Digital India – Challenges and Opportunities

The digital economy is the new productivity platform that some experts regard as the third industrial revolution. This is also known as ‘The Internet Economy’ or Internet of Everything (IoE) and expected to generate new market growth opportunities, jobs and become the biggest business opportunity of mankind in the next 30 to 40 years. The momentum that ‘Digital India’ has given to our technological progress is noteworthy indeed.

There are several pillars of opportunities that are going to be built to escalate public behavior and expectation in digital way:

1. Broadband Highways
2. Digital Locker
3. Mobile connectivity
4. e-Kranti
5. Jobs
6. Manufacturing
7. MyGov
8. Information for all
9. Scope with Foreign Universities

Challenges:

There are several questions that hit our thoughts regarding “Digital India” week. Firstly, why are we using the term ‘week’? If we are in a mission to accustom every single Indian to digitally literate, then it might take years or rather decades. In order to keep the momentum at par and mission fruitful, we could have termed it as “Digital India” year.
A Digital India Year would make sure that each and every aspect of the programme is pushed to show results on the ground and not go into hibernation after one week of enthusiasm. Considering that most of the nine pillars of the Digital India programme face serious challenges in implementation since the question of continuity is always at stake, thus it is crucial that focused and persistent attention would be given to each of its pillars so that it does not embarrass at the end of the day.

We would like to highlight few challenges of the ‘Digital India’ programme:

Implementation: The entire programme is designed as a top level model on the technological front. There is hardly any guidance on how to implement the same on the ground level to make it successful. To be precise, most of the nine pillars of the programme are directly related to high-end consumers and not for 70% (almost, according to 2013 – 2014 survey) of the rural population in India.
Deploy W-Fi Centers & Hotspot: BSNL’s (Bharat Sanchar Nigam Ltd) mass deployment of Wi-Fi hotspots across the country. If the government pushes BSNL to ensure at least one hotspot per village, it can do wonders and experience the positive outcome. However, if the selection of the hotspot locations were those populated by mostly tribals, backward castes, minorities and geographically difficult areas, then the impact can bring a new era in our country.
Improve IT Literacy: Improving IT literacy is very important because the entire mass who is using internet should know how to secure his/her online data. Providing proper usability guidance of Anti-Virus software and its role in securing the records should happen simultaneously.
Data Vulnerability: Each and every citizen of India would have all the personal details online including bank details, Income tax details, PAN details which might be vulnerable if not secured properly. In case this is breached, then any individual would lose the privacy of the data and would be compromised.
Excessive server Hits: If majority of the population start using online, then definitely the Government portal sever will start getting more number of hits day by day. This is limitless and the IT team needs to be prepared enough to tackle the situation where the possibility of crash would minimize.
Man-In-The-Middle Attack: It is a type of cyber-attack where a malicious actor intrudes him/ herself into a conversation between two parties, imitates both parties and gains access to information that the two parties were trying to send to each other. A man-in-the-middle attack allows such intercepts of the data meant for someone else, without knowledge of either of the party until it is too late.

Security:

It is necessary to overcome all the challenges mentioned above with the help of a proper IT security solution like eScan. With so many people connected to such numerous networks, data security will definitely become one of the priorities of the Government. Since all the departments like Income Tax, LIC, Election Commission, Passport Dept – will have ample sensitive data of citizens, thus there is a high possibility of data breaches once majority of the population become digitally literate. The herculean task of securing all the W-Fi hotspots and data centers should be taken into consideration seriously. eScan Anti-Virus products for home users, small and medium business and even corporates can offer complete protection to the networks and successfully materialize the dream of an ideal “Digital India”!

Posted in eScan 14 | Tagged , , , | Leave a comment

Gift Card Scam

It is always advisable to be careful while selecting gift cards for your friends and loved ones. Cyber crooks have expertized in exploiting this popular form of gifting through tampering, deception and utter theft. Thus if Gift Cards are bought from a display rack of any store, then the buyer may become a victim of theft.

