Tuesday, July 15, 2008

Precauation during E-PAYMENT


e-payment is made compulsory for the taxation payments for the corporate and others covered under mandatory tax audit. This would reduce the time at various level in the organization and also increase the accuracy of the data. While there are benefits of making e-payments, quite obvious, there needs to be some disadvantages too. The main disadvantage of epayment
is related to the security aspects. Finally we are dealing with money which get transferred from one account to another instantly, but knowing the rate by which cyber crimes are increasing, frauds take place over internet, it is very much necessary for all the payees to take care of the following precautions while they make e-payment for taxes or they make payments over
internet for any shopping (buying tickets of airlines, movies, shopping over the internet, etc…)
Online Frauds
Online Frauds occur when someone illegally conducts transactions on your existing accounts. Often called as 'phishing' or 'spoofing', the most current methods of online fraud are usually through fake emails, Web sites and pop-up windows, or any combination of such
methods. The main objective of both offline as well as online fraud is to steal your 'identity'. This phenomenon is commonly known as "identity theft". Identity theft occurs when someone illegally obtains your personal information — such as your credit card number, bank
account number, or other identification and uses it repeatedly to open new accounts or to initiate
transactions in your name.
'Phishing' is an attempt by fraudsters to 'fish' for your banking details. 'Phishing' attempts usually appear in the form of an email appearing to be from your bank. Within
the email you are then usually encouraged to click a link to a fraudulent log on page designed to capture your details. Email addresses can be obtained from publicly available sources or through randomly generated lists.
Although they can be difficult to spot, 'phishing' emails generally ask you to click on a link which takes you back to a spoof web site that looks similar to your bank's website, wherein you are asked to provide, update or confirm sensitive personal information. To prompt you into action, such emails may signify a sense of urgency or threatening condition concerning your account.
The information most commonly sought through such means are:


• Your PIN numbers
• Your Internet Banking Passwords
• Your Bank Account/Credit Card/Debit Card number
• Other verifications parameters, like; your date of birth,
mother's maiden name, etc…
Some fake emails may also contain a virus known as a “Trojan horse” that can record your keystrokes or could trigger background installations of key logging software or viruses onto your computer. The virus may live in an attachment or be accessed via a link in the email.
Never respond to emails, open attachments, or click on links from suspicious or unknown senders.

How to identify the fake email/website
Fake emails/ websites are not always easy to identify,however the below given indicators can help you safeguard against such emails or websites, should you ever come across one of these –
• They ask you for your sensitive information
• They appear to be from the legitimate source
• They often contain spelling mistakes tough the website would appear the same, even the URL of the website would contain spelling mistakes.
• They sometimes promise a prize or gift in exchange of completing the survey, where the sensitive information goes out
• They might contain fraudulent job offers giving workat- home positions
Other precautions
• Always type the address of the website in the address bar of your browser or access it from your stored list of favourites. Never use a link stored in the mail etc…
• Change your Passwords Frequently. Almost all the banks have 2 passwords – Login and Transactions. Try to keep them separate as far as possible. This provides additional security for financial transactions through Internet banking. There were various tips given about managing and maintaining the passwords in the article earlier published by this bulleting in the
month of December 2007.
• Do not share your user ID and passwords with anyone. This is a very common practice that is seen in corporate, where the Internet banking ID and Password are with many. This is the 1st
• Use Virtual Keyboard. Many internet baking websites have started using Virtual keyboard for
passwords. It is the keyboard on the screen and the person has to click (use MOUSE ONLY) on the password letters. If the website is offering this feature, then use it. This is designed to protect the passwords from malicious “Spyware” and “Trojan Programs”. Use of Virtual keyboard will reduce the risk of password theft.
• Check you last login time. Mostly all the internet banking sites provide the user with the details of last login date and time. You should constantly have a watch on this. This will help you to keep yourself alert in case someone else have also logged in using your ID and password.
• Sign up for SMS Alerts. Register for Mobile Banking and receive alerts upon all significant transactions in your account. Anything fishy can immediately be noticed.
• Login Frequently. Enter your internet banking account frequently. This helps to control accounts and also enable you to notice and stop any fraudulent activity quickly.
• Be Cautious. Do not leave internet banking session unattended. Always sign off from your online banking session.
• Never enter, confirm or update your accountrelated details on a pop-up window. The pop ups
can contain links to counterfeit Web sites carefullystep to invite fraudulent practices designed to look real. Hence such websites may look very similar and familiar to you, but are actually used
to collect personal information for illegal use.
• Every transaction you do would generate the unique transaction ID. Store this transaction ID
with you. This is only way to find out by your bank, if there is any thing missed in the transaction.
o It is quite possible that due to technological hazards at that mili-second, your account is debited, but the credit is not passed on. It is the transaction ID by which the bank can track the credit.
o The problem of single entry can also happen if the internet connection in which you are operating is too slow.
• Do not make payments in case the response from the site is very very slow. Sometimes, due to the internet speed at your end or due to the load on the banking website, it is quite possible that the response from the website is very slow. It is not advised to make payments during this time. These are the times when transactions might not get totally completed.
• Enjoy added security when using your credit card online. If you tend to use your Credit Cards
frequently for online shopping, make sure that you sign up for the Verified by Visa and/or Master Card Secure Code program(s).
• Beware of online offers that require you to provide your account details for 'verification'.

No comments: