The entire world is currently worried about containing Covid-19. But at the same time, there is an entire ecosystem that is riding piggyback on this pandemic to carry out financial frauds. And these start right from creating a fake PM CARES link for donations, equated monthly instalment (EMI) moratorium frauds, and malware in real-time apps that provide details of Covid-19 patients near you. Tragically, people are falling for these because of the overall fear. For example, a 46-year-old lost more than Rs 1 lakh after downloading a real-time neighbour-hood patient detection app.
Murali Urs, country manager, India of Barracuda Networks, says: “As much of the world grapples with Covid-19, attackers are taking advan-tage of the widespread discussion in emails and across the web.”
Mobile apps: Currently, there are many virus-related apps, which are actually malware asking for various permissions and inadvertently gain access. Raman Singh, co-founder and CRO, CloudConnect Communications, says: “The department of telecommunications recently announced a list of websites around Covid-19 with high malicious content, including fake maps showing infected users. These require the users to download software for generating counterfeit maps, making it a security concern.” In short, beware of what you download, and more importantly, the permission you give.
Tip: Ask why does the app need to read my SMSes, or permission to record/make calls from my mobile to give me a heat-map?
chart
Email frauds: It is the most typical route for fraudsters to reach out to you, as email database is readily available on the darknet. Himanshu Dubey, director, Quick Heal Security Labs, says: “Some of these emails claim to be from the WHO or some legitimate-sounding names, well-written, and provide information close to the WHO guidelines.” In short, the fraudster lures you into opening an attached file.” Once you open the file, a malicious virus or malware is downloaded on your device, which steals information either by key-logging or pulling browser history. The most significant risk is they can get access to your financial credentials. Urs adds: “Watch out for any communication claiming to be from sources that you normally do not receive emails from.” Phishing emails ask you to open into a very familiar looking website like your bank, but the site is fake and steals your credentials.
Tip: Never save website passwords, as they are easily accessible to info-stealing malware. Always access your financial data by typing your bank’s web address manually in the browser rather than opening links.
Murali Urs, country manager, India of Barracuda Networks, says: “As much of the world grapples with Covid-19, attackers are taking advan-tage of the widespread discussion in emails and across the web.”
Mobile apps: Currently, there are many virus-related apps, which are actually malware asking for various permissions and inadvertently gain access. Raman Singh, co-founder and CRO, CloudConnect Communications, says: “The department of telecommunications recently announced a list of websites around Covid-19 with high malicious content, including fake maps showing infected users. These require the users to download software for generating counterfeit maps, making it a security concern.” In short, beware of what you download, and more importantly, the permission you give.
Tip: Ask why does the app need to read my SMSes, or permission to record/make calls from my mobile to give me a heat-map?
chart
Email frauds: It is the most typical route for fraudsters to reach out to you, as email database is readily available on the darknet. Himanshu Dubey, director, Quick Heal Security Labs, says: “Some of these emails claim to be from the WHO or some legitimate-sounding names, well-written, and provide information close to the WHO guidelines.” In short, the fraudster lures you into opening an attached file.” Once you open the file, a malicious virus or malware is downloaded on your device, which steals information either by key-logging or pulling browser history. The most significant risk is they can get access to your financial credentials. Urs adds: “Watch out for any communication claiming to be from sources that you normally do not receive emails from.” Phishing emails ask you to open into a very familiar looking website like your bank, but the site is fake and steals your credentials.
Tip: Never save website passwords, as they are easily accessible to info-stealing malware. Always access your financial data by typing your bank’s web address manually in the browser rather than opening links.
No comments:
Post a Comment