T-Magazine
Next Story

The growing threat of cyber-fraud

Three private banks in Karachi were targeted in a major cybercrime incident right before Eid

By Ayaz Hussain Abbasi |
facebook whatsup linkded
PUBLISHED May 08, 2022
KARACHI:

A major case of cybercrime engulfed Pakistan’s financial hub of Karachi recently. A debit card scam that targeted several consumers of three private banks emerged right before Eidul Fitr, prompting complaints with the Federal Investigation Agency’s (FIA) Cybercrime Unit of strange financial activities.

Hundreds of customers of one of Pakistan's largest banks reported that they had lost money over the previous few days due to a technical fault with the bank's services. The targeted customers also said were left in the dark about certain bank transfers, bill payments, and online purchases that were notified to them without their knowledge or approval. The bank's staff informed the irate clients that their services were experiencing problems and that the bank was working hard to resolve the problems. Customers also stated that their cards had been momentarily disabled.

As the complaints piled up, debit card fraud was suggested as a likely explanation for the shady transactions. This particular type of fraud is committed by robbing and modifying ATMs so that they replicate debit card information whenever a user enters their card into the machine. The card's key pins are also taken using key loggers, and the cards are then utilised on the Internet.

Overseas thieves utilised compromised data from many debit cards to execute fraudulent financial transactions in foreign currencies to steal from a leading bank in Pakistan that offers online banking services. The financial organisation had to block foreign financial transactions using debit cards for practically all of its customers as a result of the incident.

As the fraudulent transactions were made in dollar denominations instead of Pakistani rupees, any customer who wanted to use a debit card for Internet banking had to first activate the service. Failure to do so resulted in the transaction being denied and online service suspended for the account for safety reasons.

There were multiple fraudulent transactions of minor sums from multiple accounts. However, it was unclear how much money cyber criminals operating from abroad stole from how many bank accounts in Pakistan.

Pakistan, a lucrative target

As the use of digital banking has grown in Pakistan over the last two years, data breaches have correspondingly become increasingly common in the country, despite the banking regulator and relevant ministry issuing a strong cyber security strategy. Over the past six months, data breaches have affected not just banks, but also numerous government organisations, such as the Federal Board of Revenue (FBR) and the Ministry of Finance, necessitating the need for both public and private financial institutions to develop and implement a comprehensive strategy to secure their customers and systems from hacking attempts.

Almost all of Pakistan's banks were hacked in 2018 and huge sums of money were stolen from people's accounts by the perpetrators. The cyber-security incident exposed over 19,000 card details from 22 Pakistani banks. The discovery came in response to a tip by Group-IB, a multinational cyber security group, which claimed that hackers had exposed a massive number of Pakistani individuals' credit and debit cards on dark web forums. Among these, krebsonsecurity.com reported that over 8,000 account holders from roughly ten Pakistani banks had lately been sold on the dark web.

K-Electric, the city of Karachi's energy provider, was targeted by a Netwalker ransomware attack in September 2020, which disrupted billing and online services. The attackers stated that unless the management paid a $7 million ransom, all of KE's customers' information, including names, addresses, CNICs, NTNs, credit cards, and bank account numbers, would be leaked in the dark web.

Hackers stole the personal information of 260,000 users from a Pakistani music streaming site in January 2021. In August 2021, hackers attacked Pakistan’s largest data center controlled by the Federal Board of Revenue (FBR) and managed to crack the hyper-V software by Microsoft, shutting down all the official websites operated by the tax machinery.

Despite the fact that the FBR's official website and tax-related operations were restored, hackers sold the FBR's data for $30,000 on a Russian forum. A cyberattack on the NBP's servers was detected in the late hours of October 29th and early hours of October 30th, 2021, affecting some of its online services.

At least three other notable cyber-attacks are the Careem security breach in April 2018, which compromised the data of customers from Pakistan and other countries; the attack on Peshawar ATMs in December 2020; and the breach of various websites, including those belonging to the Sindh High Court in July 2021 and PTV Sports in August 2020, among others.

Some senior Pakistani officials' cellphones were hacked in 2019 for covert surveillance. The attack was carried out using a particular sort of malware known as "Pegasus," which was purportedly developed by Israeli spyware firm NSO Group. The spyware might acquire access to messages, emails, contacts, and passwords by making a missed call to the targeted WhatsApp number and turning on the phone's camera and microphone. The malware was also capable of determining a user's GPS position. Following the hacking incident, rumors stated that the Pakistani government was working on an alternative to WhatsApp for securing sensitive or confidential material.

An ideal environment for criminals

The COVID-19 pandemic has created ideal conditions for several sorts of financial fraud to flourish. Millions of people have been compelled to alter their daily habits, particularly the way they work, shop, and communicate, which has accelerated fraud in the following ways.

Many office workers, including bank employees, have shifted to remote working, which has necessitated remote access to company networks — often with inadequate security safeguards in place. In the home-working environment, some internal controls and confidentiality requirements have also become more difficult to enforce.

As branches and businesses close, a dramatic shift in banking transactions to digital channels has forced banks to rely on digital and telephone channels to keep services running. This is especially true in underdeveloped countries, where banks have rushed to embrace digital innovation while overlooking security concerns in some circumstances.

For example, transaction limits on digital channels have been raised, implying that account takeover can now result in larger thefts. The rise in-home delivery for retail orders has given rise to new phishing scams employing email or text warnings, as well as a general increase in communications via digital channels that can be faked and exploited for phishing.

During lockdowns, there was a large surge in retail participation in financial markets, which presented opportunities for online investment.

The most serious threats

The usage of technology, notably the Internet, is used in many aspects of a bank or financial institution's activities. Your bank's sensitive data may be at risk if you don't have strong cyber security procedures in place. The five most serious dangers to a bank's cyber security are listed below:

As a bank or financial institution, they must identify solutions to prevent cyber security threats while still providing easy, technologically sophisticated options to their consumers.

To combat the growing number of cyberattacks, public and private sector organizations should use all available resources, including specialists and technology tools, to upgrade their cyber security systems.