasn't been compromised (at least with an email address-hunting malware program). These days malware programs and hackers often pull email addresses and contact lists from social media sites, but doing so means obtaining a very incomplete list of your contacts' email addresses. Although not always the case, the bogus emails they send to your friends often don't have your email address as the sender. It may have your name, but not your correct email address. If this is the case, then usually your computer is safe. 

What to do: If one or more friends reports receiving bogus emails claiming to be from you, do your due diligence and run a complete antivirus scan on your computer, followed by looking for unwanted installed programs and toolbars. Often it's nothing to worry about, but it can't hurt to do a little health check when this happens. 

Sure sign of system compromise No. 6: Your online passwords suddenly change 

If one or more of your online passwords suddenly change, you've more than likely been hacked -- or at least that online service has been hacked. In this particular scenario, usually what has happened is that the victim responded to an authentic-looking phish email that purportedly claimed to be from the service that ends up with the changed password. The bad guy collects the logon information, logs on, changes the password (and other information to complicate recovery), and uses the service to steal money from the victim or the victim's acquaintances (while pretending to be the victim). What to do: If the scam is widespread and many acquaintances you know are being reached out to, immediately notify all your contacts about your compromised account. Do this to minimize the damage being done to others by your mistake. Second, contact the online service to report the compromised account. Most online services are used to this sort of maliciousness and can quickly get the account back under your control with a new password in a few minutes. Some services even have the whole process automated. A few services even have a "My friend's been hacked!" button that lets your friends start the process. This is helpful, because your friends often know your account has been compromised before you do. If the compromised logon information is used on other websites, immediately change those passwords. And be more careful next time. Websites rarely send emails asking you to provide your logon information. When in doubt, go to the website directly (don't use the links sent to you in email) and see if the same information is being requested when you log on using the legitimate method. You can also call the service via their phone line or email them to report the received phish email or to confirm its validity. Lastly, consider using online services that provide two-factor authentication. It makes your account much harder to steal. 

Sure sign of system compromise No. 7: Unexpected software installs 

Unwanted and unexpected software installs are a big sign that your computer system has likely been hacked. In the early days of malware, most programs were computer viruses, which work by modifying other legitimate programs. They did this to better hide themselves. For whatever reason, most malware programs these days are Trojans and worms, and they typically install themselves like legitimate programs. This may be because their creators are trying to walk a very thin line when the courts catch up to them. They can attempt to say something like, "But we are a legitimate software company." Oftentimes the unwanted software is legally installed by other programs, so read your license agreements. Frequently, I'll read license agreements that plainly state that they will be installing one or more other programs. Sometimes you can opt out of these other installed programs; other times you can't. What to do: There are many free programs that show you all your installed programs and let you selectively disable them. My favorite for Windows is Autoruns. It doesn't show you every program installed but will tell you the ones that automatically start themselves when your PC is restarted. Most malware programs can be found here. The hard part is determining what is and what isn't legitimate. When in doubt, disable the unrecognized program, reboot the PC, and reenable the program only if some needed functionality is no longer working. 

Sure sign of system compromise No. 8: Your mouse moves between programs and makes correct selections 

If your mouse pointer moves itself while making selections that work, you've definitely been hacked. Mouse pointers often move randomly, usually due to hardware problems. But if the movements involve making the correct choices to run particular programs, malicious humans are somewhere involved. Not as common as some of the other attacks, many hackers will break into a computer, wait for it to be idle for a long time (like after midnight), then try to steal your money. Hackers will break into bank accounts and transfer money, trade your stocks, and do all sorts of rogue actions, all designed to lighten your cash load. What to do: If your computer "comes alive" one night, take a minute before turning it off to determine what the intruders are interested in. Don't let them rob you, but it will be useful to see what things they are looking at and trying to compromise. If you have a cellphone handy, take a few pictures to document their tasks. When it makes sense, power off the computer. Unhook it from the network (or disable the wireless router) and call in the professionals. This is the one time that you're going to need expert help. Using another known good computer, immediately change all your other logon names and passwords. Check your bank account transaction histories, stock accounts, and so on. Consider paying for a credit-monitoring service. If you've been a victim of this attack, you have to take it seriously. Complete restore of the computer is the only option you should choose for recovery. But if you've lost any money, make sure to let the forensics team make a copy first. If you've suffered a loss, call law enforcement and file a case. You'll need this information to best recover your real money losses, if any. 

