Punjab National Bank (PNB) Credit and Debit Card Data Breached

Punjab National Bank (PNB)'s Sensitive Information of 10,000 Credit and Debit Card Data Breached

The leaked information includes Names, Personal Identification Numbers (PIN), Expiry Dates and card verification values online.

Credit and debit cards details  are selling on Darkweb websites. Darkweb is illegally selling underground services such as Hacking or other leaked information.

Firstly CloudSek team identified a listing that claimed to have multiple cards that belonged to PNB that were put up for sale on a DarkWeb site. "We immediately tried reaching out to PNB using the cybercrime contact emails that were listed on their website. But that email bounced. said Rahul Sasi, CTO of Cloudsek.

On 21st, Feb, 8:10 PM company was able to get in touch with PNB officials via a third party source. The PNB officials were quick to respond as they got a call back the same day at 10.00 PM from PNB security officials. We provided them a detailed report about the leaked data.

On 22nd, Feb, 1:10 AM we provided them a more detailed report. And the officials ensured swift action."

According to report of Atimes,

“We believe, on preliminary analysis, that the data has been available for at least three months. While this is yet to be firmly established, we are carrying out our forensic investigation,” said a government official familiar with the case. Virwani was asked by Asia Times to comment on the breach, but has not yet responded. A message received from him states that he was not authorized to respond to the media and the queries have been forwarded to the Corporate Communications department. The story will be updated as and when a response is received.

“Usually these sites on the deep/dark web build up reputations on the authenticity of the data they sell illegally. This particular site has a very good reputation. They offer a sample size to buyers to establish their credentials before the sale is made. In this case they were offering to sell the data at US$4.90 per card,” he reported

PNB is already suffering from the latest fraud case worth 11,400 Crore in Indian Rupees. The firms were unable to pay to Bank after their bank accounts were frozen by the ED and the CBI in connection with the alleged Rs 11,400-crore scam.

In India, there are still some Banks and ATM's running on Windows XP, however support for Windows XP ended on 8 April 2014. Microsoft will no longer provide security updates or technical support for the Windows XP operating system. It is very important that customers and partners migrate to a modern operating system such as latest Microsoft Operating System Windows 10.

UniCredit Bank Gets Hacked And 400,000 Italian Customers Affected

UniCredit Bank Gets Hacked And 400,000 Italian Customers Affected.

• Italian Largest UniCredit Bank 400,000 customers are affecting due to two security breaches. 

• First Security breach occurred in September and October 2016  and Second in June and July 2017

According to the report, UniCredit admitted that no password were stolen but cyber criminals might have accessed customer personal data and IBAN numbers. Unicredit has blamed to a third party service provider for the security breach incident. Also, its share fell about 1% after its disclosure of the hack.


UniCredit said in the statement, UniCredit today announced it has been the victim of a  security breach in Italy due to unauthorised access through an Italian third party provider to Italian customer data related to personal loans only.


A first breach seems to have occurred in September and October 2016 and a second breach which has just been identified in June and  July 2017. Data of approximately 400,000 customers in Italy  is assumed to have been impacted during these two periods. No data, such as passwords allowing access to customer accounts or allowing for unauthorised transactions, has been affected, whilst some other personal data and IBAN numbers might have been accessed.

UniCredit has launched an audit and has informed all the relevant authorities. In the morning, UniCredit will also file a claim with the Milan Prosecutor's office. The bank has also taken immediate remedial action to close this breach.

For immediate information, customers should contact UniCredit's dedicated toll-free number 800 323285 or  their regular branch customer services team.  In addition, UniCredit will be contacting affected customers through specific channels, not including email or phone calls.

Customer data safety and security is UniCredit's top priority and as part of Transform 2019, UniCredit is investing  2.3 billion euro in upgrading and strengthening its IT systems.

Hackers Stole $32 Million in Ethereum

An unknown hacker has just stolen nearly $32 million worth of Ethereum – one of the most popular and increasingly valuable cryptocurrencies – from Ethereum wallet accounts linked to at least three companies that seem to have been hacked.

