The World Opinion

Tag: Cybersecurity

  • How To Spot Digital Arrest Scam And Protect Yourself –Explained | Economy News

    New Delhi: Digital arrests have recently emerged as a common form of digital fraud in India, costing Indians a significant portion of their hard-earned money. However, digital arrest is merely a scam that may be avoided by being aware of the fraudulent techniques used by con artists to digitally arrest victims. 

    During his recent Mann ki Baat address, Prime Minister Narendra Modi warned the country about the surge of digital arrest frauds. He said that “there is nothing like digital arrest in our law” and that this is merely fraud. According to PM Modi, digital arrest can be avoided by following the three steps of digital security: stop, think, and act.

    What is a digital arrest?
    In a digital arrest scam, con artists pose as the CBI, police, and occasionally RBI personnel. They first use phone calls to reach their victims before moving on to video calls via Skype and WhatsApp.

    The scammers typically use a police station-style setup after switching to video to trick victims into thinking that officers are making the call. 

    The con artists claim that the target’s detention results from their alleged unlawful activities. 
    A warrant for a digital arrest for the purported offense is threatened to the victims. To revoke the digital arrest warrant, the scammers then demand cash or a penalty. Following payment, the scammers vanish, leaving the victims with a financial loss.

    Thousands of people have fallen victim to such scammers. According to data from the National Cybercrime Reporting Portal (NCRP ), this fraud is very common. An Indian Express report using NCRP statistics claims that in the first quarter of 2024, Indians lost up to Rs 120 crore due to digital arrest cases.


    How to spot a digital arrest scam?
    During his recent Mann ki Baat address, Prime Minister Modi issued a warning to the country on the increase in digital arrest frauds. The PM said there is nothing like digital arrest in our law and the gang of criminals doing this are enemies of society.

    Scams using digital arrest are detectable. First off, nobody from the government calls people and threatens them or demands money. PM Modi claims that no government organization calls people to demand money. 

    Second, there’s no reason to be alarmed if you receive such a call. You should realize that the scammers have gathered your personal information and are attempting to intimidate you. 

    Thirdly, scammers frequently fabricate an emergency to force you to act impulsively. By staying on the call all the time, scammers exert pressure on the victim. It may be a case of cybercrime if you believe that the con artists are inciting a sense of urgency. 

    Fourth, you should be on guard if the con artists implicate you in a significant crime while on the phone. Since you haven’t done anything illegal, you can tell right once that this call is fraudulent.


    How to protect yourself from a digital arrest scam?
    The key to avoiding being a victim of digital arrest scams is to remain alert and aware of such fraudulent activities. According to PM Modi, there are three steps to digital security: stop, think, and act.

    * There is nothing like digital arrest in our law.

    * No government agency calls people and threatens them, nor does it demand money over a video call.

    * Don’t panic when you receive a call. Instead, take a screenshot and record a call.

    * Verify the identification of fraudsters posing as law enforcement authorities by getting in touch with the government or law enforcement officials directly through the appropriate route. 

    * The first thing to do if you fall victim to a digital arrest scam is to report your bank and freeze your account right away.

    * Never divulge private information to third parties, including KYC details, bank details like – user ID password, card details, CVV, OTPs or PIN number.

    * Victims should call the national cyber helpline 1930 and report such incidents on cybercrime.gov.in.

  • Security Alert for Google Chrome Users! Govt Issues High-Severity Warning; Here’s How to Stay Safe |

    New Delhi: Google Chrome users in India have received a high-security warning from the Cybersecurity watchdog Indian Computer Emergency Response Team (Cert-In). Amid multiple vulnerabilities discovered in Google Chrome. the government has ordered Indian users to update their browsers with the latest security update that Google rolled out earlier this month.

    Notably, Google Chrome users can update their browsers to version 127.0.6533.99/.100 (for Windows and Mac) and 127.0.6533.99 (for Linux) to prevent themselves from being affected by this security flaw.

    As per the latest security warning, Chrome users on desktops or PCs should exercise extreme caution when clicking on suspicious emails or downloading files from untrustworthy links.