Sure sign of system compromise No. 9: Your antimalware software, Task Manager, or Registry Editor is disabled and can't be restarted 

This is a huge sign of malicious compromise. If you notice that your antimalware software is disabled and you didn't do it, you're probably exploited -- especially if you try to start Task Manager or Registry Editor and they won't start, start and disappear, or start in a reduced state. This is very common for malware to do. What to do: You should really perform a complete restore because there is no telling what has happened. But if you want to try something less drastic first, research the many methods on how to restore the lost functionality (any Internet search engine will return lots of results), then restart your computer in Safe Mode and start the hard work. I say "hard work" because usually it isn't easy or quick. Often, I have to try a handful of different methods to find one that works. Precede restoring your software by getting rid of the malware program, using the methods listed above. Sure 

Sign of system compromise No. 10: Your bank account is missing money 

I mean lots of money. Online bad guys don't usually steal a little money. They like to transfer everything or nearly everything, often to a foreign exchange or bank. Usually it begins by your computer being compromised or from you responding to a fake phish from your bank. In any case, the bad guys log on to your bank, change your contact information, and transfer large sums of money to themselves. What to do: In most cases you are in luck because most financial institutions will replace the stolen funds (especially if they can stop the transaction before the damage is truly done). However, there have been many cases where the courts have ruled it was the customer's responsibility to not be hacked, and it's up to the financial institution to decide whether they will make restitution to you. If you're trying to prevent this from happening in the first place, turn on transaction alerts that send text alerts to you when something unusual is happening. Many financial institutions allow you to set thresholds on transaction amounts, and if the threshold is exceeded or it goes to a foreign country, you'll be warned. Unfortunately, many times the bad guys reset the alerts or your contact information before they steal your money. So make sure your financial institution sends you alerts anytime your contact information or alerting choices are changed. 

Sure sign of system compromise No. 11: You get calls from stores about nonpayment of shipped goods 

In this case, hackers have compromised one of your accounts, made a purchase, and had it shipped to someplace other than your house. Oftentimes, the bad guys will order tons of merchandise at the same time, making each business entity think you have enough funds at the beginning, but as each transaction finally pushes through you end up with insufficient funds. What to do: This is a bad one. First try to think of how your account was compromised. If it was one of the methods above, follow those recommendations. Either way, change all your logon names and passwords (not just the one related to the single compromised account), call law enforcement, get a case going, and start monitoring your credit. You'll probably spend months trying to clear up all the bogus transactions committed in your name, but you should be able to undo most, if not all, of the damage. Years ago you could be left with a negative credit history that would impact your life for a decade. 
These days, companies and the credit reporting agencies are more used to cyber crime, and they deal with it better. Still, be aggressive and make sure you follow every bit of advice given to you by law enforcement, the creditors, and the credit-rating agencies (there are three major ones- CIBIL, Equifax, Experian). 

Malware vector trifecta to avoid:

The hope of an antimalware program that can perfectly detect malware and malicious hacking is pure folly. Keep an eye out for the common signs and symptoms of your computer being hacked as outlined above. And if you are risk-adverse, as I am, always perform a complete computer restore with the event of a breach. Because once your computer has been compromised, the bad guys can do anything and hide anywhere. It's best to just start from scratch. Most malicious hacking originates from one of three vectors: unpatched software, running Trojan horse programs, and responding to fake phishing emails. Do better at preventing these three things, and you'll be less likely to have to rely on your anti malware software's accuracy -- and luck.

If your Credit Score have been hampered because of Identity Theft, contact us- www.cibilconsultants.com

Source: Secondary

Be Smarter Than Technology, If Want to Defeat Cyber Crime

Information Technology(IT) is the driving force of almost all industry. Global markets and business are dependent on this huge and vast world of unseen intelligent radio waves which is practically running our lives today.

Think about those times when there was hardly anything called the internet, networking, mobile, Wi-Fi, GPS, GPRS, Cloud etc a whole new world around us so called virtual real world, in a nutshell IT has given a all new meaning to this global civilization.

Today no more distances matters neither time, with the ever growing technology the focus is getting sharper and clearer, we are one world, every one of us is under one roof, we are connected now.

Discovery of any new earth shattering innovations brings certain disturbances too. We the intelligent minds who thrive and drive our lives today primarily on technology are we safe enough? Do we really always thank this unseen intelligent friend or sometimes this friend gives us real problems?

Yes it does, with the ever increasing tools of communication we get more and more vulnerable to access, today saying hi to someone at north pole is as simple as knocking your next door neighbor. World today is enjoying the advancement of IT but along with that is also facing a battle against piracy and duplicity or rather cyber crime.

Countries across the world are setting up cyber laws to check crime but how effective are these laws are? Or is the thief smarter than the law?

We need to realize and counter this new wave of crime through the unseen radio waves, with the ever growing technology we are doomed to face new challenges but to balance a smart technology you have to be smarter.

Crime Files brings to light the growing online lottery frauds which is getting visible day by day with increase in cases registered. On a normal mail box you will find thousand of offers including strange messages. 

This same format is also used via mobile SMSs Such messages might not work or may not be able to fool people at large but, yes still there are people from small town who get trapped in this net or racket of cheaters and land up paying money in the name of huge gift.
To learn about identity theft, visit www.cibilconsultants.com

Source: Secondary