Crime Branch Advisory
The Nigerian Scam
From the Press - Cyber Crime Articles
Innovation time for India's cyber crime
BY ALLEN O'BRIEN
Date: November 12, 2003
An employee of the Bank of India
tapped his organisation’s computer network and gathered data
on all keys pressed, including passwords, by monitoring the CCTV.
Finally, he was caught.
Nazim Shah, an Iranian hacker, was
arrested recently for utilising computer networks to illegally transfer
cash into his account and using ATMs to withdraw cash from the Commercial
Bank of China.
GS Bhatnagar, a resident of south
Delhi, realised that Rs 10,000 had been siphoned off from his account
at SBI through his ATM card. This, when Bhatnagar had never used
MBA graduate Akaash Singh hacked
into an ATM facility using a counterfeit card to mop up several
lakhs of cash from a Canara Bank branch in Chennai while using a
Malice in wonderland is indeed growing
curiouser and curiouser by the day. Says cyber-crime lawyer Sunjay
Mathur, ‘‘ Each time a cyber crime is detected, there
is talk of strengthening the security network. However, in many
cases, the organisation concerned doesn’t take necessary steps.
Consequently, crime of a similar nature is repeated.’’
Even though the actual value of losses
accruing to cyber crime in India might not be substantial, nearly
39 per cent of these cases are related to banks and financial institutions
excluding those of the government. The inference here is that criminals
find banks to be a lucrative target for their ingenuity —
a word which finds many interpretations. ‘‘Cyber crime
may be data-related — such as data diddling/tampering, theft
of data, blackmail using data, unauthorised locking of data, and
entry into databases; system-related such as tampering with programmes,
changing programme logic, trojan horse programmes; hacking; mailbox
bombing,’’ elaborates National Centre for Research in
Computer Crimes (NCRCC) director Rakesh Goyal.
Simultaneously, instances of credit-card
fraud have become common given the growing popularity of credit
card transactions, Internet banking and ATMs. ‘‘Carelessness
while conducting ATM transactions has increased the risks associated
with technology-driven financial transactions because a third party
gains access to PIN (personal identification number) and other personal
information of a genuine user. A Lebanese Loop scam, for instance,
involves a plastic or metal sleeve constructed to fit into the card
slot of an ATM machine. When a user inserts a card into the slot,
the card is caught in the sleeve. When the PIN is entered, the transaction
does not follow and the scamster, pretending to be a good Samaritan’
urges the victim to try again, taking note of the PIN as it is repeatedly
entered. Meanwhile the victim gives up and the scamster removes
the card with the help of a tool and drains out the user’s
account,’’ informs computer spyware specialist, Apex
India, Nandini Chawla.
At the same time, with leading software
companies in India installing secure ID solutions alongside global
companies , things seem to be on the positive front. ‘‘Organisations
are beginning to really understand the pitfalls of making their
information available to various parties even within the organisation.
Still, certain companies are reluctant to install Intranet security
systems,’’ says Srikiran Raghavan, regional manager
for India operations, RSA Security.
As of now, the dot-con man seems
to be a few clicks ahead of cyber-crime sleuths. At the same time,
the search engine is on. Only the website story can reveal how long
the cyber criminal is able to Escape the Net of the law.