    Recently, the cybersecurity agency also issued a warning for users using Android smartphones powered by Qualcomm and MediaTek chipsets. It noted that the impacted smartphones are operating on Android versions 12, 12L, 13, and 14.

    Furthermore, a “severe” warning was also issued to Apple users who own iPhones, iPads, Macs, and more regarding multiple vulnerabilities by the cybersecurity agency.

    Google has confirmed that the security update has already been released to stable users on Windows and Mac, while Linux users can expect to receive the update in the coming days or weeks.

  • Got Traffic e-Challan Message on WhatsApp? Check How Vietnamese Threat Actors Are Targeting Indian Users |

    Bengaluru: A highly technical Android malware campaign by Vietnamese hackers is targeting Indian users through fake traffic e-challan messages on WhatsApp, according to a report on Wednesday.

    Researchers from CloudSEK, a cybersecurity firm, identified the malware as part of the Wromba family.

    It has infected more than 4,400 devices and led to fraudulent transactions exceeding Rs. 16 lakh by just one scam operator, they said.

    “Vietnamese threat actors are targeting Indian users by sharing malicious mobile apps on the pretext of issuing vehicle challan on WhatsApp,” said Vikas Kundu, Threat Researcher, CloudSEK.

    Scammers are sending fake e-challan messages impersonating the Parivahan Sewa or Karnataka Police and tricking people into installing a malicious app.

    The app steals personal information and also facilitates financial fraud.

    Clicking the link within the WhatsApp message would lead to the download of a malicious APK disguised as a legitimate application.

    Once installed, the malware requested excessive permissions, including access to contacts, phone calls, SMS messages, and the ability to become the default messaging app.

    It then intercepts OTPs and other sensitive messages, which enables attackers to log in to victims’ e-commerce accounts, purchase gift cards, and redeem them without leaving a trace.

    Kundu explained that once the app gets installed, it extracts all the contacts to scam more users.

    Further, all the SMSes will be “forwarded to the threat actors thus allowing them to log in to various e-commerce and financial apps of the victim,” he added.

    Using proxy IPs, the attackers avoid detection and maintain a low transaction profile.

    Using the malware, attackers have accessed 271 unique gift cards, conducting transactions worth Rs 16,31,000, according to the report.

    Gujarat has been identified as the most affected region, followed by Karnataka.

    To protect against such malware threats CloudSEK urged users to stay vigilant and adopt security best practices installing apps only from trusted sources like Google Play Store; limiting app permissions and regularly reviewing them, maintaining updated systems, and enabling alerts for banking and sensitive services.

  • Cop Connect Café: Zscaler And ISAC Foundation Unveil New Cybersecurity Unit In Bengaluru’s DSATM | Internet & Social Media News

    In a bid to tackle the rising cybercrime issues in India, Zscaler, a leading cybersecurity firm, and ISAC Foundation, a non-profit organization in cybersecurity, have launched the ‘Cop Connect Café’ at Dayananda Sagar Academy of Technology & Management (DSATM). in Bengaluru. This venture, part of Zscaler’s Corporate Social Responsibility (CSR) program, is aimed at promoting cyber hygiene and security within communities around the world.

    The recent inauguration of the new café in Bangalore will offer the community a secure environment to receive expert help and advice on cyber fraud issues. The café integrates a team of cyber psychologists, technical specialists, and legal consultants to provide comprehensive, personalized support to those affected by cybercrimes.

    Speaking at the event, Karnataka High Court Judge HP Sandesh highlighted the café’s role in providing immediate help to cybercrime victims and emphasized the importance of using technology to prevent cybercrimes.

    In partnership with ISAC, the café aims to develop a strong cybersecurity network in the region by empowering individuals with the knowledge, training, and assistance required to counter online threats. Additionally, the café will organize general cybersecurity awareness sessions and establish women safety clubs to enhance cyber hygiene within colleges.

    Vishal Gautam, Vice President of Engineering and Site Managing Director at Zscaler, underlined the significance of cybersecurity awareness and hygiene in India, likening it to the Swachh Bharat Abhiyan cleanliness initiative. He stressed the necessity of collaboration between the public and private sectors to address the escalating cyber-attack threats.

