Page 27 - Banking Finance November 2020
P. 27
ARTICLE
in it from unauthorized access as well as from downloading the action of assuming the identity of some other entity and
of any harmful content. using that identity to accomplish a goal.
Cyber Security threats include many types of Social Vishing : Vishing is short name of voice phishing which is
Engineering threats. The mostly used threats are described used to solicit private, personal or financial information
below in brief: through phone calls.
Phishing: It is most common among users who are not well
versed in browsing the internet and online resources. It is Smishing: Also known as SMS phishing, this method uses text
used to obtain sensitive/confidential information such as messages in order to deceive recipients to solicit personal
login credentials, account details etc. Very often, phishing information.
is done by e-mail.
Pharming: It is the fraudulent practice of directing Internet
Spear Phishing: It is similar to phishing, the difference being users to a bogus/fraudulent website which appears to be a
that spear phishing emails are carefully designed to a specific legitimate one, in order to obtain personal information.
individual, organisation or a group. Such mails are having a
link to some malicious website to get someone unknowingly Baiting: It is somewhat similar to a phishing attack . It relies
and unintentionally downloading a piece of malware to on the greed or curiosity of a victim. However, what
release some sensitive information. distinguishes them from other types of social engineering is
the promise of an item or good that hackers use to entice
Spoofing: The word 'spoof' means to hoax, trick or deceive. victims.
Therefore, in the IT world , spoofing refers tricking or
deceiving computer systems or other computer users. It is Pretexting: A Pretext is a false motive. Pretexting is a form
a type of attack to gain unauthorized access to computers. of social engineering where attackers lie to obtain privileged
This is typically done by hiding one's identity or faking the data. They focus on creating a good pretext, or a fabricated
identity of another user on the internet. E-mail spoofing scenario, that they can use to try and steal their victims'
involves sending messages from a bogus e mail address of personal information. Such persons pretend to need
another user. information in order to confirm the identity of the person
they are talking to. After establishing trust with the targeted
Identity Spoofing : A method of deception by using another individual, the pretexter might ask a series of questions
IP address (that is not your own) to access the network that designed to gather key individual identifiers such as
is usually used as on-line camouflage to mask their activities confirmation of the individual's social security number,
and/or gain unauthorized entry. In other words, it refers to mother's maiden name, place or date of birth or account
number.
Importance of Cyber Security in Banking
In case of Banking Sector, the importance of cyber security
is to protect the customer details whether it is personal or
account related information. This is a tech savvy era and
more and more persons are going for a less cash
transactions; activities and payments are being done through
online transactions. There have been many cases in the past
where the systems of the banks were hacked and they had
to bear financial losses due to which the trust of their
customers is lost and hence the customer base.
The major cyber threats which the customers are facing are
BANKING FINANCE | NOVEMBER | 2020 | 27