What is Online Fraud?
Fraud that is committed using the internet is online fraud. Online fraud can include financial fraud and Identity theft. Online fraud is of many types. It ranges from virus that attacks the computer with the goal of retrieving personal information, to emails that lure the victims into wiring money to fraudulent sources, to “phishing” emails that appears to be from official entities that solicit personal information from victims to be used to commit identity theft, to fraud on online shopping sites. The methods used by fraudsters are constantly evolving.
Types of Online Fraud and Phishing
Phishing Email and Fraudulent websites
Phishing is a general term for e-mails, text messages and websites fabricated and sent by criminals and designed to look like they come from well-known and trusted businesses, financial institutions and government agencies in an attempt to collect personal, financial and sensitive information. It’s also known as brand spoofing. If you should ever receive an email that appears to be suspicious, do not reply to it or click on the link it provides. Simply delete it.
Pop-ups are the advertisements that “pop up” in a separate browser window. When you click on some of these pop-ups, it’s possible that you’re also downloading “spyware” or “adware.”
Vishing is the criminal practice of using social engineering and Voice over IP (VoIP) to gain access to private, personal and financial information from the public for the purpose of financial reward. The term is a combination of “voice” and phishing.
Scammers randomly dial phone numbers using an automated system or a real human being pretending they are calling on behalf of Bank/financial company asking you to update information regarding your, bank accounts, Card details etc. because there is a problem on your account or they may also say that they have made some upgrades into their system.
Smishing is a form of criminal activity using social engineering techniques similar to phishing. Smishing victims receive SMS messages. Known as “smishing,” these text messages might ask a recipient to register for an online service — then try to sneak a virus onto the users’ device. Some messages warn that the consumer will be charged unless he/she updates his/her personal or financial credentials in a Web site that then extracts such information and other private data.
Unwanted Key-Logging software can record everything that is typed on a computer and send the information to an outside party. Key-Logging “Spyware” or “Adware” often infects a computer via a virus attached to an e-mail or other type of download.
How to Prevent IT
- Be suspicious of any e-mail or text message containing urgent requests for personal information or financila information
- Contact the organization using telephone number from a vredible source.
- Always look for the Padlock and the URL address as https://abc.com
- To be absolutely sure type the URL in the address bar of the concerned organization.
- Set strong passwords – use lower case, upper case, special characters and numbers in your passwords.
- Avoid embedded links in an email claiming to bring you to a secure website.
- Never disclose via text message any personal information, including account numbers, passwords, or any combination of sensitive information that could be used fraudulently. Use caution if you receive a text message expressing an urgent need for you to update your information, activate an account, or verify your identity by calling a phone number or submitting information on a web site. These messages may be part of a phishing scam conducted by fraudsters to capture your confidential account information and commit fraud.
- Get in the habit of looking at a website’s address line and verify if it displays something different from the address mentioned in the email.
- Regularly update your computer protection with anti-virus software, spyware filters, e-mail filters and firewall programs.
- As a general rule, be suspicious when receiving any unsolicited incoming communication/phone call asking your personal or financial information or asking to update them on a site.
What to do in case you are a victim of an online fraud?
Remember that it is the bank’s responsibility to prove that the customer is liable for the unauthorized transaction.
The first thing that you should do, if you are a victim is to inform your bank/financial institution immediately, to freeze your account. As mentioned above, if you claim fraud, it is your banks responsibility to prove it was not a fraud. In any case if there is any more fraud after you reported to your bank, the bank will be responsible for the refund 100%.
If you reported within 3 days of the fraud, as per RBI rules, you should get the entire amount refunded. If you report after 3 days of fraud, then the bank can claim delay in reporting and not be liable for the fraud amount. But even then you are protected as to how much you will be liable for.