SVKM’s Narsee Monjee College of Commerce & Economics

(Autonomous)

2023-24

FY BCOM (ECONOMICS)
Semester I
INTRODUCTION TO BANKING

EXPLORE HOW TECHNOLOGICAL

ADVANCEMENTS CONTRIBUTE TO NEW
FORMS OF BANKING SCAMS, SUCH AS
PHISHING, IDENTITY THEFT, AND CYBER
FRAUD. DISCUSS PREVENTIVE MEASURES
AND CYBERSECURITY PRACTICES.

1
 Submitted by:

NAME ROLL NO. SAP ID

HARDIK SAHNI A007 45616230035
GUNJAN KIRTANI A009 45616230006
NIKITA KAMAT A024 45616230029
SAUJANYA MITTAL A031 45616230016

2
 TABLE OF CONTENTS

INTRODUCTION 4-6
OBJECTIVE AND HYPOTHESIS 7
METHODOLOGY 8
BANKING FRAUDS WITH RESPECT TO DEVELOPMENT IN TECHNOLOGY 9 - 10
TYPES OF CYBER SCAMS 11 - 19
COSMOS BANK CYBER ATTACK IN PUNE: CASE STUDY 20 - 23
COMBATTING EVOLVING BANKING SCAMS 24

CONCLUSION 25

3
 INTRODUCTION

In an era marked by rapid technological advancements, the world has witnessed an

unprecedented transformation in various aspects of our daily lives. One such sector that has
undergone a significant metamorphosis is banking. As financial institutions embrace cutting-
edge technologies to streamline processes and enhance user experiences, an unintended
consequence emerges—new and sophisticated forms of banking scams.

The traditional image of a bank heist involving masked criminals and getaway cars has been
replaced by a more elusive threat—cybercrime. The very technologies designed to fortify the
foundations of the financial world have become the tools of choice for a new breed of
criminals, orchestrating attacks from the shadows of the digital realm. This assignment delves
into the intricate web of technological advancements and their intricate connection to the rise
of novel banking scams, exploring the challenges posed to individuals, businesses, and
financial institutions alike.

As we navigate the digital frontier, innovations such as online banking, mobile payments, and
cryptocurrency have revolutionized the way we manage and transact our finances. However,
with every leap in convenience, a parallel evolution of criminal ingenuity emerges.
Cybercriminals exploit vulnerabilities in these technological marvels to orchestrate a myriad
of scams that are as diverse as the digital landscape itself.

4
WHAT ARE CYBER SCAMS?

Cyber scams, also known as online scams or internet scams, refer to fraudulent activities
conducted over the internet with the aim of deceiving individuals or organizations for
financial gain, information theft, or other malicious purposes.

Certainly! Cyber scams targeting banking systems are a significant concern in the digital age,
posing risks to both individuals and financial institutions. These scams often leverage
sophisticated techniques to exploit vulnerabilities and trick individuals into divulging
sensitive information or transferring funds to fraudulent accounts.

5
Here is a look at the cost of banking frauds in India from 2009 to 2023 as per statistics. It
costed 302 billion Indian rupees because of online frauds in 2023. These frauds are in sharp
decline from 2020.

6
OBJECTIVE:

The objective of this project is to analyse and understand the patterns, methods, and dynamics
of cyber fraud in order to develop effective prevention and detection mechanisms. By
examining various types of cyber fraud, investigating common vulnerabilities, and studying
historical incidents, the project aims to contribute insights that can enhance cybersecurity
measures and protect individuals, organizations, and systems from falling victim to cyber
fraud.

HYPOTHESIS:

We hypothesize that a comprehensive understanding of cyber fraud, including its evolving

tactics and techniques, can lead to the development of more robust and adaptive cybersecurity
solutions. By identifying and analysing patterns in cyber fraud incidents, we expect to
uncover key indicators and risk factors that can be used to proactively prevent fraud attempts.
Additionally, we hypothesize that the integration of advanced technologies, such as machine
learning and artificial intelligence, into cybersecurity frameworks will significantly improve
the accuracy and efficiency of fraud detection systems. Through this research, we aim to
contribute actionable insights that can assist in the ongoing battle against cyber fraud,
ultimately minimizing its impact on individuals and organizations.

