New Jamtara Operations Shine Light on the Ongoing Battle Against Cyber Crime

The recent "New Jamtara" operations, which saw simultaneous raids at 14 Nuh villages for a day, have brought the issue of cybercrime to the forefront once again. For context on the scale of operations, it’s noteworthy that just in this incident, suspects had defrauded around 28,000 people from across the country, to the tune of ?1000 million plus. Hundreds of SIM cards that were disposed of in the villages have been recovered. They used to deposit money in private bank accounts opened online or through forged ID cards. Fake SIMs, Aadhaar cards & PAN cards were recovered. Some 219 bank accounts & 140 UPI accounts used have already been identified.

The world has been rapidly digitalizing in recent years, with more and more people relying on the internet and technology; from shopping and banking to socializing and working. People also increasingly save passwords and financial information on their mobiles and other devices. However, this increased reliance on digital infrastructure has also brought forth new challenges and risks.?From identity theft to online fraud, cybercriminals are finding new and innovative ways to exploit the digital landscape.

One of the most common types of cyber fraud in India is phishing.?This involves sending emails or messages that appear to be from a legitimate source, such as a bank or social media site, to trick people into giving away their personal information. Last few months there has also been a flurry of multiple scam fraud international calls on WhatsApp!?Other types of cybercrime include hacking, malware attacks, and online harassment.?

Some new ways of fraud that we should know:

1. Vishing, which is a type of phishing scam that uses voice calls to trick users into revealing their personal and financial information. For example, they might say that there has been suspicious activity on the victim's account and that they need to verify their details to prevent any fraudulent transactions.
2. Ransomware, where cybercriminals take control of the victim's system and demand a ransom to restore access.
3. Deepfakes, where criminals use advanced technology to create fake videos or images to deceive users. For example, they might create a fake video of a politician or celebrity saying something controversial or damaging. They might then share this video on social media, hoping to cause harm or spread misinformation.
4. AI-based fraud, where cyber criminals use artificial intelligence to carry out sophisticated attacks and evade detection. For example, they might use AI to create a fake voice that sounds like the victim's boss or colleague, and then use that voice to persuade the victim to transfer funds to a fraudulent account. Or they might use AI to generate realistic phishing emails that are more likely to trick victims.
5. SIM swapping, where criminals steal the victim's phone number to gain access to their accounts and carry out fraudulent activities. The fraudster typically convinces the mobile carrier to transfer the victim's phone number to a SIM card in their possession, by posing as the victim and providing personal information, such as the victim's name, date of birth, and address. Once the fraudster has control of the victim's phone number, they can access any accounts (including banking, email, or social media) that use the victim's phone number as a form of authentication. They might use it to reset passwords on the victim's accounts or to intercept two-factor authentication codes sent via SMS.
6. There is a rise in fake customer care scams, where criminals pose as customer care representatives to trick users into revealing their personal and financial information.

Steps to safeguard include:

1. Use strong passwords: Unique, difficult to guess, and changed regularly. Frankly, remembering and changing passwords on multiple devices is a pain but a must.
2. Keep software up to date: To avoid vulnerabilities that can be exploited by hackers.
3. Use anti-virus and anti-malware software: Install and regularly update them.
4. Secure our network: Use firewalls, encryption, and secure Wi-Fi networks to protect from unauthorized access.
5. Be cautious when opening emails or messages from unknown sources: Always verify the source before opening attachments, clicking links, or downloading files. Look carefully at the email address, not just the name of the sender.?I have myself witnessed a flood of emails ostensibly from my CEO (they were never actually sent) asking me to do money transfers!!
6. Be cautious when receiving unexpected phone calls and never disclose sensitive information like passwords or banking details over the phone. Verify the caller's identity and call back a known number to be sure.
7. Verify the authenticity of the media before sharing or forwarding it. Be aware that deepfakes can be created in many forms, including text messages, videos, and images.
8. Enable two-factor authentication wherever possible.
9. Stay updated with the latest security trends and about new types of cyber threats. Back up our important data regularly.

Regular security assessments and audits can help identify vulnerabilities and address potential risks before they turn into full-blown attacks.?For businesses, all employees should be trained in how to identify and avoid potential threats. This includes educating them on strong password practices, the dangers of phishing emails, social engineering tactics, and safe internet browsing habits.

With Newer ways of fraud coming up every new day, awareness and Utmost caution is Key.