As more people use mobile phones for online shopping, it is imperative to understand the security threats on the internet to ensure a safe shopping experience. Pune-based cybersecurity firm Quick Heal says cyber attacks typically rise during the festive season.
Sanjay Katkar, joint managing director (MD) and chief technology officer (CTO) of Quick Heal Technologies Limited, said Quick Heal experts had observed a periodic spike in cyber incidents, especially around festive occasions. He said these attacks include phishing scams, adding that people become vulnerable to attacks when they fall for the bait.
In a recent report titled "Ecommerce Festive Season 2022," business consultancy firm Redseer said that out of the 75-80 million Indians who shopped on e-commerce platforms in the first week of October, mobile phones accounted for about 41 per cent of the sales.
It shows that more people have rushed to buy mobile phones to capitalise on the mega festive deals, suggesting the growing demand for these multi-functional gadgets.
According to Nathan Wenzler, chief security strategist at Tenable, a US-based cybersecurity company, "With so much of our personal, medical, and financial information flowing through these smartphone devices, they're also prime targets for cybercriminals who can monetise that data or leverage access for nefarious purposes."
● Watch Over Your Mobile Network: While the 5G network is now the talk of the town, news of cybersecurity incidents, including mobile phone hacks, flood social media posts. "We noticed that several people in Hyderabad had fallen prey to cyber fraudsters who were duped on the pretext of upgrading their SIMs. The number of such incidents has gone up since the news of the 5G rollout in Hyderabad has come out," said a senior city police officer in an interview with TimesNow on October 7.
Pinakin Dave, country manager, India and SAARC region, OneSpan, a Chicago-based cybersecurity company, said SIM swap is one of the latest scams. It's highly ominous because he said that the incident may have already happened by the time the person gets to know about the attack.
As part of the plot, hackers send a request for a SIM card replacement on your behalf but activate it on their phone. Since your phone number is linked with numerous services, they get access to those too.
"To avoid becoming a victim of this fraud, contact your service provider when your network stops working. In addition, make sure you have a dual OTP service activated for your phone and email. Installing anti-phishing and anti-malware protection will also help avoid this type of incident," advised Dave.
●Check the Authenticity Of The App Developer: An user can download Apps in many ways. Google's play store is the most used one, but other APK downloading websites allow users to download apps.
Wenzler said users should check the app's authorship, read the developer's policy terms, genuineness, etc., before downloading an app from any platform.
The policy and privacy terms are generally displayed on the download page of the Google Play Store and iOS App Store. Wenzler has advised people to download apps only from reputed app stores.
● Check Smartphone Statistics Frequently: Wenzler advised people to keep track of their smartphone's behavioural statistics. It is tricky, but there is an in-built functionality to track the apps on both Android and iOS systems.
For example: In the battery information section of your Android/ iOS phone's settings, you can check how much battery each app is consuming. You can note this and observe any unusual battery usage behaviour with any app. Likewise, in an Android phone's network section, you can check the amount of data each app consumes and observe any unusual data consumption.
Dave says that people often fail to notice if a bad actor has replaced their phone's genuine application with a malicious app that looks the same.
There are also certain behavioural statistics that you can observe and identify if the app is genuine or malicious. For example, a malicious app will consume more battery and processing power and slow down the phone sometimes.
Wenzler also suggests that people check if they are logged out of social media accounts abruptly or receive multiple sign-in attempt emails.
"While there may be technical issues, these behaviours could also suggest a malicious app has gotten installed, and attempts are being made to compromise your data and other services," added Wenzler.
