Look before you leak data online

An electronic transaction may be a cool thing to do, which spares you from all the hassles, no doubt. But watch out, pitfalls abound.

The ever-present danger of data theft in particular is closer than you think. So, you would do well to stay guarded all the time by avoiding the boobytraps. Vishwanath Nair & Neelasri Barman get you some handy details.

Some time last month, Dhiren Doshi, 27, a sales officer with a multi-national company in Mumbai, had an unusual e-mail marked to his inbox. The mail dangled a carrot, saying a leading private sector bank was willing to offer a specialised personal loan to him at a steep discounted rate. Doshi promptly fell for the bait, replying to it with all his account details.

“In about a week after replying, I noticed that some large transactions had been made from my account. When I approached my bank, I realised that I had been cheated by some criminals based outside the country,” Doshi said, recounting the horror.

The worry is Doshi’s is not a case in isolation as there are many such instances that go unreported in India. And the number is only growing. According to experts, especially over the last few years, online frauds have become more rampant. The trick is simple: fraudsters tap into users’ database by asking them to part with their details using text messages or e-mails.

And the perils are getting increasingly real these days as more and more customers are prefering the electronic medium to carry out their banking transactions. The feeling among bankers is the buck stops at the customer and not the bank, which cannot be held responsible for each and every action, especially when it’s a fallout of a fairly careless behaviour on the part of the end user.

“The Indian Banks Association is planning to put this point across before the Reserve Bank of India that banks should not be liable for paying compensations to customers. That’s because if we compensate for a few genuine cases, then others may also claim tomorrow something on these lines and start asking the bank for compensation,” said a senior official at the IBA.

It has been found that in many cases, the offence is committed by someone close to customers themselves. “Very often, we find that there is some known party either on the shop floor or at home who has access to this crucial information,” said Paul Abraham, chief operating officer, IndusInd Bank.

Alarmed by the growing number of cases involving online frauds, banks have started issuing instructions to all their online banking customers detailing the potential hazards. To be doubly secure, most banks have put in place a two-layered authentication system for all online transactions.

“Funds transfer to third parties requires a two-factor authentication not only for addition of the beneficiary account, but also for effecting the transfer of funds. After each such online transaction, an instant SMS is sent to the user to make him aware of his online activities,” said P Pradeep Kumar, deputy managing director & chief information officer, State Bank of India.

Axis Bank does its bit by way of providing technical information to the victim when it comes to detailed investigation. “The customers are immediately advised to either deactivate their account temporarily or change their passwords. In addition, they are advised to file an FIR at the nearest police station. The bank generates logs of the transactions and can share the same with the authorities under a due process to find out the source of such dealings and help nail the culprits,” the official spokesperson at Axis Bank said.