IJESRR V-3-3-3pppppp
IJESRR V-3-3-3pppppp
IJESRR V-3-3-3pppppp
ABSTRACT: In the present globalizes scenario, information technology is the most significant and
disputable Time period. It is the most powerful era which is fast, quick and accurate in all sectors. Increased
uses of information and communication technology (ICT) like as computers, mobile phones, Internet, and
alternative associated technologies are the routes which gave emergence to lot of constructive work as well
as dangerous work. The harmful activities are considered as “cyber crime” which includes spamming, credit
card fraud, ATM frauds, Money laundering, Phishing, Identity theft, denial of service and other host
contributing crime in the Indian Banking sector. This paper has made an attempt to analyze the impact of
cyber crime in Indian banking sector.
The study found that cyber crimes are often reduced from the banking transactions by applying the updated
technology and appointing reliable officers and devices. This paper is a try to examine the Effects of cyber
crime in the Indian banking sector.
INTRODUCTION
Attacks towards the finance industry are becoming increasingly sophisticated and quite focused.
Historically, a common (and rather successful) approach of targeting banks has been to direct email phishing
at customers. Now, rising channels, which include mobile and online banking, are opening new doors for
cybercriminals. To decrease the effectiveness of such attacks, banks have improved each communications to,
and the education of, customers, as well as rapidly reacting if an attack occurs. However, criminals have
responded not only by creating specialized malicious software designed to compromise online bank
accounts, but also by subverting the servers and software owned by professional institutions to enhance the
effectiveness of their phishing campaigns; a technique known as infrastructure hijacking.
The Financial Services Information Sharing and Analysis Centre has raised the threat level for attacks from
„elevated‟ to „high‟, citing “recent credible intelligence concerning the potential” for distributed denial-of-
service (DDoS) attacks .
This report contains recommendations and satisfactory practices to assist organizations develop a sustainable
security infrastructure designed to respond fast to focused on attacks and minimize the consequences of any
data breaches.
A criminal offense is an illegal act which isn‟t to be measured by the issue of occasions, but with the lawful
aims and by the bad intentions of fellows. The greatest crime does not emerge from a need of feeling for
others however from an over sensibility for ourselves and an over indulgence in our own goals. Cyber crime
is a crime committed on the internet. This is a broad term that describes everything from cyber commerce
sites to lose money Cyber crime is a digital wrong doing. Any illegal activities committed using a computer
or by using the net is known as cyber crime. Digital criminal acts are a variety of wrongdoings, which utilize
machines and network systems for criminal exercises.
Cyber crimes can be of different types, for example, Telecommunications Piracy, Cyber Money Laundering
and Tax Evasion, Sales and Investment Fraud, Cyber Funds Transfer Fraud etc. The existing current period
has replaced the normal financial devices from a paper and metallic based money to plastic cash as a Master
[email protected] Page 18
International Journal of Education and Science Research Review
Volume-3, Issue-3 June- 2016 E-ISSN 2348-6457
www.ijesrr.org Email- [email protected]
card, credit card, debit card and so forth. This has brought about the increasing utilization of ATM
everywhere throughout the sector. The usage of ATM is secure as well as and also convenient. As we all
know that every coin has its two side same way in ATM system which is also known as plastic cash is safe
and convenient but on the other side which can also be said as the evil side consist of misuse of the same.
This wise aspect of the ATM System is reflected as ATM cheats or ATM frauds that is a worldwide burning
issue. Cyber crime is rising as a serious threat. Worldwide governments, police departments and intelligence
units have commenced to react.
The Information Communication Technology (ICT) has revolutionalized different aspects of human life and
has made our lives simpler. It‟s been applied in exceptional industries and has made business procedures
simpler by means of sorting, summarizing, coding, and customizing the procedure. However, ICT has
brought unintended consequences in form of different cybercrimes. Cybercrimes have affected different
sectors among which banking sector is one of them which have witnessed different forms of cybercrimes like
ATM frauds, Phishing, identity theft, Denial of Service.
