This is India-centric blog-post.
Today was an eye-opener for me. I met a few of the victims of the still-under-investigation of an ATM fraud.
About the Victims:
The victims I spoke with, were Senior Citizens and during the course of our conversation, it was quite evident that
A: None of them used / had an email id.
B: Never used the ATM Debit Card for shopping or for any other purpose except to withdraw cash.
Due to their old age they preferred to withdraw cash from the nearby ATM and it was also evident that they very rarely used ATM Debit card for cash withdrawals.
Old age has its own perils – medical bills, pension, no other source of income and above all if you are from middle / lower income group then even a small visit to a doctor can become a debatable issue amongst these respectable citizens of India, with discussions starting from finances. Having supportive grown-up children is a dream but not everyone is lucky and sometimes parents think that – our son / daughter has just started their career / family and we cant pull them down by letting them know about our own difficulties.
Under such circumstances coupled with the advancements in technology, I wondered – How can our Senior Citizens fathom the realities of cyber-crime?
It is also a known fact that, the blogs written by Security Researchers are rarely read by the common man, but then who reads our advisories one may ask. It is the techies like you and me who work for various organizations which includes banks . These are the same people who are also responsible for implementing policies and down the line there are people who interact with the common man.
It is this bridge between our readers and the common man, which needs to be strengthened with information and knowledge, making them aware of the perils of new age security risks. When this truly happens we will be see a drop in such frauds.
Schools / Institutions should make it mandatory to educate and enlighten children about such frauds. With this you ensure that children will stay abreast of the latest frauds and in near future they will try to stay alert and they will also make their elders / parents understand.
How was this fraud committed: It is quite evident from the few available facts that this was a classic case of SKIMMING.
How to detect Skimmers: Skimmers are devices attached to the ATM, and are camouflaged to look like an integral part of the ATM.
However, whenever you visit an ATM :
A: Take a good look at the ATM , look for traces of wear and tear and from that judge the wear/tear of the KepPad / the Card Slot.
B: Look out for the color differences and raised/elevated kep-pads / card slots .
C: Use ATMs which are physically protected.
D: Physically touch/grab the card readers / keypads for any anomalies.
Note to Banks:
A: Most of the ATMs have physical security in place, however the security guards need to be made understood about the latest in ATM related crimes
B: Since everything in this world follows a particular pattern, make these guards aware of the suspicious guys who will be using ATM for a bit longer time while installing the skimmers. The frequency with which both the hands are being used and not allowing more than one person within the precincts of an ATM
C: Educate your users especially the elderly, during their personal interaction with your staff.
Common Note :
In case an ATM is not protected by physical security – do not use such ATMs.
Este es un blog de la India.
Hoy fue un día de sorpresa para mí. Conocí a algunas víctimas de la investigación del fraude de Cajeros Automáticos.
Acerca de las Victimas:
Hable con algunos ancianos y durante de nuestra conversación me di cuenta que:
- Ninguno de ellos usan/tienen una dirección de correo electrónico.
- Nunca han utilizado la tarjeta de debito para hacer compras o cualquier otro propósito menos para retirar dinero.
Debido a sus edades avanzadas ellos prefieren de retirar dinero desde el cajero automático cerca y también me fije que casi no utilizan la tarjeta de debito para retirar dinero.
La edad avanzada tiene sus propios riesgos – facturas medicas, pensión, ninguna otra fuente de ingresos y sobre todo si usted viene de un grupo de ingreso medio/bajo, una visita al doctor puede ser un problema para estos ciudadanos respetables de la India. Teniendo hijos grande de edad que soportan los padres es maravilloso y aveces los padres piensen que los hijos han comenzado su carrera o familia y nosotros no podemos desanimarlos por dejándoles saber sobre nuestra dificultades.
Con la tecnología avanzada, he pensado – Como nuestros ancianos pueden conocer sobre las realidades de los criminales cibernéticos?
También es cierto que los blogs son publicados por los Investigadores de Seguridad y casi no son leídos por una persona común. Son los técnicos como tú y yo que trabajamos con varias empresas que incluye los bancos. Estos son las mismas personas que tienen la responsabilidad de implementar políticas y hay personas quien conversa con una persona común.
Nuestro conocimiento y información tiene que ser fuerte sobre los nuevos riesgos de seguridad. Cuando esto sucede, vamos a ver una disminución de fraudes.
Las escuelas deben de educar a los niños sobre los fraudes. Con esto, usted puede asegurar que los niños tendrán el conocimiento de los últimos fraudes y en el futuro ellos pueden permanecer alerta sobre esto y tener sus padres a comprender.
Como se realizo este fraude: Esto fue un caso de FRAUDE (SKIMMING).
