1

Phishing What is a Phishing Attack?

Phishing is a form of social Phishing is another type of cyber
engineering and a scam where attack. Phishing got its name from
attackers deceive people into “phish” meaning fish. It’s a common
revealing sensitive information or phenomenon to put bait for the fish to
installing malware such as viruses, get trapped.
worms, adware, or ransomware.
Similarly, phishing works. It is an
Phishing attacks have become unethical way to dupe the user or
increasingly sophisticated and often victim to click on harmful sites. The
transparently mirror the site being attacker crafts the harmful site in such
targeted, allowing the attacker to a way that the victim feels it to be an
observe everything while the victim authentic site, thus falling prey to it.
navigates the site, and transverses
any additional security boundaries The most common mode of phishing
with the victim. is by sending spam emails that
appear to be authentic and thus,
As of 2020, it is the most common taking away all credentials from the
type of cybercrime, with the FBI's victim. The main motive of the
Internet Crime Complaint Center attacker behind phishing is to gain
reporting more incidents of phishing confidential information like:
than any other type of cybercrime. Password
Credit card details
Social security numbers
Phishing is a form of online fraud in Date of birth
which hackers attempt to get your
private information such as The attacker uses this information to
passwords, credit cards, or bank further target the user impersonate
account data. This is usually done by the user and cause data theft. The
sending false emails or messages most common type of phishing attack
that appear to be from trusted sources happens through email. Phishing
like banks or well-known websites. victims are tricked into revealing
information that they think should be
They aim to convince you so that they kept private.
can manage to have your information
and use it as a fraudster. Always The original logo of the email is used
ensure that you are certain about to make the user believe that it is
whom you are dealing with before you indeed the original email. But if we
provide any information. carefully look into the details, we will
find that the URL or web address is
not authentic. Let’s understand this
concept with the help of an example:
 2

In this example, most people believe Responding to social media requests:

it’s YouTube just by looking at the red This commonly includes social
icon. So, thinking of YouTube as a engineering. Accepting unknown
secure platform, the users click on the friend requests and then, by mistake,
extension without being suspicious leaking secret data are the most
about it. common mistakes made by naive
users.
But if we look carefully, we can see
the URL is supertube.com and not Clicking on unauthenticated links or
youtube.com. Secondly, YouTube ads:
never asks to add extensions for Unauthenticated links have been
watching any video. The third thing is deliberately crafted that lead to a
the extension name itself is weird phished website that tricks the user
enough to raise doubt about its into typing confidential data.
credibility.

How is Phishing Carried Out?

Below mentioned are the ways
through which Phishing generally
occurs. Upon using any of the
techniques mentioned below, the user
can lead to Phishing Attacks.

Clicking on an unknown file or

attachment:
Here, the attacker deliberately sends
a mysterious file to the victim, as the
victim opens the file, either malware is
injected into his system or it prompts
the user to enter confidential data.

Using an open or free wifi hotspot:

This is a very simple way to get
confidential information from the user
by luring him by giving him free wifi.
The wifi owner can control the user’s
data without the user knowing it.
 3

Impact of Phishing
These are the impacts on the user Spread of Malware:
upon affecting the Phishing Attacks. Phishing attacks often use
Each person has their impact after attachments or links to deliver
getting into Phishing Attacks, but malware, which can infect a victim’s
these are some of the common computer or network and cause
impacts that happen to the majority of further harm.
people.

Financial Loss:
Phishing attacks often target financial
information, such as credit card
numbers and bank account login
credentials. This information can be
used to steal money or make
unauthorized purchases, leading to
significant financial losses.

Identity Theft:
Phishing attacks can also steal
personal information, such as Social
Security numbers and date of birth,
which can be used to steal an
individual’s identity and cause long-
term harm.

Damage to Reputation:
Organizations that fall victim to
phishing attacks can suffer damage to
their reputation, as customers and
clients may lose trust in the
company’s ability to protect their
information.

Disruption to Business Operations:

Phishing attacks can also cause
significant disruption to business
operations, as employees may have
their email accounts or computers
compromised, leading to lost
productivity and data.
 4

How To Stay Protected Against Keep your system updated: It’s better
Phishing? to keep your system always updated
Until now, we have seen how a user to protect from different types of
becomes so vulnerable due to Phishing Attacks.
phishing. But with proper precautions,
one can avoid such scams. Below are Keep the firewall of the system ON:
the ways listed to protect users Keeping ON the firewalls helps you
against phishing attacks: filter ambiguous and suspicious data
and only authenticated data will reach
Authorized Source: you.
Download software from authorized
sources only where you have trust.

Confidentiality: Never share your

private details with unknown links and
keep your data safe from hackers.

Check URL:
Always check the URL of websites to
prevent any such attack. it will help
you not get trapped in Phishing
Attacks.

Avoid replying to suspicious things:

If you receive an email from a known
source but that email looks
suspicious, then contact the source
with a new email rather than using the
reply option.

Phishing Detection Tool:

Use phishing-detecting tools to
monitor the websites that are crafted
and contain unauthentic content.

Try to avoid free wifi: Avoid using free

Wifi, it will lead to threats and
Phishing.
 5

Types of Phishing Attacks eg, a hacker mimicked to be the CEO

of Snapchat in 2016, releasing payroll
Email Phishing information of employee.
Most phishing attacks are sent via
email. Attackers will register fake Vishing
domains impersonating real Vishing is short for “voice phishing”,
organizations and will send thousands which consists of tricking people on
of generic requests. Links usually lead the phone, persuading them to
to malicious websites that steal divulge sensitive information.
credentials or install malicious code,
known as malware, on users’ devices. In this type of attack, the attacker tries
Or, to steal the victim’s data and use it to
his advantage.
they might use the organization’s eg, many people receive fake phone
name in the local part of the email calls from people posing as the
address (such as Internal Revenue Service (IRS) during
[email protected]) in the tax season, indicating that they want
hope that the sender’s name will only to do an audit and need a Social
appear as “Amazon” in the recipient’s Security number.
inbox.
The recipient can be easily tricked
eg: During the COVID-19 pandemic, into providing personal information in
attacker pretended to be the World vishing attacks.
Health Organization (WHO) and sent
emails to many people tricking into Smishing
downloading malware and revealing Smishing is sending a message that
their personal information. requires someone to take action. This
is the next evolution of vishing.
Whaling
Attackers use social media or Often the text includes a link that,
company websites to find the names when clicked, installs malware on the
of the organization’s CEO or other user’s device.
members of senior management. eg, During the early 2019, many users
Then they impersonate the person received text messages, where the
using a similar email address. Emails sender pretended to be from their
may require a money transfer or bank, prompting them to click on a
require the recipient to review link and verify their account
documents. A whaling attack is also information.
known as CEO fraud. Scams
involving fake tax returns are an
increasingly common type of whaling.
 6

Angler Phishing Pharming

Angler phishing occurs when In a pharming attack, the attackers
cybercriminals use notification hack a Domain Name server (DNS).
features or direct messages in social The domain names are translated into
media applications to trick someone IP addresses with the help of DNS.
into taking action. Whenever a user types a URL in a
eg, attacker stole twitter user’s browser, the server will redirect the
credentials by directing users to a user to a fraud or cloned website that
fake support page. might look exactly the same as an
original or legitimate website.
HTTPS Phishing eg, the attackers hack the DNS to
Nowadays cybercriminals are using redirect the user from the legitimate
HTTPS in the links that they use to banking website to a fake one.
perform phishing attacks. Even
though HTTPS is a secure protocol, Pop-up Phishing
attackers are now making use of Most websites make use of pop-ups
HTTPS links. in a website to address important
For example, hackers may sent links things. Cyber attackers place
to HTTPS e-commerce sites which malicious code in the pop-ups that
may appear to be legitimate despite it appear on a website like a browser
being malicious and then trick users prompts the message
to enter their sensitive information. www.example.com wants to show
notifications. When we click on allow
Spear Phishing notifications, it automatically installs
This type of phishing attack uses malicious code that may contain
email but with a specific targeted malware or other harmful content.
approach. The attackers use open- For example, attackers can trick the
source intelligence (OSINT) to gather users into downloading malware into
information about a particular their device by prompting them to
company through social media or the allow notification on a popular
company’s website. Then, they make website.
specific individuals from the company
as their target using real names, job Clone Phishing
roles to make the recipient think the In a clone phishing attack, an attacker
email has arrived from a known, uses an original email that contains
legitimate source. some sort of attachments and links.
For example, the attacker leaked The cloned message is replaced with
sensitive emails in 2016 as a result of malware and virus and it seems like it
a spear phishing assault on the has been sent by a legitimate sender.
Democratic National Committee eg, the attackers can clones and
(DNC). original email from PayPal and
 7

replaces it with malicious ones to

steal users’ login credentials.
Evil Twin Prevent whaling attacks
In an evil twin attack, the attacker Abnormal Requests: If a member of
makes use of a fake Wi-Fi hotspot to senior management has not been in
carry out man-in-middle attacks. With contact before, be careful to take the
help of the fake WIFI hotspot, the action that is requested.
attacker can steal login credentials or Confirm before any action: Attackers
personal information. might seem real, but make sure you
For example, in a coffee cafe, a double-check and confirm from senior
attacker can setup a fake Wi-Fi with management before making any
the same name as the real one, to financial transactions.
carry out man-in-the-middle attack.
Prevent vishing attacks
Watering Hole Phishing Call Number: The number may be
A waterhole attack is a type of attack from an unusual location or may be
in which an attacker attempts to blocked.
compromise a specific group of end- Action Required: The call requested
users by infecting a website known to personal information which would
be visited by a member of the group. seem unusual for this type of caller.
Its purpose is to infect the targeted
user’s computer and gain network Prevent smishing attacks
access at the target’s workplace. Change delivery status: Text requiring
For example, in 2021, attackers the recipient to take action to change
breached data of a website that was the delivery will include a link, so
visited by frequently visited by a group always search the email or go directly
of people due to the Gay Pride Week, to the delivery service’s website to
to infect their computers and gain check the status.
access in the network. Abnormal prefix: Review the prefix
and compare it to your contact list
Prevent Phishing Attack before replying to a text message or
Prevent email phishing taking the suggested action.
Do not click on shortened links as
they are used to trick secure email Prevent angler phishing attacks
gateways. Ignore emails that contain Notifications: Be careful with
only images and very little text as notifications indicating additions to
images can hide malicious code. posts as they can include links that
review the message for any logos that direct recipients to malicious
look real as they may contain false websites.
and malicious HTML attributes.
 8

Abnormal direct messages: Beware of Prevent Clone Phishing

direct messages from people who Double-check the emails requesting
rarely use this feature as accounts personal information, login-ID, and
can be faked or fraudulently re- passwords or money transactions, as
created. this can lead to huge financial loss.

Prevent HTTPS Phishing Prevent Evil Twin attacks

Don’t click on shortened links. The Never connect to insecure or open
link should be in the long tail format Wi-Fi connections. It is a type of man-
and it should show all parts of the in-the-middle attack, where an
URL. attacker steals your credentials when
you are connected to an insecure
Prevent Spear Phishing network.
There may be abnormal requests
from people like sharing login IDs and Prevent Waterhole phishing
passwords, making money Make sure you use a firewall to
transactions, etc. Consult a senior prevent traffic from a malicious source
before taking any serious actions. because unwanted sources can
download malware and other harmful
Prevent Pharming content on your system.
Look for loose ends. Be aware of
small mistakes like misspellings,
strange fonts, mismatched content,
etc that can be found on malicious
websites. Attackers clone the original
websites for carrying out phishing
attacks but these types of small
mistakes can be easily pointed out.

Prevent Pop-up Phishing

Attackers have started using pop-ups
to trick users. It can be used to
download malicious files on a user’s
computer.
For e.g., pop-ups that contain
malicious code can turn a browser to
full-screen mode or any other
abnormal behavior.
 9

the victim, showing a countdown timer

and asking for payment.
Types of Ransomware The attackers generate income by
Ransomware is a type of malware holding the valuable files hostage and
that denies access to data files using demanding a ransom through
encryption until a ransom is paid. It anonymous methods such as Bitcoin
comes under the category of cyber to regain access to these files.
extortion.
Locker Ransomware:
Ransomware does not intend to Locker ransomware locks the victim
cause any damage to the computer’s out of their device and blocks the
file system instead, it displays a basic computer functions. Some parts
ransom note on the victim’s screen so of the keyboard may be locked and
that the victim can pay a certain the mouse can be frozen allowing the
amount of money to remove the victim only to respond to the
restrictions and regain access to their attacker’s demands. In this case,
computer, usually via a key. attackers demand ransom to unlock
the device. The locked system only
The malware creator will either supply allows limited access, to interact with
a program that can decrypt the files, the attacker.
or will send an unlock code that
decrypts the victim’s data. But there is
no guarantee that this will happen,
even if the requested ransom is paid.

Types of Ransomware
The 2 major types of ransomware are:
1. Crypto-Ransomware
2. Locker Ransomware

Crypto Ransomware:
Crypto ransomware aims to encrypt
sensitive files on the victim’s
computer. It does not block any basic
computer function.

This ransomware searches for

important files on the local hard drive
and external drives of the victim’s
system and starts encrypting them.
Then, it will present a ransom note to
 10

3. Ransomware as a Service
(RaaS):
Ransomware as a Service is a
business model between ransomware
developers and affiliates to use
developed ransomware tools to
execute attacks. The affiliates earn a
portion of each successful ransom
payment.

The ways of encountering

ransomware are:
Crypto Ransomware process 1. Links or files are delivered through
emails, messages, or other
networks.
2. Downloaded onto the device by
trojan downloader or exploit kits.

Examples of Ransomware Strains:

1. Cryptolocker
Locker Ransomware process 2. CryptoDefense
Other types of ransomware are: 3. Bad Rabbit
1. Doxware: 4. Goldeneye
Doxware is ransomware that not only 5. Zcryptor
encrypts the files on the victim’s 6. Jigsaw
computer but also steals the data 7. Petya
from sensitive files. This ransomware
extorts the victim by threatening to Prevention from Ransomware
publish the stolen data online if the Infection:
ransom is not paid. It may include Ransomware infection can be
private photos, emails, confidential prevented by
information, etc. 1. Not clicking on unsafe links.
2. Using security software.
2. Scareware: 3. Avoid the use of unknown USB
Scareware aims at convincing users sticks.
to download useless software, 4. Not opening suspicious email
damaging malware or ransomware attachments.
which can hold users’ data hostage 5. Downloading only from known
and demand money. It uses social sources.
engineering to trick the users to install 6. Keeping the operating system and
fake antivirus software. programs up to date.
 11

Steganography is defined as which Audio Steganography

involves caching of secret information. Audio Steganography is defined as a
This word is derived from two Greek type of steganography which involves
words- ‘stegos’ meaning ‘to cover’ caching dispatches or secret
and ‘grayfia’, meaning ‘writing’, thus information within audio lines. The
translating to ‘covered writing’, or ideal behind using this fashion is to
‘hidden writing’. hide information in such a way that
people cannot notice it when they
The sensitive information will also be hear the audio. It's generally used for
uprooted from the ordinary train or digital rights operation in audio lines.
communication at its discovery. With
the help of Steganography, we can Video Steganography
hide any digital thing like textbook, Video Steganography is defined as a
image, videotape, etc behind a type of steganography which involves
medium. caching dispatches or secret
information within digital videotape
Different Types of Steganography lines. The ideal way to use Video
Text Steganography Steganography is to detect secret
Text Steganography is defined as a information in a videotape in such a
type of steganography which involves way that normal people won't notice it.
caching dispatches or secret
information within a textbook Network or Protocol Steganography
document or other textual data. In this Network or Protocol Steganography is
system, we try to hide secret data with defined as a type of steganography
the help of each letter of the word. It is which involves caching dispatches or
challenging to describe especially secret information within network
when the variations or changes made protocols or dispatches. It tries to hide
are subtle. secret information in the usual inflow
of internet or network exertion so that
Image Steganography nothing can describe it.
Image Steganography is defined as a
type of steganography which involves
caching dispatches or secret
information within digital images. It is
achieved by making changes in the
pixels of the image to render the
information. It is generally used for
watermarking, covert communication,
brand protection, etc.
 12

Advantages of Steganography Steganography Cryptography

● It offers better security for data
sharing and communication. Steganography is Cryptography is
● It's veritably important delicate to defined as a defined as the
descry. It can only be detected by the system of system of
receiver party. concealing data or guarding
● It can apply through colorful means information information and
like images, audio, videotape, underknown- communication
textbook,etc. secret data or with the help of
● It plays a vital part in securing the training. colorful ways.
content of the communication.
● It offers double subcaste of
Its main purpose is
protection, first being the train itself Its main ideal is
to maintain
and second the data decoded. to give data
communication
● With the help of Steganography protection.
security.
advanced functional agency can
communicate intimately.
The structure of
The structure of
data is not
data is modified
modified in the
in the case of
case of
Cryptography.
Steganography.

It is further
It is less popular.
popular.

The use of key is The use of key is

not obligatory, but obligatory in the
if it is used it case of
enhances security. Cryptography.

But, in
Cryptography,
In Steganography, there is use of
the use of fine fine
metamorphoses is metamorphoses
not involved to play with the
importantly. data and
increase
protection.
 13

Steganography Tools FAQ

Steganography Tools are defined as What are the problems faced by
tools which help the stoner to hide steganography?
secret dispatches or information The problems faced by
inside another train in colorful formats. Steganography are like achieving high
There are colorful tools available in embedding capacity, high security
the request which helps to perform and good imperceptibility.
steganography. Some of the
steganography tools are following- What is Image Steganography?
Image Steganography is defined as a
OpenStego type of steganography which involves
Steghide caching dispatches or secret
OutGuess information within digital images.
Hide n shoot
QuickStego Give an illustration of Steganography?
Disguise An illustration of Steganography
includes hiding some information in
Conclusion the title of a participated videotape or
In conclusion, Steganography is a image.
system which lets stoners hide secret
information within normal or ordinary
lines or dispatches. It offers a way to
give enhanced security for data
transfer and communication over the
network.

There is colorful forms of

Steganography which includes like
Image Steganography, Audio
Steganography, Text Steganography,
etc. Also, there are colorful
advantages of using Steganography
like it offers better security, it's
delicate to discrete.
 14

A Salami Attack is a method of Disgruntled at having been

cybercrime that attackers or a hacker supposedly mistreated by his
typically used to commit financial employers the person first introduced
crimes. a logic bomb into the bank’s systems.

Cybercriminals steal money or Types of Salami attacks:

resources from financial accounts on Salami Slicing:
a system one at a time. Salami Slicing occurs when the
attackers/hacker get customer
Salami Attack occurs when several information, like Bank/credit card
minor attacks combine to create a details and other similar sort of detail
sturdy attack. because of this sort of by using an online database the
cybercrime, these attacks frequently attacker/hacker deduct an awfully
go undetected. touch of cash from each account and

Salami attacks are used for the these amounts add up to an oversized
commission of economic crimes amount of cash and this can be often
Those who are found guilty of such an invisibly to deduct such amount.
attack face punishment under Section because the amount is tiny. thanks to
66 of the IT Act. the limited amount of cash the bulk of
individuals doesn’t report the
How-to-Protect-Yourself-From-Cyber- deduction.
Attacks-copy
Working of Salami attack: as an example, suppose an
During this kind of attack, an awfully attacker/hacker withdraws ₹0.0001
insignificant change is introduced that from each checking account. Nobody
goes completely unnoticed. as an will notice so, an oversized sum is
example, a bank accountant inserts a produced when one dollar is deducted
program, into the bank’s servers, that from each account holder at that bank
deducts a satiny low amount of cash and the attacker got a stack of cash.
from the account of each customer.
Penny Shaving:
No account holder will probably notice when the attackers/hacker steal
this Unauthorized debit, but the bank money in small amounts. By using
accountant will make an outsized rounding to the closest within the
amount of cash each month. as an transactions. so, change is so small
example, an employee of a bank in so, nobody can detect such dough in
the USA was terminated from his job. a single transaction
 15

Prevention From Salami attack:

Users are encouraged to oversee
their weekly transactions and month-
to-month bank statements to shield
their bank accounts from being
hindered by a salami attack. you’ll
monitor any potential charges on your
account by actively scanning through
these activities. If you have got any
issues with any strange charges on
your account, contact your bank.

Financial institutions, like banks,

should also update their security so
that the attacker doesn’t become
conversant in how the framework is
meant. Banks should advise
customers on the due to report any
money deduction that they weren’t
tuned in to.
 16

Hacking
Hacking is the act of gaining By 1975, the Jargon File adopted a
unauthorized access to a computer more formalized definition of hacking.
system or network to: steal data, In popular usage and in the media,
corrupt systems, disrupt data-related the term has mostly negative
activity, and gather information on connotations due to its association
users. with cybercrime.

Hacking can involve:

Identifying weaknesses in a system
Exploiting those weaknesses
Using technical knowledge, problem-
solving skills, creativity, and
persistence
Using stealthy attack methods
Creating attack vectors that trick
users into opening malicious
attachments or links
Using social engineering to convince
users to click on malicious links, open
infected files, or reveal personal
information

Hacking is not always malicious:

A consumer who modifies their
personal smartphone to run custom
programs is technically a hacker.

Some forms of “white hat” hacking

can be done ethically to improve
security. Ethical hackers use the
same techniques and tools as
malicious hackers, but with the goal of
finding and fixing loopholes.

The term "hacking" has evolved over

time:
Originally, it referred to a process of
rough cutting or chopping.
In 1955, it was first used to describe
how members of the Technical Model
Railroad Club modified their train sets.
 17

Types of hacking Types of Hacking

Hacking is the activity of Hacking is something from which
characterizing weaknesses in a you’ve to protect yourself and can
knowledge processing system and a solely be done by anticipating how a
network to take advantage of the hacker might think to get into the
security to comprehend access to system.
private knowledge or business data.
Computers became obligatory in Phishing –
running a decent business. It is not In this type of hacking, the hacker
enough to possess isolated computer intends to steal critical information of
systems. users like account passwords,
MasterCard details, etc. For example,
These are various cybersecurity hackers can replicate an original
threats and vulnerabilities, including website for user interaction and can
Phishing, steal critical information from the
Viruses, duplicate website the hacker has
UI redress attacks, created.
cookie theft,
DDoS attacks, Virus –
DNS spoofing, These are triggered by the hacker
Social engineering, entering the filters of the website once
Missing security patches, they enter the website filters it. The
Malware-injection evices, and purpose is to corrupt the information
Password cracking. or resources on the net website.

They need to be networked to UI redress –

facilitate communication with external In this technique, the hacker creates a
businesses. This exposes them to the pretend interface and once the user
surface world and hacking. System clicks with the intent of progressing to
hacking means the exploitation of a particular website, they are directed
computers to commit fallacious acts to a special website.
like fraud, privacy invasion, stealing
corporate/personal knowledge, etc. Cookie theft –
Cyber-crimes cost several Hackers access the net websites
organizations several bucks every exploiting malicious codes and
year. Businesses are compelled to stealing cookies that contain tips,
defend themselves against such login passwords, etc. Get access to
attacks. your account then will do any factor
besides your account.
 18

Distributed Denial-of-service
(DDoS) – What are the most common types
This hacking technique is aimed at of hacking?
taking down a website so that a user Most common types of hacking are
cannot access it or deliver their phishing, viruses, UI redress attacks,
service. Gets the server down and cookie theft, DDoS attacks, DNS
stops it from responding, which may spoofing, social engineering, missing
cause a condition error constantly. security patches, malware-injection
devices, and password cracking.
DNS Spoofing –
This essentially uses the cache Types of Hacking
knowledge of an internet website or Techniques to Protect Yourself
domain that the user might have 1. First, you’ve to make sure that your
forgotten to keep up to date. It then personal information and account
directs the data to a distinct malicious details are kept private.
website. 2. Install antivirus code for shielding
from malicious activity.
Social Engineering – 3. Do not click on an unauthorized link
Social engineering is an attempt to and make sure to check any data
manipulate you to share personal info, sent to you is from a legitimate
sometimes by impersonating a source.
trustworthy supply. 4. Always have updated software and
do not use default configurations
Missing Security Patches – on devices.
Security tools will become outdated
as a result of the hacking landscape
advancement and need frequent
updates to protect against
new threats.

Malware-Injection Devices –
Cyber-criminals will use hardware to
sneak malware onto your pc. You
would have detected infected USB
sticks which can allow hackers remote
access to your device when it is
connected to your pc. What Devices Are Most Vulnerable
to Hackers?
Cracking Password Our Devices that are at risk from
Hackers will get your credentials hackers are smartphones, IoT
through a technique known as gadgets, and older computers
keylogging.
 19

(since they much not have mush 1. It leads to data breaches, it is

security back then). Smartphones the most harmful effect of hacking.
hold tons of personal info and are Unauthorized access to sensitive
easy targets for phishing by information, leads to identity theft and
hackers. IoT devices, like smart home privacy violations. This will also lead
stuff (smart TVs, switches, etc), often to many online frauds.
don’t have great security, making 2. Increased security cost,
them prime targets. surpassing company security
parameters means a weak security
Older computers might miss out on system and needs further
the latest security patches, so they’re improvements.
exposed to newer threats of this time. 3. Loss of a company’s
Even smart TVs and connected cars reputations, exposing the customer’s
can be vulnerable if not secured data in an external environment is
properly. Hackers love weak harmful to a company’s reputation.
passwords, outdated software, and 4. Damage in the system, and
unsecured networks to break in. deleting the data from the company’s
We can protect them by keeping database will lead to exceptional
devices updated and using strong, rebuilding of the system from scratch.
unique passwords. This will help us to 5. It leads to legal consequences
keep our devices safe from hackers. like fines, legal fees, and regulatory
penalties resulting from non-
compliance and negligence policies.