This is the third Ethereum cryptocurrency heist that came out two days after an alleged hacker stole $7.4 million worth of Ether from trading platform CoinDash, and two weeks after an unknown attacker hacked into South Korean cryptocurrency exchange Bithumb and stole more than $1 Million in Etherand Bitcoins from user accounts.

On Wednesday, Smart contract coding company Parity issued a security alert, warning of a critical vulnerability in Parity's Ethereum Wallet software, which is described as "the fastest and most secure way of interacting with the Ethereum network."

Exploiting the vulnerability allowed attackers to compromise at least three accounts and steal nearly 153,000 units of Ether worth just almost US$32 million at the current price.

The attack started late Tuesday and continued on Wednesday, resulting in a total of three transactions, which can be seen on Etherscan.io. The three victims of the attack identified are:

• Swarm City
• æternity blockchain
• Edgeless Casino

Parity says the vulnerability affected the contract used to create multi-signature Ethereum wallets in Parity version 1.5 or later, warning its users to move their Ether from their in-browser wallets to more secure accounts immediately.

White Hat Hackers Group Holds $75 Million Worth of Ethereum

Yes, 377,000 more Ether worth over $75 Million were also drained by white hat hackers.

As the attack began, a group of white hat hackers used the same exploit to drain approximately 377,000 Ether from other vulnerable wallets into holding accounts in order to protect them from black hat hackers, Coindesk reports.

The Whitehats are currently holding the rescued funds and has promised to return the funds to their owners once this security threat passed.

"The White Hat Group were made aware of a vulnerability in a specific version of a commonly used multisig contract. This vulnerability was trivial to execute, so they took the necessary action to drain every vulnerable multisig they could find as quickly as possible," White Hats wrote on Reddit. 

"We will be creating another multisig for you that has the same settings as your old multisig but with the vulnerability removed and we will return your funds to you there."

The company has just released an updated version of the Parity software fixing the vulnerability.

CopyCat Rooting Malware Hijacks 14 Million Android Devices

A newly uncovered malware strain has already infected more than 14 Million Android devices around the world, earning its operators approximately $1.5 Million in fake ad revenues in just two months.

Dubbed CopyCat, the malware has capabilities to root infected devices, establish persistency, and inject malicious code into Zygote – a daemon responsible for launching apps on Android, providing the hackers full access to the devices.

Over 14 Million Devices Infected; 8 Million of them Rooted

According to the security researchers at Check Point who discovered this malware strain, CopyCat malware has infected 14 million devices, rooted nearly 8 million of them, had 3.8 million devices serve ads, and 4.4 million of them were used to steal credit for installing apps on Google Play.A newly uncovered malware strain has already infected more than 14 Million Android devices around the world, earning its operators approximately $1.5 Million in fake ad revenues in just two months. Dubbed CopyCat, the malware has capabilities to root infected devices, establish persistency, and inject malicious code into Zygote – a daemon responsible for launching apps on Android, providing the hackers full access to the devices. Over 14 Million Devices Infected; 8 Million of them Rooted According to the security researchers at Check Point who discovered this malware strain, CopyCat malware has infected 14 million devices, rooted nearly 8 million of them, had 3.8 million devices serve ads, and 4.4 million of them were used to steal credit for installing apps on Google Play.

While the majority of victims hit by the CopyCat malware resides in South and Southeast Asia with India being the most affected country, more than 280,000 Android devices in the United States were also infected.

While there's no evidence that the CopyCat malware has been distributed on Google Play, the Check Point researchers believe that millions of victims got infected through third-party app downloads and phishing attacks.

Like Gooligan, CopyCat malware also uses "state-of-the-art technology" to carry out various forms of advertisement fraud. 

