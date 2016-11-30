Lack of cyber awareness makes users vulnerable to fraud, say experts

A couple of weeks ago a ‘Whatsapp video calling invite’ which has nothing to do with the actual app was widely circulated in the instant messaging app. Earlier, a majority of the people, including the tech-savvy, believed in the hoax of the new Rs. 2,000 note coming with a nano chip that went viral on Whatsapp and social media.

Cyber security experts and ethical hackers cite the two incidents as a testimony to the poor cyber awareness levels.

In the aftermath of the cash crunch that affected the masses, Chief Minister N. Chandrababu Naidu started calling people to use digital wallets and online banking and also announced free phones. The Prime Minister followed suit and urged people to move to cashless society. However, the need for cyber awareness and security seem to have been largely ignored.

“Cyber security has become a concern with the increasing use of digital wallets and banking applications on mobiles. Eighty per cent of the people have no cyber awareness which is a serious problem,” said D. Sai Satish, ethical hacker and CEO of Indian Servers, a software firm.

‘Social engineering’

Terming the phenomenon as “social engineering”, Mr. Satish said, “It is the art of manipulating people in the real world and getting their confidential information. This can be done with or without the knowledge of a particular person. Miscreants physically access the phone and install a spy ware app in less than a minute. Once spyware is installed every keystroke of the mobile will be recorded and sent to the master app on the miscreant’s mobile,” he said.

Also, all the OTPs, user IDs and passwords can be read simultaneously by the third person. And the digital wallet apps are not KYC-compliant.

One can also get a duplicate SIM card by asking the SIM owner to switch it off for two hours by making them believe that the request has come from the mobile service provider’s help centre. Using the duplicate SIM card, a miscreant can quite easily access the bank accounts and digital wallets of a mobile user. Having digital wallet on a mobile means the device must not be shared with anyone. “Even giving the phone for repair at a service centre may cost you dear,” said Mr. Satish.

Foolproof system needed

“It is good that the government is encouraging cashless transactions, but before that the government must develop a system to tackle cyber attacks as well as create awareness among the public. Ironically, none of the bank apps or digital wallets offers services in regional languages, which is strange in a multilingual country,” said Dr. Kanneganti Ramesh Babu, Director, Research & Strategy eSF Labs Ltd., a cyber security and digital forensics research centre.

“All the banking apps, digital wallets can be cracked and every device is vulnerable to threats. But the hackers do not simply break into a common man’s mobile as it is a matter of investment of time and efforts by several hackers,” he added.