Effects and Impact of Hackers How to Prevent Hackers

There are many hazardous effects of There are many ways through which
hackers on our personal and we can prevent hackers from entering
professional lives. our database or accessing our files or
folders.
 20

1. Use a Strong password. We should gadgets, and older computers (since

avoid keeping passwords they do not have much security back
like 11111111, 00000000, then).
123456789, qwertyui, dragon, a
that etc. Anything which can be Anything that can be easily guessed
easily guessed is not safe as is not safe as a password. We have
password. We can use capital discussed all the aspects of hacking,
letters along with small letters and its effects, and how to prevent them.
special characters (like @,#, $, & ). By reading the article, you will gain an
2. Keep our software updated so it intermediate knowledge of types of
has the latest security measures. hacking and how you can protect
Old computers are easily hacked yourself from hackers and their tricks.
due to their weak security
measures.
3. Backup data in case of data loss. In
case of hackings like SQL injection,
we should always have backup
data ready in case of data loss.
4. Educate users and inform them
about the latest hacking trends so
that they can prepare themselves
and not be a victims of phishing.
5. By using secure network
configurations, such as
VPNs, firewalls, and intrusion
detection systems, to safeguard
network traffic.

FAQ
Types of Hacking -FAQs

Conclusion What is ethical hacking?

These are various hacking, Ethical hacking involves legally testing
including phishing, viruses, UI redress an organization’s systems. In simple
attacks, cookie theft, DDoS attacks, words, when a person is allowed to
DNS spoofing, social engineering, hack in a organizations system by
missing security patches, malware- their own permission in terms to test
injection devices, and password the software and to find the weak
cracking. Devices that are at risk from points in the systems.
hackers are smartphones, IoT
 21

What is SQL injection?  Red Hat: Hackers with owners

SQL injection is a technique to steal permission but deals aggressively
organizations data. It generally occurs with black hats
when the input data is not check for
malicious code (SQL queries) in it.  Nation Sponsored: Hackers
working under Government
This can allow hackers to view and  Hacktivists: Social or political
delete data from the database without hackers
proper permission of the owner.  Script Kiddies: Unskilled tool
users
 Whistleblowers: Exploitative
employees working in an
organization

Types of Hackers? Social Engineering

Social engineering attacks
 White Hat: hackers with owners manipulate people into sharing
permission information that they shouldn’t share,
 Black Hat: hackers without owners downloading software that they
permission with malicious intent shouldn’t download, visiting websites
 Gray Hat: hackers without owners they shouldn’t visit, sending money to
permission without malicious intent criminals or making other mistakes
that compromise their personal or
 Green Hat: Newbies or Learning organizational security.
amateurs
 Blue Hat: Pre-launch testers
 22

Social engineering uses human forgery “CSRF” which is an attack that

weakness or psychology to gain forces an end user to execute
access to the system, unwanted actions on a web
data, personal information, etc. application.

It is the art of manipulating people. Example: In 2018 we have seen a

It doesn’t involve the use of technical great rise in the use of ransomware
hacking techniques. which has been delivered alongside
Phishing Emails. What an attacker
Attackers use new social engineering does is usually deliver an attachment
practices because it is usually easier with a subject like “Account
to exploit the victim’s natural Information” with the common file
inclination to trust. extension say .pdf/.docx/.rar etc.
eg, it is much easier to fool someone
The user generally clicks and the
to give their password instead of
attacker’s job gets done here. This
hacking their password.
attack often encrypts the entire Disk
or the documents and then to decrypt
Sharing too much information on
these files it requires cryptocurrency
social media can enable attackers to
payment which is said to be
get a password or extracts a
“Ransom(money)”.
company’s confidential information
using the posts by the employees. They usually accept Bitcoin/Ethereum
This confidential information helped as the virtual currency because of its
attackers to get the password of non-traceable feature. Here are a few
victim accounts. examples of social engineering
attacks that are used to be executed
How do Social Engineering Attacks via phishing:
Take Place? Banking Links Scams
Phishing scams are the most common Social Media Link Scams
type of Social Engineering attacks Lottery Mail Scams
these days. Tools such as SET(Social Job Scams
Engineering Toolkit) also make it Purpose
easier to create a phishing page but The purpose of social engineering
luckily many companies are now able attacks is typically to steal sensitive
to detect phishing such as Facebook. information, such as login credentials,
credit card numbers, or personal
But it does not mean that you cannot information.
become a victim of phishing because
nowadays attackers are using iframe Attackers can use this information for
to manipulate detection techniques. identity theft, financial fraud, or other
An example of such hidden codes in malicious purposes. Another purpose
phishing pages is cross-site-request- of social engineering attacks is to gain
 23

unauthorized access to secure areas SMS messages to trick individuals

or systems. into revealing sensitive information or
downloading malware.
eg, an attacker might use tailgating to
follow an authorized individual into a Baiting:
secure area or use pretexting to Baiting is a type of social engineering
convince an individual to give them attack that involves leaving a tempting
access to a restricted system. item, such as a USB drive, in a public
place in the hope that someone will
Types of Social Engineering pick it up and plug it into their
There are many different types of computer. The USB drive is then used
social engineering attacks, each of to infect the computer with malware.
which uses a unique approach to
exploit human weaknesses and gain Tailgating:
access to sensitive information. Here Tailgating is a type of social
are some of the types of attacks, engineering attack that involves
include: following an authorized individual into
a secure area, such as a building or
Phishing: data center, without proper
Phishing is a type of social authorization.
engineering attack that involves
sending an email or message that Pretexting:
appears to be from a legitimate Pretexting is a type of social
source, such as a bank, in an attempt engineering attack that involves
to trick the recipient into revealing creating a false identity or situation in
their login credentials or other order to trick an individual into
sensitive information. revealing sensitive information. For
example, an attacker might pretend to
be a customer service representative
in order to trick an individual into
giving them their login credentials.
1. Phishing
Vishing: Phishing is a cyberattack that
Vishing is a type of social engineering leverages email, phone, SMS, social
attack that involves using voice media or other form of personal
phishing, or “vishing,” to trick communication to entice users to click
individuals into revealing sensitive a malicious link, download infected
information over the phone. files or reveal personal information,
such as passwords or account
Smishing: numbers.
Smishing is a type of social
engineering attack that involves using
 24

While the most well-known phishing be replicated for millions of users,

attacks usually involve outlandish whaling attacks target one person,
claims, such as a member of a royal typically a high-level executive. This
family requesting an individual’s type of attack requires a significant
banking information, the modern amount of research on that individual,
phishing scam is far more which is usually done by reviewing
sophisticated. In many cases, a cyber their social media activity and other
criminal may masquerade as retailers, public behavior. This in-depth
service providers or government research results in more sophisticated
agencies to extract personal outreach and a higher likelihood of
information that may seem benign success.
such as email addresses, phone
numbers, the user’s date of birth, or Though whaling attacks require more
the names of family members. planning and effort initially, they often
have huge payoffs as the targets have
Phishing is one of the most common access to high value data or the
types of cyberattacks and its financial resources needed to
prevalence continues to grow year advance a ransomware attack.
over year. COVID-19 dramatically
increased cyberattacks of all kinds,
including phishing attacks. During the
lockdown period, people generally
spent more time online and also
experienced heightened emotions —
the virtual recipe for an effective
phishing campaign. According to the
FBI, phishing was the top form of
cybercrime in 2020, with incidents
nearly doubling compared to 2019.

2. Whaling 3. Baiting
A whaling attack is a type of phishing Baiting is a type of social engineering
attack that also leverages personal attack wherein scammers make false
communication to gain access to a promises to users in order to lure
user’s device or personal information. them into revealing personal
information or installing malware on
The difference between phishing and the system.
whaling has to do with the level of
personalization. While phishing Baiting scams can be in the form of
attacks are not personalized and can tempting ads or online promotions,
 25

such as free game or movie spoofing, website spoofing, and

downloads, music streaming or phone spoofed calls.
upgrades. The attacker hopes that the
password the target uses to claim the 5. Business email compromise
offer is one they have also used on Business Email Compromise (BEC) is
other sites, which can allow the a social engineering tactic where the
hacker to access the victim's data or attacker poses as a trustworthy
sell the information to other criminals executive who is authorized to deal
on the dark web. with financial matters within the
organization.
Baiting can also be in a physical form,
most commonly via a malware- In this attack scenario, the scammer
infected flash drive. The attacker closely monitors the executive's
would leave the infected flash drive in behavior and uses spoofing to create
an area where the victim is most likely a fake email account. Through
to see it. This would prompt the victim impersonation, the attacker sends an
to insert the flash drive into the email requesting their subordinates
computer to find out who it belongs to. make wire transfers, change banking
In the meantime, malware is installed details and carry out other money-
automatically. related tasks.

4. Diversion theft BEC can result in huge financial

Diversion theft is a cyberattack that losses for companies. Unlike other
originated offline. In this attack, a thief cyber scams, these attacks do not
persuades a courier to pick up or drop rely on malicious URLS or malware
off a package in the wrong location, that can be caught by cybersecurity
deliver an incorrect package or deliver tools, like firewalls or endpoint
a package to the wrong recipient. detection and response (EDR)
Diversion theft has since been systems.
adapted as an online scheme. The
malicious actor steals confidential
information by tricking the user into Rather, BEC attacks are carried out
sending it to the wrong recipient. strictly by personal behaviour, which
is often harder to monitor and
This attack type often involves manage, especially in large
spoofing, which is a technique used organizations.
by cybercriminals to disguise
themselves as a known or trusted 6. Smishing / SMS-phishing
source. Spoofing can take many SMS-phishing, or smishing, is a social
forms, such as spoofed emails, IP engineering attack conducted
spoofing, DNS Spoofing, GPS specifically through SMS messages.
In this attack, scammers attempt to
 26

lure the user into clicking on a link are likely to convince victims to share
which directs them to a malicious site. valuable and sensitive data.
Once on the site, the victim is then
prompted to download malicious Pretexters may impersonate someone
software and content. in a position of authority, such as a
member of law enforcement or a tax
Smishing attacks have increased in official, or a person of interest, such
popularity amongst criminals as as a talent agency scout or
people spend more time on mobile sweepstakes organizer. After
devices. While users have become explaining the context, the attacker
savvier at detecting email phishing, would then ask the victim questions to
many people are far less aware of the gain personal and sensitive
risks associated with text messages. information, which they could then
use to advance other attack scenarios
A smishing attack requires little effort or access their personal accounts.
for threat actors and is often carried
out by simply purchasing a spoofed 9. Honeytrap
number and setting up the malicious A honeytrap attack is a social
link. engineering technique that specifically
targets individuals looking for love on
7. Quid pro quo online dating websites or social
A quid pro quo attack involves the media. The criminal befriends the
attacker requesting sensitive victim by creating a fictional persona
information from the victim in and setting up a fake online profile.
exchange for a desirable service. Over time, the criminal takes
advantage of the relationship and
For example, the attacker may pose tricks the victim into giving them
as an IT support technician and call a money, extracting personal
computer user to address a common information, or installing malware.
IT issue, such as slow network
speeds or system patching to acquire
the user's login credentials. Once the 10. Tailgating/Piggybacking
credentials are exchanged, this Tailgating, also known as
information is used to gain access to piggybacking, is a physical breach
other sensitive data stored on the whereby an attacker gains access to
device and its applications, or it is a physical facility by asking the
sold on the dark web. person entering ahead of them to hold
the door or grant them access.
8. Pretexting
Pretexting is a form of social The attacker may impersonate a
engineering that involves composing delivery driver or other plausible
plausible scenarios, or pretext, that identity to increase their chances.
 27

Once inside the facility, the criminal Prevention

can use their time to conduct Timely monitor online accounts
reconnaissance, steal unattended whether they are social media
devices or access confidential files. accounts or bank accounts, to ensure
that no unauthorized transactions
Tailgating can also include allowing have been made.
an unauthorized person to borrow an
employee's laptop or other device so Check for Email headers in case of
that the user can install malware. any suspecting mail to check its
legitimate source.

Phishing Avoid clicking on links, unknown files,

Whaling or opening email attachments from
Baiting unknown senders.
Diversion Theft
Business Email Compromise (BEC) Beware of links to online forms that
Smishing require personal information, even if
Quid Pro Quo the email appears to come from a
Pretexting source.
Honeytrap
Tailgating/Piggybacking Phishing websites are the same as
legitimate websites in looks.

Adopt proper security mechanisms

such as spam filters, anti-virus
software, and a firewall, and keep all
systems updated, with anti-
keyloggers.

How to prevent social engineering What is Social Engineering?

attacks Social engineering is a manipulation
While it is impossible to prevent social technique cybercriminals use to
engineering attacks from taking place, deceive individuals into divulging
people and organizations can protect confidential information or performing
themselves through actions that compromise security.
Responsible Behavior,
Security Awareness, It exploits human psychology rather
Education and than technical vulnerabilities, often
Vigilance. involving phishing, pretexting, or
baiting tactics to gain unauthorized
 28

access to systems, data, or physical The reliance on these psychological

locations. tactics makes social engineering a
powerful tool for cybercriminals,
The Role of Human Psychology in emphasizing the critical importance of
Social Engineering awareness and education in addition
Social engineering takes advantage of to technical security measures.
key aspects of human psychology by
targeting traits such as trust, fear, How Does Social Engineering Work?
curiosity, and urgency. It manipulates Social engineering is a psychological
individuals into revealing confidential manipulation technique that exploits
information or taking actions that may human nature and behavior patterns
compromise their security. to gain unauthorized access to
systems, data, or resources. Here's
Attackers craft situations that cloud how it typically works:
judgment and hinder rational decision-
making by understanding how people Key Psychological Triggers: Authority
react under pressure or when faced —
with tempting opportunities. Attackers impersonate authority
figures, such as executives or IT staff,
For example, a social engineer might to pressure victims into complying
create a sense of urgency by with requests. For example, an
impersonating a trusted authority attacker might pose as a CEO
figure and presenting a scenario that requesting urgent wire transfer
incites fear or concern. approval.

This can prompt the victim to act Urgency: Creating artificial time
quickly without fully verifying the pressure forces quick, poorly
situation. Such psychological considered decisions. An attacker
manipulation exploits the natural might claim, "Your account will be
human tendency to help, comply, or deleted in 1 hour unless you verify
respond to authority, which research your credentials now."
shows is deeply embedded in our Fear/Intimidation:
social behaviors. Threats of negative consequences
manipulate victims into taking unsafe
Attorneys can circumvent traditional actions. For example, the attacker
security measures individuals believe could claim, "Your system is infected
will protect them by appealing to —click here immediately or risk data
emotions. This often leads to loss."
surprisingly successful exploits, even
in the presence of advanced Trust:
technological defenses. Building rapport and appearing
legitimate helps bypass normal
 29

security skepticism. An attacker might Reciprocity: When attackers provide

research a target on LinkedIn to something of value first, victims feel
reference mutual connections or obligated to return the favor. For
shared experiences. instance, a hacker might send a "free
security audit tool" that's malware,
Common Attack Patterns: counting on the recipient feeling
Research & Reconnaissance - compelled to use it since they
Attackers gather information about received something "helpful."
targets from social media, company
websites, and other public sources to Social Proof:
make their approaches more People follow others' actions,
convincing. especially in uncertain situations.
Attackers exploit this by creating fake
Initial Contact – scenarios showing others complying
They reach out through email, phone, with their requests. They might send
text or in person using a pretext phishing emails claiming "90% of your
aligned with their research. The colleagues have already updated their
communication seems legitimate but passwords" to pressure targets into
contains subtle red flags. following suit.

Hook & Manipulation – Scarcity:

Using psychological triggers, they Creating artificial limitations drives
present a problem requiring the target urgent, emotional responses over
to take a specific action like sharing logical ones. An attacker might claim
credentials or transferring funds. "Only 2 spots remaining for this
security upgrade" or "This special
Execution – access expires in 24 hours" to force
Once trust is established, they exploit hasty decisions.
the access or information gained,
often leaving few traces of the
manipulation.
Prevention depends on security
awareness training, verification Commitment & Consistency:
procedures for sensitive requests, and Once people take a small action,
fostering a culture where employees they're more likely to continue that
feel empowered to question behavior to appear consistent.
suspicious interactions - even from Attackers start with minor requests
apparent authority figures. before escalating to more sensitive
ones. They might first ask for public
Psychological Manipulation company information, then gradually
Techniques work up to requesting confidential
data.
 30

These techniques are particularly

Authority: effective because they exploit
Beyond just impersonating authority fundamental human psychological
figures, attackers use specific patterns that persist even when
techniques like: people are aware of them.

Using official-looking email domains

and signatures
Referencing internal procedures or
systems
Dropping names of actual executives
or departments
Creating artificial hierarchies or
approval chains
Likability: Attackers build rapport
through:

Mirroring communication styles and

preferences
Finding or fabricating common
interests and backgrounds
Using flattery and recognition
strategically
Presenting themselves as helpful
problem-solvers
Manipulation through Distraction:
People make poorer security
decisions when under stress or
cognitive load. Attackers might:

Create artificial crises requiring

immediate action Pornography
Overwhelm targets with technical Pornography can be considered part
jargon or complex instructions of cybercrime in several contexts,
Time attacks during busy periods like particularly when it involves illegal
end of quarter content, distribution, or exploitation.
Exploit decision fatigue at the end of Here are some ways in which
workdays pornography intersects with
cybercrime:
 31

1. Child Exploitation and Child

Pornography Cybercrime Aspect:
Definition: Deepfakes can be used to harm
Any form of sexual exploitation or individuals' reputations or to extort or
abuse involving minors, including the blackmail them. Legal systems in
creation, possession, or distribution of several countries have started
child pornography, is illegal in nearly addressing deepfake-related crimes,
all countries. especially when non-consensual
images or videos are involved.
Cybercrime Aspect:
The internet is often used to distribute 4. Illegal Pornographic Websites
such illegal content, making it a Definition:
critical area for law enforcement and Some websites may host or distribute
cybercrime investigations. Online illegal pornography, including non-
platforms that host or facilitate the consensual or underage content.
sharing of child pornography can face These websites can be subject to
severe legal consequences. legal actions, including takedown
notices, fines, or criminal prosecution.
2. Revenge Porn
Definition: Cybercrime Aspect:
This involves the non-consensual The operation of websites dedicated
sharing or distribution of intimate to illegal pornography often involves
images or videos, typically by a cybercrime activities, including
former partner or acquaintance, with hacking, identity theft, or financial
the intent to harm or humiliate. fraud to conceal identities and evade
law enforcement.
Cybercrime Aspect:
Revenge porn is illegal in many
places, and perpetrators can face
criminal charges. The distribution of
intimate images without consent is a
clear example of cybercrime.

3. Non-Consensual Pornography 5. Trafficking and Exploitation

(Deepfakes) Definition:
Definition: Human trafficking for the purposes of
Advances in technology, particularly pornography or sexual exploitation
artificial intelligence (AI), have can be facilitated by online platforms.
enabled the creation of "deepfake" This includes the forced production or
pornography—where an individual's distribution of explicit content.
likeness is digitally inserted into
explicit content without their consent. Cybercrime Aspect:
 32

The internet plays a significant role in

the illegal trafficking of individuals,
and criminals often use encrypted
platforms to operate covertly. Law
enforcement agencies track these
activities as part of global efforts to
combat human trafficking.

Legal Responses and Enforcement:

Regulations:
Countries have different laws
regulating pornography. However,
there are universal prohibitions
against child pornography, non-
consensual sharing of intimate
content, and exploitation.

Cybersecurity Measures:
Law enforcement agencies often use
digital forensics and cybersecurity
tools to track offenders, prevent the
spread of illegal material, and shut
down illicit websites.

Global Cooperation:
International law enforcement
agencies like INTERPOL and the FBI
work together to combat cybercrimes
related to pornography, especially
those that cross borders.

In conclusion, PORNOGRAPHY
while pornography itself is not Cybercriminals can use pornography
inherently illegal, various forms of as a tool for various types of
non-consensual, exploitative, or illegal cybercrime attacks. These attacks
pornography represent significant often exploit people's vulnerabilities or
cybercrime concerns. involve using pornography as a
vehicle for fraud, blackmail, or
malicious activities.
 33

common ways cybercriminals use How it Works:

pornography to carry out cybercrimes: A common tactic involves scammers
impersonating hackers and
1. Phishing and Malware Distribution threatening to release compromising,
Method: intimate images or videos unless the
Cybercriminals often create fake victim pays a ransom. They may claim
websites or advertisements promising to have captured video of the victim
free access to explicit content, with while they were watching adult
the goal of attracting users to click on content, or they may have access to
malicious links or download harmful private images the victim previously
software. shared.

How it Works: Example:

When users click on a link or A scammer may say they have a
download a file from these sites, they video of a victim watching
may inadvertently install malware, pornography on a webcam and
ransomware, or spyware on their demand payment in exchange for not
devices. This can lead to identity theft, releasing it. This form of cybercrime is
data breaches, or the hijacking of the often called sextortion.
victim's device for further malicious
activities. 3. Revenge Porn and Non-
Consensual Image Distribution
Example: Method:
A fake adult website might display Malicious individuals may use
pop-up ads urging users to download revenge porn, where intimate images
a media player or codec to view a or videos are shared online without
video. In reality, this download is a consent, as a form of cybercrime.
malicious program that compromises
the user's device. How it Works:
Cybercriminals may steal explicit
content, often from social media,
emails, or cloud storage, and then
distribute it publicly or threaten to do
so unless a ransom is paid.
Example:
2. Blackmail and Sextortion An ex-partner might threaten to
Method: release intimate images unless the
Cybercriminals may use explicit victim complies with certain demands,
content, often obtained through or the images may be uploaded to
deception or hacking, to extort money adult websites, sometimes
or personal favors from their victims. accompanied by personal information
to further harm the victim.
 34

4. Fake Pornography Subscription How it Works:

Services (Fraud) Deepfake technology can
Method: superimpose a person's face onto
Scammers create fake adult content pornographic videos, creating highly
subscription services or memberships realistic (but fake) content. The
that appear legitimate, but are victims of such attacks can suffer
designed to steal financial information serious reputational damage,
from users. emotional distress, or be extorted by
the perpetrators.
How it Works:
The scam site may promise exclusive Example:
access to premium content, but when A criminal could create a deepfake
a user attempts to sign up, they end video of a person in a compromising
up entering their credit card details or situation and then threaten to release
other sensitive personal information. it unless they are paid or otherwise
In some cases, these scams might coerced.
automatically charge recurring fees or
steal the victim's information for future 6. Online Grooming and Exploitation
fraud. Method:
Cybercriminals may engage in online
Example: grooming, often using adult content as
A victim might be directed to a fake a method to lure or manipulate minors
adult video streaming website that into inappropriate interactions or
offers free trials but requires a credit exploitation.
card number. Later, the criminal
charges hidden fees or continues How it Works:
billing the victim after the trial period An attacker might use online
ends without providing the promised platforms, including adult sites or
service. social media, to make contact with
vulnerable individuals. They may then
attempt to coerce or convince the
victim to share explicit images or
videos of themselves.
5. Deepfakes and Fake Pornographic Example:
Content A criminal might pose as a peer or an
Method: adult in distress, then manipulate a
Cybercriminals may use AI-generated young person into sending explicit
"deepfake" technology to create material, which is then used to exploit
explicit videos of people, often or extort them.
celebrities or ordinary individuals,
without their consent.
 35

7. Distributed Denial of Service Example:

(DDoS) Attacks Using Adult Websites A user might visit a suspicious adult
Method: website and click on an enticing link,
Cybercriminals may use adult only to trigger a ransomware
websites or content to facilitate DDoS download that locks their device and
attacks, where a large volume of demands payment.
traffic is directed at a target website or
server, causing it to crash or become
unavailable.

How it Works:
In some cases, attackers exploit the
traffic to adult sites to conceal the
origin of a DDoS attack. They might
use botnets or malware to direct
infected devices to flood a website
with requests, bringing down servers.

Example: A criminal group might hide

a DDoS attack behind a network of
bots that visit adult content sites to
disguise the attack’s origin.

8. Ransomware Hidden in Adult

Content
Method:
Adult content sites are often used as
delivery mechanisms for ransomware
attacks. Ransomware can encrypt a
user's files, demanding a ransom in
cryptocurrency to unlock the data.

How it Works: Key Prevention Measures:

Victims may unknowingly download Be cautious of suspicious links: Avoid
ransomware from a compromised or clicking on unfamiliar links or
malicious adult website, which locks downloading files from adult websites
their files and demands payment to or emails, especially those offering
regain access. free access to content.
 36

Use reputable sites: Stick to well-

known, reputable websites for any
type of online activity.

Install and update antivirus software:

Use robust security software that can
detect and block malware,
ransomware, and other threats.

Enable two-factor authentication

(2FA): For accounts that store
sensitive information, enable two-
factor authentication to enhance
security.

Educate on privacy and consent:

Avoid sharing private or intimate
content online, and always ensure
consent before sharing explicit
images or videos.
Cybercriminals often exploit the lure
of adult content to deceive,
manipulate, and attack unsuspecting
individuals, making it crucial to be
vigilant about online security and
privacy.

