Quantify Cyber Risk Now

header ads

What should you do if your bank account is hacked? | Lucideus

The banking industry has enjoyed the ride of emerging technology to undergo significant changes. The banking industry is among the biggest beneficiaries of the IT revolution and has largely adopted Information Technology solutions for rendering the banking services to their customers. The proliferation in online transactions mounting on technologies like NEFT (National Electronic Fund Transfer), RTGS (Real-time Gross Settlement Systems), ECS (Electronic Clearing Service) and mobile transactions is a glimpse of the deep-rooted technology in banking and financial matters. With the swift expansion of computer and internet technologies, new forms of worldwide crimes known as “Cyber Crimes” has evolved in the scene.

Over a period of time, the nature and pattern of Cyber Crime incidents have become more sophisticated and complex. Banks and Financial Institutions remain the unabated targets of cybercriminals in the last decade. Notably financial gain is still one of the major motivations behind most cybercriminal activities and there is little chance of this changing in the near future (Symantec, 2015).[1]

Case Study: Recently I came across a case in which an individual had lost INR 30,000 from the bank account,  the individual was a  victim of SMISHING Attack in which cybercriminals send you tricky SMS which seems like coming from your bank. Followed by a call that your account has been locked because you have done more than 4 transactions from other bank's ATM and it felt that someone else is using a cloned debit card in the individual's name. On Call, that person shared the OTP to confirming the identity so that they will not block the card, as result three transactions happened from the account back to back in next half an hour which costs this person INR 30,000. 

In India, it's a grey area when it comes to getting money back from any bank in case you land up as a victim of a cyber theft. We cannot blame the bank in most cases as its people who get tricked to reveal their information to cybercriminals. So let's understand today what to do in case you become a victim of this kind of attack. 

In India, we see the majority of cybercrimes in the banking sector aren't happening directly via loopholes in the technology stack of a bank. We are losing far more money through social engineering attacks than from technology IT stack attacks. Attacks today are using many types of social engineering cybercriminal attacks than ever before. They are taking advantage of people who aren't tech-savvy, however, the attacks are planned so well that even technology literate individual become the victims of these cyber frauds due to lack of awareness. In this post, we will share a detailed guide about these cyber scams which can cost an individual a lot if they come under their radar.

Techniques Cyber Criminals are using to commit financial frauds.
Phishing: Phishing is a social engineering attack which is a decade old, in this attack a cybercriminal which sent you a mail associated with your bank and will trick you to log in with your credentials via a  fake page which will look like your bank website. Once you fill your username and password, in background cybercriminals will get your username and password which can be used for further attack process. Nowadays cybercriminals are using the various mobile wallet based phishing emails which give cash back offers to attract people to give their credential or payment information.

Step 1: Contact your Bank: Inform your bank about the transaction via formal email (for all subsequent records).

Share all relevant Information: Mention complete details of loss along with the day, date and time of the transaction. Gather all the information you can about the transaction. Before you contact your bank, pull together any documents or other information you have so your bank can act quickly to help you minimize your losses.

Step 2: Transaction Details: If you think your information was stolen as part of a data breach at a retailer, it may be enough to simply tell your bank that you shopped at that location during the dates of the breach and your account may be compromised.

Step 3: Change all credentials wrt cards/ Net Banking: Immediately block the card. Give details of the amount debited. Get a reference number and further change PIN or login details of your account.

Step 4: Report to Police: Submit an online complaint with Cyber cell of your area. For instance: if you reside in New Delhi then file an online complaint to cyber cell branch of Delhi Police. Request a copy of the police report for your records.

Step 5: Be in touch with your bank:  until you don't get a logical revert , most people push one two times and later forget, this will lose your grip on the case and then you will have very less probability to get your lost money bank as for sure you are not the only one who lost his money on that day, there can be several cases bank sees every day and so you have to push things from side regularly. 

 For online complaint*: http://www.cybercelldelhi.in

As per RBI guidelines, Customers will not suffer any loss if unauthorised electronic banking transactions are reported within three days and the amount involved will be credited in the accounts concerned within 10-days*.

Note: Methods above may not give you 100% solution for your problem as It varies from bank to bank and also jurisdictions, but giving a shot to this is not a bad idea :)

Post a comment