As our world becomes increasingly interconnected and digitally dominated, cybersecurity and cybercrime take centre stage with various threats emerging from the dark web. Phishing attacks, ransomware infiltrations, personal data theft and financial scams pose unique threats to individuals and organisations alike, leaving a trail of disrupted operations and financial repercussions in their wake.
According to an editorial in India Today, the RBI estimates debit and credit card frauds at ₹119 crore, ₹155 crore and ₹276 crore during the past three fiscal years. The magazine also reports Delhi, Haryana, Gujarat, AP, UP, Bihar, Assam, West Bengal and Jharkhand as the top ten cybercrime hotspots in India. Around 700,000 complaints were registered in April 2023 for online frauds on 1930, the helpline run by the National Cyber Crime Reporting Portal; UP, tops the list with 1,20,938 complaints.
Rotary Club of Ahmedabad Greater, RID 3055, along with Interactors, recently organised an online programme where Rizwan Shaikh, an ethical hacker and a cyber law consultant, shed light on cyber threats and measures to safeguard our virtual space.
“Your gullibility and greed are the primary capital for cyber criminals. Never click on any unknown link or website. They can rob you of your hard-earned money and take control of your digital space,” said Shaikh. He cited the IP (Internet Protocol) address as the key to a hacker to get all digital information about his target. It is the unique identity assigned to every user using a computer network. A link is sent as a bait to the target to gain access to the IP address, and the rest is a cakewalk for the hacker.
“Clicking on a wrong link may also result in inserting malicious software (malware) and viruses into your mobile phones or computer,” he said. Warning about the Trojan malware, he said that it is sent through an innocuous looking link which when clicked gets lodged on to your phone/computer. “Trojan can instal a remote access/screensharing app such as Anydesk, get access to the victim’s calls, track locations, contacts, messages, record conversations, and even switch on the video camera. Ransomware locks and encrypts the system and the hacker demands money in the form of cryptocurrency or cyber money. Some links lure the target into making a token payment online so as to lift the PIN or password, or “urge you to scan a QR code that debits money away from your account.”
He gave a list of dos and don’ts to stay safe online. Always visit the official website of bank/merchant for correct customer care number; keep your contact details updated with the bank to get transaction alerts; secure your debit/credit cards and set daily limit for transactions; use strong passwords and report any unauthorised transaction to your bank to prevent further loss.
Do not enter your UPI PIN or scan QR code to receive payments; or save your banking username/password in the web browser or your device; click any link shared in SMS/mails threatening to block your bank account; download third-party apps that promise to resolve your complaints, or share your ID/password/OTP/CVV with anyone claiming to be a bank representative, he explained. “A little common sense and logic can go a long way in saving you from heavy losses and stress.”
Talking about careers and opportunities in cyber security, Shaikh provided insight into ethical hacking. “It is hacking into a system or app, not to damage, but to check its vulnerability, test for security breaches, patch loopholes and make it hack-proof. Most countries, unlike India, have ethical hacking included in their cyber law book,” he said. Other opportunities include VAPT (Vulnerable Assisted and Protective Testing) applied in cyber audit. VAPT experts are scarce in India and it is a niche field, he said. He urged youngsters to explore careers in network and web security, and cyber law guidelines.