Cyberpornography
Cyberpornography refers to the use of
the internet and digital technologies to
create, distribute, or consume
pornographic material. This term
typically encompasses all forms of
pornography that are accessed,
 37

distributed, or created via digital misuse in various illegal activities.

platforms, including websites, social These include:
media, and peer-to-peer file sharing
networks. Distribution of Child Exploitation
Material:
While it can involve legal forms of The internet has unfortunately been
adult content, cyberpornography often used to distribute child pornography,
raises various ethical, legal, and which is one of the most serious
security concerns. Here are some key forms of cybercrime and a significant
aspects of cyberpornography: area of focus for law enforcement
agencies worldwide.
1. Legal and Ethical Considerations
Legality: The legality of Revenge Porn:
cyberpornography depends on the The act of distributing explicit content
jurisdiction. While adult pornography without the consent of the person in
involving consenting adults is legal in the images or videos. Victims of
many countries, child pornography, revenge porn may face significant
non-consensual material, and other emotional distress, harassment, and
exploitative content are illegal legal consequences.
worldwide.
Sextortion:
Age Restrictions: Cybercriminals may use intimate or
In most countries, the law mandates explicit content to blackmail
age verification to prevent minors individuals. This may involve threats
from accessing adult content. to release private content unless a
However, many online platforms still ransom is paid.
struggle to enforce these regulations
effectively. Deepfake Pornography:
Cybercriminals may create fake
Consent and Exploitation: pornographic content using deepfake
Non-consensual content, such as technology, often without the consent
revenge porn, deepfake pornography, of the individuals whose images or
or any material involving exploitation, likenesses are used. This can be a
is a significant concern in the context form of harassment, exploitation, or
of cyberpornography. revenge.
Sharing intimate images or videos
without consent is illegal and harmful. 3. Impact on Privacy and Security
Data Breaches and Hacking:
2. Cyberpornography and Cybercrime Cyberpornography often involves
Cyberpornography is often linked with personal and sensitive data. Hackers
cybercrime due to its potential for may gain access to private files,
 38

photos, or videos and then use them 5. Cyberpornography and Mental

for extortion or public humiliation. Health
Addiction:
A significant risk arises when Excessive consumption of online
individuals' private content is stored pornography can lead to addiction,
on cloud services or private servers. impacting relationships, personal well-
Malware and Phishing: Pornographic being, and even cognitive functions.
websites can be vehicles for This has led to a rise in online support
spreading malware, spyware, or groups and counseling services
ransomware. aimed at addressing pornography
addiction.
Cybercriminals may create fake adult
content websites or distribute Psychological Impact:
malicious advertisements that contain The creation and consumption of
malware, leading to financial theft, explicit content can have
data loss, or identity theft. psychological effects on both
producers and consumers. Issues
4. Adult Content and Digital Platforms such as body image, consent, and the
Content Creation and Distribution: objectification of individuals are topics
The rise of online platforms has made of discussion in relation to the ethical
it easier for individuals to create and and psychological implications of
distribute their own adult content. cyberpornography.
Websites like OnlyFans or platforms
that allow for user-generated content 6. Regulation and Enforcement
have changed the landscape of the Global and National Regulations:
pornography industry, introducing new Different countries have varying laws
opportunities but also new risks for and regulations around pornography,
exploitation. especially concerning age restrictions,
consent, and explicit content. While
Online Subscriptions and Paywalls: many nations regulate adult content,
Many adult content websites operate the enforcement of such laws online
on subscription-based models, can be challenging due to the global
allowing users to access exclusive nature of the internet.
material behind paywalls.

These platforms can be prone to Internet Platforms and Content

fraudulent activity and scams, with Moderation:
cybercriminals using fake websites or Platforms like social media, video-
phishing tactics to steal payment sharing websites, and online
details. marketplaces may implement their
own rules to prevent the sharing of
 39

explicit content, especially non- may benefit privacy, it also facilitates

consensual or illegal material. the illicit trade of illegal pornographic
However, the effectiveness of content material.
moderation is often debated.
Conclusion
7. Emerging Technologies and Trends Cyberpornography, while often seen
in Cyberpornography as a part of the broader adult
Virtual Reality (VR) and Augmented entertainment industry, brings with it
Reality (AR): VR porn is a rapidly numerous ethical, legal, and security
growing niche within the industry, challenges.
offering a more immersive
experience. These new technologies The internet has transformed how
present unique challenges for explicit content is created, shared,
regulation, content creation, and and consumed, but it has also led to
consumption, especially regarding significant risks, such as exploitation,
consent and exploitation. identity theft, and psychological harm.

Artificial Intelligence (AI) and As technology evolves, the regulation

Deepfakes: AI-generated content, and enforcement of laws related to
including deepfake pornography, is a cyberpornography will continue to be
growing concern. While deepfake critical in addressing its negative
technology can be used to create consequences and preventing illegal
realistic-looking videos of people in activities associated with it.
explicit situations without their
consent, it also raises ethical and
legal questions about the
manipulation of digital images and
videos.

Blockchain and Cryptocurrencies: SOCIAL MEDIA CRIMES

The use of blockchain and
cryptocurrencies like Bitcoin has More and more people, regardless of
enabled more anonymous age and gender, are signing up for
transactions, including for accessing profiles on online social networks for
or distributing adult content. While this connecting with each other in this
 40

virtual world. Some have hundreds or 2. Hacking and Fraud

thousands of friends and followers Although logging into a friend's social
spread across multiple profiles. But at media account to post an
the same time there is proliferation of embarrassing status message may be
fake profiles also. acceptable between friends, but
technically, can be a serious crime.
Fake profiles often spam legitimate
users, posting inappropriate or illegal Additionally, creating fake accounts,
content. Fake profiles are also or impersonation accounts, to trick
created while misrepresenting some people (as opposed to just remaining
known person to cause harassment to anonymous), can also be punished as
him/her. fraud depending on the actions the
fake/impersonation account holder
The most common targeted takes.
websites/apps for creating ‘Fake
Profiles’ are as under: 3. Buying Illegal Things
1. Facebook Connecting over social media to make
2. Instagram business connections, or to buy legal
3. Twitter goods or services may be perfectly
4. LinkedIn legitimate. However, connecting over
social media to buy drugs, or other
Below are the common crimes being regulated, controlled or banned
committed on or as a result of Social products is probably illegal.
Media:-
1. Online Threats, Stalking, Cyber 4. Vacation Robberies
bullying Sadly, one common practice among
The most commonly reported and burglars is to use social media to
seen crimes that occur on social discover when a potential victim is on
media involve people making threats, vacation. If your vacation status
bullying, harassing, and stalking updates are publicly viewable, rather
others online. While much of this type than restricted to friend groups, then
of activity goes unpunished, or isn't potential burglars can easily see when
taken seriously, victims of these types you are going to be away for an
of crimes frequently don't know when extended period of time.
to call the police.

If you feel threatened by a statement 5. Creation of fake profile

made online about you, or believe that Creation of fake profile of a person
the threat is credible, it's probably a and posting offensive content
good idea to consider calling the including morphed photographs on
police. the fake profile
 41

6. Fake online friendship 3. Limit what people can learn about

Developing online friendship over you through searching on net.
social media (with no real-life
familiarity and using the emotional 4. Log out after each session.
connect to trick you in transferring
funds on some pretext such as 5. Don’t share social media
medical emergency, legal troubles, credentials.
problems in a foreign country etc.
6. Don’t accept friend requests from
unknowns.

Types of Cyber Crimes 7. Don’t click suspicious links.

Bitcoin
Business Email Compromise 8. Keep the privacy settings of your
Cheating Scams social media profile at the most
Data Theft restricted levels, esp. for public/others

Email Frauds 9. Remember that information

Fake Calls Frauds scattered over multiple posts,
Insurance Frauds photographs, status, comments etc.
may together reveal enough about
Lottery Scam you to enable a fraudster to steal your
Mobile App related crimes identity and defarud you. So, apply
Net Banking/ATM Frauds maximum caution while sharing
Online Transactions Frauds anything online

Ransomeware
Social Media crimes

Preventive Measures/Precautions What is social media crime'

1. Block profiles from public searches.
Social media crime refers to illegal
2. Restrict who can find you via online activities or offenses that are
search. committed through or facilitated by
 42

social media platforms, such as presence in a persistent and harmful

Facebook, manner.
Twitter,
Instagram, Example:
TikTok, An individual continuously tracks,
or others. sends threatening messages, or posts
disturbing content about someone
These crimes can involve the use of they are obsessively following,
social media to exploit, deceive, harm, causing fear or distress.
or manipulate individuals or groups.
With the widespread use of social 4. Revenge Porn
media for communication, Description: Non-consensual sharing
entertainment, and business, of explicit images or videos of an
criminals have increasingly used individual, often by a former partner or
these platforms for various illicit someone seeking revenge, is illegal
activities. and a form of social media crime.
Example:
Below are some common types of A person might post explicit photos of
social media crimes: their ex-partner online without their
consent, with the intent to humiliate or
1. Cyberbullying and Harassment damage their reputation.
Description:
Cyberbullying and online harassment 7 Child Exploitation & CPornography
involve the use of social media to Description:
target and harm individuals, often by Social media can be misused for child
spreading malicious rumors, exploitation, including the distribution
threatening messages, or abusive or solicitation of child pornography,
comments. grooming, or luring minors into
dangerous situations.
Example:
A person repeatedly insults, Example:
threatens, or humiliates another user A predator might use social media to
via private messages, public posts, or create fake accounts to befriend
comments, causing emotional distress children, manipulate them into sharing
or harm to the victim. explicit images, or arrange to meet
them in person for exploitation.

5. Cyberstalking 2. Identity Theft and Impersonation

Description: Cyberstalking involves Description:
the use of social media and online Criminals may steal personal
platforms to stalk, intimidate, or information from social media profiles
monitor an individual’s online or impersonate someone to commit
 43

fraud, access sensitive data, or spreads hate against individuals or

manipulate others. groups based on race, religion,
ethnicity, gender, or other factors.
Example:
A hacker might steal a person’s social Example:
media account credentials and then A user shares inflammatory posts that
use that account to scam their friends incite violence against a particular
or followers into sending money, or to ethnic group or promotes terrorism or
gather personal information for further hate-based ideologies.
exploitation.
8. Phishing and Social Engineering
3. Social Media Scams and Fraud Description:
Description: Phishing involves tricking individuals
Social media platforms can be used to into revealing personal information,
conduct various scams, such as such as passwords, credit card
phishing, investment fraud, fake details, or other sensitive data,
giveaways, or lottery scams. through deceptive social media
messages or fake accounts.
Example:
A scammer might set up a fake Example:
account or page offering a "too-good- A scammer might impersonate a
to-be-true" prize or investment trusted company or friend and send a
opportunity and trick users into message through social media that
providing personal information or looks like a legitimate request for
sending money. information, like asking users to
“verify” their account details.

6. Hate Speech & Incitement to 9. Online Trafficking & Exploitation

Violence Description:
Description: Social media is sometimes used by
Posting or sharing content that incites traffickers to recruit and exploit
violence, promotes discrimination, or
 44

vulnerable individuals for sex, labor, Defamation involves spreading false

or other forms of exploitation. information or malicious content on
social media with the intent to harm
Example: someone’s reputation.
Human traffickers may use fake job
offers or relationships to manipulate Example:
victims into trafficking situations, A person might spread false rumors
leveraging social media as a means or post manipulated images to
of control or recruitment. damage another person’s
professional or personal reputation.
10. Deepfake and Misinformation
Description: 13. Trolling and Online Harassment
Deepfakes involve the use of artificial Description:
intelligence to manipulate images, Trolling involves posting inflammatory
videos, or audio to create fake content or disruptive content online with the
that can deceive or defame intent of provoking others, causing
individuals. harm, or generating a reaction.
Example: Example:
A deepfake video might be created to A user might intentionally provoke
make it appear as if a politician or arguments, post offensive comments,
celebrity said something controversial, or target specific individuals or groups
leading to misinformation, defamation, to incite conflict or cause distress.
or public harm.
11. Online Drug Trafficking and 14. Spreading Malware or
Illegal Activities Ransomware
Description: Description:
Social media platforms are sometimes Cybercriminals can use social media
used to facilitate illegal activities such platforms to spread malicious
as drug trafficking, the sale of illegal software, such as malware or
weapons, or the distribution of stolen ransomware, to infect users' devices
goods. or extort money from them.
Example: Example:
A criminal might use a private A criminal might send a link in a
Facebook group to sell or trade illegal message or post that appears
substances or weapons, while using harmless but leads to a malware
coded language to avoid detection. download, compromising the victim’s
12.Reputation Damage & personal information or device.
Defamation Legal and Ethical Challenges:
Description:
Privacy and Data Protection:
 45

Social media crimes often involve the sources. Be wary of links and
unauthorized collection or use of attachments in messages, even if
personal data. Many countries have they appear to come from trusted
implemented data protection laws to contacts.
prevent the misuse of personal
information, but enforcement is Educate Yourself and Others:
challenging due to the global nature of Stay informed about the risks and
the internet. potential crimes that can occur on
social media, and educate friends and
Platform Accountability: family members, especially younger
Social media companies must or vulnerable individuals, about online
balance the need for free speech with safety.
the responsibility to prevent harmful or
illegal activities on their platforms. Social media crimes are becoming
Many have implemented reporting more complex as technology
systems, content moderation, and advances, but with awareness,
security measures to prevent misuse. caution, and vigilance, individuals can
better protect themselves from falling
How to Protect Yourself from victim to online criminal activity.
Social Media Crime:
Privacy Settings:
Regularly update and adjust privacy
settings on social media accounts to
control who can see your posts, who
can contact you, and what information
is shared publicly.

Report Suspicious Behavior:

Report any suspicious accounts,
behavior, or content to the social
media platform immediately. Most
platforms have reporting mechanisms
for various types of misconduct.

Be Cautious with Personal

Information: Avoid sharing sensitive
personal details (e.g., home address,
phone number, financial information)
publicly on social media.
Recognize Scams: TELECOM FRAUD
Be cautious of unsolicited offers, Telecom fraud refers to fraudulent
messages, or requests from unknown activities that exploit
 46

telecommunications networks or This involves fraudsters misleading

services for illegal gain. consumers into calling premium-rate
numbers or engaging in paid services
This can involve various schemes that that are highly overpriced or
manipulate or abuse telecom unnecessary.
systems, services, or billing
mechanisms to steal money or data, How it Works:
often causing significant financial Fraudsters may lure individuals into
losses for consumers, telecom dialing premium-rate numbers (often
companies, or both. linked to services like adult content,
trivia lines, or supposed customer
Telecom fraud has become a major service), resulting in exorbitant phone
concern for both consumers and bills.
service providers due to its increasing
prevalence and sophistication. Example: A victim might receive a call
or message claiming they’ve won a
common types of telecom fraud: prize and are instructed to call a
1. Subscription Fraud specific number to claim it, which
Description: Fraudsters sign up for turns out to be a premium-rate
telecom services (such as mobile number.
phone contracts, internet services, or
landlines) using stolen or fake 3. SIM Card Swap Fraud
identities and then use the service Description: Fraudsters impersonate
without paying for it. the victim and request a new SIM
card from their telecom provider in
How it Works: order to gain access to the victim’s
Criminals may provide fake phone number and bypass security
documentation, use stolen credit card measures like two-factor
details, or assume false identities to authentication.
acquire telecom services. Once the
fraudster has access to the service, How it Works: The fraudster contacts
they may either use it themselves or the telecom company, typically using
sell the service to others. personal information they've gathered
(or stolen), to convince the provider to
Example: A person might use fake issue a new SIM card. Once they
identification or stolen personal have control of the phone number, the
information to obtain a mobile phone criminal can intercept sensitive
contract, then run up a large bill and communications, reset passwords,
disappear without paying. and steal money or data.
2. Premium Rate Fraud (also called Example:
"Pyramid Fraud") A scammer may request a
Description: replacement SIM card for a victim's
 47

phone, then use it to access banking and disconnect before the call is
accounts, email, or social media answered (leaving a "missed call").
profiles. The fraudsters then rely on the victim
to return the call, which is directed to
4. International Revenue Share a high-cost international or premium-
Fraud (IRSF) rate number.
Description: This type of fraud occurs
when fraudsters exploit international Example:
phone calls to generate large The victim sees a missed call from an
amounts of revenue through international number, returns the call,
premium-rate numbers or services. and is charged a significant amount
for the international connection, often
How it Works: without realizing it.
Fraudsters may route calls through
foreign networks that use premium- 6. Man-in-the-Middle Attacks (MITM)
rate numbers. Telecom companies Description: In a man-in-the-middle
receive a portion of the revenue attack, cybercriminals intercept
generated by these calls, while communication between two parties,
fraudsters profit by directing often to steal sensitive data such as
unsuspecting victims to these account information, banking details,
expensive international services. or login credentials.

Example: How it Works:

A criminal might set up a premium- A fraudster may intercept
rate international number and use communication between a user and
automated dialing systems (robocalls) their telecom provider, allowing them
to connect victims to it, generating to alter or redirect information. This
high charges for each call. type of fraud is commonly seen in
scenarios where a victim logs into
5. Call Forwarding or "Wangiri" Fraud their account on a compromised
Description: public Wi-Fi network.
This fraud targets mobile users by
manipulating missed calls to generate Example:
call-back charges. A person connects to a compromised
Wi-Fi network at a cafe and, without
their knowledge, a fraudster intercepts
login details used to access telecom
services, such as account balances or
personal information.
How it Works: 7. Call Baiting
Fraudsters use automated systems to Description: Fraudsters trick
call a large number of mobile phones individuals into calling back a
 48

premium-rate number, often by records, making it appear as though

presenting the call as a missed calls or data usage were free,
important communication or request allowing fraudsters to enjoy the
for assistance. services without paying.

How it Works: 9. Smishing (SMS Phishing)

The scammer may send a text or Description: Smishing involves
voicemail saying they need to reach sending fraudulent text messages to
the victim urgently and provide a trick recipients into sharing personal
phone number to call back. The victim information or downloading malicious
calls the number, which is a premium- software.
rate service, and ends up incurring
high charges. How it Works: Fraudsters send text
messages that appear to be from
Example: legitimate telecom providers, asking
A scammer might send a text users to provide account details, reset
message claiming to be from a bank, passwords, or verify information.
stating that the recipient’s account These messages may contain links to
has been compromised, and provides phishing websites or malware.
a number to call for assistance. The
victim calls, unknowingly dialing a Example:
premium-rate number. A user receives a text claiming to be
from their telecom provider, asking
8. Data and Billing Fraud them to confirm their account by
Description: Fraudsters exploit clicking a link. The link leads to a fake
weaknesses in telecom billing site designed to steal the user's login
systems to make unauthorized calls credentials.
or send messages, or to access data
inappropriately without being billed. 10. Overcharging and Billing Errors
Description: Fraudulent activities
How it Works: related to overcharging, hidden fees,
Cybercriminals may gain or incorrect billing may occur within
unauthorized access to telecom telecom companies, sometimes as a
databases or systems and manipulate result of intentional actions or
billing records to either erase charges technical errors.
or create false billing entries, allowing
them to receive services without
paying for them.

Example: How it Works:

A hacker might infiltrate a telecom Customers may be charged for
company’s system and alter billing services they did not use or receive,
 49

such as for roaming charges, over the phone or through email,

international calls, or unwanted unless you're certain of the identity of
subscriptions, due to errors or the requester.
deceptive practices by telecom Install Security Software:
providers or third-party companies. Protect your devices from malware
and viruses by installing security
Example: software and keeping it updated.
A customer is charged for premium
services they did not subscribe to, Conclusion:
such as mobile apps or content, Telecom fraud is a broad and growing
because their telecom company was problem that can cause significant
either negligent or complicit in financial harm to both consumers and
allowing unauthorized charges to be telecom companies.
added to their account.
It’s important to be aware of the
How to Protect Against Telecom various scams and fraudulent
Fraud: activities that can occur within the
Monitor Accounts Regularly: Always telecommunications sector and take
keep track of your billing statements, steps to protect yourself from falling
check for discrepancies or victim to them.
unexpected charges, and report any
suspicious activity immediately. Regular monitoring, awareness, and
cautious behavior can help minimize
Use Strong Authentication: the risk of becoming a target of
Enable two-factor authentication on telecom fraud.
accounts that support it, especially for
telecom services, to prevent
unauthorized access.

Be Cautious of Unknown Calls and

Messages:
Avoid responding to unsolicited calls
or text messages asking for sensitive
information, especially if they seem
suspicious or urgent.

Protect Personal Information: CREDIT CARD FRAUD

Never share your personal Credit card fraud is the unauthorized
information, account details, or PIN use of someone else's credit card
 50

information to make purchases or without the physical card, often taking

access financial resources. This can advantage of weak or stolen login
happen in several ways: credentials.

Credit card fraud refers to the 5. **Account Takeover**:

unauthorized use of someone’s credit Fraudsters may gain access to a
card or credit card information to person’s online banking or shopping
make purchases, withdraw funds, or accounts, changing the passwords
engage in other fraudulent activities. and using the stored card information
This crime can occur through various for purchases.
means, including physical card theft,
digital theft, or identity theft. ### How to Protect Against Credit
Card Fraud:
It is a significant concern for both - Regularly monitor credit card
consumers and financial institutions, statements for suspicious activity.
as it can lead to financial losses, - Use secure websites with "https"
damage to credit scores, and long- when shopping online.
term complications in resolving - Set up alerts for your card
fraudulent transactions. transactions, so you're notified of any
charges.
1. **Stolen Card Information**: - Avoid sharing your card details over
If someone physically steals a credit email or phone unless you're sure of
card or gains access to the card the recipient’s identity.
details (such as the card number, - Use strong passwords for online
expiration date, and security code), banking and retail accounts.
they can make fraudulent purchases.
### What to Do if You Become a
2. **Phishing**: Victim:
Fraudsters may use email, phone 1. **Contact the Issuer**: Call your
calls, or websites that appear credit card company immediately to
legitimate to trick individuals into report the fraud and block the card.
revealing their credit card details. 2. **File a Police Report**: Some
jurisdictions require this, and it can
3. **Card Skimming**: help protect you legally.
This occurs when a device is secretly 3. **Monitor Your Credit**: Watch for
attached to a credit card reader (such any signs of identity theft and
as at an ATM or a gas station) to consider placing a fraud alert or
capture the card’s magnetic strip data. freezing your credit.

4. **Online Fraud**: Common Types of Credit Card Fraud:

Criminals might use stolen credit card 1. Card Not Present (CNP) Fraud
information to make online purchases
 51

Description: This type of fraud occurs Description: Account takeover occurs

when a credit card is used for when a fraudster gains access to an
transactions where the physical card individual’s credit card account (via
is not present, such as online or over- personal information, phishing, or
the-phone purchases. hacking) and takes control of it.
How It Works:
How It Works: Fraudsters obtain a
victim’s credit card details (usually
through phishing, data breaches, or
other forms of cybercrime) and use
these details to make purchases
online, often without the cardholder’s
knowledge.

Example: A criminal steals your credit

card details through a data breach
and uses them to make an online
purchase on an e-commerce website.

2. Card Present Fraud

Description: Card present fraud
occurs when a thief physically steals
the credit card and uses it to make
unauthorized purchases in person.

How It Works: The fraudster either

steals the physical card directly or
engages in "skimming" (using a
device to copy the information from a
card's magnetic stripe) to obtain the
card details.

Example: A fraudster steals your

wallet and uses your credit card at a
retail store to make fraudulent
purchases.

3. Account Takeover
 52

Credit card fraud refers to the Description: This type of fraud

unauthorized use of a credit card or happens when a thief physically
its details to make purchases, steals a credit card and uses it to
withdraw funds, or obtain goods and make in-person purchases.
services without the cardholder’s
consent. This type of fraud can occur How it Happens: A person might steal
in a variety of ways, ranging from a wallet, purse, or simply the card
physical theft of the card to digital itself from an individual’s home or car.
breaches of card information. It can They can then use it at a store or
result in financial losses, damage to ATM.
credit ratings, and significant stress
for the affected individuals. 3. Skimming
Description: Skimming is the practice
Credit card fraud can take several of using a small device (called a
forms, each involving different tactics skimmer) that is secretly attached to a
or methods used by criminals to legitimate card reader, such as an
illegally obtain and use someone’s ATM or point-of-sale terminal.
credit card information. Here are
some of the most common types of How it Happens: The skimmer reads
credit card fraud: the information on the magnetic strip
of the credit card when the legitimate
1. Card-Not-Present (CNP) Fraud user inserts their card into the
Description: This type of fraud occurs machine. The thief can then use the
when the fraudster makes purchases stolen data for fraudulent
online or over the phone using stolen transactions.
card details (such as the card
number, expiration date, and security 4. Phishing
code) without the physical card being Description: Phishing is a technique
present. used to trick individuals into revealing
their credit card information, often
How it Happens: Criminals might through emails, fake websites, or
obtain card information through phone calls that appear to be from
phishing, data breaches, or other legitimate companies.
means, and use it to make online
transactions. How it Happens: Fraudsters may
send an email pretending to be a
bank or retailer, asking the victim to
"verify" or "update" their account
information, which is then captured
and used fraudulently.

2. Card-Present Fraud 5. Account Takeover

 53

Description: Account takeover occurs Description: Fraudsters steal credit

when a fraudster gains access to an card statements or pre-approved
individual’s account, often by stealing credit card offers from the victim’s
login credentials. mailbox.

How it Happens: Through phishing, How it Happens: The thief may use
data breaches, or social engineering, this information to apply for new credit
the thief takes control of the victim’s cards or make unauthorized charges
online banking or shopping account using the details they find in the mail.
and uses the stored credit card
information to make purchases. 9. Friendly Fraud (Chargeback Fraud)
Description: This type of fraud occurs
6. Identity Theft when a legitimate cardholder makes a
Description: In this case, a fraudster purchase and then disputes the
steals an individual’s personal charge, claiming that the transaction
information, including their credit card was unauthorized or the goods were
details, and uses it to open new credit not received.
accounts or make unauthorized
purchases. How it Happens: The cardholder files
a chargeback with their bank,
How it Happens: Personal information potentially resulting in the merchant
may be acquired from social media, losing the payment, even though the
data breaches, or physical theft (e.g., purchase was made by the cardholder
stealing mail or personal documents). themselves.

7. Fake Credit Cards (Counterfeit 10. Application Fraud

Fraud) Description: This occurs when a
Description: Criminals use stolen or fraudster applies for a credit card
forged card information to create using stolen or fake information to get
counterfeit credit cards. approved for a new card.

How it Happens: Using stolen data, a How it Happens: The fraudster might
fraudster may manufacture a fake use another person’s identity, fake
card and use it in person to make documents, or manipulate the
purchases. This is more common with application process to get credit cards
magnetic stripe cards than EMV (chip) issued in someone else’s name.
cards, which are harder to duplicate.

8. Mail Theft 11. Data Breach Fraud

 54

Description: A data breach is when an

organization’s systems are hacked, Shred documents containing personal
exposing customers' credit card or financial information before
information and other sensitive data. discarding them.

How it Happens: Hackers target Understanding these different types of

businesses, retailers, or online credit card fraud can help you take
platforms to steal large amounts of proactive steps to protect your
customer data, including credit card personal information.
numbers. Fraudsters then use or sell
the stolen information for illicit
purposes.

12. SIM Swap Fraud

Description: Fraudsters trick or bribe
mobile phone carriers into transferring
a victim’s phone number to a SIM
card in their possession.

