Identity Theft in India

As the cyber world unveils websites that let you live a ‘second life’, fake identities and identity thefts are fast emerging a menace giving spurt to hate mails and even serious crimes.

Identity theft remains unrecognised by many Indians, but many may already be becoming targets even without realising it, experts say.

One of the fastest growing crimes in the developed nations like United States, it is spreading in developing economies too. According to a website that monitors cyber crimes, in 2006, identity theft complaints made up thirty seven per cent (37%) of all fraud complaints.

With extensive use of social networking sites in India, the young population chatting for hours, however is unaware of the risks involved. Sharing personal information on social networking sites like Orkut, Tagged, hi5, etc. can be hazardous. The delinquents will have no difficulty in using someone’s personal information for their vested interest, cyber experts say.
                                 

There has been number of cases reported in the country where the people were cheated after sharing their personal information on Internet. Latest among them is one of a youth from Mumbai who was murdered, after pals on the net abducted and then killed him, having won his confidence through the network chatting.

“People discuss sex, try to find a dating partner or indulge in ‘cyber romance,’ falling prey to social networking sites. As a result, most of them undergo emotional abuses and have long lasting psychological effects. At least ten victims visits my clinic everyday seeking counselling on ‘abuses’ they had experienced on vast net-world,” says Dr Roma Kumar, Clinical Psychologist with Sri Ganga Ram Hospital.

“Youngsters, mostly school goers are unaware of the risk involved in sharing personal details on Internet. Some do it for fun rest to explore answers to their queries. But most of them later suffer owing to ignorance and lack of information,” she says.

“We receive 10-20 cases of identity thefts mainly on cyberfrauds monthly. The cases of cyber-crimes are increasing in the country,” says Sanjay Singh, CEO of Indian Detective Agency.

“We get number of inquiries asking us for the tips to protect against identity theft,” he adds.

“Once I got a call from a person asking me about legal proceedings pertinent to cyber crimes. He was actually duped by an imposter who posed herself as a Bollywood actress and asked him some money citing personal reasons and said that she (Imposter) would marry him, if he agrees to pay the asked amount. That person got carried away and deposited money in the bank account given to him. Later, as obvious, it was found to be a cyber fraud and he was robbed off with his money”, says G Venkatesh Rao, a Supreme Court lawyer.

“People should be careful while using networking sites. They should avoid using very personal information like mobile number, credit card and bank account detail, date of birth to avoid identity theft,” says Rao.

To learn about Identity Theft, visit- www.cibilconsultants.com
Source: Secondary

Magnet for hackers: Internet connected devices

2013 has been an eventful year in the information security space, as information became the most valuable and challenging asset for organisations while being border less and dispersed, as cloud, mobility and “bring your own device” took a stronger hold on businesses. Information security has been immensely threatened with businesses, government and individuals relying on the internet for dynamic needs and cyber criminals have devised more sophisticated methods to trap victims. Blurring boundaries between consumer and business, sophistication in enterprise attacks and dispersion of authority for security within the ecosystem has led to growing concerns over data, financial information and critical infrastructure.

The threats observed throughout the year were in line with the predictions first made by Symantec which saw conflicts between nations, organisations and individuals; using evolved social engineering techniques and cloud based attacks aimed at financial gains, IP and in some cases to bring down the critical infrastructure. Symantec’s report findings also points at India as among world’s top five countries for the highest number of incidences of cyber crime such as ransom ware, identity theft and phishing. India also witnessed a 280% increase in Bot infections, with a sizable percentage coming from cities emerging cities such as Bhubaneswar, Surat, Cochin, Jaipur, Vishakhapatnam, Indore, Kota, Ghaziabad and Mysore.

                                 

As the New Year approaches, we predict that this trend will only further increase as cyber criminals continue to employee more sophisticated and targeted techniques. They will continue to focus their attacks on data stored on the cloud vs. data stored on the network, thus putting a massive challenge for enterprises to handle. Below are Symantec’s top predictions in 2014:

Targeted attacks will increase.