CopyCat uses several exploits, including CVE-2013-6282 (VROOT), CVE-2015-3636 (PingPongRoot), and CVE-2014-3153 (Towelroot) to hit devices running Android 5.0 and earlier, which are all widely used and very old, with the most recent uncovered 2 years ago.

The success of the campaign clearly indicates that millions of Android users still rely on old, unpatched, unsupported devices.

Here's How CopyCat Infects Android Devices

CopyCat disguises as a popular Android app that users download from third-party stores. Once downloaded, the malware starts collecting data about the infected device and downloads rootkits to help root the victim's smartphone.

After rooting the Android device, the CopyCat malware removes security defenses from the device and injects code into the Zygote app launching process to fraudulently install apps and display ads and generate revenue.

"CopyCat abuses the Zygote process to display fraudulent ads while hiding their origin, making it difficult for users to understand what's causing the ads to pop-up on their screens," Check Point researchers say. 

"CopyCat also installs fraudulent apps directly to the device, using a separate module. These activities generate large amounts of profits for the creators of CopyCat, given a large number of devices infected by the malware."

In just two months of time span, the CopyCat malware helped the hackers make more than $1.5 Million in revenue. The majority of profit (over $735,000) came from nearly 4.9 million fake installations on infected devices, which displays up to 100 million ads.While the majority of victims hit by the CopyCat malware resides in South and Southeast Asia with India being the most affected country, more than 280,000 Android devices in the United States were also infected. While there's no evidence that the CopyCat malware has been distributed on Google Play, the Check Point researchers believe that millions of victims got infected through third-party app downloads and phishing attacks. Like Gooligan, CopyCat malware also uses "state-of-the-art technology" to carry out various forms of advertisement fraud. CopyCat uses several exploits, including CVE-2013-6282 (VROOT), CVE-2015-3636 (PingPongRoot), and CVE-2014-3153 (Towelroot) to hit devices running Android 5.0 and earlier, which are all widely used and very old, with the most recent uncovered 2 years ago. The success of the campaign clearly indicates that millions of Android users still rely on old, unpatched, unsupported devices. Here's How CopyCat Infects Android Devices CopyCat disguises as a popular Android app that users download from third-party stores. Once downloaded, the malware starts collecting data about the infected device and downloads rootkits to help root the victim's smartphone. After rooting the Android device, the CopyCat malware removes security defenses from the device and injects code into the Zygote app launching process to fraudulently install apps and display ads and generate revenue. "CopyCat abuses the Zygote process to display fraudulent ads while hiding their origin, making it difficult for users to understand what's causing the ads to pop-up on their screens," Check Point researchers say.  "CopyCat also installs fraudulent apps directly to the device, using a separate module. These activities generate large amounts of profits for the creators of CopyCat, given a large number of devices infected by the malware." In just two months of time span, the CopyCat malware helped the hackers make more than $1.5 Million in revenue. The majority of profit (over $735,000) came from nearly 4.9 million fake installations on infected devices, which displays up to 100 million ads.


The majority of victims are located in India, Pakistan, Bangladesh, Indonesia, and Myanmar, though over 381,000 devices in Canada and more than 280,000 devices in the U.S. are infected with CopyCat.

Chinese Ad Firm Believes to be Behind CopyCat

While there's no direct evidence on who is behind the CopyCat malware campaign, researchers at Check Point pointed to a Chinese ad firm as possibly being responsible for the distribution of the malware.

Researchers found several connections between CopyCat and the Chinese advertising network MobiSummer, such as:

• CopyCat malware and MobiSummer operate on the same server
• Several lines of CopyCat's code is signed by MobiSummer
• CopyCat and MobiSummer use the same remote services
• CopyCat did not target Chinese users despite over half of the victims residing in Asia

Android users on older devices are still vulnerable to the CopyCat attack, but only if they are downloading apps from third-party app stores.

In March 2017, Check Point researchers informed Google about the CopyCat campaign, and the tech giant has already updated Play Protect to block the malware.