How it Happens: Once the fraudster

has control of the victim's phone
number, they can intercept two-factor
authentication messages or reset
account passwords, including those
for banking or shopping accounts.

Prevention Measures for Each Type:

Use EMV (chip) cards for better
protection against counterfeiting.

Enable two-factor authentication for

online transactions and accounts.
Monitor bank and credit card
statements regularly to catch
unauthorized transactions early.

Avoid sharing sensitive information

over email or untrusted websites.

Use anti-virus software to protect your

computer from malware and phishing
attempts.
 55

Identification: Locating relevant digital

https://www.facebook.com/ artifacts like logs, metadata, and
photographychitrayan/videos/ snapshots to establish the scope of
1101852911284000 the investigation.
Collection: Extracting evidence using
In an era where cloud environments APIs, forensic tools, or cloud-provider
dominate enterprise operations, mechanisms while ensuring data
uncovering digital evidence during integrity.
incidents presents a formidable Analysis: Examining collected data to
security challenge. The dynamic, uncover anomalies, trace malicious
distributed nature of cloud activities, or reconstruct attack
infrastructures — spanning ephemeral timelines.
workloads, multi-cloud setups, and Preservation: Maintaining the integrity
decentralized data storage — and chain of custody of evidence for
complicates forensic investigations. compliance and legal proceedings.
This guide unpacks the essentials of Collaboration: Working with incident
cloud forensics: how does it differ response teams to contextualize
from traditional digital forensics? But findings, assist in containment efforts,
we’ll also go deeper, looking at what and recommend remediation
happens once you have a cloud measures.
forensics plan, and how you can Compliance Alignment: Ensuring
balance automation with human forensic processes adhere to data
oversight, retain ephemeral data, and privacy laws, regional regulations, and
contend with jurisdictional issues. organizational policies.
Reporting: Documenting findings in
How Does Cloud Forensics Work? detailed, actionable formats.
Cloud forensics is the specialized Tooling and Automation: Leveraging
process of investigating security forensic tools to handle ephemeral
incidents or malicious activities within cloud data and streamline analysis.
cloud environments. It involves Is forensics different in the cloud?
identifying, collecting, analyzing, and Absolutely.
preserving digital evidence, such as
logs, configurations, and snapshots, While the goals of digital forensics
to reconstruct events, ensure remain the same across
compliance, and support legal or environments, the tactics do not. In
organizational accountability. the cloud, data is often scattered
across multiple geographic regions,
An integral part of digital forensics stored in shared infrastructures, or
and incident response, forensics itself, processed by ephemeral resources
particularly cloud forensics, includes: like containers and serverless
functions.
 56

This introduces unique complexities, with regulatory requirements, and

such as the need to trace evidence builds trust with stakeholders. Let’s
within transient instances that may recap the benefits.
disappear before forensic efforts can
even begin. Additionally, multi- Runtime and Container Scanning with
tenancy — a core characteristic of Upwind
cloud architectures — means Bring cloud forensics into focus with
investigators must isolate forensic runtime-powered container scanning
data from other tenants while features so you get real-time threat
respecting privacy and legal detection, contextualized analysis,
boundaries. remediation, and root cause analysis
that’s 10X faster than traditional
The rapid advance of cloud services methods.
requires the development ofbetter
forensic tools to keep pace.” — The Get a Demo
NIST Cloud Computing Forensics How Does Cloud Forensics Help to
Team Secure Your Environment?
At its core, cloud forensics is not just
Another critical challenge lies in a tool or even a toolbox of gadgets:
correlating evidence across layers of it’s a set of practices for preserving
abstraction within the cloud stack. evidence during investigations, and its
Logs from different sources, such as goal is to distill the noise inherent in
application logs, API calls, and cloud dynamic, ephemeral, and complex
provider activity logs, must be pieced cloud environments into actionable
together to form a coherent timeline of security insights.
events. This process is complicated
by discrepancies in time zones, log Digital forensics is crucial for
formats, and retention policies. compliance, and compliance is less
Compounding the task is how forensic expensive than violations. The
teams have to contend with gaps in expenses related to non-compliance
visibility when providers control are 2.71 times higher than
certain aspects of the infrastructure, maintaining compliance measures.
which can hinder access to low-level
data like hypervisor logs. By uncovering patterns, identifying
vulnerabilities, and piecing together
Overall, cloud forensics demands a fragmented evidence, cloud forensics
tailored approach. And the payoff can transforms overwhelming data
be worth it: cloud forensics not only streams into a clear narrative that aids
helps organizations uncover the root in resolving incidents and driving
cause of security incidents but also meaningful improvements to an
strengthens their ability to respond to organization’s security posture to
future threats, ensures compliance make it more adaptive and resilient.
 57

Containers may disappear, but cluster

Here are the core ways cloud memory can last forever with runtime
forensics helps: monitoring into processes like
memory use, so teams can tell how
Turning Chaos into Clarity efficiently a cluster handles resources
Cloud environments generate during workload execution.
massive volumes of disparate logs, Uncovering Vulnerabilities through
metadata, and activity streams that Forensic Patterns
can obscure threats rather than reveal Vulnerabilities in cloud environments
them. Cloud forensics addresses this often hide in plain sight, concealed
by aggregating, normalizing, and within seemingly isolated events or
correlating data across multiple layers misconfigurations that appear benign
— such as VPC flow logs, API calls, on their own. For example,
and runtime container logs — into a vulnerabilities in cloud environments
coherent story. often stem from configurations,
permissions, or access patterns that
By analyzing this data holistically, may not raise alarms individually but,
forensic tools help security teams when combined, create exploitable
isolate suspicious behaviors that attack vectors. A publicly exposed
might otherwise be lost in the noise, storage bucket might not seem like an
such as anomalous API usage or issue until paired with overly
unexpected data exfiltration attempts. permissive IAM policies, making it a
target for data exfiltration.

Cloud forensics can correlate

Illuminating the Ephemeral seemingly unrelated data points, like
Containers and serverless functions multiple failed login attempts from
can disappear before evidence can be different regions combined with
gathered. Cloud forensics provides changes to a critical configuration that
automated mechanisms to capture signals a brute force attack.
and preserve logs, memory dumps,
and metadata from these fleeting Reinforcing Accountability and
systems, ensuring that no critical data Governance
is lost. By capturing and preserving evidence
securely, cloud forensics helps
Screenshot showing a network security teams maintain accountability
Containers may disappear, but cluster and meet compliance requirements.
memory can last forever with runtime
monitoring into processes like For example, imagine a scenario
memory use, so teams can tell how where an unauthorized API call
efficiently a cluster handles resources modifies critical cloud configurations.
during workload execution. Cloud forensics tools can capture this
 58

event, link it to a specific user or Additionally, forensic findings might

automated script, and preserve the highlight gaps in detection, prompting
evidence for compliance reporting. the integration of runtime anomaly
Automated audit trails ensure every detection for similar activity patterns in
action — whether malicious or the future.
accidental — is traceable, while
forensic reports detail how incidents Navigating Challenges in Cloud
were managed and resolved. Forensics
Cloud forensics offers significant
This transparency not only supports benefits, but that doesn’t mean it
executives and auditors in ensuring doesn’t come with secondary
regulatory adherence but also challenges to solve.
reinforces trust in the organization’s
ability to govern its cloud The following table outlines the
environments effectively. deeper debates teams may find
themselves enmeshed in even after
Identifying overly permissive user instituting some of the tenets of cloud
roles across clouds is one step to forensics. It also addresses some
enforcing policies from a single actionable strategies to address them
dashboard view. effectively:
Identifying overly permissive user
roles across clouds is one step to
enforcing policies from a single
dashboard view.
Driving Continuous Improvement and
Security Maturity
Every forensic investigation
contributes to a cycle of continuous In the real-world application of cloud
improvement that can turn individual forensics, these secondary challenges
incidents into opportunities for can make teams question what
strengthening the overall security forensic tools they need and how they
posture. For example, a forensic balance their use with the tasks they
analysis might reveal that a need to accomplish.
misconfigured security group allowed
unauthorized access to a sensitive For some, more comprehensive
resource. This insight could lead to Cloud-Native Application Protection
the immediate adjustment of access Platforms (CNAPPs), though not
controls and the creation of stricter dedicated forensic tools, provide
infrastructure-as-code (IaC) policies to plenty of value in addressing some
prevent similar misconfigurations. challenges:
 59

Ephemeral Workload Visibility: A Sadly, there’s no magic bullet

CNAPP should offer critical insights solution.
into transient resources like
containers and serverless functions Specific use cases come with some
so teams can detect anomalies and dedicated open-source solutions. For
gather contextual data that would example, cloud-native features of
otherwise be lost. AWS CloudWatch or Kubernetes
Proactive Monitoring: By identifying audit logs can be deployed to retain
risks and threats in real time, critical data automatically. And
CNAPPs help teams respond quickly, organizations can implement
often preventing incidents before they automated triggers that capture
escalate into full-blown investigations. snapshots or memory dumps upon
Simplifying Multi-Cloud Complexity: suspicious activity.
Many CNAPPs provide unified
dashboards and workflows across But they’ll have to implement
cloud environments, reducing blind solutions one by one to address their
spots and standardizing processes. own challenges, balancing tasks like
However, CNAPPs alone aren’t automating log aggregation with over-
enough to support forensic reliance on potentially useless
investigations. While they can automated outputs.
manage detection, monitoring, and
providing contextual analysis, they Ultimately, organizations must craft a
often lack capabilities for: hybrid strategy that combines the
strengths of CNAPPs with dedicated
Legal Evidence Preservation: forensic tools and cloud-native
Dedicated forensic tools are better features. CNAPPs offer real-time
suited for maintaining chain-of- monitoring, ephemeral workload
custody and ensuring evidence meets visibility, and unified dashboards that
admissibility requirements. simplify detection and response.
In-Depth Analysis: Tasks like However, deeper forensic needs,
reconstructing complicated attack such as long-term evidence retention,
paths or performing detailed memory chain-of-custody, and detailed attack
forensics typically fall outside the path analysis, require tools and
scope of CNAPPs. processes made for those tasks —
However, as some teams require then refined for every organization
compliance and reporting tools in that employs them.
forensic solutions, they face a new
slate of challenges, from handling
visibility in the multi-cloud to balancing
human expertise and intervention with
automation.
60
 61

What is Cloud Forensics? One of the most important things to

Cloud forensics is a branch of digital know about digital forensics in
forensics that applies investigative general, and cloud forensics in
techniques to collecting and particular, is that the mechanisms to
evaluating critical evidence in cloud carry out forensic analysis must be in
computing environments following a place before an attack or a breach
security incident. occurs. The last thing that
organizations need in the middle of a
Cloud forensics is a branch of digital security incident is to realize that
forensics that applies investigative critical data is not available.
techniques to collecting and
evaluating critical evidence in cloud
computing environments following a
security incident. Sources of this
forensic evidence include runtime Cloud forensics vs. digital forensics:
execution data, cloud service provider What’s the difference?
logs, and artifacts like disk and Cloud forensics is an offshoot of
memory snapshots, and it’s the job of digital forensics, which has been
forensic investigators to collect and around since the dawn of cybercrime.
analyze all this information. (Unfortunately, that means almost
back to the dawn of the internet, way
wiz blog back in 1988.)
Wiz becomes the first CNAPP to
provide end-to-end cloud forensics Digital forensics began with simple,
experience common-sense techniques like
Read more collecting activity logs, monitoring
network traffic, and scanning physical
How does cloud forensics make your drives. Several factors have made it
cloud environments safer? difficult for traditional digital forensics
Cloud forensics serves several tools such as endpoint detection and
essential purposes: response (EDR) to accommodate
modern cloud infrastructures:
Understanding the scope of
cyberattacks and breaches along with Scope of data: Data is highly
their root cause distributed in the cloud, stored in
unknown locations over which you
Implementing effective mitigation and don’t necessarily have control.
prevention strategies
Varied attack surface: Cloud
Aiding in legal proceedings, insurance resources and assets can include
claims, and criminal investigations virtual machines, containers,
serverless functions, VPCs, identities,
 62

storage, and applications, and each of navigating a diverse range of devices

these resource types requires a and data sources.
different approach for forensic
analysis. For all these reasons, data collection
and analysis methods have to be
Scale of data: Cloud environments updated to handle the scale and
can quickly scale far beyond the data complexity of cloud forensic
storage and analysis limitations of investigations.
traditional forensic tools.

Ephemerality: With cloud computing,

compute instances and storage can How does cloud forensics make your
be reallocated instantly, meaning that cloud environments safer?
critical data can easily be lost. Cloud forensics serves several
essential purposes:
In short, all of the benefits of cloud
that we enjoy every single day Understanding the scope of
introduce a new set of forensic cyberattacks and breaches along with
hurdles. their root cause

When data is stored in the cloud, Implementing effective mitigation and

investigators need specially adapted prevention strategies
methods to extract and preserve
forensic data. In addition, Aiding in legal proceedings, insurance
reconstructing timelines—an claims, and criminal investigations
important element in any forensic
analysis—becomes very difficult One of the most important things to
across multiple and diverse data know about digital forensics in
sources, such as reconciling CSP general, and cloud forensics in
activity logs with device runtime particular, is that the mechanisms to
activity. Data sources are also often carry out forensic analysis must be in
separated by multiple time zones if place before an attack or a breach
data is distributed worldwide. occurs. The last thing that
organizations need in the middle of a
Beyond dealing with these security incident is to realize that
challenges, there’s a greater need critical data is not available.
now than ever for digital and cloud
forensics due to increasing
cybercrime and the growing
sophistication of attacks. Effective
digital forensics now demands
 63

Cloud forensics investigation process organization compromised or exposed

All cloud forensics solutions follow to future attacks, including changes to
three essential steps: system settings or network
configurations. In the cloud, identity
1. Data acquisition plays a major role in this analysis, and
During this stage, evidence is examination of CSP IAM activity is
gathered that will aid in the key to ensuring persistence is
investigative process. This should be eliminated.
done as quickly as possible once the
security incident has been identified. 3. Analysis and reporting
Data will be aggregated from a wide During this stage, the solution
variety of sources: audit logs like interprets and reports on findings after
AWS CloudTrail, Azure Activity Logs, examining all the relevant data. It will
or GCP Audit Logs; network traffic provide as much information as
from either runtime sensors or VPC possible to aid in classifying the
Flow logs; memory dumps; and more. incident (type, timeline, methods, and
Data acquisition must be set up in scope, meaning what exactly has
advance, and the cloud forensics been compromised). It will also
solution you choose must provide analyze data that could help identify
suitable storage and handling so that the perpetrator: IP, country, tell-tale
all data collected can be considered indicators of compromise (IoCs),
valid evidence. techniques, or tools associated with
known threat actors.
2. Examination
During this stage, designated file Forensic analysis provides insights in
system assets are tested for any five essential categories:
modifications (add, delete, modify).
The solution will be looking to identify Category Examples of relevant data
tell-tale signs left by an attacker that points for forensics
could lead to future compromise, such Initial access User ID, IP address,
as hidden files and malware droppers login attempts, login credentials used
(a category of Trojan horse). This Lateral movement Signs of
process can be aided with a file privilege escalation, container escape,
integrity monitoring tool. suspicious network traffic, other IOCs
Persistence Process creation,
All critical environments and storage startup and/or backdoor scripts,
must be tested to determine the suspicious processes, autorun
presence of viruses and other locations
malware. Persistence checks are also Breach impact Least privilege IAM
critical at this stage, identifying violation (e.g., access granted to
processes and accounts (such as sensitive resources), evidence of
secret backdoors) that leave your
 64

unauthorized access, file properties, manual labor. In ephemeral cloud

encrypted/cleartext storage environments, this slow process may
result in loss of critical data.
Future prevention Accounts
used, exposed cloud services, access Automated cloud forensics
controls, container privileges, capabilities are an essential part of
encrypted/cleartext data storage, cloud investigation and response
misconfigurations automation (CIRA). CIRA is a
relatively new approach to the unique
When it comes to reporting, all results challenges of cloud security that
must be clear, concise, and automates forensic tasks and uses AI
actionable. A cloud forensics report to analyze huge amounts of data in
should provide recommendations or real time, empowering organizations
mitigation strategies wherever to proactively identify and respond to
possible: vulnerabilities to address, security threats within their cloud
suggestions to remedy infrastructure. This lets you respond
misconfigurations, additional controls faster to incidents, saving time,
needed, and other types of money, and your organization’s
weaknesses. It can also provide reputation.
recovery and restoration steps, where
possible. There are several types of tools that
you can use to aid in forensic analysis
Reporting the results of cloud of incidents in your cloud
forensics techniques provides useful environments:
evidence to security investigation or
legal teams, arming you to take Cloud provider tools: Management
appropriate next steps. consoles to collect and analyze IAM
audit logs, snapshots of virtual
machines, and other artifacts for
further analysis

Network analysis tools: Capture and

analyze network traffic for suspicious
Types of cloud forensics tools and activity
technologies
Following a security breach, rapid Log analysis tools: Parse and analyze
identification of the root cause and cloud platform logs
potential impact (blast radius) is
crucial for security and incident Memory forensics tools: Acquire and
response teams. Unless suitable tools analyze the contents of a cloud
are in place, this can be a long, instance’s memory
laborious task, heavily reliant on
 65

Data carving tools: Extract deleted or

fragmented data from cloud storage
for additional data

Virtual machine image analysis tools:

Analyze virtual machine disks and
extract evidence from the guest
operating system

Some cloud providers have

introduced their own native cloud
forensics tools. Amazon has
published a comprehensive guide to
digital forensics in AWS cloud
environments. Google Cloud also
offers configuration tips to provide for
forensic analysis. However, these
tools are generally limited to
resources hosted by that cloud
provider.

Given the incredible complexity of full

cloud forensic analysis, tools and
platforms that automate at least some
of these steps across cloud platforms
are probably your best investment.
 66

Cloud Forensics and the Digital Crime your business. Unlike traditional
Scene digital forensics, cloud forensics can
be a bit more complicated, since data
Cloud Forensics and the Digital Crime may be hosted outside of local
Scene jurisdictions.
Cloud-based services have changed
the way many companies do Cloud vs. Digital Forensics
business. By embracing cloud Traditional digital forensics is used to
migration, businesses can host their solve cybercrimes. Digital forensics
software and applications on consultants gather evidence from
inexpensive servers, saving them software, data, and other resources to
time, money, and the expense and track down hackers or investigate an
hassle of managing dedicated event.
hardware.
With digital forensics, any evidence
These services also allow businesses that’s found is admissible in a court of
and individuals to store extensive data law within the jurisdiction. Most of the
securely. Cloud-based technologies time, the evidence found belongs to
are convenient and inexpensive but the owner of the technology, making it
cloud forensics is an issue every easy to gain permission to use this
business owner should review before evidence in the case.
implementing these strategies into
everyday processes. Cloud forensics makes this hunt for
evidence a little more complex. While
What Is Cloud Forensics and How Is the investigator follows the same
It Used? methods in cloud forensics as they
Cloud forensics refers to would in traditional digital forensics,
investigations that are focused on the lines may blur on who owns the
crimes that occur primarily involving evidence and where it’s admissible in
the cloud. This could include data court.
breaches or identity thefts. With cloud
forensics implemented, the owner has With cloud-based services, data may
protection and can better preserve be stored off-site in several locations,
evidence. Without a cloud forensics or on a server owned by a third party.
strategy, the owner may not have The rules are determined by the types
rights to all the data or evidence on of services involved.
the cloud, especially if it’s hosted
offsite or by a third party. Types of Cloud Services
The types of services a business or
While cloud services are the standard, individual chooses to implement will
cloud forensics is an important issue ultimately depend on their goals and
to address when adopting them for
 67

needs. They could choose between integrity of the data, middleware,

SaaS, PaaS, or IaaS cloud services. applications, and operating system
used within the IaaS.
SaaS
When you implement software from a Types of Clouds
SaaS (Software as a Service) In addition to the types of services
platform, the software and all its offered, there are also different types
related data remain on the cloud. You of clouds that can muddy the waters
can access this software from for cloud forensics. Users can choose
anywhere with an internet connection, between private and public clouds, a
such as a laptop or tablet. community cloud, or a hybrid.

The company selling on the SaaS Public Cloud

marketplace allows the application to Businesses that use the public cloud
be hosted on the cloud. Therefore, the for their applications hire a cloud
provider is responsible for managing service provider to store their data off-
the software content and data. site. They can access software,
networks, and servers at any time
PaaS from any device.
If you’re an app or software
developer, you may use a PaaS The company shares this cloud with
(Platform as a Service) infrastructure other businesses that are all storing
to design products that you’ll data and applications.
eventually sell on a cloud
marketplace. You aren’t required to While sharing the same computer
invest in hardware or hosting to infrastructure with other businesses
design and implement your software, can be cost-effective, the company
making PaaS infrastructure a more has little control over data security. A
affordable option for app public cloud is not advised for
development. As the owner of the companies that store sensitive data or
PaaS platform, you’re responsible for need to adhere to certain data
the data and applications within it but handling regulations.
not the storage, network, servers, or
operating system. Private Cloud
With a private cloud, a business
IaaS implements its own cloud-based
With an IaaS (Infrastructure as a services and storage, generally on the
Service) platform, your computer premises. The company is
infrastructure is hosted by a third- responsible for developing its own
party cloud provider. The provider applications and infrastructure and for
owns your network and storage but managing its own data and security.
you’re still partially responsible for the
 68

This is generally a more expensive hard for cloud forensics investigators

cloud-based storage option and is to do their job after a data breach.
best for businesses that need to
comply with certain data storage How Cloud Forensics Impacts User
regulations. Cloud forensics Security, Privacy
investigators have access to all data Although cloud computing is known
and the entire infrastructure, which as a safe and secure way to store
can be helpful if an issue arises. data, issues can still arise. If there’s a
data breach or another type of digital
Community Cloud crime, cloud forensics investigators
A community cloud meshes together need access to all evidence to help
principles from both the public and solve the crime. This evidence also
private cloud. A cloud service provider needs to be admissible in court to
offers the business an established charge criminals.
infrastructure, including applications
and software, that it shares with other Cloud infrastructures could make
businesses. these investigations harder because
victims may not own all the data or
However, the company’s data storage evidence. If it’s hosted in a different
is private. This type of cloud is best jurisdiction, it may not be admissible.
for companies that don’t want to Users also may not have control over
invest time in developing their own whether third parties tamper with their
infrastructure but that are equally data since they’re not the sole owners
concerned with data privacy and of that data on a public cloud.
ownership of data.
While cloud-based technology is
Hybrid Cloud convenient, inexpensive, and useful,
With a hybrid cloud, the data a it’s important to understand how cloud
company stores on the cloud is split forensics are affected when you use
between both public and private these services. Take advantage of
storage. The business can store its this technology but ensure you’re
sensitive data on its own private cloud choosing the right type of services to
but allow the rest of the infrastructure protect your business, data, and
to be stored on the public cloud. customers.

The hybrid cloud allows companies to

save money on their cloud-based
services while still protecting private
data. However, the cloud service
provider still owns the data stored on
the public cloud, which can make it
 69

Cyber Crime pool of configurable computing

“Unlawful act wherein the computer is resources (e.g., networks,
either a servers, storage, applications, and
tool or a target or both". services) that can
Two aspects: be rapidly provisioned and released
Computer as a tool to commit crime with minimal
•Child porn, threatening email, management effort or service provider
assuming interaction.
someone’s identity, sexual
harassment, “an Internet based computing
defamation, spam, phishing paradigm that delivers ondemand
Computer itself becomes target of software and hardware computing
crime capability as
 Viruses, worms, software piracy, a ‘service’ through virtualization where
hacking the end user is
completely abstracted from the
computing resources”
We need a means for investigation &
analysis of the crimes – to bring the • “an Internet based computing
culprits to conviction. paradigm that delivers ondemand
All solution lies in Digital Evidence software and hardware computing
capability as
Why Digital Evidence ? a ‘service’ through virtualization where
Cyber Forensics deals with forensic the end user is
analysis of cyber crimes with the completely abstracted from the
objectives of computing resources”
 Identifying digital evidence
 Acquiring digital evidence 3-4-5 Rule ???
 Authenticating digital evidence  IaaS (Infrastructure as a Service)
 Reporting digital evidence  PaaS (Platform as a Service)
 SaaS (Software as a Service)
Cyber Forensics  Private Cloud
A means of systematically gathering  Community Cloud
digital evidence, analyzing it to make  Public Cloud
credible evidence, authentically  Hybrid Cloud
presenting it to the court of law.  On-demand self-service
 Broad network access
What is Cloud Computing?  Resource pooling
• Cloud computing is a model for  Rapid Elasticity
enabling ubiquitous,  Metered or measured service
convenient, on-demand network
access to a shared
 70

3-4-5 Rule ???

3 : Services
 IaaS (Infrastructure as a Service)
 PaaS (Platform as a Service)
 SaaS (Software as a Service)

4 : Deployment Models
 Private Cloud
Cloud computing is still an evolving
 Community Cloud
computational platform which lacks
 Public Cloud
the support for crime investigation in
 Hybrid Cloud
terms of the required
frameworks/tools
5 : Characteristics
• Need to be Self Reliant.
 On-demand self-service
Make In India and Digital India are
 Broad network access
opportunities for us to emerge with
 Resource pooling
indigenous solutions and products for
 Rapid Elasticity
Digital Forensics (specially for cloud,
 Metered or measured service
IoT, Fog, etc.)
Cloud forensics:
• Take major initiatives for educating
 Cloud forensics is a subset of
and making people aware of the
network forensics
dangers and the ways to mitigate
 “The application of computer
them
forensic principles and
• Launch programmes and schemes
procedures in a cloud computing
to increase the number of cyber
environment”
security experts in the country
 “The process of applying various
• Establish strong Public-Private links
digital forensic phases in
• “Monitoring of Critical Infrastructure
cloud platform depending on the
Systems
service model and
deployment models of cloud”
 71

https://www.oxygenforensics.com/en/
resources/cloud-forensics/ Types of Bank fraud in India:
Prevention, and Legal actions

Introduction
Bank fraud is a growing menace in
India, posing significant threats to
financial institutions, customers, and
the economy. The banking sector is
the backbone of India’s economic
stability, facilitating commerce, trade,
and personal financial management.

