Subros
Legal
Connect DECEMBER
2015
Subros and Associates Solicitors and Advocates
Cyber@Legis Cyber Law
CYBER
Subros
Crime Pays ?
Cyber@Legis Cyber Legis Cyber Law CYBER
Subros
DON’T LOGIN LINKS IN EMAILS ! Or go to www.iamstupid.com
Cyber@Legis Cyber Legis Cyber Law CYBER
Subros
In association with
Cyber@Legis Cyber Legis
Fighting Cyber Fraud
CYBER
Subros
Your Date of Birth, Adhaar Number, Bank Account number, Credit card number, you wouldn’t give it to me if I asked…..but you would happily if the same pops up in your email…. Welcome to the big bad world of
PHISHING.
Its where my cyber crook friends, dine, wine and make merry…. All at your expense.
“Phishing is the attempt to acquire sensitive information such as usernames, passwords, and credit card details (and sometimes, indirectly,
money),
often
for
malicious
Subros reasons, by masquerading as a trustworthy entity in an electronic communication.”
Email has for long been the favourite “phishing” ground , for the process has been painstakingly simple and outrightly effective. All they do is to call upon our basic human instincts. Be it a free stuff (an iPhone may be), or a warning (your bank just shot an email about a transaction you havn’t done), or a scare (like an invoice for an iTunes purchase you know you didn’t make).
Subros
There is always that urgency involved calling upon you to take action right away‌ You open an email or text, and see a message like this: "We suspect an unauthorized transaction on your account. To ensure that your account is not compromised, please click the link below and confirm your identity." "During our regular verification of accounts, we couldn't verify your information. Please
Subros click
here
to
update
and
verify
your
information." “Our records indicate that your account was overcharged. You must call us within 7 days to receive your refund.” “ Your account shall be closed or the bank shall take other action if you don’t respond. The senders are phishing for your information so they can use it to commit fraud. And presto there’s an inviting clickable link for the purpose, to take you to a signup page (to register for the iPhone), or a login screen (for internet banking), or an account summary page (to contest the fraudulent purchase).
Subros And the dumb man that I am, totally inarticulate in the way the world wide web works (www.iamstupid.com) I fill in my personal details, my password, my bank account number, my credit card number, my PAN , my Adhaar and so on, and click
[Submit] …… all because that iPhone 6s is got to be mine….
It’s the oldest trick of the trade, not ingenious but effective….
Subros Crime pays…. Who said it doesn’t…..poof ….my account is hacked, my bank account got wacked, my credit card got swiped and a whole lot of my friends received emails that I needed money as I was travelling and had lost my belongings and the good Samaritans that they are ( don’t I always choose my friends wisely, as I come to know later), had bank transferred royal sums to a bank account which I didn’t own….
The crooks had done their homework. The web form that appeared looked “the original”- a replica of my
Subros bank account complete with layout and
logos and
straight from my bank, or from iTunes, or wherever.
Only then did I find out that I had just submitted all that I owned ( my id, my password, my account details etc.) to a bunch of crooks instead of to the real site. Its my money which I won’t ever get back.
Check it out - is my advice: The web has no friends. friends
Subros Have you checked on - the website name in the address bar. It will be wrong, eg it wont have the name of your bank. - or the web page will be unencrypted (no padlock – I call it the closed lock without a key) - It wont start with https: (meaning an unsecured site) - Is it asking for personal information that you won’t even give me…. Your best friend
Subros
Don't email personal or financial information. Email is not a secure method of transmitting personal information. Only provide personal or financial information through an organization's website if you typed in the web address yourself and you see signals that the site is secure, like a URL that begins https (the
"s"
Unfortunately,
indicator
no
stands is
for
secure).
foolproof;
some
phishers have forged even security icons.
And remember the Reserve Bank or Your Bank never asks for your personal information online.
Subros
But here’s an even easier way to protect yourself:
DON’T CLICK LOGIN LINKS IN EMAILS IN THE FIRST PLACE! Well if you have already done that….. Visit me at WWW.IAMSTUPID.COM..... This site is still up for sale.
Subros
About the author
SANDEEP SURI is a practicing Lawyer, Electronics Engineer Chevening Scholar and Editor - Punjab Law Reporter CYBER
Subros
Cyber@Legis Legis Cyber Cyber Law Firm cyberlegis@gmail.com 158 Sector 33A / Chandigarh / India / 160020 (0172)- 2621158, +91 9463598502
Subros and Associates Solicitors and Advocates
subros.associates@gmail.com 232 Sector 19A / Chandigarh / India / 160019 (0172)- 2775288, +91 9216884502
INSURANCE
BANKING
CYBER
CONSUMER
COMPANY