The human lifestyle has experienced enormous changes every now and then with rapid pace at social level
from the earliest starting point and innovative level following the time of ascent of innovations. Banking
field is considered one of them. Managing an account tactics to provide facilities and securities to a common
man with respect to cash saving Security issues play extremely crucial role in the implementation of
technologies specially in banking sector Further on it gets to be primary concerning the virtual security
which is at the center of managing an account in banking sector. After the arrival of Internet and WWW this
saving money phase has been completely change extraordinarily in respect of security in light of the fact that
now cash is in your grasp on a solitary click. Presently client has number of decisions to deal with his cash in
distinctive kind of methods. In this paper an endeavor has been made to advance different issues of Indian
banks websites for cybercrime safety mechanism and for the security instrument.
LITERATURE REVIEW
Cybercrime in Banking Sector
Cybercrime according to Douglas and Loader (2000) can be described computer mediated activities
conducted via global cyber networks which are either illegal or considered illicit with the aid of certain
parties. In the banking sector, the cybercrimes which are committed using online technologies to illegally
remove or transfer money to distinctive account are tagged as banking frauds (Wall, 2001). The cybercrimes
according to Wall (2001) can be classified into four major categories i.e. cyber-deceptions, cyber-
pornography, cyber-violence and cyber-trespass. The banking frauds are sub-classified in cyber-deception
which can be defines as an immoral activities such as stealing, credit card fraud, and intellectual property
violations (Anderson et al., 2012). There are number of frauds or cybercrimes witnessed in the banking
sector, like ATM frauds, Cyber Money Laundering and Credit Card Frauds. However, in general all the
frauds are executed with the ultimate goal of gaining access to user s bank account, steal funds and transfer it
to few other bank accounts.
In some cases the cyber criminals uses the banking credentials like PIN, password, certificates, etc. to access
accounts and steal meager amount of money; whereas in other cases they may want to steal all the money
and transfer the funds into mule accounts. Sometimes, the intention of cybercriminals is to just harm the
image of the bank and therefore, they block the bank servers so that the clients are unable to access their
accounts (Claessens et al., 2002; Hutchinson & Warren, 2003).
As a lot of vulnerabilities exist in the defense system of banking sector, thus there is a need to investigate the
ways to increase awareness about the measures that can be undertaken to combat cybercrimes in the banking
sector. However, not many studies in the past have been conducted in this area which would suggest ways to
mitigate the risks and fight such crimes (Florêncio & Herley, 2011; McCullough & Caelli, 2005).
[email protected] Page 20
International Journal of Education and Science Research Review
Volume-3, Issue-3 June- 2016 E-ISSN 2348-6457
www.ijesrr.org Email- [email protected]
In order to understand the fraud system in banking sector we will have to understand and describe the
attackers and defenders in this environment. The next section therefore describes the different actors which
are involved in cybercrimes.
Each of these actors and their characteristics have been defined below individually. Cyber Criminals
As per the OECD report (2007), these Malicious Exploiters can be categorized into five sub categories.
Innovators (who are searching security holes in the system to overcome protection measures followed by the
banks) Amateur (who are beginners in this area and their expertise is limited to computer skills, which is
exploited by the cyber criminal). Insiders (who are working within the bank to leak out important
information in order to take some kind of revenge) Copy cats (they are interested in recreating simple tasks).
Criminals (highly organized and very knowledgeable who may use all the above mentioned stakeholders for
their own earnings).
Money Mules
As per the definition given by OECD report (2007), money mules are people recruited wittingly and
often unwittingly by criminals, to facilitate illegal funds transfers from bank accounts. According to the FBI
(Federal Bureau of Investigation), these individuals engage in the money transfer activity in exchange of
some percentage of that money. According to Florêncio and Herley (2010) there position is to transform
reversible traceable transactions into irreversible untraceable ones.
