The growing threat of cyber fraud

0

PUBLISHED May 08, 2022

CARACHI:

A major case of cybercrime has recently engulfed Pakistan’s financial hub of Karachi. A debit card scam targeting several consumers at three private banks emerged just before Eidul Fitr, prompting complaints to the Federal Investigation Agency’s (FIA) cybercrime unit for bizarre financial activity.

Hundreds of customers of one of Pakistan’s biggest banks said they lost money in the past few days due to a technical failure in the bank’s services. Targeted customers also said they were left in the dark about certain bank transfers, bill payments and online purchases that were notified to them without their knowledge or approval. Bank staff informed irate customers that their services were having problems and that the bank was working hard to resolve the issues. Customers also said their cards had been temporarily deactivated.

As the complaints piled up, debit card fraud was suggested as a likely explanation for the shady transactions. This particular type of fraud is committed by stealing and modifying ATMs so that they replicate debit card information each time a user enters their card into the machine. Card key pins are also taken using keyloggers, and the cards are then used on the Internet.

Foreign thieves have used compromised data from numerous debit cards to execute fraudulent foreign currency financial transactions to rob a leading bank in Pakistan that offers online banking services. The financial institution had to block foreign financial transactions using debit cards for almost all of its customers following the incident.

As fraudulent transactions were made in dollars instead of Pakistani rupees, any customer wishing to use a debit card for internet banking had to activate the service first. Failure to do so resulted in the transaction being declined and online service suspended for the account for security reasons.

There were several fraudulent transactions of minor amounts from multiple accounts. However, it is unclear how much money cybercriminals operating from abroad stole from how many bank accounts in Pakistan.

Pakistan, a lucrative target

As the use of digital banking has grown in Pakistan over the past two years, data breaches have become increasingly common in the country, despite the fact that the banking regulator and the relevant ministry have published a strong cybersecurity strategy. Over the past six months, data breaches have affected not only banks, but also many government organizations, such as the Federal Board of Revenue (FBR) and the Department of Finance, forcing public and private financial institutions to develop and implement a comprehensive strategy to protect their customers and systems from hacking attempts.

Almost all banks in Pakistan were hacked in 2018 and huge sums of money were stolen from people’s accounts by the perpetrators. The cybersecurity incident exposed over 19,000 card details of 22 Pakistani banks. The discovery came in response to a report from Group-IB, a multinational cybersecurity group, which claimed that hackers had exposed a massive number of credit and debit cards of Pakistani individuals on dark web forums. Of these, krebsonsecurity.com reported that more than 8,000 account holders from a dozen Pakistani banks had recently been sold on the dark web.

K-Electric, the city of Karachi’s energy provider, was the target of a Netwalker ransomware attack in September 2020, which disrupted billing and online services. The attackers said that unless management paid a $7 million ransom, all KE customer information, including names, addresses, CNICs, NTNs, credit cards and bank account numbers, would be leaked on the dark web.

Hackers stole the personal information of 260,000 users of a Pakistani music streaming site in January 2021. In August 2021, hackers attacked Pakistan’s largest data center controlled by the Federal Board of Revenue (FBR) and managed to crack Microsoft’s hyper-V software, shutting down all official websites operated by the fiscal apparatus.

Despite the fact that the official FBR website and tax-related operations were restored, the hackers sold the FBR data for $30,000 on a Russian forum. A cyberattack on the RBA’s servers was detected in the late hours of October 29 and early hours of October 30, 2021, affecting some of its online services.

At least three other notable cyberattacks are the Careem security breach in April 2018, which compromised customer data from Pakistan and other countries; the attack on ATMs in Peshawar in December 2020; and the breaching of various websites including those belonging to the High Court of Sindh in July 2021 and PTV Sports in August 2020, among others.

The mobile phones of some senior Pakistani officials were hacked in 2019 for covert surveillance. The attack was carried out using a particular type of malware known as “Pegasus”, which was allegedly developed by the Israeli spyware company NSO Group. Spyware can acquire access to messages, emails, contacts and passwords by making a missed call to the targeted WhatsApp number and turning on the phone’s camera and microphone. The malware was also able to determine a user’s GPS location. Following the hacking incident, rumors have it that the Pakistani government is working on an alternative to WhatsApp to secure sensitive or confidential material.

An ideal environment for criminals

The COVID-19 pandemic has created ideal conditions for several types of financial fraud to flourish. Millions of people have been forced to change their daily habits, especially the way they work, shop and communicate, which has accelerated fraud in the following ways.

Many office workers, including bank workers, have transitioned to remote working, which has required remote access to corporate networks, often with inadequate security measures. In the work-from-home environment, certain internal controls and confidentiality requirements have also become more difficult to enforce.

As branches and businesses close, a dramatic shift in banking transactions to digital channels has forced banks to rely on digital and telephone channels to keep services running. This is especially true in underdeveloped countries, where banks have rushed to embrace digital innovation while neglecting security issues in some circumstances.

For example, transaction limits on digital channels have been raised, implying that account takeover can now lead to greater thefts. The increase in door-to-door delivery of retail orders has resulted in new phishing scams using email or SMS warnings, as well as a general increase in communications through digital channels that can be tampered with and exploited for phishing purposes.

During the shutdowns, there was a surge in retailer participation in financial markets, which presented opportunities for investing online.

The most serious threats

The use of technology, especially the Internet, is used in many aspects of a bank or financial institution’s business. Your bank’s sensitive data can be at risk if you don’t have strong cybersecurity procedures in place. The five most serious cybersecurity threats to a bank are listed below:

  • Unencrypted data: The use of technology, especially the Internet, is used in many aspects of a bank or financial institution’s business. Your bank’s sensitive data can be at risk if you don’t have strong cybersecurity procedures in place. The five most serious cybersecurity threats to a bank are listed below.
  • Malware: Malware-infected end-user devices, such as PCs and cell phones, pose a threat to your bank’s cybersecurity every time they connect to your network. Sensitive data passes through this connection, and if the end user’s device is equipped with malware, this malware could attack your bank’s networks if not properly secured.
  • Unsecured Third-Party Services: To better serve their customers, many banks and financial institutions use third-party services from external providers. However, if these third-party companies lack adequate cyber protection, your bank could be the one that takes the brunt of the damage. Before deploying third-party solutions, it is essential to determine how you can defend against the security vulnerabilities they pose.
  • Data that has been manipulated: To better serve their customers, many banks and financial institutions use third-party services from external providers. However, if these third-party companies lack adequate cyber protection, your bank could be the one that takes the brunt of the damage. Before deploying third-party solutions, it is essential to determine how you can defend against the security vulnerabilities they pose.
  • Usurpation: Identity theft is a new type of cybersecurity problem in which hackers mimic the URL of a banking website with a website that looks and functions similarly. When a user submits their login details, hackers steal them and store them for later use. Worse still, the new spoofing techniques not only use a slightly different but similar URL; they can also target consumers who have already visited the correct URL.

As a bank or financial institution, they must identify solutions to prevent cybersecurity threats while offering simple and technologically sophisticated options to their consumers.

To combat the growing number of cyberattacks, public and private sector organizations must use all available resources, including specialists and technological tools, to upgrade their cybersecurity systems.

Share.

Comments are closed.