So, Android users even on older devices are protected through Play Protect, which is updated regularly as malware strains such as CopyCat continue to grow.The majority of victims are located in India, Pakistan, Bangladesh, Indonesia, and Myanmar, though over 381,000 devices in Canada and more than 280,000 devices in the U.S. are infected with CopyCat. Chinese Ad Firm Believes to be Behind CopyCat While there's no direct evidence on who is behind the CopyCat malware campaign, researchers at Check Point pointed to a Chinese ad firm as possibly being responsible for the distribution of the malware. Researchers found several connections between CopyCat and the Chinese advertising network MobiSummer, such as: CopyCat malware and MobiSummer operate on the same server Several lines of CopyCat's code is signed by MobiSummer CopyCat and MobiSummer use the same remote services CopyCat did not target Chinese users despite over half of the victims residing in Asia Android users on older devices are still vulnerable to the CopyCat attack, but only if they are downloading apps from third-party app stores. In March 2017, Check Point researchers informed Google about the CopyCat campaign, and the tech giant has already updated Play Protect to block the malware. So, Android users even on older devices are protected through Play Protect, which is updated regularly as malware strains such as CopyCat continue to grow.

AlphaBay Dark Web Market Goes Down; Users Fear Exit-Scam

AlphaBay Market, one of the largest Dark Web marketplaces for drugs, guns, and other illegal goods, suddenly disappeared overnight without any explanation from its admins, leaving its customers who have paid large sums in panic.

AlphaBay, also known as "the new Silk Road," has been shut down since Tuesday night. The site also came in the news at the beginning of this year when a hacker successfully hacked the AlphaBay site and stole over 200,000 private unencrypted messages from several users.

Although the website sometimes goes down for maintenance, customers are speculating that the admins have stolen all their Bitcoins for good measure, when heard no words from the site's admins on the downtime.AlphaBay Market, one of the largest Dark Web marketplaces for drugs, guns, and other illegal goods, suddenly disappeared overnight without any explanation from its admins, leaving its customers who have paid large sums in panic. AlphaBay, also known as "the new Silk Road," has been shut down since Tuesday night. The site also came in the news at the beginning of this year when a hacker successfully hacked the AlphaBay site and stole over 200,000 private unencrypted messages from several users. Although the website sometimes goes down for maintenance, customers are speculating that the admins have stolen all their Bitcoins for good measure, when heard no words from the site's admins on the downtime.

Some users at Reddit and Twitter are claiming that AlphaBay's admins may have shut down the marketplace to withdraw a huge number of bitcoins from the site's accounts.

The withdrawal Bitcoin transactions total 1,479.03904709 Bitcoin (roughly $3.8 Million), which led to suspicion from some users that the site’s admins may have pulled an exit scam to steal user funds.

In March 2015, the largest (at the time) dark web market 'Evolution' suddenly disappeared overnight from the Internet, stealing millions of dollars worth of Bitcoins from its customers.

However, users no need to worry—at least right now when nothing is confirmed, and the timing of the two incidents—site downtime and Bitcoin withdrawals—may be just coincidental.

This is not the first time AlphaBay goes offline. Last year, the site went down for about four days. Also, the blockchain transactions of about $3.8 Million are not enough for AlphaBay moderators to go offline.

One user on Reddit calls for calm and patience, saying "Now I'll admit I don't know for sure what's going on, and I am a bit nervous myself because if this is the end then I've lost a couple of hundred dollars myself But think about it Last year alphabay went down for about 4 days."Some users at Reddit and Twitter are claiming that AlphaBay's admins may have shut down the marketplace to withdraw a huge number of bitcoins from the site's accounts. The withdrawal Bitcoin transactions total 1,479.03904709 Bitcoin (roughly $3.8 Million), which led to suspicion from some users that the site’s admins may have pulled an exit scam to steal user funds. In March 2015, the largest (at the time) dark web market 'Evolution' suddenly disappeared overnight from the Internet, stealing millions of dollars worth of Bitcoins from its customers. However, users no need to worry—at least right now when nothing is confirmed, and the timing of the two incidents—site downtime and Bitcoin withdrawals—may be just coincidental. This is not the first time AlphaBay goes offline. Last year, the site went down for about four days. Also, the blockchain transactions of about $3.8 Million are not enough for AlphaBay moderators to go offline. One user on Reddit calls for calm and patience, saying "Now I'll admit I don't know for sure what's going on, and I am a bit nervous myself because if this is the end then I've lost a couple of hundred dollars myself But think about it Last year alphabay went down for about 4 days."