How it happens?
These days, cyber criminals have found a new way to steal your gift card balance. They simply jot down the card numbers in the store and wait for a few days to call and see how much balance they have on the card. Once the card is activated, they go online and start shopping. According to KOMO TV in Seattle, Wal-Mart shoppers have already been hit with such scam on several occasions.

However, this doesn’t work on all gift cards. While the crooks physically access gift card numbers by snooping the card from its packaging and dumping it back once the number is written down – it’s not always easy to hide the visibility of cards’ PIN number. Once the covering is scratched away, it cannot be put back. As a result, the packaging itself can reveal that the card has been tampered with. It is better to examine both side of the packaging irrespective of wherever you buy from.

Some Other Scams
There are numerous other ways where the users fall victim of scam:
• Overstating Card Value: It happens when a reseller overstates the values of the cards they are selling. There is a very little scope for the buyers to understand such frauds.

• Treacherous Employees: The employees steal Gift Cards from their displays; activate them with store scanners and then go on for shopping sprees. Occasionally, they use the stolen cards to purchase new cards to legalize their stolen merchandise.

• Card Pilfers: There are thieves who pretend to be genuine customers swap blank cards (previously stolen) against new cards activated during a sale. Then they pretend to change their minds and ultimately cancel their purchases. The counter clerks remain clueless as they think they got the new cards back and the thieves walk out of the store with the new card in their pocket.
• Buy Gift Cards from Wrong Dealers: Stolen cards can end up on auction sites where the unsuspecting bid can get a good deal. The NRF (National Retail Federation) advises consumers to buy gift cards only from a reputable dealer and never through any online auction because what you bid on might be a stolen one.
• Manhandle Bar Code: Cyber criminals carefully slit open the packaging of bar code-bearing gift cards and replace the new cards with used ones where there are no funds. After these “empty” cards are sold, the activation of the bar code loads the real card (in thief’s possession) with funds and the genuine buyer remains empty-handed.

How to avoid gift card scams?
• Purchase from Reputed Source: Purchase gift cards only from reputable sources. It is always better to get them directly from the store.
• Examine Card before Buying: Gift cards should be examined carefully before buying. Never assume that if a store has gift cards under lock and key, then they are original and their PIN is not yet accessed. There might be signs of tampering.
• Purchase Online Gift Cards from Official Portal of the Retailers: Purchase online gift cards from the official website of the retailer where they are intended to be bought. Never buy them from any auction sites even if they look like genuine ones.
• Keep the Receipts: Keep your receipt as proof of purchase until the card value gets exhausted. In case any fraud happens, then you can show the receipt to the retailer and claim a replacement of the false card.
• Scan the Card: Get your card scanned at the time of purchase to ensure that the gift card you bought is genuine and has the correct balance.
• Restrict from giving Extra Information: Always remember that no reputable business can ask you for social security number, bank account information or even date of birth while purchasing a gift card. Asking for such details is absolutely unnecessary and irrelevant. It is advisable to check the authenticity of the retailer immediately.

Lastly, Gift Cards are convenient and make great gifts. Following these simple tips helps you to be assured that the person, whom you thought of gifting the card, can reap all the benefits from it!

Posted in Security | Tagged , , | Leave a comment

Facebook Malware

Every year, there is a resurgence of Facebook malware and in some way or the other would result in this malware posting on your Facebook wall and to make it worse would either post on your friend’s wall or tag them.

This method allows the malware to propagate and to garner greater visibility even though these are the methods used by a malware specialized in targeting Facebook users. However the content in most cases are porn images and they may relate to some fictitious, eye-popping, attention grabbing news.

Fortifying user-accounts and strengthening their security has taken precedence, however when it concerns Social Networking, the entire ideology of “secured account” changes dramatically. Its not just about your own account, it is also related to those accounts which belong to your relatives, friends, colleagues and et al.

We may consider splitting the issues created by Facebook Malware into two distinct parts

1: The Malware

The malware spreads itself by posting links to a pornographic image or video from the account of previously infected users. The postings generally tag not more than 20 friends of the infected. If and when a user opens the link pertaining to the post, the video begins to play but then stops and asks the viewer to install a fake Flash player containing a Trojan downloader with the actual malware. This malware can even manipulate keystrokes and mouse movement.