However, with the rapid

advancements in technology and the
increasing reliance on digital banking
systems, the landscape of fraud has
become more complex and
sophisticated.

Such fraudulent activities also bring

about financial losses that are not just
monetary terms but also erode public
trust in the banking system,
jeopardizing economic growth.

Therefore, bank fraud needs to be

addressed with a robust combination
of preventive mechanisms, legal
frameworks, and public awareness to
protect the integrity of the financial
system and ensure customer safety.
This article explores the types of bank
fraud in India, strategies for
preventing it, and legal recourse
under Indian law.
 72

This particular kind of fraud has been

on the increase with the increasing
online digitalization of banking
services and the susceptibility of
personal data kept online.
Types of Bank Fraud in India Loan Frauds
Bank fraud comes in various forms, Loan frauds are when people or
ranging from simple deceit to intricate companies misrepresent information
schemes that exploit technological to get a loan.
loopholes. Each type has unique Corporate loan fraud includes inflation
implications for banks, customers, of valuations by businesses or
and regulatory bodies. providing false documents to acquire
large loans, which is a major impact
Cheque Fraud on India’s banking sector.
Cheque fraud is one of the most
traditional forms of banking fraud. It In those cases, the defaulters always
involves the alteration of physical divert or siphon the funds, and NPAs
cheques by changing the payee’s put pressure on the banking system
name, amount, or forging signatures. and reduce its ability to lend.
Such frauds not only affect the
intended flow of funds but also Cyber Frauds
damage the reliability of cheque- Cyber fraud is a broad term that
based transactions. includes phishing emails, malware
attacks, SIM cloning, and hacking
The ease with which fraudsters can through unauthorized access.
forge signatures or counterfeit
cheques poses a significant challenge Cyber fraud has increased with the
for banks, especially in ascertaining growing digital payment options and
the authenticity of each transaction. mobile banking.
Identity Theft These types of fraud take advantage
Identity theft in banking is achieved of people’s unawareness of using
when fraudsters obtain information technology properly and the
like Aadhaar numbers or PAN details, limitations of digital literacy, making
through which they log into bank this area crucial for banks to focus on,
accounts or obtain loans and credit cyber security.
cards issued in other people’s names.
The financial consequences of ATM Frauds
identification theft often prove ATM fraud involves the use of
disastrous for its victims-they include skimming devices to clone ATM cards
erased savings and swelling liabilities. and steal sensitive information from
such users. In this kind of fraud,
 73

fraudsters sometimes fit hidden is the most common fraud. These

cameras to capture PINs as activities increase the liability of
customers use ATMs. fraudulent banking and also increase
the chances of non-repayment.
This type of fraud directly affects HOW TO PREVENT BANK FRAUD?
individual account holders and Preventing bank fraud is done through
intensifies the clamor for banks to a proactive effort that involves
enhance the security of ATM integrating technology, sound
operations. institutional vigilance, and public
education.
Money Laundering
Money laundering uses banking The goal of preventive measures
channels to cover the source of should involve banks as well as
money from illicit activities, making it customers. It can be done by better
appear legitimate. integration of the below-mentioned
suggestions:
Fraudsters use multiple transactions
to avoid detection, and this Enhancing Cybersecurity
complicates the tracing and seizure of Robust cybersecurity is an essential
such funds by financial institutions tool to safeguard digital banking
and law enforcement. This type of systems. Banks are using measures
fraud affects the banking system and such as 2FA, encryption technologies,
fuels other criminal activities. and biometric verification in current
times to enhance online transaction
Ponzi Schemes and Investment security.
Frauds
Ponzi schemes attract victims through They also need advanced fraud-
promises of high returns on detection systems with AI/ML
investments. These schemes pay capability, which can identify real-time
returns to earlier investors using patterns to prevent unauthorized
money from new investors, thus access.
creating a cycle that eventually
collapses. Investment frauds like Better KYC Norms
these exploit the trust of individuals Know Your Customer (KYC)
and contribute to huge financial regulations help banks verify the
losses. identity of customers and prevent
fraudulent accounts. With stringent
Forgery & Counterfeit Documents KYC norms and periodic re-
Submission of forged documents, like verification, banks can reduce the risk
false identity proofs, income of identity theft and unauthorized
certificates, or property papers, for activities.
getting loans or to make transactions
 74

exploiting vulnerabilities in different

banks.

Recent Trends and Notable Cases

of Bank Fraud in India
Customer Education Bank fraud in India has evolved with
Public awareness lies at the core of advancements in technology and
fraud prevention. Banks must conduct shifts in the economic and regulatory
educative programs on secure landscape. Recent trends highlight
banking practices, such as keeping the increasing sophistication of fraud
PINs private, avoiding suspicious schemes and underline systemic
links, and being cautious of phishing. weaknesses. Integrating notable
There is a huge difference in the cases into these trends provides a
success rate of fraud attempts on clearer understanding of their
well-educated customers. implications and the challenges in
tackling them.
Internal Controls of Banks
The necessity of fraud prevention Escalation of Cyber Frauds Post-
involves having tight internal controls COVID-19
in place, such as regular audits, The pandemic led to a significant
segregation of duties, and other increase in cyber fraud cases as
oversight mechanisms. Banks should digital banking experienced a sharp
also establish specialized fraud risk rise. The scammers exploited the lack
management teams to monitor of digital literacy among users, who
transactions and investigate were duped through phishing emails,
irregularities. fraudulent apps, and malicious links
into divulging personal banking
Fraud Risk Management Systems information.
Implementing fraud risk management
systems that integrate data analytics Case Study: The SIM-Swap Scams
and monitoring tools can help banks During the COVID-19 period, several
detect and respond to fraudulent customers fell prey to SIM-swap
activities quickly. These systems frauds where fraudsters pretended to
enable real-time tracking of be account holders and received
suspicious transactions, minimizing duplicate SIM cards. They used them
the damage caused by fraud. to intercept OTPs and siphon money.
For example, cases in metropolitan
Collaboration Among Banks cities such as Mumbai and Delhi
Banks must collaborate and share brought into the open how tech-savvy
information about fraudulent entities fraudsters could outsmart even
and patterns of fraud. This collective cautious users. Such incidents point
approach can prevent fraudsters from out the urgent need for banks to
 75

secure communication channels and

educate customers about safe digital
practices.
Insider Collusion
Insider collusion frauds often remain
Loan Scams and Increasing NPAs undetected for years because
Indian banks are facing a tremendous employees with access to sensitive
increase in the problem of Non- information manipulate systems and
Performing Assets (NPAs). Loan bypass security protocols.
scams mainly contribute to this
problem. Cheating borrowers inflate Case in Point: The Punjab National
valuations, provide forged documents, Bank (PNB) Fraud
and divert sanctioned loans for The Nirav Modi-Mehul Choksi PNB
purposes other than the stated ones. scam is one of the most noted scams
in India, a Rs. 11,400 crore scam. A
Case in Point: The Vijay Mallya nexus between the bank officers and
Kingfisher Airlines scam the accused helped them draft and
The Kingfisher Airlines loan default of issue fraudulent Letters of
over Rs. 9,000 crores is one of the Undertaking without adequate
biggest cases of corporate loan fraud. collaterals. This again reflected the
Here, the loans were allegedly weakness in the internal controls and
diverted to personal accounts, and no also highlighted a requirement for
recoveries could be made from the better oversight mechanisms inside
banks. This case exposed the banks.
weaknesses in credit assessment
procedures and the complicity of Corporate Mismanagement on the
financial institutions in sanctioning Rise
risky loans. It led to increased due Corporate mismanagement and
diligence processes among banks unethical practices in lending have
and regulators. repeatedly led to large-scale fraud. In
such cases, the top executives
misuse their authority to approve
dubious transactions.

Case in Point: The ICICI Bank-

Videocon Scandal
Chanda Kochhar, the former CEO of
ICICI Bank, had been accused of
granting loans amounting to Rs. 3,250
crores to Videocon for what she is
accused of garnering in return for
certain personal benefits.
 76

Investigation shows that there were

conflicts of interest and unethical
practices at the top level of
management. This case highlights WHAT LEGAL ACTIONS CAN BE
transparency, ethics, and TAKEN AGAINST BANK FRAUD?
accountability by high-level officials in
a bank. India’s legal framework offers robust
mechanisms to address and penalize
banking fraud. These legal provisions
ensure accountability and act as
Complex Securities and Financial deterrents for fraudulent activities.
Instrument Fraud
Most often, fraudsters use intricate Indian Penal Code, 1860 (IPC)
financial instruments and systemic The IPC provides a foundation for
loopholes in banking and capital prosecuting various forms of fraud.
markets to conduct scams that create Sections like 406 (criminal breach of
extensive financial loss. trust), 420 (cheating and dishonestly
inducing delivery of property), and
Case Study: The Harshad Mehta 468 (forgery for cheating) are
Securities Scam frequently invoked in bank fraud
The 1992 Harshad Mehta scam cases.
brought to light how systemic
loopholes in banking processes could The Banking Regulation Act, 1949
be exploited to manipulate financial This act enables the RBI to regulate
markets. Mehta used fraudulent bank banking activities and ensure steps
receipts to inflate stock prices, are taken against fraudulent practices.
causing massive losses to banks and It ensures risk-adjusted standard
investors. The scam led to significant procedures for banks, too.
reforms, including the establishment
of the Securities and Exchange Board The Information Technology Act, 2000
of India (SEBI), to ensure stricter With the emergence of cyber fraud,
regulation of financial markets. the IT Act has become a very
important tool. Sections such as 43
and 66 deal with unauthorized access
and identity theft, providing penalties
and safeguards against cybercrimes
in banking.

The Prevention of Money

Laundering Act, 2002 (PMLA)
The PMLA has a very important role
in combating financial crimes. It
 77

mandates the reporting of suspicious

transactions. It facilitates the tracing
and seizure of laundered funds.
Conclusion
The Negotiable Instruments Act, Bank fraud is a multi-faceted issue
1881 requiring concerted efforts from all
This act provides redressal for stakeholders, including banks,
cheque-related fraud and ensures customers, regulators, and law
accountability for dishonored cheques enforcement agencies. Increasing
and forged instruments. sophistication in fraud calls for
effective preventive measures,
The Companies Act, 2013 advanced technological solutions, and
Corporate frauds, particularly those stringent legal frameworks.
involving misrepresentation or misuse
of funds, are dealt with under this act Banks must focus on security and
and ensure accountability among transparency, while customers should
corporate entities. be vigilant and informed.

What is the Role of Investigative Legal provisions and investigative

Agencies in case of a Bank Fraud? mechanisms in India provide a strong
Several investigating agencies foundation to address fraudulent
scrutinize bank fraud cases in India activities, but continuous improvement
and bring the perpetrators to justice. is essential to avoid emerging threats.
The CBI is in charge of high-profile
cases, particularly large-scale By adopting a comprehensive
corporate fraud. The Enforcement approach, India can protect its
Directorate probes money laundering banking system, restore public
activities while cybercrime cells focus confidence, and ensure economic
their efforts on ‘Cyber Frauds.’ The stability in the long run.
Serious Fraud Investigation Office
probes many frauds in corporate.
 78

facts, or diversion of funds obtained

as loans.
● Forgery: Fabricating or altering
documents, signatures, or identities to
gain unauthorized access to funds or
accounts.
● Cyber Frauds: Unauthorized online
transactions, phishing, hacking, or
malware attacks targeting banking
systems.
● Embezzlement: Misappropriation of
funds by insiders or employees
through manipulation of accounts or
transactions.
● Money Laundering: Concealing the
origins of illegally obtained money by
making it appear legitimate.
Banking Frauds and Banking Law
in India: Legal spectrum
Banking Laws and Regulations
Introduction India's banking laws form a
The realm of banking, despite being comprehensive framework aimed at
built on trust and financial security, preventing, detecting, and penalizing
isn't immune to fraudulent activities. fraudulent activities within the banking
sector. Some key legislations include:
In India, as elsewhere, instances of
bank frauds in banking law have Consult Lawyer
surfaced, posing significant Banking Regulation Act, 1949:
challenges to the financial system and Regulates and supervises banks'
undermining public trust. functioning, ensuring sound banking
To combat these, India has practices, governance, and financial
established robust banking laws and stability.
regulations.
Prevention of Money Laundering Act,
Types of Bank Frauds 2002 (PMLA):
Bank frauds in India encompass Focuses on curbing money laundering
various deceitful activities, such as: activities and enforcing stringent
measures for reporting suspicious
● Loan Fraud: Falsification of transactions.
documents, misrepresentation of
Information Technology Act, 2000:
 79

Addresses cybercrimes, providing Risk Management Systems: Banks

legal provisions for cyber offenses, have adopted robust risk
including hacking, data breaches, and management systems to identify,
digital frauds. assess, and mitigate various risks,
including fraud.
The Securitisation and Reconstruction
of Financial Assets and Enforcement Technological Upgrades:
of Security Interest (SARFAESI) Act, Investments in advanced
2002: cybersecurity measures and
Enables banks to expedite the technologies to secure digital
recovery of non-performing assets by transactions and prevent cybercrimes.
enforcing the security without court
intervention. Fraud Monitoring Cells:
Establishing dedicated cells to
monitor and investigate suspicious
transactions, enabling swift action
against potential frauds.

Role of Regulatory Bodies Customer Awareness Programs:

Regulatory bodies like the Reserve Educating customers about safe
Bank of India (RBI), Securities and banking practices, including
awareness about phishing, online
Exchange Board of India (SEBI), and
security, and reporting suspicious
Central Bureau of Investigation (CBI) activities.

play pivotal roles in overseeing Conclusion

banking operations & investigating Bank frauds pose a significant threat
frauds. to the stability and trust in the banking
sector.
The RBI, as India's central bank,
ensures compliance with banking However, India's regulatory
regulations, conducts inspections, and framework, supported by vigilant
issues guidelines to prevent oversight and technological
malpractices. advancements, aims to curb these
fraudulent activities.
Measures to Combat Frauds
To combat bank frauds effectively, The collaborative efforts of regulatory
banks in India have implemented bodies, banks, and customers are
several preventive measures: crucial in safeguarding the integrity of
the financial system and maintaining
 80

public confidence in India's banking necessity but a strategic imperative in

sector. safeguarding both financial assets
and customer trust.
To know more about banking frauds
and accurate information, it is What is Fraud Prevention in Banks?
advisable to consult an experienced Fraud prevention in banking is a
legal advisor for banks. complex and changing system. It is
designed to stop various tricks that
threaten financial institutions. It goes
beyond just reacting. It includes
https://www.vidhikarya.com/legal-blog/banking-frauds-and-banking-law- proactive steps and advanced
in-india
technologies that work together.
These tools help identify, assess, and
reduce the various risks linked to
Fraud Detection and Prevention in
fraud.
Banking
In the ever-evolving landscape of
Financial institutions employ an array
finance, one of the paramount
of methods, both manual and
concerns for banking institutions is the
automated, to stay ahead of
detection and prevention of fraud. In
increasingly cunning fraudsters. From
the year 2021, the US Federal Trade
transaction monitoring and anomaly
Commission documented a
detection to behavioural analysis, the
staggering 2.8 million fraud reports
goal is to swiftly identify irregularities
from consumers, resulting in an
indicative of potential fraud. This
alarming total of $5.8 billion in fraud
process is not just one way. It
losses.
includes a broad strategy that covers
the ongoing development of tactics
The repercussions extend beyond
and technologies.
individual customers, as highlighted
by the American Banking Journal,
Talk to an Expert
revealing that for every dollar lost to
Deceptive practices include identity
fraud, banks incur $4 in associated
theft, account takeover, credit card
costs. This financial burden doesn't
fraud, and other harmful activities.
solely manifest in monetary terms; the
These actions take advantage of
reputational damage incurred by
weaknesses in the financial system.
banks further underscores the far-
These manoeuvres often capitalise on
reaching consequences of fraudulent
gaps in security protocols,
activities.
necessitating a vigilant and adaptive
approach to fraud detection.
This demonstrates that understanding
the nuances of fraud detection and
Furthermore, fraud detection and
prevention in banking is not just a
prevention in banking isn't solely
 81

about identifying ongoing fraudulent Moreover, the repercussions of fraud

activities. It also involves predictive go beyond immediate financial losses.
analysis and risk assessment to The American Banking Journal's
anticipate potential threats before they revelation that for every dollar lost to
materialise. By using advanced fraud, banks incur $4 in costs
algorithms and machine learning, emphasises the financial burden
financial institutions can find patterns, borne by institutions. These costs are
trends, and unusual activities in large not just monetary; they encompass
datasets. This improves their ability to operational expenses, investigations,
stop new fraudulent schemes before and potential legal ramifications.
they happen.

Importance of Fraud Detection and Effective fraud detection thus

Prevention in Banking becomes a strategic imperative for
Detecting and preventing fraud in mitigating these extensive costs and
banking is not just about protecting sustaining the financial health of the
the money of individual banks. It's a institution.
crucial element in ensuring the overall
trustworthiness of the entire financial Preserving the reputation of a bank is
system. The data from the Federal another critical facet influenced by
Trade Commission (FTC) and the fraud detection. The damage inflicted
American Banking Journal shows a by fraudulent activities on a bank's
large amount of fraud. This highlights image can be long-lasting and far-
the need for strong detection reaching. Customers are more likely
methods. to trust institutions that demonstrate a
proactive commitment to their
Swift and accurate fraud detection security. A robust fraud detection
hold a pivotal role in instilling system not only protects customers
confidence among customers. With but also shields the bank's reputation
2.8 million fraud reports in 2021 from the erosion that often
alone, customers are acutely aware of accompanies financial scandals.
the prevalent risks. A banking
institution's ability to promptly identify Furthermore, regulatory compliance is
and address fraudulent activities not paramount in the financial sector. The
only protects the assets of its clientele FTC data highlights the pervasive
but also fosters trust. This trust is nature of fraud, making adherence to
invaluable, forming the bedrock of a regulatory standards more critical
strong customer-bank relationship. than ever. When a bank can show
that it's good at catching fraud, it's not
Fraud Detection and Prevention in just about following rules; it proves the
Banking bank is dedicated to doing things
 82

ethically. This, in turn, strengthens its Techniques range from skimming

reputation with regulatory bodies. devices at ATMs to phishing schemes
aimed at tricking individuals into
divulging their credit card details.

3. Account Takeover:
Involves unauthorised access to a
person's financial accounts, allowing
fraudsters to manipulate funds, make
unauthorised transactions, or even
take control of the entire account.
Techniques include phishing, malware
Common Types Financial Crimes in attacks, or exploiting weak account
Banking? security measures.
Understanding the enemy is the first
step in combating fraud. Financial 4. Phishing and Spoofing:
crimes in banking manifest in various Fraudsters use deceptive emails,
forms, including identity theft, credit messages, or websites to trick
card fraud, and account takeover. individuals into providing sensitive
Exploring these types sheds light on information, such as login credentials
the diverse tactics employed by or personal details.
fraudsters. Spoofing involves creating fake
websites or emails that mimic
1. Identity Theft: legitimate financial institutions to
Involves the unauthorised acquisition deceive individuals into divulging
and use of an individual's personal confidential information.
information, such as social security
numbers or financial data, to commit 5. Check Fraud:
fraudulent activities. Involves the unauthorised use of
checks to conduct fraudulent
Perpetrators often create false transactions.
identities to open accounts, apply for Perpetrators may alter the payee or
credit, or make unauthorised amount on a check, create counterfeit
transactions, leaving victims grappling checks, or engage in check kiting to
with financial and reputational manipulate account balances.
repercussions.
6. Wire Fraud:
2. Credit Card Fraud: Encompasses fraudulent schemes
Occurs when unauthorised individuals conducted through electronic
gain access to credit card information communication, such as emails or
and make unauthorised transactions. messaging apps.
 83

Perpetrators may impersonate combine human skills with advanced

legitimate entities, tricking individuals technology. This approach helps them
or businesses into wiring funds to build a strong defense against
fraudulent accounts. changing threats.

7. ATM Skimming: Keeping a close eye on transactions

Involves the installation of devices on as they happen is a fundamental part
ATMs to capture card information of this method, allowing banks to
during legitimate transactions. monitor things in real time. Advanced
Fraudsters use the collected data to algorithms analyze transaction
create duplicate cards or make patterns, looking for anomalies or
unauthorised withdrawals. deviations from established norms.
8. Insider Fraud: This analytical prowess allows banks
Perpetrated by individuals within the to swiftly identify and flag potentially
organisation who exploit their access fraudulent activities.
and knowledge for personal gain.
Employees may engage in activities Anomaly detection is another critical
like embezzlement, unauthorised component, leveraging statistical
access, or manipulating internal models to identify patterns that
controls. deviate significantly from the expected
behaviour. Behavioural analysis
9. Loan Fraud: further enhances fraud detection by
Involves obtaining loans under false evaluating customer habits and
pretences, providing inaccurate identifying deviations that may
information to secure financing. indicate fraudulent actions.
Perpetrators may fabricate financial
information or misrepresent their Here’s an example of teamwork.
creditworthiness. The bank uses advanced computer
programs. These programs identify
10. Mobile Banking Fraud: unusual patterns in how customers
Exploits vulnerabilities in mobile spend their money. If a customer
banking platforms, such as typically makes transactions within a
unauthorised access to mobile apps certain geographic region and
or malware attacks on smartphones. suddenly there's a transaction from a
Perpetrators may use stolen distant location, the system may flag it
credentials or install malicious apps to for further investigation.
compromise mobile banking security.
New call-to-action This proactive approach lets banks
act quickly to stop possible fraud. It
How Do Banks Detect Fraud? shows how well human intuition and
Banks use a strong and flexible technology work together in the fight
strategy to find and stop fraud. They against financial fraud.
 84

authorised people can access

sensitive information and accounts.
ATM Skimming:
Account Takeover: Another critical component of fraud
Credit Card Fraud: prevention is the cultivation of a
Check Fraud: robust security culture within the bank
Identity Theft: itself. This involves regular training
Insider Fraud: and awareness programs for both
Loan Fraud:
employees and customers to
Mobile Banking Fraud:
Phishing and Spoofing recognize and report potential threats.
Wire Fraud:
Fraud Prevention Techniques in Employees are trained to spot red
Banks flags and are equipped with the
Fraud prevention techniques in banks necessary tools to respond to and
encompass a multifaceted approach manage incidents efficiently.
designed to protect financial Customers are educated on safe
institutions from a wide array of banking practices and are
fraudulent activities. One of the main encouraged to stay informed about
strategies is using advanced data the latest fraud schemes.
analytics and machine learning.
These tools can spot suspicious Additionally, banks work closely with
patterns in real time. law enforcement and other financial
institutions. They share information
By harnessing the power of artificial about new threats and tactics used by
intelligence, banks can swiftly detect fraudsters. By fostering a proactive
anomalies and flag potential threats, and informed community, banks can
thereby mitigating the risk of fraud better safeguard their assets and
before it escalates. uphold the trust placed in them by
their clients.
Additionally, banks are increasingly
adopting multi-factor authentication
processes to enhance security. This
means using 3 things to keep
information safe.
● First, there is something the user
knows, like a password.
● Second, there is something the user
has, such as a mobile device.
● Third, there is something the user
is, like biometric data. This way, only
 85

Flexibility is paramount in the realm of

fraud detection. Implementing
adaptive strategies that evolve
alongside emerging threats ensures
that banks remain one step ahead.
This may involve the integration of
machine learning algorithms that learn
from new patterns and continuously
improve detection capabilities.

Best Practices for Fraud Detection 4. Customer Education and

and Prevention in Banking Awareness:
Teaching customers about new fraud
The effectiveness of fraud detection schemes and sharing security best
relies on robust best practices. practices helps them take part in
Implementing a comprehensive fraud preventing fraud. Banks can provide
prevention framework involves regular updates on common scams
continuous monitoring, regular risk and offer guidance on secure banking
assessments, and adaptive strategies practices.
to stay ahead of evolving threats.
5. Multi-Layered Authentication:
1. Real-Time Monitoring: Implementing multi-layered
Real-time transaction monitoring is a authentication protocols adds an extra
critical practice, serving not only as a layer of security. This may include
compliance measure for Know Your biometric verification, two-factor
Customer standards and Anti-Money authentication, or other advanced
Laundering laws but also as a robust methods to ensure that access to
strategy for detecting fraudulent accounts is granted only to authorised
activities. individuals.

2. Regular Risk Assessments:

Conducting regular and thorough risk
assessments is fundamental. This
involves evaluating emerging trends
in fraud, assessing vulnerabilities in
existing systems, and adapting
strategies accordingly. Risk
assessments provide the basis for
refining and enhancing fraud
detection protocols.

3. Adaptive Strategies:
 86

detection and prevention in banking is

Adaptive Strategies: more than just a safety measure. It
Customer Education & Awareness: shows the trust customers place in
Multi-Layered Authentication: banks. It is also essential for the long-
Real-Time Monitoring: term growth of financial institutions.
Regular Risk Assessments:

To effectively combat fraud in the

How To Prevent Account Takeover banking sector, it is crucial for
(ATO) Fraud financial institutions to explore
innovative solutions.
Technologies Used for Fraud
Detection and Prevention in Banking Tookitaki, a leading provider of anti-
Technological advancements have financial crime solutions, offers a
revolutionized fraud detection and range of cutting-edge products that
prevention. Machine learning leverage advanced machine learning
algorithms, artificial intelligence, and and AI technologies.
predictive analytics are pivotal in bank
fraud investigations and detection. With its expertise in the field, financial
institutions can stay one step ahead
In this technological landscape, of fraudsters and protect their
Tookitaki has emerged as an customers and reputations. To learn
innovative force, offering cutting-edge more about Tookitaki's solutions and
products designed to assist banks in how they can effectively combat
combating fraudulent activities. fraud, explore their offerings today.
Tookitaki's anti-financial crime
solutions leverage advanced machine
learning and AI technologies to
provide a holistic and adaptive
approach to fraud detection.
Tookitaki's products help financial
institutions stay ahead of fraudsters.
They do this by analyzing patterns
and adapting to new threats.

