Virtual Key Board unsafe under IE

Posted on December 13, 2012 by Vijayashankar Na

Dec 13: A vulnerability in Internet Explorer is said to make it possible for a hacker to track the mouse cursor movements on the screen. This would make the “Virtual key board” system used by some Banks for password entry useless. At present the vulnerability is identified for IE and many would use other browsers. However some sites  are compatible only with IE and force users to use IE. In such cases vicarious liabilities may attach on the site for inadequate security. Related Article

Posted in Bank, Information Assurance | Tagged , , , , | Leave a comment

FIR Filed Against Airtel CMD

Posted on December 13, 2012 by Vijayashankar Na

Dec 12: Naavi has long been complaining that Airtel is practicing unethical practices for over charging its customers including placement of fraudulent transactions in the customer’s mobile and data usage accounts which amount to offences under ITA 2008. It is therefore no surprise to learn that an FIR has been filed against Airtel for extortion and threatening of one of the clients in Bangalore who has been allegedly wrongly billed for Rs 50000/-. Report

 

PLEASE NOTE:

This website has been in existence since 1998.  

Older posts before the site switched to word press are available through the link at the top and here below.

OLD POSTS

Posted in TELCO | Tagged , , | 1 Comment

Suspected Fraud-Make My Trip Credit Card offer

Posted on December 13, 2012 by Vijayashankar Na

Dec 8: Today I received a telephone call from 040-40502373 in the name of Make My Trip with an offer for a special HSBC Platinum credit card with two free air tickets. The offer was too good to be rejected. However when the caller wanted to know my Date of Birth and PAN Card number before proceeding further, it appeared that this was a suspected Identity stealing attempt. I am trying to get more details and a confirmation. In the meantime in order to keep public informed, I am posting this information here. I request public not to reveal sensitive personal information such as the DOB and PAN Card number to unknown persons as it may be involving a identity theft risk.

Posted in Cyber Crime | Tagged | 2 Comments

How the OTP system for Bank transactions is bypassed

Posted on December 13, 2012 by Vijayashankar Na

Dec 7: The commercial banks in India have banked heavily on the two factor system where the OTP sent through a mobile is used to authenticate the password based access. Some Banks like SBI and ICICI Bank even tried to convince the RBI that this two factor authentication should be given a legal sanction. Now this case study explains how the new variants of Zeus Virus is used to defeat the two factor authentication with the use of a mobile.  Named as “Eurograbber” this virus is reported to have been used for defrauding over 30000 bank customers across EU to the tune of around 36 million Euros. This also represents the risk that Indian Banks are facing. It is anybody’s guess if the Indian Banking system can survive such an attack. If such a damage occurs, Indian economy will be in shambles not withstanding any of the other efforts of the GOI.  Case Study

Posted in Bank, Information Assurance | Tagged , , , , | 1 Comment

PWC Survey on Security preparedness

Posted on December 13, 2012 by Vijayashankar Na

Dec7: PWC has released the findings of its “The State of Information Security survey-2013” indicating that there is an increasing interest and budget allocations for Information security in the Indian companies. Report

Posted in Information Assurance | Tagged , | Leave a comment

Centralized IMEI data base to go on trial in a month

Posted on December 13, 2012 by Vijayashankar Na

Dec 5: In a measure that could put a break on Mobile thefts, Government of India has approved a trial running of a centralized IMEI data base in India. This would enable tracking of stolen mobiles and make it difficult for sellers of stolen mobiles to find buyers. Report

Posted in TELCO | Tagged , , | Leave a comment