Mumbai, Dec 6: If you have replied to an e-mail giving out your confidential information like your bank account number, you may be in for trouble. As online banking becomes popular, fraudsters await unknowing customers, say bankers and techies.
Among the online frauds, incidents of 'phishing' have increased the most, they say. Incidents of other online frauds like carding, herding, spamming and industrial spying are also rising.
In 'phishing', fraudsters send e-mails to people asking them to update confidential information. The e-mail ID and look of the e-mail is similar to that of a real bank. Customers who follow the e-mail's directions end up surrendering their account number and password to fraudsters.
"There are e-mails which say that the customer has won a prize or free lunch with a personality. The customer immediately gets lured by the offer and becomes a victim," said CVG Prasad, CIO of Ing Vysya Bank Ltd, at the Bankteck Congress in Mumbai on Wednesday. He said such of frauds are prevalent in Tier II cities, where uneducated people are lured to easy money.
"While the cost of operation for a phishing fraud is $63 per transaction, profits earned by the fraudster are $200-$2,200," said Vishak Raman, country manager for India & SAARC of Fortinet Inc.
Prasad said most frauds in India go unreported. "But banks are constantly alerting customers," he said. Banks are using SMS alerts to inform customers if their account is debited twice or if a purchase is recorded online on their account.
Another challenge for banks is the existence of fraudulent websites. Here, any error in typing the bank's website address or online merchant's name, for instance "www.hBfcbank.org", can lead to trouble. According to Raman 576 such URLs were reported in India in the second half of 2006 as compared with 279 during the first half, showing a 94 per cent increase.
Employees of former of outsource providers are also responsible for leaking out valuable information about the customer.
A senior banker of a large public sector bank said every bank spends at least $100 on technology, per device on every user, to curb such frauds.