7
METHODOLOGY:

LITERATURE REVIEW:
Conduct an extensive review of existing literature on cyber fraud, including academic
publications, industry reports, and relevant case studies.

DATA COMPILATION:
Gather secondary data from reputable sources such as cybersecurity reports, government
publications, and industry analyses.

CASE STUDY ANALYSIS:

Examine prominent case studies of cyber fraud incidents to identify common patterns,
methods, and vulnerabilities exploited.

REGULATORY ASSESSMENT:
Investigate and analyse the regulatory and legal frameworks pertaining to cyber fraud in
various jurisdictions.

TECHNOLOGY TRENDS REVIEW:

Explore technological trends in cybersecurity, focusing on advancements and tools used for
fraud prevention.

DARK WEB EXPLORATION:

Review reports on dark web activities related to cyber fraud, gaining insights into
underground economies and illicit transactions.

COMPARATIVE ANALYSIS:
Compare cybersecurity strategies implemented by different organizations or industries to
evaluate their effectiveness.

8
 BANKING FRAUDS WITH RESPECT TO RECENT DEVELOPMENT IN
TECHNOLOGY

Advancements in technology have enabled criminals to conduct increasingly sophisticated

banking fraud through methods like phishing, identity theft, and cyberattacks that trick users
and exploit vulnerabilities in systems.

The internet and hyper-connectivity have made it very easy to spoof legitimate websites and
brands. Phishing schemes involve sending mass emails or creating fake websites to
impersonate banks and trick users into entering their login credentials or sensitive
information. This information is then used to gain access to bank accounts for fraudulent
transfers and theft. Advancements in website design and hacking tools have made phishing
attacks more precises and convincing, often tough for the average user to detect.

Personal data has also become exponentially more available online, through social media
oversharing, corporate and government databases suffering hacks, and people's digital
footprints being sold to various firms. This has enabled criminals to gather intelligence and
piece together detailed profiles on people that can be used to steal identities. With enough
personal details, scam groups are able to open fraudulent bank accounts and credit cards for
making unauthorized transactions. AI is also being used to generate fake identities faster.

Furthermore, advancements in malware have granted criminals deeper access into devices to
steal credentials directly via keylogging, screenshots, activating cameras for surveillance, and
spying on SMS messages or clipboards. Multi-stage malware with polymorphic code also
makes viruses tougher to detect for cybersecurity defenses. Cryptocurrency and money
laundering techniques also allow the anonymous transfer of stolen funds globally.

Cloud computing advancements have also enabled scammer groups to build and control vast
networks of compromised devices (botnets) which allow them to automate attacks at huge
scales. Billions of login attempts can be tried on various platforms. Bots also allow them to
crack account passwords much faster.

While technology enables these risks, banks and regulators also need to advance their fraud
detection capabilities, use authentication techniques like biometrics and one-time passwords,

9
 encourage reporting of scams, and continually educate consumers on evolving cyberthreats.
The cat-and-mouse game between criminals, banks, and cybersecurity experts continues as
technology progresses. More collaboration in real-time intelligence sharing and policymaking
is also crucial for a systemic improvement.

10
 TYPES OF CYBER SCAMS

1. PHISHING

Phishing is when attackers attempt to trick users into doing 'the wrong thing', such as clicking
a bad link that will download malware, or direct them to a dodgy website.

Phishing can be conducted via a text message, social media, or by phone, but the term
'phishing' is mainly used to describe attacks that arrive by email. Phishing emails can reach
millions of users directly, and hide amongst the huge number of benign emails that busy users
receive. Attacks can install malware, sabotage systems, or steal intellectual property and
money.