2: It’s Propagation

In order to tackle the menace associated with Malware the following tips and tricks would ensure that you as the account holder do not get infected nor would your account assist the malware in propagating.

TIPS for Securing your Computer

1: Do not click on shortened or unknown links: Facebook spammers mostly disguise links to suspicious websites by using URL shortening service, which misleads you to think you are clicking on a legitimate article or blog. These links lead to sites that can eventually install malware or spyware on your computer.

2: Know what to look for: Facebook spammers get more creative on various tactics to make you fall for something harmful and how elusive they can be to get spotted. If you notice any one of the following traits on a Wall post, group or page, it’s recommended that you don’t click it.

3: Avoid giving authorization to wary games and apps: If you are enticed to permit a Facebook program to post on your own and your friends’ walls, then you should think twice. Close the game or app that can access your private information and networks any time. Why would you give access to all of that information to a real stranger?

4: Look for telltale signs of spam: If you see any of your friend posting multiple links or videos to multiple friends’ walls, then it’s possibly the work of a spammer. Eg. If you see a wall post from a friend stating Facebook finally offers a way to see who views your profile, then never believe it and click on it. Moreover, pages that warn they are not authorized by Facebook could be harmful to your computer.

5: Take action as soon as possible if you fall for a spam link or page: There are a few ways you can handle the situation if you find out you’ve been spammed:

  • Remove spam wall posts by either clicking the “X” to the right of the post, or marking it as spam via the same dropdown menu.
  • Get rid of games that may be spam by going into “Account Settings”, and then “Manage Apps”. There you can edit and remove permissions.
  • Change your Facebook password.
  • Consider enabling secure browsing via Facebook Security settings.
  • Prevention is always better than cure! Install any eScan Anti-Virus and Internet Security Suite software for Home and Small Office to perform proactive and regular security check on your computer.

However, the above mentioned tips would appear useless when one of your contacts on Facebook is affected by a Facebook Malware. Hence, you protect your self and to cease the malware from propagating, ensure that your Facebook account is configured as shown in the below mentioned screen-grabs.

clip_image002

clip_image003

These settings, when configured as shown above would not only safe-guard your Facebook timelines from the spam posts, but also those which might be posted through the accounts of any of your friends. Besides, it would also stop the tags from being displayed directly on to your timeline.

Posted in eScan 11 | Tagged , , , | Leave a comment

New Ransomware that charges $500 to Unlock your Android Device

Our security researchers have recently encountered a new Ransomware in Android, which is used by hackers to extort money from users called Android.Trojan.SLocker.D

What is Android.Trojan.SLocker.D Ransomware?

It is a ‘Fake FBI Alert’ malware, which locks out Android users from accessing their phone. Victims cannot access their phone unless they have paid the ransom amount demanded by the cyber-criminals.

How does Android.Trojan.SLocker.D Ransomware work?

It typically propagates as a spam email attachment or an APK file pretending to be an Adobe Flash Player update. When the Android user presses “Ok” to continue, a FBI warning is displayed on the screen which prevents the user to navigate away.  In addition to it the fake FBI message informs the victim that they have broken the law by visiting pornographic website. It was also found that screenshots of browsing history of the victim is displayed. The scammer claims to have screenshots of victims face and knows their location.

This type of Ransomware demands $500 in form of Money Pak or PayPal My Cash transfers as a release fee and if victim attempts to unlock the device without paying the money, the amount is increased to $1500.

Our researchers also found that malware victim’s files were not encrypted instead home screen and back button is disabled and when the phone is restarted the malware still remains.

So how can we safeguard ourselves against Android.Trojan.SLocker.D Ransomware?

Below are some tips suggested for same:

  • Use trustworthy antivirus software (eScan) on your phone and update it on regular basis.
  • Download applications from their official website or from an official store such as Google Play for Android.
  • Open emails only if you are positive about positive about the source.
  • Regularly backup your important files.
Posted in eScan 11, eScan 14, MailScan, Security | Tagged , , | Leave a comment