Rahul Tripathi & Tanvi
NEW DELHI: When exporter Pavan Kumar Aggarwal checked his bank account in Noida last week, he was in for a shock. A whopping Rs 1.66 crore was missing, he claims. What’s more, the money, he alleged, had been siphoned off to accounts in other banks through netbanking — the transactions had taken place over a period of five days.
Aggarwal’s case got highlighted because of the large sum of money involved. But according to the Delhi Police, the case is not an isolated one and every year, around 200 complaints are received and the figure is rising though few cases are actually registered.
In Delhi, three cases of netbanking fraud were registered till September this year. And a fourth one was filed on Monday. Vivek Bhatia filed a complaint with the police that an amount of Rs 5 lakh had been siphoned off from two different accounts of a leading bank. ‘‘ I have two accounts with my bank, and on October 10 and 11, money was transferred into other accounts through netbanking,’’ he said.
Most of the cases involve an amount less than Rs 1 lakh which are not investigated by the economic offences wing and are instead referred to the local police who are not equipped to handle such cases, a fact disputed by senior officials.
“The local police is well equipped to handle such cases. We provide them technical knowledge and assistance is also given when it comes to cyber investigation. More officers of various ranks are being imparted cyber education to handle such cases at the police station level,” said an officer.
According to the police, most of the frauds take place due to the carelessness of the customer. “Banks should urgently impart awareness among customer about internet banking. We have been advising banks to take various measures to make their system more safe and secure and at the same time educate customers,” said additional commissioner of police (EOW) SBK Singh. Singh added that customers needed to be very careful while carrying out online transactions.
Under no circumstances should they give out personal or official information to anyone claiming to represent a bank in order to avoid phishing scams. The banks also need to upgrade their system to tackle phishing attacks and hacking.
One of the more prominent cases of phishing involved six bank accounts from where money was withdrawn by two persons, including a Nigerian national, in August this year. The two were later arrested by the Delhi Police.
The phishing site of Axis Bank was created somewhere in Nigeria in collusion with another Nigerian identified as Kenneth (32) in India. He came to India on a student visa, said police.
Kenneth roped in one Arun Kumar who had an account at the bank’s Tughlaq Road branch. The Nigerian used to buy grocery from Kumar’s shop and told him that if Kumar provided him with his bank account number, he would immediately pay off his pending grocery bills and give some extra money as well. As soon as Kumar parted with his details, someone in Nigeria floated a fake website of Axis Bank.
He then sent emails to six people at different places in India, asking about their account details on the pretext of data upgradation. Once the details came in, the person in Nigeria transferred money into Kumar’s account from the other six accounts through netbanking.
Next morning, Kumar went to the branch at Khan Market to withdraw the money but the bank official grew suspicious and detained him. Later, the police registered a case and arrested both Kumar and Kenneth for the fraud.
Other than phishing, another popular method among online scamsters is hacking. Cops investigating Aggarwal’s case said his account was hacked and the money transferred .
Explaining the modus operandi, a senior officer said, “A hacker is much more than an average thief. He gets into the system with the help of a spyware and steals information. The hacker is always on the lookout for unsecured systems and files.
The spyware usually comes in the form of a virus. This spy transports all files pertaining to bank accounts to the hacker. Therefore, it is advisable not to store much information about your accounts on your computer or email which is unsecured.”
Another interesting observation made into the frauds was most of the emails originated abroad and in some cases the money was transferred to accounts abroad. “In cases where the money is transferred to an account in India, we can trace them.
But most of these accounts are operated on fictitious names and addresses and the trail goes cold once the money is withdrawn by the accused. Therefore, it is very important for the victim to alert his bank as soon as he notices the fraud. Mobile banking can be useful as it alerts you instantly after any transaction is made,” said a senior officer of the cyber crime cell.
Meanwhile, bankers claimed that the technology used by them was not flawed. ‘‘ Net banking is very widely used these days and over 70% of our custo
mers operate the facility. It involves risks when certain important procedures are not followed .
Our branch, however, has never received any complaint or encountered any mischievous incident in this regard,’’ said Swati Lakhotia, manager, customer relations, Deutsche Bank, Noida branch.
Generally, an accepted method of keeping hackers at bay is frequently changing passwords. This, however, is not enough.
‘‘ Customers should make sure that their net connection is secure. Unsecured wifi and broadband connections can be misused by professional hackers to obtain confidential details regarding an account. The best way is to operate your account at home or on a personal computer,’’ added Lakhotia.
Another modus operandi adopted by cheats is stealing data from public computers . The fraud here takes advantage of unsecured cyber cafes. Sometimes, the cafe owners are hand-in-glove with the thugs, said an officer. Some banks have started providing virtual keyboards to deter hackers. And this is particularly helpful while using unsecured connections.
The banks claim that they upgrade their systems from time to time to ensure account security. Piyush Sood, manager, corporate branch, Bank of India, Delhi said, ‘‘ Recently, our IT department issued instructions to all customers asking them to exercise the virtual keyboard for feeding their PIN numbers.
When the PIN is typed through normal keyboards, professional hackers get an opportunity to access the code and identify the characters to operate the customer’s account later .’’ In case of a virtual keyboard, a grid is displayed on the screen and the password is fed by clicking on the characters.
7 months ago