Typical defences against phishing often rely exclusively on users being able to spot phishing
emails. This approach will only have limited success. Instead, you should widen your
defences to include more technical measures. This will improve your resilience against
phishing attacks without disrupting the productivity of your users. You'll have multiple
opportunities to detect a phishing attack, and then stop it before it causes harm. You also

11
acknowledge that some attacks will get through, as this will help you plan for incidents, and
minimise the damage caused.

This guidance splits the mitigations into four layers on which you can build your defences:

1. Make it difficult for attackers to reach your users

2. Help users identify and report suspected phishing emails

3. Protect your organisation from the effects of undetected phishing emails

4. Respond quickly to incidents

Some of the suggested mitigations may not be feasible within the context of your
organisation. If you can't implement all of them, try to address at least some of the
mitigations from within each of the layers. The mitigations within each layer are summarised
in the following infographic.

Summary of multi-layered approach to phishing defences

12
 2. IDENTITY THEFT

Identity theft is the crime of obtaining the personal or financial information of another
person to use their identity to commit fraud, such as making unauthorized transactions or
purchases. Identity theft is committed in many different ways and its victims are typically
left with damage to their credit, finances, and reputation.

Identity thieves increasingly use computer technology to obtain other people's personal
information for identity fraud. To find such information, they may search the hard drives of
stolen or discarded computers; hack into computers or computer networks; access computer-
based public records; use information-gathering malware to infect computers; browse social
networking sites; or use deceptive emails or text messages.

Many types of identity theft can be prevented. One way is to continually check the accuracy
of personal documents and promptly deal with any discrepancies.

If you believe you are a victim of identity theft, start by going to IdentityTheft.gov, a website
administered by the Federal Trade Commission (FTC). It provides directions on how to help
you recover your identity and repair any damage you have experienced.
There are several identity theft protection services that help people avoid and mitigate the
effects of identity theft. Typically, such services provide information helping people to
safeguard their personal information; monitor public records and private records, such as

13
credit reports, to alert their clients of certain transactions and status changes; and provide
assistance to victims to help them resolve problems associated with identity theft.

In addition, some government agencies and nonprofit organizations provide similar

assistance, typically with websites that have information and tools to help people avoid,
remedy, and report incidents of identity theft. Many of the best credit monitoring services
also provide identity protection tools and services.

14
 3. DENIAL OF SERVICE

A Denial-of-Service (DoS) attack is an attack meant to shut down a machine or network,

making it inaccessible to its intended users. DoS attacks accomplish this by flooding the
target with traffic, or sending it information that triggers a crash. In both instances, the DoS
attack deprives legitimate users (i.e. employees, members, or account holders) of the service
or resource they expected.

Victims of DoS attacks often target web servers of high-profile organizations such as
banking, commerce, and media companies, or government and trade organizations. Though
DoS attacks do not typically result in the theft or loss of significant information or other
assets, they can cost the victim a great deal of time and money to handle.

An additional type of DoS attack is the Distributed Denial of Service (DDoS) attack. A DDoS
attack occurs when multiple systems orchestrate a synchronized DoS attack to a single target.
The essential difference is that instead of being attacked from one location, the target is
attacked from many locations at once. The distribution of hosts that defines a DDoS provide
the attacker multiple advantages:

 He can leverage the greater volume of machine to execute a seriously disruptive attack

 The location of the attack is difficult to detect due to the random distribution of attacking
systems (often worldwide)

 It is more difficult to shut down multiple machines than one

 The true attacking party is very difficult to identify, as they are disguised behind many
(mostly compromised) systems

Modern security technologies have developed mechanisms to defend against most forms of
DoS attacks, but due to the unique characteristics of DDoS, it is still regarded as an elevated
threat and is of higher concern to organizations that fear being targeted by such an attack.

15
16
 4. SPYWARE

Spyware is malicious software that enters a user’s computer, gathers data from the device and
user, and sends it to third parties without their consent. A commonly accepted spyware
definition is a strand of malware designed to access and damage a device without the user’s
consent.