In 2013, we reported on a sophisticated social engineering attack implemented at a French-based MNC who got francophoned, where the administrative assistant to a vice-president received an e-mail referencing an invoice hosted on a popular file sharing service and subsequently received a phone call from another vice-president within the company, instructing her to examine and process the invoice. However, the invoice was a fake and the vice president who spoke to her with authority was an attacker. Incidents like these were observed and we predict that in 2014, these attacks will become commonplace and attackers will further refine these targeted attack tactics to make financial gains.

Perils of social networking

It is tempting to believe that you can move to a new neighbourhood and all your old problems will go away. They don’t in real life and they won’t when it comes to social networking. Any new social network that attracts users will also attract scammers. It has been observed that individuals are increasingly choosing convenience over safety and constantly exhibiting a potentially risky behaviour online. According to the latest Norton Report 2013, 18% social media users connect with people they do not know and 61% access their social network account over unsecure Wi-Fi. Therefore it is important to protect yourself by using security best practices no matter where you are on the internet or how you connect to it .

Internet of vulnerabilities

With millions of devices connected to the internet, in 2014, they will become a magnet for hackers. Security researchers have already demonstrated attacks against smart televisions, medical equipment and security cameras. Already we’ve seen baby monitors attacked and traffic was shut down on a major tunnel in Israel, reportedly due to hackers accessing computer systems via a security camera system. Major software vendors have figured out how to notify customers and get patches for vulnerabilities to them. The companies building gadgets that connect to the internet don’t even realise they have an oncoming security problem. These systems are not only vulnerable to an attack—they also lack notification methods for consumers and businesses when vulnerabilities are discovered. Even worse, they don’t have a friendly end-user method to patch these new vulnerabilities. Given this, we are going to see new threats in ways in which we’ve never seen before.

Cyber criminals will target the weakest links

Third party consultants, suppliers and partners outside the enterprise network as well as business associates in the ecosystem will be the easy targets for attackers as they are the weakest links in the information exchange chain. This includes consultants, contractors, vendors and others who share sensitive information or even have access to the networks of large organisations and government entities. And, it has been repeatedly observed that only a few of these partners have sufficient defenses.

Watch out for dangers in the cloud

Increasingly enterprises and individuals are using public clouds to store and access data. As per the latest Norton Report 2013, 29% individuals in India and 24% across the world are already practicing this trend. And with rise in usage of these platforms for both personal and private information, it is highly likely that we will see this as an easy target for cyber-criminals to penetrate these data-rich cloud platforms for profitable motives.

To learn about Identity Theft, visit- www.cibilconsultants.com
Source: Secondary

Prevent Identity Theft- Follow the Tips by Experts

Identity Theft is one of the by-product of technological evolution. World was more secure when there was no internet, photocopier or scanner. Identity Theft can be disastrous for any individual. Recently one lady's Home Loan was rejected because of low CIBIL Score. She was advised to pull out CIBIL Report. When  checked, her CIBIL Report, found that Rs 200000 outstanding was written off against her credit card. She never applied for this credit card. The credit card was issued at her old Delhi address before she shifted to Mumbai. It was a clear case of Identity Theft. 
Worst part is that complete onus is on an individual to prove that he is victim of Identity Theft. 

Normally on internet, the discussion on Identity Theft revolve around Online Identity Theft i.e. through internet. Offline Identity Theft is more dangerous and easy to execute. Secondly, there is more organized mafia whose job is find potential victims for Identity Theft. Mostly observed that online Identity Theft is because of mistake from user end which could have been easily avoided but scope of offline Identity Theft is vast. In this post we will discuss tips and tricks to prevent offline identity theft.

