In India, cyber laws are in place to prohibit any crime involving technology in which a computer is used as a tool. Citizens are protected from disclosing sensitive information to a stranger online under cybercrime legislation. Since the establishment of cyber laws in India, the IT Act of 2000 has been enacted and changed several times, encompassing various sorts of cyber offences in India.
WHAT IS PHISHING?
People are increasingly sharing their personal information online, thanks to the rapid expansion of internet usage. As a result, fraudsters have access to a vast amount of personal information and financial activities. Phishing is a highly successful type of cybercrime that allows attackers to fool consumers and obtain sensitive information. It has grown into a more sophisticated attack vector since the first known phishing attack in 1990. Phishing is now widely regarded as one of the most common forms of online fraud. Phishing attacks can cause victims to lose a lot of money, sensitive information, identity theft, companies, and government secrets.
Phishing is a type of cybercrime in which a person posing as a genuine organisation contacts a target or targets via email, phone, or text message to persuade them to provide sensitive data such as personally identifying information, banking and credit card information, and passwords. The data is then utilised to get access to sensitive accounts, which can lead to identity theft and financial loss.
CHARECTERISTICS OF PHISHING
Too Good To Be True – Offers that are both lucrative and eye-catching or attention-grabbing are intended to grab people’s attention right away. Many people say that you have won an iPhone, a lottery, or some other costly prize, for example. Simply ignore any dubious emails.
Hyperlinks – A link might not be what it seems. Hovering your mouse over a link displays the URL to which you will be directed if you click it. It could be something altogether different, or it could be a well-known website with a misspelling, such as www.bankofarnerica.com,
Cybercriminals frequently utilise the strategy of asking you to act quickly since the fantastic discounts are only available for a limited time. They may even tell you that you just have a few minutes to answer. It’s recommended to ignore these kinds of emails if you come across them. They may inform you that your account will be suspended unless you immediately update your personal information. Most reputable businesses give customers plenty of notice before terminating an account, and they never ask them to update personal information via the Internet. If in doubt, go straight to the source rather than clicking a link in an email.
Attachments – If you receive an email with an attachment you didn’t expect or that makes no sense, don’t open it! They frequently include payloads such as ransom ware or other infections.
Unusual Sender – Don’t click on anything that seems out of the ordinary, unexpected, out of character, or just suspicious in general, whether it appears to be from someone you know or someone you don’t know.
HOW TO PREVENT PHISHING
Spam filters can be used to protect against spam e-mails. To decide if a message is spam, the filters look at the message’s origin, the programme that sent it, and the message’s appearance. Spam filters can sometimes reject emails from legitimate sources, so it’s not always perfect. Browsers store a list of phoney websites in their cache, and when you try to access one, the URL is blocked or an alert message appears. Only trusted websites should be allowed to open in the browser’s settings. While the user image is visible on many websites, users are required to input login credentials. This type of system could be vulnerable to cyber-attacks. Changing passwords on a frequent basis and never using the same password for many accounts is one technique to assure security To avoid phishing, banks and financial institutions utilise monitoring systems. Individuals can report phishing to industry organisations, who can then take legal action against the bogus websites. Employees should receive security awareness training so that they are aware of the threats.
INDIAN CASE LAWS
National association of Software Vs Ajay Sood And Ors on 23 March, 2005- phishing, under the Indian law would be a misrepresentation made in the course of trade leading to confusion as to the source and origin of the e-mail causing immense harm not only to the consumer but even the person whose name, identity or password is misused. Mrs. Sucheta Charudatta Dhekane V Bank Of Maharashtra on 9 November, 2011-Bank has taken the following the customers interest from internet measures to protect the customers interest from internet banking Fraud activities, Banking frauds etc. etc. a) Internet Banking Start-up kit includes instructions regarding precautions to be taken while using the Internet Banking facility.
Phishing attacks are still one of the most serious hazards to individuals and businesses today. This is primarily due to human involvement in the phishing cycle, as stated in the article. Phishers frequently take use of human vulnerabilities in addition to technological advantages (i.e., technical vulnerabilities). Age, gender, internet addiction, user stress, and a variety of other factors have been found to influence people’s vulnerability to phishing. New sorts of phishing mediums, such as voice and SMS phishing, are on the rise in addition to classic phishing channels Furthermore, as social media has grown in popularity, so has the usage of social media-based phishing.
Author’s name: Shinan D’leema (Narsee Monjee Institute of Management Studies- School of law, Hyderabad)