NEW DELHI: The government’s push for a less-cash economy after demonetisation has made digital payments popular. The number rose 55 per cent in 2016-17 against a 28 per cent growth during the five-year period ending 2016, according to government think tank NITI Aayog.
As smartphones get cheaper and data prices go down, a large number of Indians are taking to smartphones and using them for making payments.
The sudden surge in digital payments also increases the risk of cyber theft as new users don’t take all the required precautions for safe transactions.
Disguised as a useful apps, the trojan secretly loads malicious code onto the device. Once the app is activated, the trojan clicks on web pages with Wireless Application Protocol (WAP) billing, a form of mobile payment that charges costs directly to the user’s mobile phone bill. The trojan silently subscribes the phone to a number of services.
This trojan had not been observed for a while, but in Q2 of 2017 it became surprisingly common, hitting mobile phones mostly in India and Russia.
Smartphones are riskier than desktops as they are easier to target. According to a Kaspersky security bulletin, there was a sudden spurt in malware attacks on Android devices in 2016.
Since there is no escape from making online payments in today’s world, you must take adequate precautions to keep your money safe. Below are 10 steps that can ensure safe online payments:
1. Search the Internet carefully
When you are looking for product reviews or price comparisons on a search engine, you run the risk of unintentionally clicking on a ‘poisoned’ search result that can lead you to malware instead of your intended destination. Poisoned search results are created by cyber criminals who use search engine optimisation tricks—called Black SEO—to manipulate search results to insert malicious links. Tools such as Kaspersky’s URL Advisor or third-party browser add-ons such as Web of Trust can help you avoid poisoned links and malicious websites.
2. Type, don’t click
Type the URL in the address bar instead of clicking a link to go to your chosen retailer’s website. It may take a little more effort, but this simple action can help avoid visiting fake and malicious websites. Ensure that the link starts with ‘https’. The ‘s’ symbolises a secure site. Make sure there is a padlock symbol in the browser window frame whenever you visit a payment site.
3. Get a temporary credit card
Some credit card companies issue temporary credit card numbers for their customers. These temporary numbers are meant for one-time purchases. Even if the information is stolen, it is of no use. However, you cannot use them for purchases that require regular payments and auto-renewal. In that case, use a credit card that has a low limit.
4. Use a dedicated computer
You can keep a computer solely for financial transactions. Install Google Chrome with HTTPS enforcement and also a trusted anti-virus programme. Keep the dedicated computer clean: don’t use it for casual surfing or social networking.
5. Use a dedicated email address
Create an email address only for online shopping. This can help you reduce the risk of opening potentially malicious email or spam messages which are disguised as various kinds of notifications or sales promotion.
6. Use a password manager
A password manager can help you deal with multiple accounts. A manager encrypts passwords which would otherwise be in plain text. A manager will also help you avoid a common mistake—keeping one password for all your accounts. Some antivirus and Internet security products include password management and password security features.
7. Avoid public Wi-Fi/computers
Never do financial transactions on a public Wi-Fi. Hackers can intrude easily into a public WI-Fi network and steal your login details. If you need to make a financial transaction when you are out, use your own mobile phone network.
8. Keep your data to yourself
Don’t save your bank and personal details in a browser or a payment site. Type the information whenever you make a transaction. Don’t forget to log out every time you log in.
9. Avoid apps that you can’t trust
Often, smartphone apps carry malware. If you are not sure of an app, don’t download it instantly. Spend a little time reading about it, going through its terms and conditions and knowing what current users say about it. Only download apps from the official app store.
10. Buy from a reputed merchant
Before making payments online, make sure your merchant is reputed and trusted. Websites of many small merchants are not secure enough to prevent data theft. If you think the merchant is not trustworthy, don’t pay online. Opt for cash on delivery.
(This article is from the series on ‘Dangers of a connected world’)