The cybersecurity agency of the central government, CERT-In, has warned the people of the country against incidents of credit card skimming on e-commerce websites across the world.
The Indian Computer Emergency Response Team (CERT-In) in an official post said hackers are targeting the websites that are hosted on Microsoft’s IIS server which is running on the ASP.NET web application framework.
In its advisory, CERT-In said: “It has been reported that credit card skimming through various e-commerce sites are spreading worldwide.”
“Attackers are typically targeting e-commerce sites because of their wide presence, popularity and the environment LAMP (Linux, Apache, MySQL, and PHP),” it said.
CERT-In has shared the names of skimmer hosting sites. These websites include idpcdn-cloud[.]com; joblly[.]com; hixrq[.]net; cdn-xhr[.]com; rackxhr[.]com; thxrq[.]com; hivnd[.]net; 31[.]220[.]60[.]108
How to avoid debit, credit card frauds? Here are 9 ways:
Use the cards on trusted online merchants: One way of cutting down card frauds is making sure that you use your cards on trusted websites when shopping online. Trusted websites are those which are SSL-certified, uses a protocol like ‘https’ rather than ‘http’, MasterCard’s SecureCode, etc.
Be careful of malware: As any electronic device, be it your smartphone or laptop, is a gateway to the banking account, it is important to be aware of what is installed on the device. If you end up clicking on a malware link, hackers may be able to spy and steal your financial data.
Avoid using public networks: Given that most of the people carry out financial transactions using plastic money, using public Wi-Fi or unsecured networks must be avoided at all costs as they become easy targets for fraudsters.
Don’t disclose card information: If you get a number of calls/e-mails asking for sensitive information regarding your credit/debit cards, and bank information make sure to not share information like bank account number, card number, PIN, CVV, or password.
Opt for two-factor authentication: Opting for two-factor authentication is another way to make sure that debit/credit cards can’t be used for fraudulent transactions. Under this type of authentication, an OTP is generated and sent to the registered mobile number every time a financial transaction is initiated.
Watch out for skimming devices at ATMs: When using the debit card to withdraw cash from ATMs, be sure to check for skimming devices.
Set a difficult password: Be it your 4-digit PIN or the internet banking password, make sure that it is a difficult or unpredictable one. It should be a unique combination of numbers or of alphabets, numbers, and special characters.
Register for alerts: Register for mobile or e-mail alerts on both credit and debit card transactions. This will ensure that you get updates on every transaction that is carried out using your card.
Immediately report fraud transactions/loss of cards: In case any unauthorised transaction takes place from your account, immediately report it to the bank/card-issuing company and ask them to block the transaction and your card.