In today’s digital age, mobile phones and computers have become prime targets for cybercriminals seeking to steal sensitive information. We will shed light on three prevalent frauds that exploit access to mobile and computer devices: Juice jacking, broadband internet security fraud, and SIM swap fraud.
Juice jacking: Juice jacking is a cunning cyberattack that takes advantage of public charging ports. While these ports are convenient when our mobile device’s battery is low, they can also become conduits for data theft and malware installation.
How it works
Scammers modify a public charging port and implant malware into it. When you connect your mobile device to this manipulated charging port, the malware infects your device, giving hackers access to sensitive data such as contacts, emails, messages, photos, videos, and financial credentials.
Dos
1. Always carry a power bank for a safer and more convenient charging option.
2. Look for electrical outlets instead of USB outlets, as they prevent data transfer, offering protection against malware.
3. If you must use a public charging USB port, power off your device before plugging it in to prevent data transfer.
4. Use charging cables that solely serve charging purposes without data transfer capabilities.
Don’ts:
1. Avoid using USB charging at public spots to minimise the risk of Juice Jacking.
Broadband internet security fraud: Scammers impersonate staff members from reputable computer or telecom companies, claiming technical issues with your computer, internet connection, or phone line. They may claim that your broadband connection has been hacked. The caller will then request remote access to your computer to ‘find out what the problem is’. This way they can unauthorised access to all your files and data on your computer. They may also attempt to trick you into buying unnecessary software or services or coerce you into divulging personal and financial information.
How it works:
Unsolicited phone call from the scammer, posing as a tech support provider.
They claim your computer has technical issues and ask for remote access.
They might suggest purchasing software or services for fixing the computer.
They may also request your personal and financial details for supposed payment.
Dos
1. Hang up immediately on unsolicited calls requesting remote access to your computer.
2. Ensure your computer has up-to-date anti-virus, anti-spyware software, and a reliable firewall for protection.
Don’ts:
1. Never disclose personal, credit card, or online account details to unsolicited callers or suspicious emails and messages.
SIM swap fraud: Also known as Port-out Scam or SIM Splitting. SIM swap fraud is a sophisticated account takeover scam that exploits two-factor authentication. Scammers gather customers’ personal information through various means, such as phishing or vishing, to obtain a new SIM card in the customer’s name. They then use this SIM card to intercept SMS or calls containing one-time passwords (OTPs) to carry out fraudulent transactions from the victim’s bank accounts.
How it works:
Scammers collect customers’ personal information and use it to obtain a new SIM card in the customer’s name.
With the new SIM card, they receive OTPs and gain access to the victim’s bank accounts for fraudulent transactions.
Dos
1. Contact your mobile operator immediately if your phone number remains inactive for an extended period.
2. Regularly review your bank account alerts and statements and report any suspicious transactions or activities.
Don’ts:
1. Never share your personal and confidential details with unknown individuals calling from unverified numbers or sending emails and messages from suspicious addresses.
2. Avoid disclosing the 20-digit number on the back of your SIM card.
3. Refrain from sharing your phone number on social media or any other websites.
Being aware is half the battle won in safeguarding against fraud. Stay vigilant and cautious of any unusual requests or suspicious activities to protect your sensitive information from falling into the wrong hands.
(Salil Datar has over three decades (including CXO level) in banking, neobanking and cross border financial services)