1. Photocopy of Documents: It was quite interesting episode, of one of TV serial, lady A gave her documents for photocopy and told shopkeeper that she will collect in 2 hours. Somehow fraudster steal the copy of documents. Documents were misused by fraudster to get job in Lady A’s  name. Fraudster committed fraud in her company and poor Lady A was caught based on documents. Though police finally caught the real culprit but imagine the trauma undergone because of Identity Theft.

Photocopy shops are soft and easy target for identity theft. With advancement of technology, photocopy machine can retain scanned copy of documents. It is advisable to take photocopy at home through printer only. If it is absolutely necessary to photocopy from outside because of volume then you should get it done only from known shopkeeper. You can also keep extra copies at your home for emergency.

2. Handover Documents only to Bank Executive and Take Acknowledgement: During our day to day financial transactions, we have to handover some imp documents to bank like PAN, Address proof etc. A businessman handed over his originals to employee and send him to bank for any such work. Yes, it is not feasible for businessman to do everything on his own. At the same time it is suicidal to handover either original or photocopy to 3rd party. It is advisable to handover documents only to authorized bank executive and insist on acknowledgement. In relevant document, also mention the details of documents submitted by you with the bank.

3. Watermark: One of the critical step to safeguard your identity is to watermark all the scanned documents and then take photocopy. Only use watermark copy for any future use. Watermarked copies are very difficult to temper with. Watermarking can be done using software like pdf writer or image editor. Though its a tiring job but you have to do only once in a lifetime.

4. PAN: Obtaining a PAN is one of the simplest govt process in my opinion. Last year CBDT madeverification of originals mandatory for PAN to reduce PAN based frauds. Analysts termed it as “Step Back”, “Return of License Raj”, “Bottle Neck” or “Retro Grade” step. Being an election year and under pressure from govt, CBDT withdrew the circular. PAN is lifeline for doing any financial transaction and process is so lax that anyone can manipulate.

PAN is one of the most misused document for financial frauds and is heart & soul of identity theft. PAN should not be issued / re-issued without verification of originals even if it cause inconvenience to general public. People don’t realize that its for their benefit only.

5. Inquiry in CIBIL Report

PULL out your CIBIL report atleast once in 6 months or preferable once every quarter. One of the important section to look out is “Inquiry Information”. Please check any suspicious entry in the report e.g. if bank A has posted entry related to Enquiry for issuance of Credit Card with credit limit 1 lakh. In case,  you have not applied for any such credit card then immediately you should bring it to the notice of the bank. Prevention is always better than cure and checking “Inquiry Information” in CIBIL Report is one such prevention.

6. Social Media: . An open invitation to Identity Theft, social media is one of the most dangerous place if not handled responsibly and with caution. Even Afghanistan, Iraq and Somalia will rank after Social Media. Social Media is emerging as a new crime hub both for financial and non-financial crimes.

“Too Little on Social Media can be Too Much”. It is advisable to draw a thick line between privacy and social interaction before you post anything through social media channels. Privacy should not be compromised at all and at any cost. Remember for a small mistake you have to pay heavy price.

7. Letter Box: In the age of internet and email, people don’t check their letter box for months. It is quite visible from overflowing letter boxes next to mine in my apartment complex. Its again an open invitation for Identity Theft. We receive bills and statements through snail mail and anyone can easily steal your identity using these document. It is advisable to check your letter box regularly to prevent identity theft.

8. Change of Mobile or SIM: Now a days most of the people change their mobile every 6 months. Also many of us have habit of storing important information on mobile like bank account no, PAN, Passwords, PIN etc. As mobile is personalized device therefore danger of Identity Theft through mobile is manifold. It is advisable that all the data from mobile should be deleted when you are changing it. Mobile should be restored to factory settings. Remove micro SD card and also remove all installed applications. Log out from all accounts sync with the device and most importantly remove SIM card (if you are opting for Nano SIM in new device).