Final Thoughts
In the dynamic landscape of banking,
the cat-and-mouse game with
fraudsters necessitates a proactive
and adaptive approach. Fraud
 87

But while banks’ customers have

Bank Frauds and Role of RBI become tech-savvy and started using
online banking services and products,
Fraud can be defined as, ‘a deliberate evidence suggests that even
act of omission or commission by any fraudsters are devising newer ways of
person, perpetrating frauds by exploiting the
which has been carried out in the loopholes in technology systems and
course of a banking transaction or in processes.
the books of accounts maintained
manually or under computer system in The fraudsters have employed hostile
banks, thereby resulting into wrongful software programs or malware
gain to any person for a temporary attacks, in order to voicemail or text
period with or without any monetary messages and use techniques not
loss to the bank’. only to steal confidential data but also
perpetrate funds.
ILLUSTRATION A tricked B of Rs. 3
lakhs through net banking fraud. A MAIN CONCERN ASSOCIATED
has committed bank fraud. XYZ, a WITH BANK FRAUD
Noida based Logistics Firm, was Frauds are committed by way of
duped of Rs 31.44 lakhs. Hence, XYZ replication of data contained in
is a victim of Bank Fraud. genuine debit/ credit cards onto
duplicate cards.
TYPES OF BANK FRAUDS The
frauds reported by banks can be It is sufficient to say that the banks
divided into three main sub-groups: need to improve the peripheral and
♦ Technology related system security in ATM locations and,
♦ KYC related (mainly in deposit at the same time, educate their
accounts) customers about using their payment
♦ Advances related cards with due caution.
CAUSES OF BANK FRAUD
There is a shift in service delivery
model with greater technology
integration in the financial services
sector.
Banks are increasingly nudging their
customers to adopt newer service
delivery platforms like mobile, internet
and social media, for enhanced
efficiency and cost-cutting.
 88

WAYS TO COMBAT BANK FRAUDS ROLE OF RBI

Good Corporate Governance serves RBI has advised banks to introduce
as a very important factor in control of certain minimum checks and balances
fraudulent activities. like:
▪ introduction of 2 factor
The top management should ensure authentication in case of ‘card not
the steps such as fraud risk present’ transactions,
management, fraud monitoring and ▪ converting all strip based cards to
fraud investigation. They should be chip based cards for better security,
responsible for effective investigation ▪ issuing debit and credit cards only
of fraud cases and prompt, accurate for domestic usage unless sought
reporting to appropriate regulatory specifically by the customer,
and law enforcement authorities. ▪ putting threshold limit on
international usage of debit/ credit
The Boards of the banks/ ACB should cards,
ensure periodical review of the ▪ constant review of the pattern of
procedures and processes to ensure card transactions in coordination with
that the bank’s interests are not customers,
impacted adversely due to loopholes ▪ sending SMS alerts in respect of
in their policy guidelines. card transactions etc.,
to minimize the impact of such attacks
Targeted fraud awareness training for on banks as well as customers.
its employees must be implemented
by focusing on prevention and RBI has advised banks to introduce
detection of fraud. The banks should preventive measures such as : putting
constantly monitor the typology of the a cap on the value/ number of
fraudulent activities in such beneficiaries, introducing system of
transactions and regularly review and issuing alert on inclusion of additional
update the existing security features beneficiary, and velocity checks on
to prevent easy manipulation by number of transactions effected per
hackers. day/ per beneficiary.

RBI has further recommended Banks

to consider introduction of digital
signature for large value payments,
and capturing internet protocol check
as an additional validation check for
any transaction, etc.
 89

CONCLUSION AND SUGGESTION There are considerable delays in

While the number of frauds reported reporting frauds to appropriate
each year is actually coming down, authorities, conducting investigation
the amount involved is going up and fixing of accountability,
substantially. which in effect leads to shielding of
the main culprit while the blame is
The large value advance related shifted to the junior level officials.
frauds, which pose a significant
challenge to all stakeholders, are This trend needs to be curbed
mainly concentrated in the public immediately. Close liaison must be
sector banks. maintained with investigating
agencies and courts to ensure timely
While there is a pressing need to completion of investigations and
overhaul the system of monitoring, closure of cases. Society should
control, supervision and follow up of demand stringent action against the
advances related frauds, their perpetrators of financial frauds and
incidence in public sector banks in a should socially ostracize them.
large measure can also be trailed to
comparatively poor corporate Banking system should collectively
governance standards and lack of firm ensure that the fraudsters do not have
resolve by the Board and the Top access to banking facilities. The
Management in fighting this menace. advantages of technology,
communication and accessibility of
There is a need to improve exchange data must be leveraged to put in place
of information between all a system wide fraud mitigation
stakeholders to instill and maintain mission.
financial discipline among the users of
funds and prevent negative A strong foundation is built by
information arbitrage to the detriment leveraging robust IT systems, framing
of the system. effective policies and procedures,
laying down strict compliance
Board oversight of the audit processes, setting high integrity
processes and the internal systems standards, developing efficient
and control must be able to identify monitoring capabilities and initiating
vulnerable areas, raise red flags and strict punitive action against the
plug loopholes quickly and effectively. culprits in a time bound manner.
Sponsored

Read more at:

https://taxguru.in/rbi/bank-frauds-role-
rbi.html Copyright © Taxguru.in
 90

ROLE OF RBI IN BANK FRAUD the matter of State Bank of India & Ors. Vs.
The Reserve Bank of India (RBI) Rajesh Agarwal & Ors.).
issued revised Master Directions on
Fraud Risk Management in July 2024, In this matter, the Supreme Court of
India addressed the penal measures
Superseding previous guidelines and for fraudulent borrowers as stipulated
consolidating 36 existing circulars. under Clause 8.12 of the RBI's Master
These comprehensive directions Directions on Frauds.
apply to a wide range of regulated
entities, including commercial banks, The Court emphasized the application
cooperative banks, and non-banking of penal provisions similar to those for
finance companies. wilful defaulters, extending the
restrictions to promoters, directors
Purpose and Objective and whole-time directors of the
The Reserve Bank of India's Revised borrowing company.
Master Directions on Fraud Risk
Management, issued on July 15, Notably, fraudulent borrowers are
2024, aim to provide a robust barred from availing bank finance
framework for the prevention, early from various financial institutions for
detection, and timely reporting of five years from the date of full
frauds in regulated entities (REs). repayment of the defrauded amount.
The revised guidelines aim to
strengthen the role of boards in The Court also highlighted the
overseeing fraud risk management, significance of the principles of natural
enhance internal audit and control justice, asserting that borrowers must
frameworks and ensure compliance be given an opportunity to be heard
with principles of natural justice. before their accounts are classified as
fraudulent.
Compliance with the Principles of Consequently, the Court mandated
Natural Justice before declaration of that banks must serve a notice and
account as fraud provide a hearing to the borrowers
The Master Directions now expressly before classifying their accounts as
require that the REs shall ensure fraudulent, ensuring compliance with
compliance with the principles of the principles of natural justice.
natural justice in a time-bound Additionally, the framework on Early
manner before classifying Persons / Warning Signals (EWS) and Red
Entities as fraudulent. Flagging of Accounts (RFA) has been
It duly takes into account the Hon’ble further strengthened for early
Supreme Court Judgment dated March detection and prevention of frauds in
27, 2023 (Civil Appeal No. 7300 of 2022 in the REs including timely reporting to
Law Enforcement
 91

Agencies and Supervisors. Further, RBI Revised Master Directions on

requirement for Data Analytics and Fraud Risk Management: July 2024
Market Intelligence Unit for © Economic Laws Practice 2024
strengthening risk management − Reporting: Accounts meeting the
systems have been mandated. These CRILC (Central Repository of
Directions have now been made Information on Large Credits. It is a
applicable to Regional Rural Banks, Database maintained by Reserve
Rural Cooperative Banks and Bank of India by collection of Loan
Housing Finance Companies as and Investment data of borrowers
well.The intent is to promote better from all Financial Institutions)
fraud risk management systems and threshold and identified as RFA must
framework in such REs. With the be reported to the RBI within seven
issuance of these Master Directions, days (Clause 8.3.3).
the existing 36 Circulars on the
subject stand withdrawn. ▪ Independent Confirmation:
− Banks must ensure third-party
Following are the major requirements service providers involved in the fraud
of the RBI Guidelines on fraud risk are held accountable, with their
management details reported to the Indian Banks'
Association (IBA) (Clause 8.12.4).
Criteria for Classification of Accounts
as Fraud ▪ Staff Accountability:
▪ Early Warning Signals (EWS) and − Banks must examine staff
Red Flagging of Accounts (RFA): accountability in fraud cases promptly.
− EWS Framework: Banks must For public sector banks (PSBs) and
establish a framework for identifying AIFIs, this includes referring cases to
early warning signals, integrating with the Advisory Board for Banking and
Core Financial Frauds (ABBFF) (Clause
Banking Solutions (CBS) for real-time 8.10.1).
monitoring (Clause 8.3).
− Red-Flagged Account (RFA): An ▪ Penal Measures:
account with one or more EWS − Persons/Entities classified as fraud
indicators that suggest fraudulent by banks are debarred from
activity requires deeper investigation accessing credit facilities for five
and preventive measures (Clause years postrepayment or settlement
8.3.1). (Clause 8.12.1).
 92

Reporting Mechanism The Master Direction by RBI

▪ Reporting to Law Enforcement The Reserve Bank of India for
Agencies (LEAs): combating the challenges of banking
− Private Sector/Foreign Banks: frauds took different actions
Report frauds below INR 1 crore to which include different policy and
State/UT Police; INR1 crore and procedures. One among themis the
above to SFIO and Police (Clause master circular issued by
8.11.1). RBI(2016) for classification and
− Public Sector Banks/RRBs: reporting of fraudsin scheduled
Report frauds below INR 6 crore to commercial banks.
State/UT Police; INR 6 crore and
above to CBI (Clause 8.11.1). Classification of frauds
The RBI’s master circular classified
▪ Reporting to RBI: banking frauds on the basis of Indian
− Fraud Monitoring Returns (FMRs): Penal Code of 1986.These
Banks must report individual fraud proactive steps are useful for
cases immediately but no later than maintaining uniformity in reporting.
14 days from classification (Clause  Misappropriation and criminal
8.4.2). breach of trust.
− Central Fraud Registry (CFR):
Banks must utilize the CFR for  Fraudulent encashment through
effective fraud risk management forged instruments, manipulation of
(Clause 3.1). books of account or through
fictitious accounts and conversion of
▪ Closure of Fraud Cases: property.
− Fraud cases can be closed upon  Unauthorized credit facilities
completion of LEA actions and staff extended for reward or for illegal
accountability examination (Clause gratification.
5.1).
 Cash shortages.
− In this context, it is important to note  Cheating and forgery.
the requirements of RBI Guidelines on
settlement of fraud cases in the light  Fraudulent transactions involving
of RBI Circular dated June 08, 2023. foreign exchange
 Any other type of fraud not coming
under the specific heads as above.
 93

ROLE OF POLICE IN BANK FRAUD Collaborating with law enforcement

Forensic Accounting agencies and other relevant parties
Forensic Lab Analysis during investigations
Forensic Psychology Documenting and preparing detailed
Forensic Cyber crime reports of investigations, findings, and
QDE outcomes
Physics Identifying trends or patterns in
fraudulent activities to prevent future
CJS fraud
CSI Developing and implementing fraud
Interrogation detection tools, strategies, and
Investigation procedures
Search and seizure Providing recommendations to
Outer Investigation improve security measures, policies,
Neighbourhood canvassing and procedures
Court Ensuring compliance with all relevant
Arrest regulations and laws related to fraud
Accused and banking
Suspect Conducting risk assessments and
implementing fraud risk management
CCTV strategies
Training bank staff on fraud
Bank Fraud Investigator Duties and awareness, detection, and prevention
Responsibilities methods
Bank Fraud Investigators are Presenting findings to senior
responsible for analyzing and management and making suggestions
investigating suspected fraudulent for actions to be taken
activity related to banking and Job Brief
financial services. We are looking for a diligent Bank
They play a crucial role in maintaining Fraud Investigator to join our team.
the integrity and security of banking The responsibilities of a Fraud
operations. Investigator include gathering
Their duties and responsibilities evidence, conducting research and
include: interviews, identifying fraudulent
Investigating and analyzing suspected activities, and working with law
fraudulent transactions or activities enforcement agencies as required.
Collecting and reviewing evidence The successful candidate will have
related to suspected fraudulent excellent analytical skills, an eye for
transactions detail, and a deep understanding of
Interviewing and taking statements fraud detection techniques.
from individuals involved in suspected
fraudulent transactions
 94

Prior experience in a similar role and Excellent analytical and problem-

a sound knowledge of banking solving skills.
procedures are desirable. Strong ethical standards and high
levels of integrity.
Responsibilities Strong communication and report
Investigate suspected fraudulent writing skills.
activities, identify potential Ability to handle confidential
vulnerabilities and suggest information.
preventative measures. Bachelor’s degree in Criminal Justice,
Conduct thorough research and Finance, Business or a related field.
analysis of data to identify Professional development
inconsistencies. opportunities
Interview witnesses and suspects,
gather evidence, and prepare reports Additional Information
on findings. Job Title: Bank Fraud Investigator
Coordinate with law enforcement Work Environment: This is primarily
agencies to support fraud an office-based role but may require
investigations. occasional travel for investigations.
Stay updated on latest fraud trends Reporting Structure: Reports to the
and prevention measures. Head of Fraud Investigation
Provide training and guidance to bank Department.
employees on fraud detection and Salary: Salary is based upon
prevention. candidate experience and
Ensure compliance with bank policies qualifications, as well as market and
and regulations, as well as federal business considerations.
and state laws. Pay Range: $60,000 minimum to
Prepare detailed reports for bank $100,000 maximum
management, outlining investigation Location: [City, State] (specify the
findings and recommendations. location or indicate if remote)
Employment Type: Full-time
Equal Opportunity Statement: We are
an equal opportunity employer and
value diversity at our company. We do
not discriminate on the basis of race,
Proven experience as a Fraud religion, color, national origin, gender,
Investigator, Fraud Analyst or similar sexual orientation, age, marital status,
role. veteran status, or disability status.
Knowledge of fraud detection Application Instructions: Please
software and databases. submit your resume and a cover letter
Understanding of banking procedures, outlining your qualifications and
operations and regulations. experience to [email address or
application portal].
 95

What Does a Bank Fraud Another important aspect of their job

Investigator Do? is to educate bank staff and
Bank Fraud Investigators work within customers about potential fraud risks
the banking sector and their primary and prevention strategies, as part of
role is to detect and prevent the bank’s wider effort to create a
fraudulent activities within the bank. secure banking environment.
They are part of the bank’s risk
Qualifications and Skills
management team and work closely
A qualified Bank Fraud Investigator
with other departments such as the
should have skills and qualifications
legal team, operations, and customer
that align with your job description,
service.
such as:
Analytical skills to review complex
Their responsibilities include
financial transactions and determine if
conducting thorough investigations
fraudulent activity has occurred.
into suspicious transactions or
Attention to detail to thoroughly review
patterns of behavior that could
records and spot any irregularities or
potentially indicate fraud.
signs of fraud.
They utilize a range of investigative
techniques such as data analysis, Interpersonal skills to liaise with
reviewing customer profiles, and various parties, including bank
conducting interviews. employees, law enforcement officers,
and legal professionals.
In cases where fraud is detected, they Problem-solving abilities to analyze
work to minimize the bank’s losses by data and evidence to construct a clear
freezing accounts, reversing picture of fraudulent activities.
fraudulent transactions, and assisting Knowledge of banking regulations and
in the recovery of stolen funds. laws to understand when a violation
They also play a crucial role in has occurred.
improving the bank’s security
Communication skills to relay findings
measures by identifying loopholes
to bank management, law
and weaknesses that fraudsters may
enforcement, and in some cases,
exploit.
court officials.
Experience with financial software
They then recommend strategies and
applications to extract and analyze
technologies to strengthen these
financial data.
areas.
Ability to work under stress as bank
Bank Fraud Investigators also liaise
fraud investigations can be high-
with law enforcement agencies to
pressure situations, especially if
report fraudulent activities and provide
significant amounts of money are
necessary evidence for legal
involved.
proceedings.
 96

RBI/DOS/2024-25/120 Why in News?

DOS.CO.FMG.SEC.No.7/23.04.001/2 The Supreme Court recently held that
024-25 banks are responsible for
July 15, 2024 safeguarding customers from
unauthorized transactions and must
The Chairman / Managing Director / use advanced technology to prevent
Chief Executive Officer fraud. It upheld SBI's liability for
All Non-Banking Financial Companies fraudulent transactions in a
(including Housing Finance customer's account, stating banks'
Companies) vigilance as per RBI guidelines.
Madam / Dear Sir, The Court also advised customers to
Master Directions on Fraud Risk exercise caution and avoid sharing
Management in Non-Banking OTPs.
Financial Companies (NBFCs)
(including Housing Finance Justices JB Pardiwala and R
Companies) Mahadevan held in the matter of State
Bank of India v. Pallabh Bhowmick &
Please find enclosed as Annex Ors.
‘Reserve Bank of India (Fraud Risk
Management in NBFCs) Directions, What was the Background of State
2024’ issued in exercise of the powers Bank of India v. Pallabh Bhowmick &
conferred by Sections 45K, 45L and Ors.?
45M of the Reserve Bank of India Act, A customer of State Bank of India
1934 (Act 2 of 1934) and Sections (SBI) made an online shopping
30A, 32 and 33 of the National purchase and subsequently attempted
Housing Bank Act, 1987. to return the item.

These Directions shall supersede the The customer received a call from
earlier Directions on the subject, someone who fraudulently posed as
namely, the Master Direction – customer care representative for the
Monitoring of Frauds in NBFCs retailer.
(Reserve Bank) Directions, 2016
dated September 29, 2016. Following the fraudster's instructions,
the customer downloaded a mobile
Yours faithfully application.
This led to unauthorized transactions
(Rajnish Kumar) being made from the customer's bank
Chief General Manager account, totaling ₹94,204.80.
Encl.: as above.
 97

State Bank of India denied liability for The Court held that banks must utilize
these transactions, arguing that they the best available technology to
were authorized since they involved detect and prevent unauthorized and
the sharing of OTPs and M-PINs by fraudulent transactions, placing this
the customer. technological obligation squarely on
the banking institutions.
The customer contested this claim,
maintaining that they never shared The Court referenced Clauses 8 and
sensitive information like OTP or 9 of the RBI Circular dated 6th July,
MPIN with anyone. 2017, which establish "zero liability"
for customers in cases of
The customer alleged that the fraud unauthorized transactions resulting
occurred due to a data breach on the from third-party data breaches,
retailer's website, which was beyond provided they are reported promptly.
their control.
The Court noted the significance of
The customer reported the the customer's prompt reporting, that
unauthorized transactions to SBI the fraudulent transaction was
within 24 hours of their occurrence. brought to the bank's notice within 24
The matter was initially brought before hours of occurrence.
a Single Judge Bench, which held SBI
liable for the unauthorized While upholding SBI's liability in this
transactions. case, the Court simultaneously
observed the reciprocal duty of
SBI filed an Intra-Court appeal before account holders to exercise extreme
the Division Bench of the High Court, vigilance regarding OTPs and not
which was dismissed. share them with third parties.
Subsequently, SBI filed a Special
Leave Petition before the Supreme The Court observed that in certain
Court challenging the High Court's circumstances, customers could be
decision. held responsible for negligence,
though no such negligence was
What were the Court’s Observations? established in the present case.
The Supreme Court stated that banks
cannot abdicate their responsibility to The Court ultimately found no reason
protect customers from unauthorized to interfere with the High Court's
transactions reported from their judgment, which had determined the
accounts, emphasizing the bank's transactions to be unauthorized and
duty of vigilance. fraudulent in nature, with no
negligence attributable to the
customer.
 98

What are the Provisions of the RBI Limited Liability of a Customer

Notification on Customer Protection Zero Liability (Clause 6):
and Limiting Liability in Unauthorized Customers have zero liability in two
Electronic Banking Transactions? scenarios:
When there is contributory
The RBI issued this circular fraud/negligence by the bank (no
(RBI/2017-18/15) on 6th July, 2017, to reporting timeframe required)
address the increasing concerns In third-party breaches where neither
about unauthorized electronic banking bank nor customer is at fault, if
transactions and to strengthen reported within 3 working days
customer protection measures.
Limited Liability (Clause 7):
The circular was prompted by a surge
in customer grievances related to Customer Bears Full Liability:
unauthorized transactions resulting in When loss occurs due to customer
debits to their accounts/cards, negligence (e.g., sharing payment
necessitating a review of customer credentials)
liability criteria. Customer bears entire loss until
reporting to bank
The circular categorizes electronic After reporting, bank bears all
banking transactions into two types: subsequent losses
Remote/online payment transactions
(internet banking, mobile banking, Limited Liability Based on Account
card-not-present transactions) Type (4-7 working days delay):
BSBD Accounts: Maximum ₹5,000
Face-to-face/proximity payment Regular savings
transactions (ATM, POS transactions accounts/PPIs/MSMEs/Credit cards
requiring physical presence of up to ₹5 lakh limit: Maximum ₹10,000
payment instrument) Other accounts/Credit cards above ₹5
lakh: Maximum ₹25,000
The framework mandates banks to Overall Liability Structure (Clause 8):
design systems and procedures that
ensure customer safety in electronic Reporting Timeline Framework:
banking transactions, including robust Within 3 working days: Zero customer
fraud detection mechanisms and liability
comprehensive risk assessment tools. 4-7 working days: Limited liability as
Notification states that a mandatory per Table 1
registration for SMS alerts and where Beyond 7 working days: As per bank's
available, email alerts, with a board-approved policy
requirement for banks to provide 24x7
access through multiple channels for
reporting unauthorized transactions.
 99

Working Days Calculation:

Based on home branch schedule
Excludes date of communication
receipt

Reversal Timeline (Clause 9):

Bank's Obligations:
Must credit disputed amount within 10
working days of notification
Credit must be value-dated to
unauthorized transaction date
No need to wait for insurance claim
settlement

Bank's Discretionary Powers:

Can waive customer liability even in
negligence cases
Can provide relief beyond prescribed
limits

Additional Requirements:
Banks must:
Display liability policy in public domain
Inform existing customers individually
Provide policy details at account
opening
 100

Bank Fraud  Cheque fraud: most common cases

 Banks are an essential part of the of this kind of fraud are through stolen
Indian economy. cheques and forged signatures.
 While the primary responsibility for
preventing frauds lies with  Counterfeit securities: documents,
banks themselves. securities, bonds and certificate could
 Banks dealing with public's money: be forged, duplicated, adjusted or
due care and diligence altered and presented for loan
 The RBI advisory to banks for collection.
prevention of frauds.
 Computer fraud:
Definition of fraud hacking, tampering with a diskette to
 Fraud can loosely be defined as gain access to unauthorized areas
“any behaviour by which one and give credit to an account for
person intends to gain a dishonest which the funds were not originally
advantage over another“ fraud, under intended.
section 17 of the Indian contract act,
1872,  Loan fraud:
 RBI has defined the term “fraud” in when funds are lent to a non-
its guidelines on frauds which reads borrowing customer or a borrowing
as under. customer that has exceeded his credit
limit.
 “A deliberate act of omission or
commission by any person, carried  Money laundering fraud:
out in the course of a banking this is a means to conceal the
transaction or in the books of existence, source or use of illegal
accounts maintained manually or obtained money by converting the
under computer system in banks, cash into untraceable transactions in
resulting into wrongful gain to any banks.
person for A temporary period or
otherwise, with or without any  Letters of Credit:
monetary loss to the bank”. Most common in international trading,
these are instruments used across
Account opening fraud: this involves a borders ads can be forged, altered,
deposit and cashing of fraudulent adjusted and take longer to identify.
cheques.
 Advanced Fees Fraud:
 Cheque kiting: is a method where Popularly known as „419‟, advanced
by a depositor utilizes the time fees fraud may involve agent with an
required for cheques to dear to obtain offer of a business proposition which
an unauthorized loan without any would lead to access often for a long
interest charge. term.
 101

Frauds in banks’ advances Expectations of the supervisor

portfolio  RBI has clearly indicated that fraud
 Frauds related to the advances risk management, fraud
portfolio accounts for the largest monitoring and fraud investigation
Share of the total amount involved in function must be owned by the bank‟s
frauds in the banking sector. CEO, audit committee of the board.
(Involving amount of Rs. 50 crore and
above)  In respect large value frauds, the
special committee of the board are
 Another point that public sector CMDs, CEOs, audit committee and
banks account for a substantial the special committee evolving robust
chunk of the total amount involved in fraud risk management systems.
such cases.
 They are responsible for effective
 Declaration of frauds by various investigation of fraud cases and
banks in cases of consortium/ multiple accurate reporting to appropriate
financing we have on occasions regulatory and law enforcement
observed more than 12–15 months authorities.
lag in declaration.
 Top management puts in place
 The large value advance related targeted fraud awareness training for
frauds, which pose a significant its employees focusing on prevention
challenge to all stakeholders, are and detection of fraud.
mainly concentrated in the public
sector banks.  Audit systems prevalent in banks
have not proved effective in detecting
 Majority of the credit related frauds fraud cases.
are on account of deficient appraisal
system, poor post disbursement  Providing individuals a means to
supervision and inadequate. report suspicious activity is a
critical part of an anti-fraud program.
 Reserve bank has also advised
banks to audit periodically so that  A system of protected disclosure
cases of multiple financing may be scheme has been evolved
detected in the initial stages itself. which is regulated by CVC in case of
public sector banks.
 102

Investigation of Bank Frauds

 Target:  Summing up evidence: FR/CS? ,
Minimize Losses, Least Adverse DE?, CVO? CBI? ED?
Publicity, Preserving of material  Necessary follow up action with
Evidence, Effective Legal Action other agency.
 Agencies: District Police,  Key of investigation: immediate
CID(CB), collection of
EoW documents, evidence about dishonest
SFIO knowledge, mensrea,
CBI (fraud amount more than 3 crores
in Public Sector Banks )
Conclusion
 Important Steps in investigation:  The impact of frauds on entities like
 Preliminary Enquiry ( if required, banks, and the economic cost of
permitted in SC judgment of Lalita frauds can be huge in terms of likely
Kumari) to ascertain cognizable disruption, confidence in the banking
offence, N.I Act, Civil matter? system and may damage the integrity
 FIR : Proper drafting is key,( Bhajan and stability of the economy.
Lal case) moneyed suspects.
 Understand the banking  It can bring down banks, undermine
methodology, co-opt experts( Satyam the central bank‟s supervisory role
case) and even create social unrest,
discontent and political upheavals.
 Searches , collection of documents
including hard disks (proper custody ,  The vulnerability of banks to fraud
65B I. EV. Act, 2A Bankers Books of has been heightened by technological
Evidence Act), imaging of hard disk. advancements in recent times.