Spyware collects personal and sensitive information that it sends to advertisers, data
collection firms, or malicious actors for a profit. Attackers use it to track, steal, and sell user
data, such as internet usage, credit card, and bank account details, or steal user credentials to
spoof their identities.

The effects of spyware are wide-ranging. Some could go unseen, with users not knowing they
have been affected for months or even years. Others might just cause an inconvenience that
users may not realize is the result of being hacked. Some forms of spyware are capable of
causing reputational and financial damage.

COMMON PROBLEMS THAT SPYWARE CAN RESULT IN INCLUDE:

17
Data theft: One of the most common problems caused by spyware is data theft. Spyware is
used to steal users’ personal data, which can then be sold to third-party organizations,
malicious actors, or hacking groups.

Identity fraud: If spyware harvests enough data, then it can be used for identity fraud. This
sees the attacker amass data like browsing history, login credentials for email accounts,
online banking, social networks, and other websites to spoof or imitate the user’s identity.
Device damage: Some spyware will be poorly designed, which ends up having a negative
effect on the computer it attaches itself to. This can end up draining system performance and
eating up huge amounts of internet bandwidth, memory, and processing power. Even worse,
spyware can cause operating systems to crash, disable internet security software, and make
computers overheat, which can cause permanent damage to the computer.

Browsing disruption: Some spyware can take control of the user’s search engine to serve up
harmful, fraudulent, or unwanted websites. They can also change homepages and alter
computer settings, as well as repeatedly push pop-up ads.

18
If a device is showing signs of spyware, then it is important to get the device and any
connected systems cleaned up and protected again. The removal of spyware is possible
through solutions that can identify and remove malicious files.

The first step in removing spyware is to ensure the system is cleared of infection. This will
prevent new password changes and future logins from also being stolen. It is also important
to purchase robust cybersecurity software that offers comprehensive spyware removal, deep
cleans devices affected by spyware, and repairs any files or systems that may have been
infected.

With the system cleaned up, financial services need to be advised that potentially fraudulent
activity has occurred that could affect bank accounts and credit cards. If the spyware has
affected an organization, then legal and regulatory violations need to be reported to the
appropriate law enforcement agency.

19
 COSMOS BANK CYBER ATTACK IN PUNE: CASE STUDY

MALWARE ATTACK ON THE BANK’S SERVER

In August 2017, Cosmos Bank became the latest victim of a major cyber-attack. Hackers
bleach the blanks ATM switch server in Pune, stealing details of multiple Visa and Rupay
debit card owners. The details with them used to carry out 12000 fraudulent transactions
across 28 countries and August 11 - with the further 2841 transactions taking place in India.
That didn't stop here. Two days later, on August 13th, in another malware attack on the bank
server a SWIFT transaction was initiated - transferring funds to the account of ALM trading
limited enhancing Bank, Hong Kong. The total losses from the attacks and INR 94, or 13.5
million US dollars. Cosmos bank was forced to close its ATM operations and suspend online
and mobile banking facilities.

On August 11, the hackers cloned the card details and did over 12,000
transactions and transferred Rs. 78 crore out of India.

20
 The fraudulent transactions were carried out on 11 August and 13 August
2017 through 25 ATMs located in Canada, Hong Kong and a few in India
A complaint has been filed with Pune police about the malware attack and
the bank is doing internal audits to investigate the breach on 14 August
TIMELINE 2017.
Cosmos bank cyber attack
As a precautionary measure, the bank has closed all it’s servers and net
banking facilities, according to the official.
Realising the cyber attack, the bank then registered an FIR with the
Chatushringi Police station on 14 August 2017.

VULNERABILITIES:

1. Infrastructure was not fully updated.

21
 2. Multi factor authentication was not enabled for users.
3. iManage / file site patch was not installed
4. Lack of training and education in IT security team and users

Bank’s software and infrastructure was not fully updated. Most of the data was saved
on premises server. File server patch was not installed though it was scheduled. Lack
of communication between different IT department made situation more worse. IT
security team was not fully equipped and trained to stop these kind of attack. Users
were not properly educated to save their personal information.