    Rajshekhar P, Founder Director of ISAC, pointed out that while cybersecurity awareness and cybercrime first aid are fundamental to Cop Connect Café, tools like the Hacked Or Not Kiosk (HONK) play a crucial role in safeguarding individuals and their internet-connected devices.

    ISAC Foundation works with CERT-IN, AICTE, and the Ministry of Education to bolster India’s cybersecurity landscape. Zscaler is actively investing in setting up Cop Connect Cafés in educational institutions nationwide. These cafés offer a specialized space for the public and students to obtain expert assistance and support in dealing with cyber fraud incidents.

  • boAt Hit With Massive Data Breach, Over 7.5 Million Customers At Risk Of Losing Personal Info |

    New Delhi: In a recent cyberattack, India’s leading audio brand, boAt, has suffered a data breach that has left the personal information of more than 7.5 million customers. This breach has exposed personal information, including names, addresses, contact numbers, email IDs, customer IDs, and more, putting users’ bank accounts and other private data at risk.

    Despite the severity of the situation, boAt has not yet released an official statement regarding the incident. Notably, Forbes initially reported on the breach.

    The breach was revealed by a hacker identifying as ShopifyGUY, who asserted to have breached boAt Lifestyle’s database on April 5. The hacker shared files containing the compromised data, reportedly comprising 7,550,000 entries, within a dark web forum. (Also Read: WhatsApp Call Scam Alert! Be Cautious If You Receive Calls From These Numbers, Government Warns)

    What Could Happen After This Breach:

    As you may know, if a hacker obtains access to the database, they can utilize your phone number and email ID to not only circumvent device security but also send phishing emails. These emails can be utilized to pilfer data or even money by infecting your devices with malware.

    These scammers may contact you, armed with all your information, and attempt to make them click on website links to download apps, or any other form to perform actions.

    boAt- Second Most Popular Brand

    boAt, established in 2016 by Aman Gupta and Sameer Mehta, has garnered recognition for its cost-effective audio products and wearable devices, emerging as the second most wearable brand in India. Despite the recent breach, the Gurugram-based company has experienced substantial growth, achieving sales exceeding Rs3,000 crore in March 2023. (Also Read: https://zeenews.india.com/technology/nothing-set-to-launch- nothing-ear-and-nothing-ear-a-earbuds-in-india-check-date-2737912.html)

    The homegrown consumer electronics company has filed its IPO documents in 2021 but postponed the offering owing to market fluctuations. It’s worth mentioning that boAt faces competition from brands such as Fire-Boltt, Noise, Xiaomi, and Samsung.

  • Beware Of Calls Impersonating DoT, Threatening To Disconnect Mobile Numbers; WhatsApp Calls Starting With +92

    The DoT has cautioned on misuse of mobile numbers, WhatsApp calls from foreign origin mobile numbers (like +92-xxxxxxxxx) impersonating Government officials.

  • Amazon launches Ecu ‘sovereign’ cloud as EU knowledge debate rages

    The Amazon Internet Products and services (AWS) brand, a subsidiary of Amazon that gives on-demand cloud computing platforms to people, firms, and governments, displayed all the way through the Cell Global Congress 2023 on March 2, 2023, in Barcelona, Spain.

    Joan Cros | Nurphoto | Getty Photographs

    Amazon on Wednesday mentioned it is going to release an impartial cloud for Europe aimed toward firms in highly-regulated industries and the general public sector.

    Amazon Internet Products and services Ecu Sovereign Cloud might be positioned inside Europe and might be separate to the U.S. era massive’s different cloud operations.

    Consumers of the brand new machine will have the ability to stay positive knowledge within the Ecu Union and handiest EU-resident AWS workers who’re positioned within the 27-nation bloc can have keep watch over of the operations and improve for the sovereign cloud.

    “Consumers can have the keep watch over and assurance that AWS is not going to get right of entry to or use buyer knowledge for any objective with out their settlement, in addition to get right of entry to to the most powerful sovereignty controls amongst main cloud suppliers,” Amazon mentioned in a observation.

