Indore: With many people working online from home due to coronavirus pandemic, it has also led to an increase in online crimes like phishing attacks, said, advocate Puneet Bhasin, an international cybersecurity expert and founder of Cyberjure Legal Consulting, while addressing a webinar on Tuesday on the topic “Online Financial Frauds in times of COVID-19”.
The webinar was organised by Women Forum of Indore Management Association.
Advocate Bhasin said that as the world’s focus has shifted to the COVID-19 outbreak, hackers are finding ways to launch different forms of cyber attacks. With most people working from home, outside of the office network on their personal devices, cyber criminals are maximizing on the vulnerabilities and organisations must gear up to combat them.
Rise of Cyber Crimes in COVID-19
• Unemployment on the rise
• Financial distress in companies
• Work from Home providing a gold mine of data to hackers
• Work from Home an opportunity for employees to sell data
• Indian concept of hiring involves data breaches
Types of Online Financial Frauds
1. Sim Swapping: The fraud exploits a mobile phone service provider's ability to seamlessly port a telephone number to a device containing a different subscriber identity module (SIM). This feature is normally used when a customer has lost or had their phone stolen, or is switching service to a new phone. The scam begins with a fraudster gathering personal details about the victim, either by use of phishing emails, by buying them from organised criminals, or by directly socially engineering the victim. Once the fraudster has obtained these details, they then contact the victim's mobile telephone provider.
2. Online Scams: Cyber scams, or online scams, involve fraudulent business offering fake services, goods or rewards to unwitting victims.
3. Data Breaches: Major risk of Work from Home is Man-in-the-middle Attack, Unsecure connections, Lack of Basic Cyber Security, Insider threats, Lack of Sound Employee policies with respect to Data Security, Lack of Cyber Incidence Response & Security Policies and Implementation in Company.
4. Email Spoofing: Using your Company Domain name, a fake email can be sent to your customers or suppliers.