7 ways to protect your business from online payment frauds
It begins with panic!
Have you ever received an SMS, an email or a message on Whatsapp, Facebook messenger such as below?
The first reaction on seeing such a message is worry and panic. But did you notice that this SMS is not legitimate although it looks incredibly real. This is an example of SMS phishing in which a scammer sends a malicious link through fake SMS which can potentially steal critical data such as bank account number.
Online payments scenario in India
Online transactions, from across the array of devices in one’s possession, are now the part and parcel of life. According to the latest data by the Ministry of Electronics and IT, the total number of digital payment transactions in India, in FY 2022-23 so far, stood at nearly 3,300 crores. These transactions, over BHIM-UPI, IMPS, NACH, AePS, NETC, debit cards, credit cards, NEFT, RTGS, PPI and others, amount to nearly ₹566 lakh crore.
While digital payments have soared higher and higher, the number of cases of online payment frauds have also increased rapidly. According to the National Crime Records Bureau (NCRB), the number of cases registered related to ATMs/ credit cards / debit cards, online banking and OTP totalled up to nearly 16,500. Additionally, the Reserve Bank of India (RBI) reported that such cases of fraud involved an amount of almost ₹128 crore.
These are scary numbers and what is scarier is the fact that some types of online payment frauds can be harder to spot. In this blog, we have listed 7 simple and easy to remember ways to keep your business safe from online fraudsters.
Table of contents
- Only use verified apps
- Only use secure websites
- Ensure the internet connection is secure
- Regularly update your devices
- Don’t click on suspicious links
- Never share sensitive personal information
- Contact the authorities in case of an incident
1.Only use verified apps
You must download all the apps from official stores only. The two most popular such app platforms are Google Play Store for Android and Apple App Store for iOS. Official platforms only publish apps after they qualify all the established security protocols. These platforms also, from time to time, take down suspicious apps.
When you download apps from unofficial stores or any public website, you are at risk. Such unregulated platforms could have apps designed or tampered by cyber criminals.
Always check for ratings and comments left by users and recommendation marks such as ‘Editor’s Choice’. It is also useful to pay attention to the permissions requested by an app.
2.Only use secure websites
Cybercriminals can use phishing scams, malware, and botnets, among other techniques, to steal your most sensitive information such as card details. The easiest way to do it is to lure people to fake websites to access/download information they might be searching for. It is, therefore, important to know the difference between fake and genuine websites.
The URL or link of secure websites always starts with a padlock sign 🔒and https://. Websites that don’t have a padlock in the link and begin with http:// are not secure. Also, if there is a danger sign⚠️ in the URL, then leave the website immediately
If you get a link on an email or message, don’t click the link straightaway Check for the domain name on your browser to check if the website actually exists or not. Additionally, if there are spelling errors and cheap designs on a website then close the tab immediately.
3.Ensure the internet connection is secure
You should avoid making payments over public internet connections such as free Wi-Fi hotspots at coffee shops or malls. Public internet connections do not need authentication to establish a network connection which makes them ideal hunting grounds for hackers.
If you are away from your home or office and have to make any payments, you can use your cellular network instead of a public wifi connection. If you have to use a public wifi then you must use a virtual private network (VPN) connection as it encrypts the data. You should keep your wifi off to avoid accidental automatic connections to public wifi. Lastly, we advise you to always install an antivirus or a highly rated security solution on your devices – phones, tablets or laptops. The solution can come in handy to constantly scan and monitor any threat.
4.Regularly update your devices
Software updates are critical to keeping your devices safe. These updates often comprise what are popularly known as security patches because they fix the potential security loophole in the apps or the operating system running on the device. Cyber threats are always evolving to become more dangerous than before. To contain this evolution, security updates bring latest patches to protect your device and in turn your data such as card details, CVV number etc.
5.Don’t click on suspicious links
Online scammers can share malware-induced links in the form of SMS, whatsapp messages, emails, and on social media platforms. DON’T CLICK on any link from an unverified or suspicious source. A very infamous example of this has been shared in the beginning of this blog.
Scammers can try and bait you by claiming that your bank account will freeze or your electricity will be disconnected unless you click the link shared over an email or a message. If you mistakenly click the link, they can easily access your device and install viruses and malware.
Thankfully, there are some simple ways to identify these suspicious links.
- There will be spelling mistakes in the link. For eg, www.googal.com instead of ww.google.com
- Financial service providers will never share a link from personal email IDs but instead from company email IDs. For example, if you are a customer of ABC Solutions, a legitimate email from customer support should look like this – firstname.lastname@example.org. A fake email address would look like this – email@example.com
- Messages from scammers will always be private numbers and not designated contacts that generally share updates. If you search such numbers on caller ID apps or on a company’s website, they are likely to appear as fraud
- Never click on any link shared over social media other than from the legitimate profiles of companies
6.Never share sensitive personal information
Make sure that you don’t share any personal information or transfer money to anyone or any institution that is unknown to you. It has been observed that unknown individuals pose as representatives from financial institutions over phone, email, SMS and on social media platforms. They can either request, compel or intimidate you to share your personal information such as UPI number, card number, CVV number or OTP.
7.Contact the authorities in case of an incident
If you or anyone who you know becomes a victim of online payment frauds, it is critical that you report it to the concerned authorities as soon as possible. Even if there are any suspicious activities such as an increasing number of fake messages or emails or calls, they should be reported immediately. You can reach out to the police, the telecommunications regulator, and the Cyber Crime Cell.
The threat of cyber crime continues to evolve and pose risk to business owners. You can save your business from online payment frauds by being aware and careful about small details. The above mentioned tips can help reduce the risk of online financial fraud and save your business money and time.
Disclaimer – Tide and its affiliates do not provide cyber security related advice. This material has been prepared for informational purposes only. You should consult your own information security team for all cyber crime related purposes. © Copyright 2022. All rights reserved. Tide Platform Private Limited.