Victims
Victims, according to OECD (2007), in the banking sector can be categorized into two categories; banks
and customer of these banks. The users or customers can be individuals, SMEs, or large multinational
organizations. The most negative externality most of the valid actors is created by individual users and SMEs
who do so by not employing risky online behavior or by not employing security measures during
transactions (Asghari, 2010; Mannan & van Oorschot, 2008).
Security Guardians
They are the most crucial actor of this system as they enhance the existing banking system and help in
removing the vulnerabilities and improvement of systems so that banking frauds may be mitigated. The
security guardians in case of banking sector could be the bank itself or the some third party hired by the bank
in order to ensure security from such threats.
[email protected] Page 21
International Journal of Education and Science Research Review
Volume-3, Issue-3 June- 2016 E-ISSN 2348-6457
www.ijesrr.org Email- [email protected]
However, this has also elevated the risk of turning into objectives of cyber attacks. Cybercriminals have
developed advanced strategies to not only cause theft of finances and finances information but also to
espionage businesses and access important business information which indirect impacts the bank s finances.
Globally, USD 114 Billion is lost nearly every year because of cybercrimes, and the cost spend to combat
cybercrimes is double is amount i.e. USD 274 billion (Symantec Cyber Crime Report, 2012).
On an average, banking facilities take 10 days to fully recover from a cyber act which further adds to the cost
of operation. Comparing the financial losses faced by the Indian Banking Sector, it is nearly 3.5% of the loss
in cash in comparison to global loss. USD 4 billion is lost in recovering from the crime and USD 3.6 billion
is spent to combat such crimes from happening in future. The average time taken to resolve the crime in
Indian banking sector is also higher in comparison to global scenario i.e. 15 days (Muthukumaran B., 2008).
In order to fight these cybercrimes, the banking sector needs to collaborate with global authorities and
watchdog organizations so that a model can be developed which can help in controlling and dealing with
such threats. The main issue of concern here is that there is absence of effective compilation service in the
banking sector which can identify the trends in cyber-crime and compile a model according to it. However,
in the last few months, banks all across the globe have perceived cybercrime as among their top five risks
(Stafford, 2013).
High profile banks in the UK like Barclays and Santander were targeted by hackers who stole personal
information of nearly 2.9 million credit card customers by hacking the software maker system of these
banks, which led them to incur huge losses. However, the scenario is not restricted to UK, in US as well such
attacks have surfaced in the past years and in order to curb the affect, they launched the program Quantum
Dawn 2 which test the efficacy of system installed in banks in response to cyber-attacks (Stafford, 2013).
However, the sad truth is that most the systems are one-step behind the tools adopted by cyber criminals
which has resulted in demand of development of system which is flexible is meeting and destroying the
incoming assaults. A solid defense system to resolve attack is the need of the hour before, during and after
the attack.
[email protected] Page 22
International Journal of Education and Science Research Review
Volume-3, Issue-3 June- 2016 E-ISSN 2348-6457
www.ijesrr.org Email- [email protected]
4) Phishing:- Phishing is only one of the numerous frauds on the Internet, attempting to trick individuals
into separating with their cash. Phishing alludes to the receipt of spontaneous messages by customers of
financial institutions, asking for them to enter their username, secret word or other individual data to
access their account for some reason. customers are directed to give a response to a mail and also
directed to click on the link mentioned in the mail when they click on the given link for entering their
information which were asked in the mail received by the fraudulent institution's of banking website, by
such kind of activities customers thus they remain unaware that the fraud has happened with them. The
fraudster then has admittance to the client's online financial balance available in the bank account and to
the funds contained in that account by making the misuse of the detail received from the customer
fraudulently. F-Secure Corporation's outline of 'information security' dangers amid the first 50% of 2007
has uncovered that the study discovered the banking industry as vulnerable objective for phishing tricks
in India
5) Financial Fraud:- Financial Fraud in UK, an industry body, says British misfortunes from web and
phone managing account extortion climbed 59 for every penny to £35.9m in the initial six months of the
year. It says that reports of fishing attacks indicate it is one of the quickest developing sorts of extortion.
