Ever since November 8, 2016, phrases like “cashless economy” and “digital India” have become part of dinner table conversations in several households. But it seems the drive to go digital at breakneck speed has made India more vulnerable to cyber fraud attacks.
Data from global digital security solutions provider RSA shows that in a list of top 10 targeted countries for phishing attacks, India rose from No. 10 in January-March last year to No. 3 this year.
“The growing trend of going digital in India has made the country very attractive for phishers,” Daniel Cohen, director product, fraud and risk intelligence at RSA, told Fortune India.
He added that phishing accounted for around 26% of total fraud attacks in India. However, the spot of highest contributor to this figure was taken by another type of attack, rogue apps.
A rogue app, Cohen explained, is either a replica of a legitimate app like a mobile banking app or a wallet app or a malicious app posing as a game or other seemingly harmless app. Such apps are designed to steal user information. Rogue apps accounted for 43% of total attacks in India.
“This is the highest in the world. Globally, rogue apps contribute just about 6% of the total attacks,” Cohen said. He added that of most rogue apps, nearly 99.9% were android apps and only 10 were found on iTunes.
However, he clarified that a majority of the rogue android apps came from unauthorised third party sources with an “apk” file to download and not Google’s Play Store. “The easiest way to stay safe from rogue apps is to ensure that the app is downloaded from an authorised app store and keep your computer’s or phone’s operating system up to date,” he said.
In light of a recent incident where an Amazon Alexa device, without any instructions, recorded a family’s private conversation and sent it to a person on the contact list, Cohen said data security and authentication is set to evolve. He said authentication will increasingly move toward behavioural metrics instead of static ones like usernames, passwords, and even biometrics.
“In the near future, these devices will start making financial decisions for us. They will make purchases and set up appointments for us. So authentication and security will increasingly rely on behavioural metrics,” Cohen said.
He explained that artificial intelligence will track things such as when, where, and how a user is browsing or purchasing things and raise a flag if a transaction doesn’t match the behaviour pattern it has been tracking.