Has your phone been hacked? How to know/prevent it?
Ramesh, a high school teacher, gets a message on his phone saying “Your loan has been sanctioned, click the link below for details.” Ramesh, who had applied for a personal loan, anxiously clicks the link and opens it, but it doesn’t open. Later he comes to know that 45,000 rupees have been deducted from his bank account, when he goes to file a complaint with the police, he comes to know that his phone has been hacked.
Hacking is the act of identifying weaknesses in a computer/smartphone or network and using it to damage the computer/smartphone or steal or exploit the information contained therein. Cyber criminals install an app or program on your smartphone without your knowledge and use it to steal information and using that commit various cybercrimes against you, they usually use one of the social engineering or impersonation methods to con you.
Not all hacking is done to commit a crime, there are varieties of hacking like black hat, white hat and gray hat hacking, out of which only black hat hacking is done maliciously, white hat hackers are used by companies to identify weaknesses in their new devices or software and gray hat hackers independently hack into your device or software and then make identified vulnerabilities public or get paid from companies to reveal details of the weakness, this is also known as “bug bounty”.
Look out for these signs to know if your phone is hacked :-
- A new app appears on your phone without your knowledge.
- Your phone heats up or runs out of battery/data or slows down in speed/response time for no reason.
- Different types of advertisements start appearing on your phone.
- Someone has read your messages or emails before you.
To protect yourself and your smartphone from hacking :-
- Always follow the principle of ‘ Zero Trust, Pause and Authenticate’ for all digital transactions and messages/offers from unknown people.
- Never click on a hyperlink or scan a QR code or install any App provided in a message or mail by a stranger.
- Use multi factor authentication for all your sensitive and important website logins.
- Use good anti-virus, vpn and firewall software and keep them, your phone and apps updated regularly.
- Use password manager software and keep different strong passwords for your important accounts.
- Check if the site is secure. i.e. the website url must start with ‘https’, if it does not then it may be scam.
If you are a victim of such fraud :-
Immediately call 1930 cyber helpline or file a complaint at cybercrime.gov.in website or nearby police station. Report and lodge a complaint with the bank website about the fraud and issue a debit freeze on the amount transferred. If you think your device is infected with a malware, format it or factory reset after taking backup.
Legal remedies available to the victim :-
You can register a criminal case at your nearest cyber or regular police station, under the following legal sections or the Act as per sections prescribed by the police based on your case :
- Section 378(Theft), 419 (punishment for cheating by impersonation) and 420 (cheating and dishonestly inducing delivery of property), Section 424(extract data illegally), Section 441(criminal trespass), Section 467(Forgery), Section 468(Punishment for Forgery), and Section 471(Usage of Forged document) of Indian Penal Code(IPC).
- Section 43 (Penalty and compensation for damage to computer, computing device etc.), section 65 (Tampering with computer), section 66 (punishment for computer related offences – a person committing data theft, transmitting virus into a system, destroying data, hacking, or denying access to the computer or network to an authorized person), section 66C(which prescribes penalties for identity theft and states that anyone who fraudulently or dishonestly uses a person’s identity information) and Section 66D (punishment for fraud by impersonation using computer resources) under the Information Technology Act(IT) Act 2000.