Everyone was saying for sure that this was it, but it was not. It took the alphabay moderators days to update people on what was going on too; they're known to do this. Also about that blockchain transaction.. 44 bitcoins rounds off to about 4 million US. [I don’t know] about you but that doesn't sound like nearly enough money."

While AlphaBay continues to be down, and AlphaBay-associated Redditor who goes by moniker Big_Muscles has called users to calm down, saying the site's servers are under update and will be "back online soon."

Also unlike Silk Road, there is no indication that the law enforcement took down the AlphaBay marketplace.

Silk Road was shut down in 2013 after the arrest of its unassuming founder, Ross William Ulbricht. The FBI seized bitcoins (worth about $33.6 million, at the time) from the site, which were later sold in a series of auctions by the United States Marshals Service (USMS).Everyone was saying for sure that this was it, but it was not. It took the alphabay moderators days to update people on what was going on too; they're known to do this. Also about that blockchain transaction.. 44 bitcoins rounds off to about 4 million US. [I don’t know] about you but that doesn't sound like nearly enough money." While AlphaBay continues to be down, and AlphaBay-associated Redditor who goes by moniker Big_Muscles has called users to calm down, saying the site's servers are under update and will be "back online soon." Also unlike Silk Road, there is no indication that the law enforcement took down the AlphaBay marketplace. Silk Road was shut down in 2013 after the arrest of its unassuming founder, Ross William Ulbricht. The FBI seized bitcoins (worth about $33.6 million, at the time) from the site, which were later sold in a series of auctions by the United States Marshals Service (USMS).

What is phishing

Phishing is a form of fraud in which the attacker tries to learn information such as login credentials or account information by masquerading as a reputable entity or person in email, IM or other communication channels.

Typically a victim receives a message that appears to have been sent by a known contact or organization. An attachment or links in the message may install malware on the user’s device or direct them to a malicious website set up to trick them into divulging personal and financial information, such as passwords, account IDs or credit card details. Phishing is a homophone of fishing, which involves using lures to catch fish.

Phishing is popular with cybercriminals, as it is far easier to trick someone into clicking a malicious link in a seemingly legitimate email than trying to break through a computer’s defenses. Although some phishing emails are poorly written and clearly fake, sophisticated cybercriminals employ the techniques of professional marketers to identify the most effective types of messages --  the phishing "hooks" that get the highest "open" or click through rate and the Facebook posts that generate the most likes. Phishing campaigns are often built around the year's major events, holidays and anniversaries, or take advantage of breaking news stories, both true and fictitious.

To make phishing messages look like they are genuinely from a well-known company, they include logos and other identifying information taken directly from that company’s website. The malicious links within the body of the message are designed to make it appear that they go to the spoofed organization. The use of subdomains and misspelled URLs (typosquatting) are common tricks, as is homograph spoofing -- URLs created using different logical characters to read exactly like a trusted domain. Some phishing scams use JavaScript to place a picture of a legitimate URL over a browser’s address bar. The URL revealed by hovering over an embedded link can also be changed by using JavaScript.

Spear phishing attacks are directed at specific individuals or companies, while incidents that specifically target senior executives within an organization are termed whaling attacks. Those preparing a spear phishing campaign research their victims in detail in order to create a more genuine message, as using information relevant or specific to a target increases the chances of the attack being successful. Phishers use social networking and other sources of information to gather background information about the victim’s personal history, their interests and activities. Names, job titles and email addresses of colleagues and key company employees are verified, as are vacations. This information is then used to craft a believable email. Targeted attacks and advanced persistent threats (APTs) typically start with a spear phishing email containing a malicious link or attachment.

