Almost a decade back, when shiny plastic cards were introduced by multi-national banks (the native banks followed the suit almost overnight), it became an instant hit amongst the customers. Why not? The advantages were many. No hassle of carrying bunches of paper notes, the headache of saving them from pickpockets and muggers et al. The disadvantages - no one ever thought of.
Of late, though, a series of scams and frauds have proved that the vulnerability of the plastic money is as high as the paper money. Or even more, as the volume of fraud or the number of people affected by the same are staggering. Worse are the e-bankings and online transactions sectors, in terms of their vulnerability to hackers and fraudsters.
Said Internet guru, Vijay Mukhi, "Its so simple to take away data from anybody's credit card. The three digit CVV number at the back of the card, the 16 digit card number in the front and the expiry date. That's it. Your money is mine," Mukhi stated while explaining the vulnerability of a credit card to frauds.
Another common method to fake a credit card, Mukhi added was the cloning of the magnetic tape, fixed at the back of the credit card. "This method is believed to have originated from China," Mukhi added.
"Credit cards and e-banking, especially the savings accounts are never safe or will never be, as long as we login with the help of the user name and passwords," Mukhi stated.
To ensure foolproof protection to these online (or even electronic) money exchange-transfer procedures, Mukhi suggested the built in safeguards—like finger print verification or verification through eye scanning—to avoid counterfeiting.
"These are the only two methods which can not be duplicated and it is high time for the government to make it mandatory for banks to implement these safety methods before they start e-banking facilities or issue credit cards," he added.
Various methods of defrauding credit cards and on line transactions
'Phishing' has emerged as the most recent innovation for e-banking frauds. Mukhi explained how it works — The Phishers initially send spams through various e-mail addresses. The numbers can go up to millions. The spams are exact replicas of the home pages of various banks (like ICICI, HDFC or even foreign banks like HSBC, Bank of America and the like).
The Phisher would put the e-mails subject either interesting or scary. For ex - "Your account has been blocked or Hackers are trying to remove money from your account." "This is good enough to tempt the user to open the e-mail. And once he opens it, he is enticed to fill in details like his log in address and password and other personal details.
The moment he clicks the OK icon, the page is automatically directed to the original home page of the bank site. However, by that time, the Phisher had already retrieved the personal data from the fake home page," Mukhi added.
And once the personal details are available with him, he can easily access the account at any point of time and take away/transfer money from the said account at his convenience, Mukhi added.
Early this month, the Cyber Crime Cell of the Mumbai police had arrested a Nigerian for a net banking fraud of Rs 6.92 lakhs at Pydhonie.
Abdul Rahman alias L Azccz (30), had allegedly created a fabricated web page of ICICI bank, the link (https://infinity.icicibank.co.in/loginrestore-session/server) which he sent through email to the customers holding ICICI bank accounts. The web page - a look alike of the original ICICI bank web page – asked the customers to provide their user ID, logging password, transaction password and card number.
The bogus web page sent across by the accused further stated that it was from the 'ICICI Bank Accounts Review Department' asking the customers to furnish the details required for reviewing their account.
The accused later retrieved the same information and used it for transferring the money in various other accounts. The police had recovered user ID's, login password's and other such information of 26 customers from the accused.
Cloning of credit cards through skimming
Perhaps the first and time tested method of faking credit cards. This involves the cooperation of several people (operators) at various stages. Initially, the users credit card is swiped on a skimming machine. It can even be during a genuine payment. The sensors attached to the skimming machine stores the data imprinted on the magnetic tape as it is swiped. The data is then transferred to a computer.
An ordinary plastic card (in the shape of the credit card) is then obtained from the market. The data in the computer is then inscribed on a magnetic tape (as in case of a credit card). The number of the credit card as well as the name of the user, is embossed on the card. The magnetic tape is pasted at the back of the card. Now its ready for use.
Taking away money from credit cards by kidnapping the carrier
Such a case had come to light recently. Three boys kidnapped a courier boy at Lower Parel when he was on his way to deliver 10-15 credit cards of a particular bank to customers at Fort area. The boys lodged him in a flat at Santacruz and went about a shopping spree in malls and departmental stores. In just one day, they had debited over Rs 10 lakh from these cards on shopping.