9. Purpose of document: Whenever you are handing over photocopy of your documents, don’t forget to mention the purpose for which the documents is being handed over. For example, if you are submitting document for Ration Card then don’t forget to mention on Watermarked document “Purpose: Application for Ration Card” in either Red or Blue Pen. It will help to prevent identity theft. Secondly, if fraudsters realize that particular person has taken necessary steps to prevent identity theft then they don’t mess around. Only people caught unaware become victims of identity theft.

10. Date of Birth: Besides PAN, DOB is important piece of information for Identity Theft.  Birth Certificate was not mandatory earlier but now it is also one of the important document.

11. Beware of Freebies: Last but not the least and most crucial. Don’t share your DOB, mobile no, name etc through feedback forms in Restaurants or to participate in some lucky draw. You can politely say NO. There are no free lunches in this world but others should not have free lunch at your cost.

Learn more about identity theft at www.cibilconsultants.com
Source-secondary

Someone Stole you?

As the cyber world unveils websites that let you live a ‘second life’, fake identities and identity thefts are fast emerging a menace giving spurt to hate mails and even serious crimes.

Identity theft remains unrecognized by many Indians, but many may already be becoming targets even without realizing it, experts say.

One of the fastest growing crimes in the developed nations like United States, it is spreading in developing economies too. According to a website that monitors cyber crimes, in 2006, identity theft complaints made up 37 per cent of all fraud complaints.

With extensive use of social networking sites in India, the young population chatting for hours, however, is unaware of the risks involved. Sharing personal information on social networking sites like Orkut, Tagged, hi5, etc. can be hazardous. The delinquents will have no difficulty in using someone's personal information for their vested interest, cyber experts say.

There has been number of cases reported in the country where the people were cheated after sharing their personal information on Internet. Latest among them is one of a youth from Mumbai who was murdered, after pals on the net abducted and then killed him, having won his confidence through the network chatting.

“People discuss sex, try to find a dating partner or indulge in ‘cyber romance’, falling prey to social networking sites. As a result, most of them undergo emotional abuses and have long lasting psychological effects. At least ten victims visits my clinic everyday seeking counselling on 'abuses' they had experienced on vast net-world,” says Dr Roma Kumar, Clinical Psychologist with Sri Ganga Ram Hospital.

“Youngsters, mostly school goers are unaware of the risk involved in sharing personal details on Internet. Some do it for fun rest to explore answers to their queries. But most of them later suffer owing to ignorance and lack of information,” she says.

“We receive 10-20 cases of identity thefts mainly on cyber frauds monthly. The cases of cyber-crimes are increasing in the country,” says Sanjay Singh, CEO of Indian Detective Agency.

“We get number of inquiries asking us for the tips to protect against identity theft,” he adds. “Once I got a call from a person asking me about legal proceedings pertinent to cyber crimes. He was actually duped by an imposter who posed herself as a Bollywood actress and asked him some money citing personal reasons and said that she (imposter) would marry him, if he agrees to pay the asked amount. That person got carried away and deposited money in the bank account given to him. Later, as obvious, it was found to be a cyber fraud and he was robbed off with his money,” says G Venkatesh Rao, a Supreme Court lawyer.

“People should be careful while using networking sites. They should avoid using very personal information like mobile number, credit card and bank account detail, date of birth to avoid identity theft,” says Rao.

“All laws related to cyber crimes including those of identity thefts by means of transactions carried out by electronic data interchange and other means of electronic communication are contained in Information Technology Act, 2000,” he says.

“Though, harsh punishment to offenders, Protection through Internet Service Providers and generating awareness among masses can be a better solution. But personal awareness and following net-etiquette will be a permanent remedy to it,” Rao adds.

There have been many incidents of identity thefts including those of ‘Phishing’ (hoax mails) but most of them go unreported as people either do not take it seriously or are simply ignorant of the possible damage, say experts.

“I was quite disturbed after receiving credit-card bill, issued in my name and address, of more than Rs15,000. What was more surprising is that I didn't have any credit card at all. It was just a month after I applied for one with the bank,” says Vindhyachal Pandey, an executive with a telecom firm.