A gateway email filter can trap a lot of mass targeted phishing emails, reducing the number of phishing emails that reach users’ inboxes. Ensure your own mail servers make use of one of the main authentication standards; Sender ID or DomainKeys will help cut out spoofed email too. A Web security gateway can also provide another layer of defense by preventing users from reaching the target of a malicious link. They work by checking requested URLs against a constantly updated database of sites suspected of distributing malware.

There are plenty of resources on the Internet that provide help in combating phishing. The Anti-Phishing Working Group Inc. and the federal government’s OnGuardOnline.gov  website both provide advice on how to spot, avoid and report phishing attacks. Interactive training aids such as Wombat Security Technologies' Anti-Phishing Training Suite or PhishMe can help teach employees how to avoid phishing traps, while sites like FraudWatch International and MillerSmiles publish the latest phishing email subject lines that are circulating the Internet

There are Six common attacks of phishing.

At this year’s RSA Conference, Tripwire conducted a survey where it asked 200 security professionals to weigh in on the state of phishing attacks.

More than half (58 percent) of respondents stated their organizations had seen an increase in phishing attacks in the past year. Despite that increase, most companies didn’t feel prepared to protect themselves against phishing scams. Indeed, a slight majority (52 percent) stated they were “not confident” in their executives’ ability to successfully spot a phishing scam.

The growth of phishing attacks in both frequency and sophistication, as noted by Verizon in its 2016 Data Breach Investigations Report, poses a significant threat to all organizations. It’s important that all companies know how to spot some of the most common phishing scams if they are to protect their corporate information.

With that in mind, I will use a guide developed by CloudPages to discuss six common phishing attacks: deceptive phishing, spear phishing, CEO fraud, pharming, Dropbox phishing, and Google Docs phishing. I will then provide some useful tips on how organizations can protect themselves against these phishing scams.

1. DECEPTIVE PHISHING

The most common type of phishing scam, deceptive phishing refers to any attack by which fraudsters impersonate a legitimate company and attempt to steal people’s personal information or login credentials. Those emails frequently use threats and a sense of urgency to scare users into doing the attackers’ bidding.

For example, PayPal scammers might send out an attack email that instructs them to click on a link in order to rectify a discrepancy with their account. In actuality, the link leads to a fake PayPal login page that collects a user’s login credentials and delivers them to the attackers.

The success of a deceptive phish hinges on how closely the attack email resembles a legitimate company’s official correspondence. As a result, users should inspect all URLs carefully to see if they redirect to an unknown website. They should also look out for generic salutations, grammar mistakes, and spelling errors scattered throughout the email.

2. SPEAR PHISHING

Not all phishing scams lack personalization – some use it quite heavily.

For instance, in spear phishing scams, fraudsters customize their attack emails with the target’s name, position, company, work phone number and other information in an attempt to trick the recipient into believing that they have a connection with the sender.

The goal is the same as deceptive phishing: lure the victim into clicking on a malicious URL or email attachment, so that they will hand over their personal data.

Spear-phishing is especially commonplace on social media sites like LinkedIn, where attackers can use multiple sources of information to craft a targeted attack email.

To protect against this type of scam, organizations should conduct ongoing employee security awareness training that, among other things, discourages users from publishing sensitive personal or corporate information on social media. Companies should also invest in solutions that are capable of analyzing inbound emails for known malicious links/email attachments.

3. CEO FRAUD

Spear phishers can target anyone in an organization, even top executives. That’s the logic behind a “whaling” attack, where fraudsters attempt to harpoon an executive and steal their login credentials.

In the event their attack proves successful, fraudsters can choose to conduct CEO fraud, the second phase of a business email compromise (BEC) scam where attackers impersonate an executive and abuse that individual’s email to authorize fraudulent wire transfers to a financial institution of their choice.

