Changing Profile of Cyber Crimes
Two of the recent Cyber Crimes reported in India require a
deeper analysis to find out the root cause of the crime and what steps can be
taken to reduce the probability of such crimes being committed in future.
BPO Fraud in Pune
The first is a crime reported from Pune where 12 persons were
arrested in a Bank fraud. They were ex-empolyees
of Mphasis BPO who defrauded US Customers of Citi Bank to the tune of Rs 1.5 crore. (Details available
here ).
In this crime employees of the call center which was
supporting the Bank obtained the PIN of the customers and through the
internet Banking system transferred the amounts into their personal accounts.
This crime highlights the "Lack of Due Diligence" by the Bank
in not initiating adequate security measures to prevent Call Center employees
from using "Social Engineering" to obtain the access passwords.
The Bank is also negligent in having acted on the funds
transfer request not supported by a digitally signed authorization letter.
The call center employees are liable under Section 43 of the
act to compensate the customers. Bank would also be equally liable to compensate
the customers for any loss suffered by them.
The action of the call center employees resulting in the
"Information residing inside a computer" being affected injuriously mean that
Section 66 of the ITA-2000 may also be applied.
The call center would be responsible for the crime since the
crime is committed in their network and unless they are protected under Section
79/85 of the ITA-2000, shall be liable both under Section 43 as well as Section
66 of the Act.
Though this is one crime that has come to light, there could
be many such frauds that are not recognized by the Banks since most of them are
practicing insecure methods in dealing with the customers.
Hopefully, Banks will now start implementing the "Cyber Law
Compliance Programmes" to protect themselves and their customers from the impact
of such frauds.
Disappointed Lover's Revenge in Chennai
In another recent crime in Chennai (Details
here)
it was reported that a lady sent a terrorist message to a VIP using the name of
her lover who refused to marry her. Unfortunately, she forgot that the Police
are intelligent enough to trace the source of the mail rather than being
misguided by the spoofing of the e-mail address.
This is a typical case of an attempt to frame an honest
individual and should be taken as an alert by the Police all over that there are
innocent looking ladies around who are trying to frame innocent individuals
often in a fit of anger over a failed love affair. A similar case in Bangalore a
few years back landed a software professional in jail and wrecked his career.
There was also a case of similar nature that had been
reported in Chennai itself about an year back where the disappointed lover tried
to stop a marriage by giving a similar e-mail in the name of LTTE.
The growth of such "Lady Villains" is a sociological issue that needs to be
analyzed.
Hopefully Police have now come through the learning process and are able to see
through the games of such e-mail spoofing and uncover the truth which some times
is stranger than fiction.
Naavi
April,8, 2005
Related Articles:
staffers hack bank A/Cs, steal Rs 1.5 cr..TOI
One girl arrested for sending prank email to Tamil Nadu CM..New Kerala
Gujarat state tops in cyber crimes in India..China view
India Police Arrest 12 in Call Center-Bank Scam..Contact Center
today.
