February 7, 2023 is Safer Internet Day. This is the 20th edition of the campaign which aims to encourage people all over the world to make the Internet a safer space at a time when more and more people have become vulnerable to cyberattacks.
Being armed with information on our fingertips brings with it a host of interesting challenges though, especially when it comes to online transactions.
The rise in various services shifting towards online platforms has also meant higher risk of financial breaches for consumers.
From identity fraud, phishing, mining of personal data etc., here are some of the most common cyber threats we must be aware of in order to have a more financially secure experience.
Most Common Threats With Online Transactions
Experts believe identity fraud to be one of most common as well as lethal forms of online threats that consumers face.
“Identity theft in digital finance may occur when a customer’s personal and financial information is stolen and used without their consent for unauthorised transactions or access to sensitive information,” says Karan Mehta, founder and chief technology officer (CTO), RING, a digital payments start-up for credit and payment needs of aspirational young Indians.
Another major threat faced by the consumers is cyberattacks, which is essentially a broad term referring to “malicious activities aimed at disruption, unauthorised access, or theft of sensitive information during a digital transaction,” Mehta says.
Types Of Attacks
Cyberattacks in digital transactions could be executed in the form of phishing, man-in-the-middle attacks, and data breaches, among others.
Phishing is when criminals impersonate a trustworthy entity, such as a bank, company, or government agency, to trick individuals into revealing sensitive information, such as passwords, credit card numbers, and so on, says Mehta.
In case of man-in-the-middle attacks, an attacker intercepts the communication between two parties and either alters the information being exchanged, or, steals sensitive data for personal gain. Similarly, when a data breach occurs, attackers gain unauthorised access to a system or database and steals sensitive information.
Another common cyberattack involves mining of personal data.
According to Mehta, the threat faced by users is not to some external malicious attack, but to the services and systems themselves.
“Data mining refers to the practice of collecting and analysing large amounts of personal information from individuals for ancillary purposes. Fintech companies typically collect data, such as financial transactions, social media activity, and demographic information to better understand their customers and provide more personalised financial services,” he says.
It is important to note that, until recently, many organisations used customers’ personal data, previously gathered by companies, to conduct unethical debt recovery practices. This came to a stop only in December 2022 following new digital lending norms by the Reserve Bank of India (RBI ).
Simple Steps You Can Take To Ensure Safety Online
According to cyber experts, password management is one of the simplest of ways to stay safe, and one way to practise this is to not repeat passwords for various portals and app uses. Another thing to keep in mind is to always ensure using trusted software.
“Using ‘bootlegged’ or generally unknown sites and services is a very risky gamble that should be avoided no matter what. Even simple steps like doing a Google search into the service’s history, checking an app’s reviews and/or comments sections, or seeing if the description confirms an RBI authorisation, can go a long way toward ensuring its safety,” he says.
As a matter of practice, one should use strong and different passwords for different platforms, he adds.
“Using cross-platform password manager is a great way to remember and use these passwords. Keeping the system’s software up-to-date, and avoiding giving out personal information on unsecured websites are also key. It’s also advisable to regularly monitor one’s financial statements and never ignore out-of-place transactions,” Mehta further says.
As the world has moved towards the use of apps for lot of daily activities, it is crucial to be careful about the authorisations that these apps often seek permission for.
While we may callously click on some random button when opening a search page, the truth is many apps ask for permission to access our personal data.
“One should not give blanket approvals to apps but rather should be mindful if the app really needs that access for proper functioning. This can prevent you from sharing data like location, personal pictures, contacts, etc. especially when not using the app,” Mehta adds.
