Mobile Crimes to be the focus in 2013

Posted on December 18, 2012 by Vijayashankar Na

Symantec has predicted that in 2013, Cyber Crimes in India is likely to grow in the Mobile segment. It is estimated that there are around 137 million Internet Users in India and nearly 70% of them use mobile to access Internet. Simultaneously the Social Media user base also is said to have increased from 38 million to 60 million in 2012. These two aspects are predicted to attract Cyber Criminals to target these segments. Details

Mobile users need to be extremely careful while using their smart phones for critical internet applications such as Banking. It would be better not to use mobiles for Internet Banking since Indian Banks are not responsible enough to secure their internet banking platform and there is little legal support to customers. Also it is necessary to fortify the smartphone with an anti virus for whatever it is worth and be selective in downloading apps to mitigate the malware risks.

Posted in Cyber Crime | Tagged , , , | Leave a comment

What Has Happenned to the Zone-H.org Case?

Posted on December 16, 2012 by Vijayashankar Na

Presently lot of discussions are happening in India on “Free Speech” and “Internet Censorship”. In this context I would like the community to be reminded of the case of Zone-H.org which was blocked in India following a defamation case filed under Section 66A by a Hyderabad company called E2 Labs.

The Government of India has been defending its decision to block Zone-H.org behind a decision of the Delhi High Court.

It was a fact that the complaint was filed with a request for an interim order to block the site which was granted in good faith by the Court until the case could be heard in detail. However the system was managed in such a manner that the respondent living abroad received an e-mail notice to appear in the Court with a notice of less than 24 hours. Obviously this was not possible and also that the respondent did not feel necessary to spend his money and time to respond. In the process the interim order remained unchallenged and became permanent. ( The developments have been summarised by Zone-H.org in this article)

During the discussions Naavi.org had brought to the notice of the Government of India that there was a prima facie need for the CERT IN to implede in the case and put across its point of view to the Court since there was an apparent accusation that the petitioner had committed some offences including the misuse of Government department’s name for promotion and fund raising as well as that there was a hacking of Government websites to create grounds for the petitioner to canvass business. These were serious charges which any sensible Government would have pursued. But the Government decided to ignore these charges and indirectly assisted the complainant in getting the Zone-H.org site blocked. Had these facts/accusations been brought to the attention of the Court, it is possible that the Court would not have given the interim order in favour of the petitioner.

Now that a new PIL has come before the Supreme Court in which the Constitutional Validity of Section 66A of ITA 2008 is being questioned, the Zone-H.org case will come for an automatic review.

The Zone-H.org case was perhaps the first case in which Section 66A was invoked for “Defamation” and hence the current PIL and this case are related. Since the respondent (Zone-H.org) is unlikely to raise this issue, it is unclear how the issue can come before the Court now unless the Supreme Court takes a Suo-Moto decision to consider that Zone-H.org blocking case is relevant to the current set of cases such as Aseem Trivedi etc and provide its considered view.

Posted in Cyber Law | Tagged , , , , , | Leave a comment

Banks are under Attack.. Beware

Posted on December 16, 2012 by Vijayashankar Na

Security specialists have put out a grave warning about a massive Cyber attack planned against 30 major US Banks. RSA recently announced that a gang of Criminals had developed a sophisticated Trojan under a project idenitified as “Project Blitzkreig” which has been successfully tested.Security firm McAfee has warned that the full fledged attack is imminent in the coming days.

Though the present threat advisory is for US Banks, it includes CitiBank, E Bay and PayPal which has operations in India. Also the technology can reasonably be expected to be used to attack the Indian Banks since Indian Banking security is weaker compared to the US Banks and the Cyber Crime knowledge, technology and tools spread fast across the globe.

The scheme appears to involve logging in to the banks from Computers which are cloned to represent the home computers of the customers so that inconvenient security questions can be avoided.

It also uses the familiar method of circumventing the daily transfer/individual transaction limits by using many “Mules” as is normally done in phishing cases.

Indian Banks in the recent days have tried to increase the transaction limits without hardening their security. Hence the risks to Indian Customers are higher. There is also a tendency in Indian Banks to fight with its customers in cases of such frauds and drag them to Courts if they seek remedy. The Government of India which has kept the Cyber Appellate Tribunal closed for the last 2 years is indirectly acting to discourage the Banks from seeking legal remedy. Though RBI has been providing necessary guidance to Banks to secure the customer interests and to absorb Cyber Fraud liability through insurance, Banks are ignoring the RBI’s mandate.

We hope RBI and GOI will take note of this new threat and try to implement remedial measures at the earliest.

Related Article: cnn.com :: Computerworld

Posted in Bank, Information Assurance | Tagged , , , | 1 Comment

Virtual Key Board unsafe under IE

Posted on December 13, 2012 by Vijayashankar Na

Dec 13: A vulnerability in Internet Explorer is said to make it possible for a hacker to track the mouse cursor movements on the screen. This would make the “Virtual key board” system used by some Banks for password entry useless. At present the vulnerability is identified for IE and many would use other browsers. However some sites  are compatible only with IE and force users to use IE. In such cases vicarious liabilities may attach on the site for inadequate security. Related Article

Posted in Bank, Information Assurance | Tagged , , , , | Leave a comment

FIR Filed Against Airtel CMD

Posted on December 13, 2012 by Vijayashankar Na

Dec 12: Naavi has long been complaining that Airtel is practicing unethical practices for over charging its customers including placement of fraudulent transactions in the customer’s mobile and data usage accounts which amount to offences under ITA 2008. It is therefore no surprise to learn that an FIR has been filed against Airtel for extortion and threatening of one of the clients in Bangalore who has been allegedly wrongly billed for Rs 50000/-. Report

 

PLEASE NOTE:

This website has been in existence since 1998.  

Older posts before the site switched to word press are available through the link at the top and here below.

OLD POSTS

Posted in TELCO | Tagged , , | 1 Comment

Suspected Fraud-Make My Trip Credit Card offer

Posted on December 13, 2012 by Vijayashankar Na

Dec 8: Today I received a telephone call from 040-40502373 in the name of Make My Trip with an offer for a special HSBC Platinum credit card with two free air tickets. The offer was too good to be rejected. However when the caller wanted to know my Date of Birth and PAN Card number before proceeding further, it appeared that this was a suspected Identity stealing attempt. I am trying to get more details and a confirmation. In the meantime in order to keep public informed, I am posting this information here. I request public not to reveal sensitive personal information such as the DOB and PAN Card number to unknown persons as it may be involving a identity theft risk.

Posted in Cyber Crime | Tagged | 2 Comments