 Motivate the witnesses with the  Challenge before investigation

help of bank agencies lies in shape of capacity
 Examine witnesses showing building, quality of investigation,
original documents support from experts.
 Arrest and seizure u/s 27 Ev. Act,
LOC

 Freeze accounts u/s 102 CrPC and

inform magistrate
 Analysis and examination of
documents: CAs, FSL
 Is there any need for Letter
Rogatories?
 103

The Right to Information It goes without saying that an

informed citizen is better equipped to
Historical Background keep a required track on governance
The right to information is a instruments and hold the government
fundamental right under Article 19 (1) responsible to the governed. The Act
of the Indian Constitution. In 1976, in is a significant step in informing
the Raj Narain vs the State of Uttar citizens about the activities of the
Pradesh case, the Supreme Court government.
ruled that Right to information will be
treated as a fundamental right under All constitutional authorities, agencies,
article 19. The Supreme Court held owned and controlled, also those
that in Indian democracy, people are organisations which are substantially
the masters and they have the right to financed by the government comes
know about the working of the under the purview of the act. The act
government. also mandates public authorities of
union government or state
Thus the government enacted the government, to provide timely
Right to Information act in 2005 which response to the citizens’ request for
provides machinery for exercising this information.
fundamental right.
The act also imposes penalties if the
The Right to Information Act of 2005 authorities delay in responding to the
citizen in the stipulated time.
The act is one of the most important
acts which empowers ordinary Know more about Cultural and
citizens to question the government Educational Rights at the linked
and its working. This has been widely article.
used by citizens and media to
uncover corruption, progress in What type of information can be
government work, expenses-related requested through RTI?
information, etc.
The citizens can seek any information
The primary goal of the Right to from the government authorities that
Information Act is to empower the government can disclose to the
citizens, promote openness and parliament.
accountability in government
operations, combat corruption, and Some information that can affect the
make our democracy truly function for sovereignty and the integrity of India
the people. is exempted from the purview of RTI.
 104

Information relating to internal Section 8 (1) mentions exemptions

security, relations with foreign against furnishing information under
countries, intellectual property rights the RTI Act.
(IPR), cabinet discussions are
exempted from RTI. Section 8 (2) provides for disclosure
of information exempted under the
Objectives of the RTI Act Official Secrets Act, 1923 if the larger
Empower citizens to question the public interest is served.
government.
The act promotes transparency and Section 19: Two-tier mechanism for
accountability in the working of the appeal.
government.
The act also helps in containing Section 20: Provides penalties in case
corruption in the government and of failure to provide information on
work for the people in a better way. time, incorrect, incomplete or
The act envisages building better- misleading or distorted information.
informed citizens who would keep
necessary vigil about the functioning Section 23: Lower courts are barred
of the government machinery. from entertaining suits or applications.
Important provisions under the Right
to Information Act, 2005 However, the writ jurisdiction of the
Supreme Court of India and high
Section 2(h): Public authorities mean courts under Articles 32 and 226 of
all authorities and bodies under the the Constitution remains unaffected.
union government, state government
or local bodies. The civil societies that Significance of the RTI Act
are substantially funded, directly or The RTI Act, 2005 empowers the
indirectly, by the public funds also fall citizen to question the secrecy and
within the ambit of RTI. abuse of power practised in
governance.
Section 4 1(b): Government has to
maintain and proactively disclose It is through the information
information. commissions at the central and state
levels that access to such information
Section 6: Prescribes a simple is provided.
procedure for securing information.
RTI information can be regarded as a
Section 7: Prescribes a time frame for public good, for it is relevant to the
providing information(s) by PIOs. interests of citizens and is a crucial
pillar for the functioning of a
Section 8: Only minimum information transparent and vibrant democracy.
exempted from disclosure.
 105

The information obtained not only Recent Amendments

helps in making government The RTI amendment Bill 2013
accountable but also useful for other removes political parties from the
purposes which would serve the ambit of the definition of public
overall interests of the society. authorities and hence from the
purview of the RTI Act.
Every year, around six million
applications are filed under the RTI The draft provision 2017 which
Act, making it the most extensively provides for closure of case in case of
used sunshine legislation globally. death of applicant can lead to more
These applications seek information attacks on the lives of whistleblowers.
on a range of issues, from holding the The proposed RTI Amendment Act
government accountable for the 2018 is aimed at giving the Centre the
delivery of basic rights and power to fix the tenures and salaries
entitlements to questioning the of state and central information
highest offices of the country. commissioners, which are statutorily
protected under the RTI Act. The
Using the RTI Act, people have move will dilute the autonomy and
sought information that governments independence of CIC.
would not like to reveal as it may
expose corruption, human rights The Act proposes to replace the fixed
violations, and wrongdoings by the 5-year tenure with as much
state. prescribed by the government.

The access to information about Criticism of RTI Act

policies, decisions and actions of the One of the major set-back to the act is
government that affect the lives of that poor record-keeping within the
citizens is an instrument to ensure bureaucracy results in missing files.
accountability.
There is a lack of staffing to run the
The Supreme Court has, in several information commissions.
judgments, held that the RTI is a The supplementary laws like the
fundamental right flowing from Articles Whistle Blower’s Act are diluted, this
19 and 21 of the Constitution, which reduces the effect of RTI law.
guarantee to citizens the freedom of
speech and expression and the right Since the government does not
to life, respectively. proactively publish information in the
public domain as envisaged in the act
and this leads to an increase in the
number of RTI applications.
 106

There have been reports of frivolous Right to Information provides a

RTI applications and also the fundamental right for any person to
information obtained have been used access information held by
to blackmail the government government bodies. At the same time,
authorities. the right to privacy laws grants
individuals a fundamental right to
RTI Act – Associated Challenges control the collection of, access to,
Different types of information are and use of personal information about
sought which has no public interest them that is held by governments and
and sometimes can be used to private bodies.
misuse the law and harass the public
authorities. For example- Right To Information Act vs
Asking for desperate and voluminous Legislations for Non Disclosure of
information. Information

To attain publicity by filing RTI Some provisions of the Indian

RTI filed as a vindictive tool to harass Evidence Act (Sections 123, 124, and
or pressurize the public authority 162) provide to hold the disclosure of
Because of illiteracy and documents.
unawareness among the majority of Under these provisions, head of
the population in the country, the RTI department may refuse to provide
cannot be exercised. information on affairs of state and only
swearing that it is a state secret will
Though RTI’s aim is not to create a entitle not to disclose the information.
grievance redressal mechanism, the
notices from Information In a similar manner no public officer
Commissions often spur the public shall be compelled to disclose
authorities to redress grievances. communications made to him in
official confidence.
Difference between Right to The Atomic Energy Act, 1912
Information and Right to Privacy provides that it shall be an offence to
The right to privacy and the right to disclose information restricted by the
information are both essential human Central Government.
rights in modern society where
technological information breach is The Central Civil Services Act
very common. These two rights provides a government servant not to
complement each other in holding communicate or part with any official
governments accountable to documents except in accordance with
individuals in a majority of the cases. a general or special order of
government.
 107

The Official Secrets Act, 1923 Q1

provides that any government official What do you mean by the right to
can mark a document as confidential information?
so as to prevent its publication. Right to information is a right given to
the citizens to question and hold the
Conclusion government accountable for its
The Right to Information Act has not functions. The RTI act 2005 helps in
achieved its full objectives due to exercising this right.
some impediments created due to
systematic failures. It was made to Q2
achieve social justice, transparency How can I use the Right to
and to make an accountable Information Act?
government. RTI can be filed by any citizen
through an application submitting to
This law provides us with a priceless the designated officer by paying
opportunity to redesign the processes Rupees ten.
of governance, particularly at the
grassroots level where the citizens’ Q3
interface is maximum. Which type of right is right to
information?
It is well recognized that the right to Right to Information has been
information is necessary, but not categorised as a Fundamental Right
sufficient, to improve governance. A under Article 19(1) of the Indian
lot more needs to be done to usher in constitution by the Supreme Court.
accountability in governance,
including protection of whistleblowers, Q4
decentralization of power and fusion What is the main objective of RTI?
of authority with accountability at all RTI was introduced to empower
levels. citizens to question the government
and its working. Any citizen could
As observed by Delhi High Court that request for information that does not
misuse of the RTI Act has to be threaten the internal security and
appropriately dealt with; otherwise the integrity of India.
public would lose faith and confidence
in this “sunshine Act”.
 108

10 Common Types of Financial 1. Identity theft leading to credit,

Fraud & Schemes (With Examples) bank, or loan fraud
Identity thieves are almost only ever Identity theft refers to any kind of
after one thing: your money. Here’s fraud committed by stealing personal
how to recognize signs of financial information. An identity thief uses your
fraud and protect your money from personally identifiable information
scammers. (PII) — such as your name, birthday,
and Social Security number (SSN) —
Credit card and other types of to gain access to your accounts and
financial fraud have increased more assets.
than 70% in the past year with
Americans losing $56 billion to scams An identity thief can drain your bank
[*]. account, open new loans in your
name, or max out your credit card. A
Criminals are getting more advanced recent report found that on average,
and aggressive with their scams, and victims of identity theft lose $1,100 [*].
most of us don’t know what to do
about it. According to an Aura study, How does identity theft happen?
79% of Americans feel they aren’t
protecting their identity online as well Criminals have a few options when it
as they should [*]. comes to stealing your sensitive
information.
While there are too many types of
financial fraud to beware of, almost They might target you with a phishing
every scam is based on these nine attack where they email, call, or text
types of fraud. Here’s how to know if pretending to be from your bank. Or,
you’re the target of financial fraud and they could target you with a cyber
how to protect your finances from attack to get you to install malware on
fraudsters. your devices that steals your logins
and passwords.
The 10 Most Common Types of
Financial Fraud To Beware Of They might even steal your mail or
illegally change your address to get
your credit card statements sent to
them. In some cases, the "thief" could
even be a family member who opens
a credit card in your name.

But by far, the easiest way to steal

] your identity is to buy your personal
information off the Dark Web.
 109

Hackers have stolen billions of pieces File a police report with local law
of PII in the past year alone through enforcement.
data breaches. So even if you haven’t Freeze or cancel affected accounts.
been directly targeted by a criminal, Set up a credit freeze or lock to stop
there’s a good chance you’re still further financial fraud.
vulnerable to financial fraud. Review your credit report and dispute
any fraudulent activity
Be especially careful with your SSN Change your account passwords and
as it's not always possible to change start using a password manager.
your Social Security number — even Enable two-factor authentication
after identity theft. (2FA) using an authenticator app.
You can also follow our fraud victim's
How do you know you're being checklist for step-by-step instructions
targeted? on how to recover from fraud.
You might also want to consider
Unfamiliar transactions on your credit signing up for credit monitoring and
card. identity theft protection.
Strange charges on your bank
statements. For example, Aura monitors all your
New credit cards or loans in your financial accounts and alerts you of
name. suspicious activity. And if the worst
Missing or error-filled tax returns. happens, you’re covered by a
Calls from debt collectors about $1,000,000 insurance policy for
purchases you didn’t make. eligible losses due to identity theft.
A drop in credit score.
Bounced checks. 📚 Related: Is Identity Theft Protection
Calls verifying unfamiliar purchases. Really Worth It? →
Hard inquiries on your credit report.
Fraud alerts from your bank or credit 2. Advance fee fraud
monitoring service. Advance fee fraud is when a thief
What to do if you’re a victim: requires you to send money in
advance for payments, products, or
You’ll need to take different actions services. The promised rewards can
depending on what financial fraud a range from better credit to money
criminal has committed under your from a foreign prince, and more. But
name. But in all cases, you’ll want to: in the end, they either aren't what was
promised, or never arrive.
Contact all impacted companies and
financial institutions. One common example is a con artist
File an identity theft report with the claiming to get you a better deal on a
Federal Trade Commission (FTC) at loan or reverse mortgage in return for
IdentityTheft.gov. a “finder’s fee”. They’ll ask you to sign
 110

a contract that requires you to pay the financial information once you’re sure
fee once they introduce you to the a process is legitimate.
financing source.
⚠️ Take action: If scammers have
But after you pay, you’ll often discover your personal information, your bank
it isn’t what the “finder” claimed it to account, email, and identity could be
be. Or worse, that you’re ineligible for at risk. Try Aura’s identity theft
the loan. And because you signed the protection free for 14 days to secure
contract, you have no recourse. your identity.

What are the warning signs? 3. Cashier’s check and fake check
fraud
A business asking you for prepayment The cashier’s check fraud is a simple
for services such as securing a loans bank scam that relies on the fact that
Businesses or individuals that operate it can take weeks for a cashier’s
out of PO boxes or mail drops. check to be verified. Reports of this
Individuals that you can’t reach scam have grown by 65% since 2015
directly (i.e., they’re never in when [*], prompting all the more reason to
you call but will call you back later). be aware.
Asking you to sign a contract like a
non-disclosure agreement (NDA) that How does cashier’s check fraud
limits you from discussing the deal happen?
with other people.
Businesses that don’t show up on the Scammers send a forged cashier’s
Better Business Bureau. (You can check with false information, which
also run a Google search for “Their you’re able to deposit without a
name/business name + scam/fraud”.) problem. Then, they ask you to make
What to do if you’re a victim: a withdrawal of some or all of the
money and send it to them or a third
Unfortunately, if you’ve been a victim party as a wire transfer.
of advance fee fraud, there usually
isn’t a way to get your money back. When the check is discovered to be
But you should report the scam to the bank fraud, the scammer is gone —
Federal Trade Commission (FTC) at along with the wire transfer (which
ReportFraud.ftc.gov to protect future you can’t reverse).
consumers.
This same scam can be run using
Be wary of any offer that seems too fraudulent checks as well. A scammer
good to be true or that only accepts will wait outside a financial institution
unusual payment methods, like wire or send you a picture of a check and
transfers or gift cards. Only share ask you to deposit it for them.
 111

Then, they’ll tell you to keep some of That makes tax fraud an appealing
the money for yourself and send them target for financial scams. One of the
the rest. When the check bounces a most common ones is tax refund
few days later, the money will be fraud.
taken out of your account.
How does tax refund fraud happen?
What are the warning signs?
Tax refund fraud is a type of identity
A seller who only accepts cashier’s theft where criminals fraudulently file
checks. tax returns in your name. They’ll
Offering you more money than you’re report incorrect income in order to
asking for a product. This is especially maximize your refund, which the
risky on marketplaces like Craigslist criminal will then deposit.
or Facebook Marketplace.
Asking you to deposit a check for In 2020, the IRS flagged 5.2 million
them and wire them the money tax returns as fraudulent [*].
(minus a fee).
What to do if you’re a victim: There are a few other versions of this
scam. In one, a fraudster pretends to
If you’ve deposited a cashier’s check be from the IRS and demands
and sent the scammer a wire transfer, personal information or payment for
there unfortunately isn’t a way to get taxes owing. You could also deal with
your money back. an unethical tax preparer who steals
your information or fraudulently files
Instead, you should report the fraud to for a refund under your name.
the FTC at ReportFraud.ftc.gov.
What are the warning signs?
If you’ve only deposited a cashier’s
check, don’t send money back to the Getting a letter from the IRS stating
scammer unless you know them that multiple returns have been filed in
personally. Even then, you should your name.
suggest a more secure online Receiving unfamiliar tax documents
payment method like PayPal or like a W-2 or 1099 form.
escrow instead. Notifications of an unfamiliar IRS.gov
account.
📚 Related: What Is Credit Monitoring Receiving unsolicited tax transcripts.
(And Do You Really Need It?) → Your bank blocks your tax refund
check.
4. Tax refund fraud and “ghost” tax You receive a refund check before
preparers you file your taxes.
Most people get stressed when Your tax preparer refuses to sign your
dealing with their taxes or the IRS. return or can’t explain discrepancies.
 112

What to do if you’re a victim: during natural disasters or

international news events.
If you’ve received a letter about tax
return fraud from the IRS, follow the What are the warning signs?
steps laid out in the letter. If you learn
about the scheme on your own, Claiming that you’re a previous donor
contact the IRS immediately and when you know you’ve never sent
follow their recommendations. them money.
Only accepting donations through
In most cases, you’ll need to fill out an cash, cryptocurrency, gift cards, or
Identity Theft Affidavit and print and wire transfers.
mail it with your legitimate return. Pressuring you to donate or even
offering to pick up the money in
If you’ve sent money to a fraudulent person.
IRS agent or tax preparer, Using unsecured websites. (A secure
immediately cancel the transfer. If website uses “https://” not “http://” and
you’ve given them your bank should have a small padlock symbol
information or credit card number, call near the URL).
your financial institution’s fraud What to do if you’re a victim:
department.
If you’re a victim of charity fraud,
You should also report the fraud to report it to the FTC. Unfortunately,
the IRS at [email protected] (for scam there usually isn’t a way to reclaim the
emails) or 202-552-1226 (with the money you’ve given.
scam number that contacted you).
Be wary of unfamiliar charities asking
📚 Related: Is There Debt In Your for donations. Before donating, check
Name That Isn't Yours? Here's What sites like Charity Navigator or
To Do → CharityWatch. Never share
information such as your bank
5. Fraudulent charities account number when you can use
Scammers use philanthropy as fraud, another payment method.
too. Charity fraud entails creating a
fake charity and collecting “donations” 📚 Related: 7 Ways to Spot FEMA
that disappear along with the thief. Scams and Protect Your Relief Money
→
How does charity fraud happen?

Scammers create fake charities —

like military veteran charities — that
sound like ones you know and trust.
These scams are especially common
 113

6. Credit card fraud They’ll be able to help you freeze or

There are several ways that criminals close your accounts and get new
can steal your credit card information. cards. You’ll also need to file a report
They could steal your physical card, with the FTC at IdentityTheft.gov and
trick you into entering information on a file a police report if your physical
phishing website or email, buy your card was stolen.
details on the Dark Web, or use any
number of other credit card scams. Next, review your credit report for any
fraudulent activity and dispute the
Hackers can also create a clone of charges. Finally, you’ll want to set up
your physical card using just your a credit freeze or fraud alert to stop
credit card numbers. further transactions.

What are the warning signs? If a criminal has access to your credit
card, they most likely have other
Suspicious transactions on your credit sensitive information. Change all your
card or bank statement. account passwords to be more secure
Small unfamiliar charges on your and consider signing up for credit
account. (Fraudsters use a scam monitoring.
called carding to validate your credit
card before making large purchases.) 📚 Related: What Is Credit Protection?
Fraud alerts from your bank, credit Are You Making the Most of It? →
card issuer, or credit monitoring
service. 7. Financial account takeovers
Calls from creditors about purchases When an identity thief scams you
you didn’t make or new accounts you online to gain access to one of your
didn’t open. online financial accounts (or any
A lower balance than expected. account), it’s known as an account
Sudden changes to your credit score. takeover (ATO). A recent study
Transactions from locations you showed that as many as 38% of
haven’t been (i.e., foreign countries). consumers had been victims of
What to do if you’re a victim: account takeovers [*].

If a scammer has access to your How do financial account takeovers

credit card, you’ll want to act fast and happen?
shut down your compromised
accounts and prevent credit card Typically, this kind of scam works
fraud. because someone gains access to
your email and password through
Contact the fraud department of your phishing, a data breach, or an
lender, card issuer, or financial emerging cyber threat such as a man-
institution and explain the situation. in-the-middle attack where they steal
 114

your credentials while using public Wi- Once you’ve secured your accounts,
Fi. you’ll want to change all your
passwords. Use strong pass phrases
You might think that hackers only that combine letters, numbers, and
want access to your accounts at symbols. Consider a password
financial institutions. But there are manager for keeping them safe.
plenty of other valuable accounts that
many users don’t secure. For Whenever possible, enable two-factor
example, a thief can buy goods with authentication (2FA) on your online
access to your Amazon account, or accounts. This is a special, one-time
ask friends for money on Snapchat. code that’s required to log into your
accounts along with your password
Plus, if you reuse passwords or use and username.
single-sign on accounts (i.e., log-in
with Facebook), they can access However, don’t use SMS as it can be
multiple accounts with a single compromised if your phone is stolen
takeover. or hacked. Instead, use an
authenticator app like Google or Okta.
What are the warning signs?
✅ Take action: If you accidentally give
Being locked out of your financial or scammers your personal data (or its
social media accounts. leaked in a data breach), they could
Notifications of failed login attempts or take out loans in your name or empty
two-factor authentication codes you your bank account. Try an identity
didn’t ask for. theft protection service to monitor
Your account looks different. your finances and alert you to fraud.
Strange messages sent from your
social media accounts.
Alerts that someone logged into your
account from a different IP address or
location.
The email or phone number
associated with the account is
changed without your permission.
What to do if you’re a victim:

Immediately contact the impacted

companies and follow their
recommendations to verify your
account.
 115

8. Ponzi schemes and other Victims of investment fraud should

investment fraud report the fraud to the FTC.
Simply put, investment fraud gets you Unfortunately, it’s unlikely you’ll
to put money into an investment that recover money from this type of scam.
isn’t real. While we often imagine Instead, do what you can to protect
predatory structures like Ponzi others. Leave negative reviews on
schemes, the most common fraud sites or be vocal about the fraud.
schemes are simple: the thief Scammers rely on our silence to keep
disappears with your money. on defrauding innocent people.

How does investment fraud happen?

9. Small business financial fraud
Fraudsters often lure victims with (embezzlement, misuse, etc.)
promises of large gains, little risk, and If you’re a business owner or
once-in-a-lifetime opportunities. In entrepreneur, you’re at special risk for
many cases, investment schemes financial fraud. Losses from employee
target affinity groups — such as theft, embezzlement, and misuse of
people who share a common religion funds makes up for $50 billion dollars
or cultural background — to build a year [*].
trust.
Your employees can steal from your
Sometimes the supposed investors business in several ways. The most
are asked to sign non-disclosure common scams are embezzlement
agreements, which can keep victims and misappropriation of funds.
quiet once the thieves disappear.
Generally, white-collar crimes occur
What are the warning signs? when employees have financial power
without oversight and control. For
Special investment offers sent though example, where they have freedom to
unsolicited emails. use a company credit card or write off
One-of-a-kind or too-good-to-be-true lost or damaged merchandise.
opportunities.
Anyone who claims they’re offering a Often the fraudsters are trusted
“semi-legal-investment opportunity”. employees, which makes this an
Investment schemes where the emotionally devastating type of
company is new or you can’t find financial crime.
additional information about them
online. What are some warning signs?
Investors asking you to sign an NDA
before sending payment. Employees who are secretive about
What to do if you’re a victim: expense accounts or inventory.
 116

Missing inventory or a higher-level of Even if you have no idea what to do if

loss than you expect. your identity is stolen, Aura has your
Unexplained expenses on your back.
company credit card.
Employees who suddenly show signs With Aura, you get:
of financial gain they can’t explain.
What to do if you’re a victim: Near-real-time credit monitoring and
fraud alerts: We’ll monitor all your
If you suspect an employee is bank and credit accounts (including
embezzling money from your your credit report) for suspicious
company, speak to a lawyer and other activity. Aura alerts you of potential
experts. These are sensitive cases. fraud 2X faster than the competition.
You’ll need legal advice to handle the Account monitoring: Know right away
situation correctly. if your online accounts have been
compromised.
In the future, restrict access to Dark Web scanning: We scan the
financial information to only trusted Dark Web for your personal
employees who need access for their information, like your credit card or
day-to-day work and perform regular Social Security number.
audits. VPN with Wi-Fi and malware
protection: Keep all your devices safe
10. Romance scams from hackers and malware with
military-grade encryption and Wi-Fi
📚 Related: How To Avoid the "Pig protection.
Butchering" Scam Costing Victims One-click credit lock: Secure your
Millions → credit report from unwanted inquiries
by locking your Experian report.
How To Protect Yourself From $1,000,000 insurance policy: Every
Financial Fraudsters Aura plan comes with a generous
Financial fraud can be devastating. insurance policy for eligible losses
Whether a scammer gets access to due to identity theft.
your credit card numbers or convinces
you to invest in a fraudulent scheme,
you’re out your hard-earned money.