“Although in the year 2006 only, a total of 335 phishing incidents were reported by various National and International agencies, on an average 28 incidents in a month. There was progressive increase of phishing incidence noticed in the second half of the year," says Anirban Sen Gupta, Principal

Consultant with a consulting firm with worldwide presence.

“On contacting bank for further information I was told that the credit card in my name was issued five days after submission of my application and the concerned courier service had my acknowledgement proving delivery of the card. I was helpless and decided to take help of a detective agency to probe in to the matter,” says Pandey.

There are many like Vindhyachal who are approaching detective agencies to investigate identity thefts. Experts categorise Identity theft into four - Identity Cloning (using another's information to assume his or her identity in daily life), Business/Commercial Identity Theft (using another's business name to obtain credit), Financial Identity Theft (misusing another's name) and Criminal Identity Theft (posing as another when apprehended for a crime).

Many leading companies being required to pay hefty compensation to the victims whose personal information has been stolen by hackers. Even companies incur great loss due to these identity hackers as they damage websites after cloning it and then by making unauthorised changes.

According to Gartner Survey, the financial losses from phishing attacks stood around USD 2.8 Billion in the year 2006. “The most widespread phishing attacks reported were carried out against e-commerce sectors which include online retailers and auction sites. The second most targeted sector was banks including financial institutes that accounted for 24 per cent of the total number of incidents reported in 2006,” says Anirban.
To learn about Identity Theft, visit, www.cibilconsultants.com
Source: Secondary

Social networking mail Id should not be used for online transactions

Chandigarh: Security software maker Symantec advised internet users not to use e-mail ids being used for social networking sites like Facebook, Twitter for carrying out online banking or business transactions in order to prevent stealing of financial data. 

"They (internet users) should be more cautious while on social networking sites. They should have separate e-mail id for social networking site and other e-mail id for carrying out transactions like banking," Symantec MD Shantanu Ghosh told reporters here while replying to a query steps needed to be protected from cyber attack on social networking sites. "

We have observed that on social networking sites, people usually share their detail including personal ones with their friends as well as with those whom they do not know much and here they face the risk (of being attacked)," he said. "

Cyber attackers then can try to get into your e-mail ids through malware on these sites and try to steal vital information like credit card information," he said. He said not to click on any "untrusted" link in their e-mails or social networking site as it also poses threat of stealing important financial information of the user. 

Ghosh also cited an example when a malware in the name of bollywood female actor Katrina Kaif video was received by internet users on their e-mail ids in India and later it was found that the malware was intended to steal credit card information of the user. Acknowledging that the number of malwares in the cyber world has grown to millions in India in last few years, he also stressed on be cautious on framing a secure password for their e-mail ids to avert any cyber attack. 

"Some users use e-mail password as wife's birth date or anniversary day or birth year and most of these details are available on their social networking site account and it can also be misused by cyber attackers," he said. He added that small and medium business in cities like Chandigarh, Surat, Jaipur are facing the threat of cyber attack because of less spending by small entrepreneurs on security technology and growing use of internet. 

"Small cities, including Chandigarh, are sharing good amount of malware activity...(because) these companies are not spending much on security technology which makes them vulnerable to cyber attack," Ghosh said. He said increasing use of broadband and low awareness among entrepreneurs about malwares are also some of the reasons behind their vulnerability of cyber attack. 

"Augmented by broadband penetration, smaller and emerging cities of India are exploring opportunities offered by the virtual world in turn creating a new lucrative pool of targets for cyber criminals to exploit," he said. As per the Symantec Internet Security, a sizeable 25 per cent of small and emerging cities like Chandigarh, Surat, Cochin, Jaipur are infected by malwares.

Protect yourself from Identity Theft. Visit www.cibilconsultants.com

Source: Secondary