In response the banks have called for UK telecom groups to reduce the time people can stay on the line
after someone else hangs up. By next year, most telecom operators will have cut the disconnection time
to two seconds. Accordingly the banks have called for UK telecom groups to reduce the time individuals
can stay hanging before anyone else hangs up. By one year from now, most te Phishing is one and only
illustration of the continually developing digital risk that banks and their client‟s face, which is the reason
the issue, has vaulted on to the motivation for sheets of executives, controllers and law authorization
organizations.
6) Cyber Security:- Specialists say banks confront four wide sorts of risk. First, country and states use
surveillance to both, take intellectual capital from banks and to destabilize them. Secondly, banks are a
prime focus for cyber terrorists looking to strike against images of western capitalism. Third, purported
"hacktivists" consistently make crafty endeavors to break into banks' IT organizes, normally to win more
attention for their reason. At long last, sorted out wrongdoing has to a great extent moved from taking
cash through conventional bank heists to utilizing different means, for example, on the web, phone and
card misrepresentation, which are harder to identify.
[email protected] Page 25
International Journal of Education and Science Research Review
Volume-3, Issue-3 June- 2016 E-ISSN 2348-6457
www.ijesrr.org Email- [email protected]
CONCLUSION
The paper gives a brief overview of cybercrime scenario in the banking sector and impact of
cybercrimes on bank finances. The major cybercrimes which plague the banking sector are ATM frauds,
Denial of Service, Credit Card frauds, phishing, etc. The rapid growth to global cyber crime and the
complexity of its investigation requires a global presence. Presently, the measures undertaken the banks are
not sufficient and therefore it is imperative to increase cooperation among the banks across the world for the
development of tools and models which can be applied to counter global banking cybercrimes.
Credit card fraud can be devoted using a credit card or any similar payment mechanism as a fraudulent
source of funds in a transaction. The reason may be to obtain goods without paying, or to obtain
unauthorized funds from an account. The regulatory framework must also take into account all the related
issues like development of e-money, right to privacy of individual. International law and international co-
operation will go a long way in this regard. At last it can be concluded that to eliminate cyber crime from the
cyber space is not a possible task but it is possible to have a regular check on banking activities and
transactions. The only promising step is to create awareness among people about their rights and duties and
further making the application of the laws more stringent to check crime. There is a need to bring changes in
the Information Technology Act to make it more effective to combat cyber crime
REFERENCES
1. U.S. Financial Sector has raised its Cyber Threat Level from Elevated to High, 21 September 2012
http://cyberwarzone.com/us-financial-sector-hasraised-its-cyber-threat-level-elevated-high
2. www.ijcrar.com_vol-2-2_A.R. Raghavan and Latha Parthiban
3. Types of Cyber Crimes & Cyber Law in India, Available at http:/ / www. csiindia.org
/c/document_library/get_file?uuid=047c826d-171c-49dc-b71b-4b434c5919b6, Last visited (30/4/2015)
4. Cyber law and Crimes: by Barkha Bhasin, Rama Mohan Ukkalam
5. http://resources.infosecinstitute.com/modern-online-banking-cyber-crime/, Last visited (20/1/2015)
6. Articles on ITA 2008
7. Articles on IT Act 2000 & IT Rules 2011
8. Cyber Law Cyber Crime Internet and E-Commerce by Prof. Vimlendu Tayal
9. Alaganandam, H., Mittal, P., Singh, A., & Fleizach, C. 2007. Cybercriminal Activity.
10. Anderson, R., Barton, C., Böhme, R., Clayton, R., van Eeten, M. J. G., Levi, M., Moore, T., & Savage, S. 2012. Measuring
the cost of cybercrime.
11. Asghari, H. 2010. Botnet mitigation and the role of ISPs: A quantitative study into the role and incentives of Internet Service
Providers in combating botnet propagation and activity. Delft University of Technology.
