Threats
Impersonation, SIM swapping
Impersonation occurs when a fraudster steals information and then poses as a genuine user to do a transaction using the stolen e-wallet details and password.
Modus Operandi
- 1.fraudsters first collect the user’s information, and use it to get the mobile phone SIM card .For example they can use fake identity proof to obtain a duplicate SIM by visiting the mobile operator’s retail outlet.
- The mobile operator deactivates the genuine SIM card, which was blocked, and issues a new SIM to the fraudster
Security tip
- Avoid falling prey to social engineering tricks: Financial service providers and support staff will never ask their customers for sharing their private information such as passwords or payment account numbers over email requests or phone inquiries etc.
- Some Mobile network operators send an SMS to alert their customers of a SIM swap, the affected customer can act and stop this fraud in its tracks by contacting the mobile operator immediately.
Man-in-the-middle attack and Phishing
Sophisticated threats like Man-in-the-Browser or Man in-the-Middle attacks intercept online transactions by reading payment data from the Internet browser while the user is typing his credit card or bank account details.
Phishing attacks are used to steal users’ login details and personal data, making e-wallet accounts susceptible to fraud.
Security tips:
- The URL of the web-page should be verified, by establishing the authenticity of the website by validating its digital certificate.
To do so, go to File > Properties > Certificates or double click on the Padlock symbol at the upper right or bottom corner of the browser window.
- Emails or text messages asking the user to confirm or provide personal information (Debit/Credit/ATM pin, CVV, expiry date, passwords, etc.) should be ignored
Malware Attacks
Malware attacks on apps have threatened the safety of user’s money. An attacker can inject a malware to attack the app and collect details from his phone to misuse it.
Security tips
- Keep the wallet software up to date:
- Using the latest version of software allows receiving important stability and security fixes timely. It also prevents problems of various severities, include new useful features and help keep the wallet safe.
- Installing updates for all other software on the computer or mobile is also significant to keep the wallet environment safer.
- Use security software:
- Applications for detecting and removing threats, including firewalls, virus and malware detection and intrusion-detection systems, mobile security solutions should be installed and activated.