Social Engineering cyber crime is one of the prominent cybercrimes nowadays, According to a report, 75% of cybercrimes in India use social engineering method, whereby they scam people online after obtaining their trust. Let me illustrate with three examples:
1. A vice president of a multinational company in Mumbai lost twelve lakhs of rupees to a online scam to earn higher returns, where he was fooled by the words of a woman he met on social media.
2. A retired bank employee got the bank website link through Google search to file an online complaint with her bank, which turned out to be a fake website and lost ten lakh rupees due to entering information related to his account there.
3. A Mumbai businessman provided his credit card information on a taxi website found through Google search to pre-book a taxi from Kochi airport to a hotel and within two minutes the advance was reduced by Rs.1.5 lakh instead of Rs.100.
Here fraud is done online (email, sms, whatsapp or social media) or via telephone using human greed, curiosity, laziness, stupidity, arrogance or innocence as the capital. Here the thieves set their trap by centering on a person (old age waiting for pension or money) or a current news (upgradation from 4G to 5G) or a requirement (KYC update) or by giving an offer too good to believe(shop closing sales ex: bigbazar/home central).
How Social Engineering cyber crime works :-
In social engineering method, thieves first try to gain the confidence of the victim by talking about some personal details which they would have collected before or they create their website in the same model as the original website or they interact with the victim several times in a friendly manner and once they gain their trust, they start their fraud work. Here the fraudster impersonates like a government agency or a friend or family member and contact the victim by email, whatsapp or sms which contains a fraudulent hyperlink (which may install malware or a embedded UPI payment link). When the victim clicks on the link, the fraudster’s scam is triggered and the victim is looted.
Common people and organizations can protect themselves from social engineering cyber crime by :–
• Avoiding opening of any suspicious or untrustworthy email or sms message or clicking of any hyper-link in such message.
• If your bank, email provider and any other main websites you use have double factor authentication, implement it immediately.
• Do not share your User ID, Password, OTP and other private details with anyone.
• Check if banking and payment websites are secure (URL start with https in browser or have a padlock).
• If an opportunity sounds too good to believe, don’t believe it.
• If you receive a suspicious call or message for any money or personal/financial details, open it only after re-confirming that it is from an official source or trusted source or person you know.
If you are scammed of Social Engineering cyber crime :-
Immediately call cyber helpline number 1930 and register a complaint, call your bank helpline number and immediately block your account, debit card, credit card used in the fraud and change the password of the concerned accounts immediately.
Legal Remedies available in India :-
- The victim has the right to file an appeal in court for compensation for the wrong done to him under section 43A of the Information Technology Act of 2000, as this section covers the penalties and compensations for offences such as “damage to the computer, computer system, or computer networks, etc.” and Section 65 of the Act covers the punishment for the offences which involve “tampering with computer source documents” of the Information Technology Act of 2000.