12. Böhme, R., & Moore, T. 2009. The Iterated Weakest Link--A Model of Adaptive Security Investment.
13. BhasinM (2007). “Mitigating Cyber Threats to Banking Industry” , The Chartered Accountant, April 2007, p.1622-1623
14. Choo.K.K.R (2008). “Money Laundering risks of prepaid stored value cards” ,Australian Institute of Criminology,
September, No.363, pp. 1-6
15. Choo, K.-K. R. 2011. The cyber threat landscape: Challenges and future research directions. Computers & Security, 308:
719-731.
16. Claessens, J., Dem, V., De Cock, D., Preneel, B., & Vandewalle, J. 2002. On the security of today s online cyber banking
systems. Computers & Security, 213: 253-265.
17. Douglas, T., & Loader, B. D. 2000. Cybercrime: Security and surveillance in the information age: Routledge.
18. Florêncio, D., & Herley, C. 2010. Phishing and money mules. In Information Forensics and Security WIFS, IEEE
International Workshop on pp. 1-5. IEEE.
19. Florêncio, D., & Herley, C. 2011. Where Do All The Attacks Go? Economics of Information Security and Privacy III pp. 13-
33. Springer New York.
20. Hutchinson, D., & Warren, M. 2003. Security for internet banking: a framework. Logistics Information Management, 161:
64-73.
21. Jaleshgari, R. 1999. Document trading online. Information Week, 755: 136.
22. KPMG 2012 [Online] Cybercrimes: A Financial Sector Review. Government and Public Sector. Available at:
https://www.kpmg.com/in/en/industry/p ublications/fs_cybercrime_booklet.pdf
23. Mannan, M., & van Oorschot, P. C. 2008. Security and usability: the gap in real- world online banking. Paper presented at
the Proceedings of the 2007 Workshop on New Security Paradigms.
[email protected] Page 26
International Journal of Education and Science Research Review
Volume-3, Issue-3 June- 2016 E-ISSN 2348-6457
www.ijesrr.org Email- [email protected]
24. McCullagh, A., & Caelli, W. 2005. Who goes there? Internet banking: A matter of risk and reward. Paper presented at the
Information Security and Privacy.
25. Muthukumaran. B 2008. Cyber Crime Scenario in India, Criminal Investigation Department Review, pp.17-23
26. OECD. 2007. Malicious Software Malware: A Security Threat to the Internet Economy.
27. Premchaiswadi, N., Williams, J. G., & Premchaiswadi, W. 2009. A Study of an On-Line Credit Card Payment Processing
and Fraud Prevention for e- Business. In T. Bastiaens, J. Dron, & C. Xin Eds., World Conference on E- Learning in
Corporate, Government, Healthcare, and Higher Education 2009: 2199-2206. Vancouver, Canada: AACE.
28. Reddy.G.N, (2009). “IT- Based Banking Services Enhancing Efficiency” , Financial Analyst, November,p.69
29. Sherstobitoff, R. 2013. Inside the World of the Citadel Trojan McAfee Labs. Stafford P. 2013 [Online] Cyber crime threatens
global financial system. Available at: http://www.ft.com/cms /s/0/9804988c-3722-11e3-9603-
00144feab7de.html#axzz2tMwSTsmF.
30. Symantec Cyber Crime Report, 2012 [Online] Cybercrime Report. Available at: http://now-static.norton.com /now/ en
/pu/images /Promotions /2012/ cybercrimeReport/2012_Norton_Cyber crime_Report_Master_FINAL_050912. pdf
31. TrendMicro. 2013. Security Threats to Business, the Digital Lifestyle, and the Cloud.
32. Vrancianu, M., & Popa, L. A. 2010. Considerations Regarding the Security and Protection of E-Banking Services
Consumers Interests. The Amfiteatru Economic Journal, 1228: 388-403.
33. Wall, D. 2001. 1 Cybercrimes and the Internet. Crime and the Internet:
[email protected] Page 27