Follow these fraud prevention tips to

keep your accounts safe from
scammers. And for extra protection,
consider Aura’s credit monitoring and
identity theft protection service.
 117

Top 10 types of financial fraud in Freeze the account and get bank
business (and ways to prevent statements.
them) File a police report for identity theft.
To take action against financial fraud, Inform the impacted party or the
businesses need to understand the financial institution (banks/ insurance
various ways fraudsters can scam companies)
them. Change account passwords for the
bank account.
1. Identity theft
Identity frauds are some of the most 2. Advance fee fraud
common frauds you’ll come across Advance fee fraud is a type of
because, they’re comparatively easy financial crime where the scammer
to execute, thanks to the entices the victims to pay an upfront
technological advances & casual data fee with the false promise of getting a
sharing. Identity theft statistics show product or benefit later. Some of the
that more than a million reports of most common types of advance fee
identity theft were filed in 2022 in the fraud are lottery scams, inheritance
US alone. scams, loan scams, and investment
opportunity scams.
Identity theft fraud occurs when a
fraudster uses your financial While this has been a common
information, such as your brand practice for years, the rise of advance
name, credit card number, bank fee fraud has exponentially increased
account number, or bank statements, with the advent of messaging apps
without permission and uses it to and digital communication channels.
withdraw money or commit other Fraudsters target a range of victims
crimes, such as illegal loan and adopt strategies to scam them.
sanctioning. Some of the ways
criminals use data to commit fraud
are: 3. Fraudulent charities
Yes, fraudsters don’t leave
Applying for a loan in the philanthropy alone either. Brands that
individual/business’s name undertake charitable work as part of
Charging items to your credit card or their CSR need to look out for
debit card fraudulent charities that raise donation
Opening an unauthorized bank money as part of scams. Research
account even suggests that the majority of the
HyperVerge pro tips time, it is the employees, trustees,
In any type of financial fraud, it’s best and staff of charities who perpetrate
to follow the ‘prevention is better than these frauds.
cure’ mantra.
 118

Fraudsters go as far as creating fake from new investors to pay off earlier
charities and the kind with which investors. They promise to invest the
you’ve been involved before to gain money to earn extremely high profits
your trust. They’re especially with little risk and later disappear with
prevalent during high-profile disasters your money.
and international events.
Scammers go to extensive lengths for
Ponzi schemes to look legitimate.
4. Payment fraud They build websites, fabricate
Just like identity theft, payment fraud documents, and get legitimate people
occurs when someone uses your on board to garner trust, making it
credit card to make payments for extremely difficult for victims to have a
personal gain. This is highly prevalent sense of doubt.
in the eCommerce industry and can
negatively impact individuals and
businesses. Hackers and
cybercriminals often use instant 6. Payroll fraud
messaging tools, email, phone calls, Payroll fraud occurs when an
and spammy links to steal money or individual illegally gains funds from an
personal data. organization’s payroll processing
system for their benefit. Employees
Individuals face significant losses, and employers both can have the
while businesses have to spend their potential to commit payroll fraud that
time and resources getting to the root involves timesheet fraud, ghost
of these scams. They have to settle payroll, third-party payroll,
the dispute, pay investigation and commission schemes, etc.
chargeback fees, and invest in human
personnel to settle the disputes. The employees can commit this fraud
by adding extra work hours when they
haven’t worked or increasing the
5. Investment fraud compensation rate by system
Investment fraud involves techniques manipulation. The employers can
and false information & promises for a withhold the salaries for their benefit.
potential profit of their investment. Both scenarios involve deceit and
Scammers fabricate and underplay stealing from the organization.
the risks and exaggerate the
supposed benefits of the investment
to get you on board.

One of the most common types of

investment fraud is Ponzi schemes, in
which fraudsters collect payments
 119

7. Phishing scams 9. Account takeover

Phishing is a social engineering Another aspect of identity theft is
practice in which identity theft occurs account takeover fraud, in which
without the victim’s knowledge. hackers gain access to your online
Individuals use deceptive tactics to financial accounts. 65% of US
scam others into sharing sensitive individuals who were victims of
information through fraudulent emails identity theft were also victims of
or messages. The hackers pose as account takeover.
bosses, banks, or colleagues and ask
for confidential details like login Inevitably, account takeovers result
credentials or a sum of money. from identity thefts as fraudulent
actors can easily pose as the account
Phishing has become one of the most holder and get access to account
common types of financial fraud. In data.
2022, more than 300,000 phishing
victims in the US lost more than $52 Once they access the account, they
million. change the password and start
operating it for their benefit. This
leads to the unauthorized transfer of
8. Card-not-present fraud funds, making expensive purchases,
The rise of online shopping has and opening new accounts to credit
birthed a new type of credit card fraud cards under the victim’s name.
called card-not-present. A fraudulent
actor uses stolen credit card 10. Deepfake fraud
information to make purchases over Deepfakes are media, like images or
the phone or online without physically videos, altered by AI to deceive. While
presenting the card. tools like Photoshop and video
tampering are not new, deepfake
Fraudsters gain access to this tools make it almost impossible to
information through data breaches or distinguish the real from the fake.
social engineering tactics like phishing
attacks and use it to make purchases. Machine learning techniques make
deepfakes seem legitimate enough for
Merchants are usually responsible for victims to fall prey to the fraud.
CNP frauds, as they need to ensure
secure checkouts or else face
chargebacks for unauthorized
purchases. The user usually
discovers these types of attacks after
it’s too late.
 120

10 Common Types of Financial 2. Identity Theft

Frauds and Prevention Identity theft occurs when someone
As a business owner, you need to be uses your financial information, such
aware of different types of financial as your name, Social Security
fraud to safeguard your assets. number, credit card number, bank
account number, or bank statements,
Here are the 10 common examples of without permission to commit fraud or
financial fraud and tips on how to other crimes.
protect yourself.
Some examples of identity theft
Expense Fraud include:
Identity Theft
Investment Fraud Applying for credit cards or loans in
Credit Card Fraud your name
Mortgage and Lending Fraud Charging items to your credit card or
Tax Refund Fraud debit card
Payroll Fraud Opening a new bank account in your
Asset Misappropriation Fraud name
Invoice Fraud Filing for bankruptcy under your name
Financial Statement Fraud How to prevent: Identity theft can ruin
your credit and cause you a lot of
1. Expense Fraud financial stress. Your business can
Expense fraud involves intentionally report this crime by filing an identity
submitting false or inflated expense fraud report with law enforcement
reports to receive reimbursement from agencies.
an employer for personal expenses. It
includes claiming reimbursement for 3. Investment Fraud
expenses not actually incurred. Investment fraudsters often use high-
Furthermore, employees can also pressure sales tactics and make false
inflate the cost of legitimate expenses promises about the potential profits of
to receive a larger reimbursement. their investments. They may also give
false information about the risks
How to prevent: It is best to involved.
implement clear expense policies and
procedures, conduct regular audits, Some examples of investment fraud
use technology to automate expense include:
reporting, provide employee training, Ponzi and fraud schemes
and establish a confidential reporting High-yield investment programs
system. Advance fee fraud
How to prevent: This financial crime
may risk the business’s hard-earned
money and reputation in the market.
 121

So, organizations should be cautious 5. Mortgage and Lending Fraud

while choosing an investment plan Businesses with a lot of cash flow can
and must do complete research about be a target for mortgage and lending
it. fraud. Fraudsters use false
information to get a loan or line of
4. Credit Card Fraud credit. Furthermore, they may use
Credit card fraud occurs when fake documents or inflated income
someone uses your credit card statements to get the loan.
without permission to make
purchases or withdraw cash. This Warning signs for mortgage and
fraud can be very costly and damage lending fraud include:
your credit score. This happens when
business owners give their sensitive Receiving calls or emails from
information related to a credit card to companies that you did not contact
someone they think is a legitimate Being asked to pay upfront fees for
business, but it turns out to be a loan modification services
fraudster. Being told that you do not need to
provide financial information
Warning signs for credit card fraud How to prevent: It is essential to only
are: deal with reputable companies to
avoid mortgage and lending fraud. It
Receiving new credit cards would be best to give out your
statements for purchases you did not personal financial information
make carefully. For businesses that have
Receiving calls or emails from been victims, it is essential to report
businesses about suspicious activity fraud to relevant authorities. This will
on your account help authorities investigate the crime
Seeing charges on your credit card and potentially catch the perpetrators.
that you do not recognize
How to prevent: To avoid this fraud, it 6. Tax Refund Fraud
is essential only to give your credit It is common for companies to
card information to trusted become a victim of tax refund fraud.
businesses. You should also regularly This happens when someone files a
check your credit card statements to false tax return in your company’s
ensure no unauthorized charges. name and claims a refund. The IRS
may send the refund to the fraudster’s
Quick Read: Corporate Credit Card address instead of your company’s.

How to prevent: Identity thieves often

commit tax refund fraud. They may
use your company’s information to file
a false return and claim a refund.
 122

Keeping your company’s information and conducting regular audits to

safe and secure is essential to identify inconsistencies. Technology
avoiding fraud. You should also can also help automate asset
regularly check your tax returns to management processes for
ensure no suspicious activity. authentication and better visibility into
assets.
7. Payroll Fraud
Employees often steal money from 9. Invoice Fraud
their employer through the payroll Invoice fraudsters create fake
system in payroll fraud. It includes invoices or alter legitimate ones to
altering productivity and attendance steal money from a company.
records to increase the amount of Members of the accounts and finance
money an employee receives. Payroll departments may conduct invoice
fraud can be difficult to identify and fraud. They may create fake invoices
prevent. However, you can take for services or goods never
measures to reduce the risk of it purchased or alter the amount or
occurring. details on a legitimate invoice to
receive a larger payment.
How to prevent: Your business should
conduct regular audits, implement How to prevent: Businesses should
internal controls, and provide implement clear invoicing policies and
employee training to prevent payroll procedures and periodically review
fraud cases. An automated payroll and audit invoices to identify
process also reduces the risk of fraud irregularities. Furthermore, automated
by providing greater visibility and invoicing software makes it easier to
control over the payroll system. identify and prevent fraud cases.

Quick Read: A Guide to Payroll Quick Read: Invoice Management

Accounting
10. Financial Statement Fraud
8. Asset Misappropriation Fraud It is the practice of intentionally
Asset misappropriation involves the misrepresenting the company’s
unauthorized use of a company’s financial performance or position in its
assets for personal gain. It includes financial statements. Some common
employees stealing money or examples include overstating revenue
company supplies for personal use. or understating expenses to show the
Businesses should take the following company is more profitable than it is.
steps to reduce the risk of it occurring.
How to prevent: It is best to examine
How to prevent: These include financial statements closely for
implementing internal controls to inconsistencies before publishing
prevent unauthorized asset access
 123

them. Furthermore, be wary of the How and Where to Report Financial

people you appoint for such work. Fraud?
Here’s an overview of how to report
How Financial Fraud Affects financial fraud in the US.
Businesses?
Financial fraud can have a number of Gather all the relevant information
negative effects on businesses, and documents about the fraud.
including the following: Contact your local Federal Bureau of
Investigation (FBI) office, the U.S.
1. Loss of Money Securities and Exchange Commission
It can result in the loss of money for a (SEC), or even the Federal Trade
business, either through the theft of Commission (FTC).
assets, withdrawals of money, or Protect your business’s identity and
through the payment of false or financial accounts by blocking them.
inflated invoices. Look for your insurance coverage and
financial recovery means.
2. Damage to Reputation Here’s an overview of how to report
It can damage a business’s reputation financial fraud in India.
with customers and stakeholders,
such as investors and regulators. Gather all the relevant information
and documents about the fraud.
3. Legal and Regulatory Issues Contact your local bank and police
It can lead to legal and regulatory authorities to file a financial fraud
issues for a business, such as report.
investigations and fines from law Protect your business’s identity and
enforcement or regulatory agencies. financial accounts by blocking them.
Look for your insurance coverage and
4. Loss of Trust financial recovery means.
It can erode trust in a business among
employees and other stakeholders,
which can have long-term negative
effects on the company’s operations
and performance.

5. Decreased Morale
It can lead to decreased morale
among employees, which can affect
the overall productivity and
performance of the business.
 124

12 different types of financial fraud transactions and maintaining

customer trust.
Identity theft
Payment fraud Scammers employ numerous
ACH fraud techniques to engage in identity fraud.
Account takeover fraud Common examples include:
Advance fee fraud
Credit card fraud Phishing: Using deceptive tactics to
Investment fraud trick individuals into divulging
Consumer fraud sensitive information – typically
executed through fraudulent emails or
Fraudulent charities messages. Phishing schemes often
Return fraud impersonate trusted entities such as
Chargeback fraud banks, regulators, or colleagues. The
Cybercrime malicious intent behind phishing
attempts ranges from stealing login
1. Identity theft credentials to gaining unauthorized
Identity theft involves illegally access to confidential financial data.
acquiring and using sensitive personal Recognizing and thwarting phishing
information, such as Social Security attacks is imperative, as falling victim
numbers or bank account details, with to these scams can have severe
the intent to perpetrate fraudulent repercussions, compromising
activities. Technological advances personal and institutional security.
have also led to even more
sophisticated ways of committing Physical theft and mail interception:
identity theft. In February 2024, a Scammers often resort to physical
finance worker at a large firm methods such as stealing wallets and
released $25 million after a purses from individuals. This
conference call with fraudsters who straightforward yet effective tactic
had used deep fake technology to provides access to personal
impersonate the firm’s Chief Financial identification and credit and bank
Officer. cards. Additionally, criminals may dig
through mail and trash to uncover
Financial services employees must be sensitive information like bank
vigilant in verifying customer identities statements.
to prevent unauthorized account
access. Rigorous customer Data breach exploitation: Malicious
authentication processes and entities can also capitalize on large-
continuous monitoring are essential to scale data breaches to obtain
safeguard against identity theft, sensitive information, including clients’
ensuring the integrity of financial or employees’ personal and financial
records.
 125

Exploiting vulnerabilities in for direct deposits, bill payments, and

cybersecurity measures, criminals person-to-person transfers.
gain unauthorized access to In instances of ACH fraud,
databases, exposing a vast array of perpetrators manipulate or gain
confidential data. unauthorized access to the ACH
system, initiating fraudulent
2. Payment fraud transactions that divert funds from
Payment fraud encompasses legitimate accounts. Tactics such as
practices targeting financial account takeover, phishing, malware,
transactions, including credit card and and social engineering are common
check fraud. FIs should be tuned to avenues for criminals to compromise
irregularities in payment patterns and sensitive account information and
exercise due diligence when misuse the ACH system.
processing transactions.
The repercussions of ACH fraud
UK Finance revealed that in 2022, extend beyond financial losses,
over £1.2 billion was stolen via encompassing reputational harm and
payment fraud – with nearly eighty regulatory consequences. To
percent of the reported cases starting safeguard against this, FIs must
online. Payment fraud won’t go away implement stringent authentication
any time soon, and is expected to measures, continuous monitoring, and
cost $40.62 by 2027 – some of the advanced fraud detection
most common types of payment technologies to ensure the security of
fraud, such as credit card fraud, will electronic fund transfer systems.
be covered later in this article.
4. Account takeover fraud
Firms can protect business assets Account takeover fraud (ATO) occurs
and customer funds from when a criminal gains access to an
unauthorized payment activities by individual’s online account to steal
implementing robust anti-fraud money or sensitive information. There
measures, such as real-time are many ways in which
transaction monitoring and verification cybercriminals can do this, ranging
checks. from buying details from the dark web
to using keylogging software to
3. ACH fraud capture a password and email
In the US, the Automated Clearing address.
House (ACH) network facilitates the
secure and efficient movement of While there are differences between
funds between banks and financial the two, ATO has many parallels with
entities. ACH is pivotal in modern identity theft, and a 2021 survey
American banking and is a backbone concluded that 64 percent of US
individuals who had their identity
 126

stolen also experienced account 5. Advance fee fraud

takeover fraud. While various forms of advance fee
fraud have existed for a long time, the
ATO is usually conducted via growing adoption of digital
credential stuffing or brute force communication channels, including
attacks: social media services, encrypted chat
platforms like WhatsApp, and the
Credential stuffing is the term applied continued popularity of email, has
to automated tools and bots to test amplified its prevalence.
lists and databases to find a match.
This is particularly problematic as Perpetrators of advance fee fraud
many individuals use the same email often entice their targets with
and password combinations for unrealistic investment opportunities or
multiple websites, meaning that one promises of substantial rewards, such
breach could lead to many. as a fictitious lottery win, all based on
Brute force attacks involve bots an upfront payment. Once the
deploying random words to guess a payment is made, the victim loses
customer’s password on a site. contact with the fraudster or is
FI employees should be trained to coerced into providing additional
recognize the following red flags: funds to unlock even greater returns.

Multiple password reset requests and FIs are crucial in mitigating the risks
login attempts. associated with advance fee fraud –
Changes to contact details such as firms must raise awareness among
addresses and back-up email their customer base regarding the
addresses. indicators of advance fee scams:
Requesting new cards or checkbooks
to a new address. When encountering communications
The set up of a new authorized user. from a business, it is imperative to
Customer education is also vital in ensure the sender’s authenticity.
ensuring account safety. Staff should Verifying the organization’s legitimacy
encourage customers to turn on multi- is also critical when dealing with
factor authentication (MFA), change entities unfamiliar to the recipient –
passwords regularly, and offer the checking business registrations on
option to be contacted when a credit reputable online services, such as
limit request has been made. Companies House in the UK, to
confirm their status. Additionally,
attentiveness to details such as
misspelled URLs or addresses within
the message is crucial for detecting
potential fraudulent activities.
 127

Common types of fraud include loans, 6. Credit card fraud

overpayments, lottery or cash prize Credit card fraud is one of the most
wins, vacation rentals, unexpected popular types of identity theft and
inheritance, and investment fraud. It is defined as the
opportunities. Customers should be unauthorized use of an individual’s
encouraged to be particularly vigilant debit or credit card to withdraw cash
when receiving these or make purchases. In the US, in
communications. 2022, there were 440,666 reports of
credit card fraud – marking a thirteen
The general content of the message percent increase from the previous
should also be studied – key year.
indicators include an offer that seems
too good to be true, an unusual sense Credit card fraud encompasses two
of urgency, frequent typos, and the primary categories: card-not-present
general mention of up-front payment. (CNP) fraud and card-present
Romance scams have also become fraud.CNP fraud is on the rise,
more common. Typically, scammers facilitated by stolen credit card details
will pose as a potential romantic to make multiple online transactions.
partner via social networks or dating This may involve substantial
apps and employ emotional purchases or bulk buying to exploit
manipulation to gain their victim’s any potential time lapse before
trust. A 2023 study conducted by detection.
Lloyds Bank revealed that the number
of victims of romance scams has Offline instances of CNP fraud include
increased by 22 percent compared to completing payment forms with stolen
2022. details and submitting them via email
or phone – incidents leading to CNP
Once trust is established, scammers credit card fraud range from theft in
typically ask their target to send them physical locations to phishing via
money or invest in a lucrative email or text and exploiting public Wi-
business opportunity, often involving Fi vulnerabilities.
cryptocurrency. These schemes are
called pig butchering, likening the Card-present fraud, though less
victim to a pig fattened before common due to chip, PIN, and mobile
slaughter – FIs should use customer payment technology, also still occurs.
relationship management (CRM) Examples include the theft of credit
channels such as email or social cards from homes or persons, losing
media to increase customer cards, cloning through skimming at
awareness of these ploys. ATMs or establishments, and
interception of new or replacement
cards during postal delivery.
 128

It’s essential that FIs actively monitor

and detect suspicious credit card Identity fraud: This is where a
activities, implementing robust perpetrator steals an individual’s
transaction monitoring and fraud identity or card details, either via the
detection systems while educating internet or through physical theft.
customers on safe card usage Once the identity is assumed,
practices. malicious actors will attempt to access
a bank account and transfer
7. Investment fraud unauthorized funds.
Investment fraud and scams involve
many techniques mentioned in this Mortgage/real estate fraud: Real
guide. Some will be easier to spot estate and mortgage fraud
than others, as scammers will go to encompasses deceptive practices in
lengths to ensure any websites, the real estate sector. The Boston
documents, or details discussed seem division of the Federal Bureau of
as legitimate as possible. Investigation reported that over
11,000 individuals nationwide in 2021
Educating customers and staff to experienced average losses of
watch out for the following can assist $350,328,166 due to real estate
with protection against illicit scams, a sixty-four percent increase
investment opportunities: from 2020. Among the most notable
fraud types is mortgage fraud,
Stay vigilant when receiving cold involving intentional deception in
calls, particularly from a company or mortgage lending, where consumers
organization with which the individual provide false information to obtain a
has never interacted. mortgage loan or influence loan
Investigate online reviews for any terms.
company offering investment
opportunities, and check with the False advertising occurs when a
relevant local financial authority, such business provides inaccurate
as the FCA in the UK, to ensure they information regarding the quality or
are correctly regulated. benefits of a product or service,
Ask for legitimate documentation violating legal obligations that
detailing any proposal, and seek mandate honesty in advertising,
expert advice if unsure. governed by watchdogs such as the
UK’s Advertising Standards Authority
8. Consumer fraud (ASA). Such practices include false
Consumer fraud is the umbrella term assertions about a product’s capacity
for illicit activities conducted to cause to enhance health, mental faculties, or
financial loss or harm to a consumer cognitive abilities.
or group of consumers. Common
examples include:
 129

9. Fraudulent charities 10. Return fraud

Fraudulent charities exploit goodwill Return fraud refers to illegal practices
by asking victims to donate to a good where individuals exploit the returns
cause. Sometimes, these charities process of goods and services to gain
may not even exist, or fraudsters a financial advantage – usually a
create fake campaigns using the significant problem for retail and e-
names of reputable organizations or commerce businesses.
established causes.
This can involve returning stolen
Victims who enter their card or merchandise, using counterfeit
personal information on a website to receipts, or manipulating the returns
donate may also inadvertently expose systems for illegitimate refunds or
themselves to identity theft or credit retail store credits. Some of the most
card fraud, as scammers can exploit common methods include:
the collected data for illicit purposes.
Receipt fraud: Stealing or falsifying
FIs can contribute significantly to receipts to return a product and
protecting customers from losing profiting from the refund. This can
funds to fraudulent charities and also involve purchasing an item from
organizations by: a retailer at a lower price and
attempting to return it to another store
Using transaction monitoring to detect with higher retail value.
unusual patterns associated with Bricking: This is where a malicious
potentially fraudulent charities. Many entity purchases an electronic item,
software options allow FIs to set up renders it unusable, and returns it for
alerts for large or irregular donations. profit. This can also include switch
Ensuring there is a robust customer fraud, which involves buying a
due diligence (CDD) process set up to working item and then attempting to
thoroughly vet charitable return a previously damaged version
organizations setting up accounts. of the item to profit from the returns
Conducting real-time screenings of policy.
charities against global watchlists and Stolen items: Occurs when an item is
sanctions. stolen and returned for a full refund.
Advising customers to watch out for Top prevention and detection
red flags such as urgency, vague practices include transaction
mission statements, and unsolicited monitoring to identify patterns
contact from charities they’ve not indicative of returns fraud, such as
previously dealt with. Firms should frequent or unusual returns behavior.
also encourage customers who wish Organizations should also be
to donate to do so through verified encouraged to employ biometric
channels, such as a charity’s authentication and MFA to enhance
registered site.
 130

customer screening processes when charges or non-received goods.

making a return. Resolving these requires firms to
navigate a process proving the
Collaboration with retailers is also legitimacy of the charge. Merchants
essential to share information on suspecting misleading claims can
known return fraud cases and work challenge the chargeback,
collaboratively to educate and combat emphasizing the importance of
future attempts. understanding legitimate and
illegitimate grounds to manage
11. Chargeback fraud resources and protect against
While many chargebacks are unwarranted claims efficiently.
legitimate, chargeback fraud occurs Firms must integrate preventive
when a customer disputes a measures into a comprehensive risk
transaction with their payment management system to prevent
provider for illegitimate reasons. chargeback fraud effectively.
Chargeback frauds can have serious Customer documentation, diligent
financial ramifications for FIs and onboarding processes, and detailed
retailers, with unnecessary costs and customer and transaction records
the enablement of other illegal form the foundation for validating
activities – experts have reported that dispute claims.
chargebacks cost merchants over
$100 billion in 2023. A robust transaction monitoring
system can also help identify subtle
Before a chargeback can be classified patterns indicative of fraudulent
as fraudulent, it’s important to behavior, particularly with repeat
distinguish whether it’s legitimate. offenders.

Legitimate chargebacks, aimed at 12. Cybercrime

protecting customers, involve billing Cybercrime is one of the biggest
errors, unauthorized charges, or emerging threats to FIs, businesses,
undelivered goods, supported by and individuals worldwide – it has
regulations like the Fair Credit Billing been estimated that money
Act (FCBA) and the Electronic Funds laundering from cybercrime could
Transfer Act (EFTA). Customers have reach $10.5 trillion by 2025. The
a specified timeframe to dispute, general term cybercrime
usually 60 days under the FCBA, encompasses a wide range of
ensuring protection against criminal activities conducted online,
unauthorized transactions. including:
Fraudulent chargebacks, also termed
friendly fraud, occur when customers Phishing: As mentioned earlier, this
falsely claim legitimate dispute involves fraudulent attempts to obtain
reasons, such as unauthorized sensitive information or steal an
 131

individual’s identity. Phishers usually How to detect and prevent fraud

pose as trusted entities and use In the ongoing battle to prevent fraud
emails, messages, or websites to gain in its many forms, FIs should employ
a target’s trust. the best practices in this guide.
Malware: Short for malicious software, Ongoing staff training and customer
this is where negative entities use awareness initiatives are crucial to a
viruses or computer programs to harm firm’s defense strategy. Fraud
or exploit vulnerabilities in an detection software is also vital. These
individual’s computer system or programs help keep businesses safe
device. from the continuously evolving nature
Cryptojacking: Hackers illicitly use a of payment fraud scenarios with the
victim’s system to mine application of AI and bespoke rules.
cryptocurrency without their
knowledge or consent – this is often a With the right software, FIs can
byproduct of successfully installing establish customized thresholds and
malware. promptly receive alerts upon detecting
Ransomware: Ransomware is potentially fraudulent behavior,
software that locks a user’s files and effectively thwarting payment fraud,
devices, rendering them inaccessible. ACH fraud, and other illicit activities.
Cybercriminals will demand a ransom, Smart alerts not only identify fraud but
usually in cryptocurrency, to unlock also provide insights into the reasons
them. behind each alert’s creation, resulting
In alignment with Financial Action in enhanced analyst efficiency and a
Task Force (FATF) recommendations, potential reduction of up to 70 percent
banks, and financial institutions must in false positives.
establish risk-based AML/CFT
programs to combat cybercrime Fraud and AML teams often face
threats effectively. common challenges when working in
silos, which can lead to occasional
This entails conducting oversight of connected persons or
comprehensive risk assessments of entities. Fortunately, dynamic fraud
customers and implementing software seamlessly integrates into an
proportionate responses. Specifically, FI’s existing systems, ensuring
in cybercrime, firms must focus on alignment between personnel and
customer identification and ongoing software. This alignment has been
monitoring. shown to result in a 25 percent
reduction in all payment fraud-related
losses with some software.