Whaling attacks work because executives often don’t participate in security awareness training with their employees. To counter that threat, as well as the risk of CEO fraud, all company personnel – including executives – should undergo ongoing security awareness training.

Organizations should also consider amending their financial policies, so that no one can authorize a financial transaction via email.

4. PHARMING

As users become more savvy to traditional phishing scams, some fraudsters are abandoning the idea of “baiting” their victims entirely. Instead, they are resorting to pharming – a method of attack which stems from domain name system (DNS) cache poisoning.

The Internet’s naming system uses DNS servers to convert alphabetical website names, such as “www.microsoft.com,” to numerical IP addresses used for locating computer services and devices.

Under a DNS cache poisoning attack, a pharmer targets a DNS server and changes the IP address associated with an alphabetical website name. That means an attacker can redirect users to a malicious website of their choice even if the victims entered in the correct website name.

To protect against pharming attacks, organizations should encourage employees to enter in login credentials only on HTTPS-protected sites. Companies should also implement anti-virus software on all corporate devices and implement virus database updates, along with security upgrades issued by a trusted Internet Service Provider (ISP), on a regular basis.

5. DROPBOX PHISHING

While some phishers no longer bait their victims, others have specialized their attack emails according to an individual company or service.

Take Dropbox, for example. Millions of people use Dropbox every day to back up, access and share their files. It’s no wonder, therefore, that attackers would try to capitalize on the platform’s popularity by targeting users with phishing emails.

One attack campaign, for example, tried to lure users into entering their login credentials on a fake Dropbox sign-in page hosted on Dropbox itself.

To protect against Dropbox phishing attacks, users should consider implementing two-step verification (2SV) on their accounts. 

6. GOOGLE DOCS PHISHING

Fraudsters could choose to target Google Drive similar to the way they might prey upon Dropbox users.

Specifically, as Google Drive supports documents, spreadsheets, presentations, photos and even entire websites, phishers can abuse the service to create a web page that mimics the Google account log-in screen and harvests user credentials.

A group of attackers did just that back in July of 2015. To add insult to injury, not only did Google unknowingly host that fake login page, but a Google SSL certificate also protected the page with a secure connection.

Once again, users should consider implementing 2SV to protect themselves against this type of threat. They can enable the security feature via either SMS messaging or the Google Authenticator app.

CONCLUSION

Using the guide above, organizations will be able to more quickly spot some of the most common types of phishing attacks. But that doesn’t mean they will be able to spot each and every phish. On the contrary, phishing is constantly evolving to adopt new forms and techniques.

With that in mind, it’s imperative that organizations conduct security awareness training on an ongoing basis so that their employees and executives stay on top of emerging phishing attacks.

E-banking fraud: What’s your liability?

The bank will reimburse the customer if there is a fraud/negligence on the part of the bank, whether or not you report the fraud/loss.

According to the Reserve Bank of India (RBI) draft guidelines issued on August 11, 2016, the burden of proving customer liability in an unauthorised e-banking transaction lies with the bank. Find out when you incur nil or limited liability. 

When is it zero liability? 
The bank will reimburse the customer if there is: 
a Fraud/negligence on the part of the bank, whether or not you report the fraud/loss. 

b Third party breach, where the fault lies neither with the bank nor with the customer, but elsewhere in the system, and the customer notifies the bank within three working days of receiving the communication from the bank regarding an unauthorised transaction. 

When is it limited liability? 
The customer is partially liable if: 
a It involves negligence on his part, like sharing payment credentials. In such a case, he will bear the entire loss until he reports the unauthorised transaction to the bank. Any loss after reporting will be borne by the bank. 

b The fault lies neither with the bank nor with the customer but in the system and there is a delay of four to seven working days by the customer in notifying the bank. The customer liability shall be limited to the transaction value or Rs 5,000, whichever is lower.