COST:

The total losses from the attack stand at INR 94 crore, or 13.5 million USD. Cosmos bank
was forced to close it’s ATM operations and suspend online and mobile banking facilities.

PREVENTION:

1. Back up data regularly – verifying data integrity and testing the restoration
process.
2. Secure your offline backups – ensuring backups are not connected permanently to
the computers and the networks they are backing up on.
3. Audit firewalls, servers and intrusion prevention system (IPS) configurations –
block access to known malicious IP addresses & server message block ports 139
and 445, and disable SMBV1 and windows management instrumentation
command line in servers and active directory.
4. Patch operating systems, software and firmware on devices – use a centralised
patch - management system
5. Scan all incoming and outgoing emails – detect threats and filter executable files
from reaching and users using sandboxing.
6. Enable strong spam filters to prevent phishing mails – authenticate inbound email
using technologies such as sender policy framework, domain message
authentication reporting and conformance, and domain keys identified mail to
prevent spoofing.

22
 TO COMBAT EVOLVING BANKING SCAMS:

1. Awareness: Educate users about phishing techniques and the importance of verifying
sources before sharing sensitive information.

23
 2. Multi-Factor Authentication (MFA): Implement MFA to add an extra layer of security
beyond passwords.

3. Secure Communication: Encourage the use of secure channels, like encrypted emails
and messaging, to protect sensitive information.

4. Regular Updates: Keep software, antivirus programs, and firewalls up-to-date to

address vulnerabilities and enhance security.

5. Biometric Authentication: Utilize biometric methods like fingerprints or facial

recognition for secure user authentication.

6. Fraud Detection Systems: Employ advanced analytics and AI-driven systems to

detect unusual transactions and patterns indicative of fraud.

7. Customer Education: Continuously educate customers about the latest scams and best
practices for online security.

8. Transaction Monitoring: Implement real-time monitoring to identify and address

suspicious activities promptly.

9. Data Encryption: Ensure end-to-end encryption for data transmission, safeguarding it

from interception.

10. Collaboration: Foster collaboration among banks, cybersecurity experts, and law
enforcement to share threat intelligence and collectively address emerging risks.

CONCLUSION

In conclusion, the rapid evolution of technology has significantly contributed to the

emergence of new and sophisticated forms of banking scams, including phishing, identity

24
theft, and cyber fraud. The interconnectedness of our digital world has provided both
opportunities and challenges for individuals and financial institutions. Throughout this
exploration, we have delved into the intricate methods employed by cybercriminals to exploit
vulnerabilities in the banking sector.

Phishing attacks, leveraging deceptive tactics to trick individuals into disclosing sensitive
information, have become increasingly sophisticated. The rise of identity theft, facilitated by
the accessibility of personal information online, poses a serious threat to individuals' financial
security. Additionally, cyber fraud, characterized by unauthorized access and manipulation of
financial systems, remains a constant concern in the digital landscape.

However, amidst these challenges, preventive measures and cybersecurity practices offer a
ray of hope. Robust authentication methods, encryption technologies, and multi-factor
authentication are instrumental in fortifying the security of online banking transactions.
Education and awareness campaigns play a pivotal role in empowering individuals to
recognize and avoid falling victim to phishing attempts.

Financial institutions are adopting advanced fraud detection systems powered by artificial
intelligence and machine learning to analyse patterns and anomalies, enabling proactive
identification of potential threats. Collaboration between stakeholders, including banks, law
enforcement, and cybersecurity experts, is essential for sharing threat intelligence and
implementing timely responses to emerging scams.

In conclusion, as technology continues to advance, so too must our commitment to enhancing

cybersecurity practices. The collective efforts of individuals, financial institutions, and
regulatory bodies are paramount in mitigating the risks associated with new forms of banking
scams. By staying vigilant, embracing technological safeguards, and fostering a culture of
cybersecurity awareness, we can collectively build a more resilient and secure digital banking
environment for the future.

25