Cyber Frauds and Covid-19 | 15 Apr 2020
Why in News
The Covid-19 outbreak presents a global challenge for the medical fraternity and society as well as for law enforcement agencies, due to the rising cases of cyber crime.
- Novel ways (fake accounts and exploiting vulnerabilities of various applications) of defrauding people using information and technology are being used to siphon off the money.
- The lockdown has forced employees to work from home. Use of public platforms may result in loss of confidential data if an organisation does not have its own infrastructure and does not use VPN (Virtual Private Network) for accessing its resources.
Recent Cases of Cyber Fraud
- Fake UPI of PM CARES Fund
- An alert has been issued about phishing of the UPI (Unified Payments Interface) ID of the PM CARES Fund, in which the offender created a similar-looking ID to deceive users.
- UPI is a real-time payment system developed by National Payments Corporation of India (NCPI) for inter-bank transactions.
- The interface is regulated by the Reserve Bank of India and instantly transfers funds between two bank accounts on a mobile platform. The NPCI keeps a record of all the accounts and transactions.
- An alert has been issued about phishing of the UPI (Unified Payments Interface) ID of the PM CARES Fund, in which the offender created a similar-looking ID to deceive users.
- Facebook Fraud
- Cases have been reported of fake Facebook accounts where money has been fraudulently asked for the treatment of alleged patients by hacking their accounts.
- Zoom App Mishap
- The Computer Emergency Response Team-India (CERT-In) circulated a vulnerability note giving Zoom a ‘medium’ security rating.
- The permission to Zoom for accessing the user’s microphone, web-cam and data storage can result in hijacking and loss of private data.
- ‘Zoomraiding’ or ‘Zoombombing’ can be started, in which hate speech, pornography or other content is suddenly flashed by disrupting a video call on Zoom.
- In the app, meeting IDs can be shared through a link, on screen and other mediums which give the chances to uninvited guests to join a meeting and gain access to sensitive information.
Solutions
- Payments Related:
- Verification of the destination UPI ID, blocking a stolen mobile phone with a UPI-enabled app and adherence to the KYC guidelines issued by the RBI.
- Social Media Related:
- Following best practices to protect privacy.
- Videoconferencing Related:
- Staying cautious while using free apps for confidential meetings and using organisational infrastructure to ensure authentication, access control and integrity of data through VPN or other options.
- Interpol’s Advisory
- People are recommended to avoid opening suspicious emails and clicking links in unrecognised emails and attachments, backup files regularly, use strong passwords, keep softwares updated, etc.
- In guidelines for law-enforcement agencies, Interpol warned about the emerging trend of false or misleading advertisements about medical products, setting up of fraudulent e-commerce platforms, phishing etc during the pandemic.
- A person should report the police immediately if he/she becomes the victim.
- Computer-related wrongs are covered under the Information Technology Act (IT Act), 2000 and wrongdoers are liable for penalty, compensation and criminal liability in appropriate cases.