Technology website ZDNet reported recently that details of around 1.3 million credit and debit cards, mostly of Indians, were up for sale on Joker’s Stash, the internet’s largest carding shop. Basically, the term means an online marketplace where criminals like hackers can buy and sell details of such cards. Financial data has long been a hot target for hackers and such data has been sold regularly on the dark web for various prices.
Group-IB said the details of the 1.3 million cards were being sold at a rate of $100 per card which will make the hackers around $130 million dollars, should they be able to successfully sell the data. An analysis showing the cause to determine how the details were leaked, shows that there was a possibility that ATMs and Point of Sale terminals might have been injected with software that gathers sensitive data and passes them to the attacker.
This is not the first time when we have seen an attack of this style. If you recall, in October 2016 a similar incident took place when millions of ATMs were hacked in the country, and SBI whose customers were the major victims said to scramble measures to deal with the situation by issuing replacement cards and upgrading ATMs. Since then we have the new ATM cards that contain the protective chip.
Hacking Is Not Limited
Hacking is not limited to just debit and credit cards. Even your personal data could be of value to a hacker. Even emails, social media accounts, and even entire devices have been hacked sometimes and in extremely creative ways. There are plenty of stories on the internet of people asking. How to get access to their email or social media back. In fact, India is so vulnerable to cyber security lapses that it was ranked 15th by security services portal Comparitech on a list of nations with the laxest cyber security.
So what can we do to be safe? First, never share your banking details with anyone. Don’t use your debit or credit card on sketchy websites or on public wifi. Always connect to secured websites. You can see if the website starts with HTTPS instead of the unsecured HTTP. Secondly, use digital payment platforms like UPI to make purchases as these are far more secure than cards. Coming to devices, always download apps from the verified app store and not from some mirror website.
Always Use A Strong Password(Cyber Security)
Always use a strong password. “Password”, “P@ssword” and “123456” are some of the most used passwords worldwide. And these are the first guesses a hacker makes while trying to get into your system so never use them. Use a password manager if you have difficulty remembering too many passwords. A password manager stores all your passwords safely and requires you to remember only one password. Think of it as a safe where all your passwords are stored. Even if they get hacked, their encryption ensures that the hacker sees gibberish instead of seeing your password. Lastly, don’t reveal your passwords to anyone or give your devices to people you don’t know very well. Social engineering is a great way to get into peoples’ systems and as a popular saying in the developer community goes, “There is no patch for human stupidity.”