    The release of the brand new cloud machine underscores the desire for companies to satisfy Europe’s strict knowledge privateness regulations in addition to the area’s push for so-called “virtual sovereignty,” the theory the EU will have to be in keep watch over of its personal knowledge and era.

    The speculation of virtual sovereignty, whilst now not well-defined, extensively pertains to a bid by way of the EU to spice up Ecu-developed crucial era and feature strict regulations over the garage and switch of knowledge.

    As govt businesses and important companies an increasing number of transfer their operations to public cloud operators, like Amazon or Microsoft, there may be rising worry within the EU that knowledge is being saved at the servers of non-Ecu corporations. Some cloud options might require knowledge to be transferred to and from the EU. And there’s a rising concern amongst companies and lawmakers that this knowledge might be accessed by way of entities outdoor of the EU.

    Amazon’s sovereign cloud is most probably an try to allay a few of the ones fears.

    “The AWS Ecu Sovereign Cloud reinforces our dedication to providing AWS shoppers probably the most complex set of sovereignty controls, privateness safeguards, and security measures to be had within the cloud,” mentioned Max Peterson, vp of Sovereign Cloud at AWS, in a press unlock.

    For years, the EU has been involved in regards to the reliance on overseas, specifically U.S. corporations, for cloud computing within the bloc. Europe has tried to counter the rising measurement of cloud giants via an initiative referred to as Gaia X, which targets to attach other cloud suppliers within the area, providing companies extra selection at the services and products they use.

    Main U.S. era giants have seemed to spice up their options to satisfy the desire within the EU for “sovereign” clouds. Closing yr, Google Cloud offered options, together with restricting get right of entry to to Ecu knowledge by way of EU citizens inside the bloc. And closing yr, Microsoft launched its “Cloud for Sovereignty” options aiming to spice up knowledge keep watch over for purchasers.

  • Okta stocks fall after corporate says consumer recordsdata have been accessed by means of hackers by the use of its give a boost to gadget

    The Okta brand on a smartphone.

    Tiffany Hagler-Geard | Bloomberg | Getty Photographs

    Stocks of cybersecurity company Okta fell just about 11% after the corporate stated that an unidentified hacking workforce had accessed recordsdata which “positive Okta shoppers” had uploaded to Okta’s give a boost to gadget.

    The corporate stated that the hackers have been in a position to get right of entry to the gadget by the use of a stolen credential. Okta’s buyer choices, together with its manufacturing provider, weren’t impacted and are totally operational, the corporate stated.

    One of the most greatest corporations on this planet use Okta to streamline their login and identification control methods, together with Fedex and Zoom, in line with the corporate.

    That makes Okta a high-value goal for risk actors, who in a worst-case-scenario may just hypothetically achieve get right of entry to to dozens of different corporations if a success in breaching Okta’s defenses. The breach disclosed Friday does now not affect consumer methods, only a give a boost to platform Okta makes use of to assist its shoppers diagnose problems.

    Okta didn’t instantly reply to a request for remark.

  • X, previously Twitter, amplifies disinformation amid the Israel-Hamas warfare

    From the outset of this weekend’s Israel-Hamas warfare, graphic photos of abductions and armed forces operations have unfold like wildfire on social media platforms, together with X, previously referred to as Twitter. However disinformation at the platform has made it tougher for customers to evaluate what is going on within the area.

    Over the weekend, X flagged a number of posts as deceptive or false, together with a video purportedly appearing Israeli airstrikes in opposition to Hamas in Gaza. Hundreds of customers noticed the posts, and essentially the most broadly shared posts have been flagged as deceptive through the platform. Nonetheless, dozens of posts with the similar video and caption weren’t flagged through X’s machine, in step with CNBC’s overview.

    The patchwork enforcement comes days after NBC Information reported that X made cuts to its disinformation and election integrity staff. In a while earlier than Hamas introduced its marvel assault, X got rid of headlines from hyperlinks at the platform, making exterior hyperlinks tricky to inform except same old footage shared on X.

    Ahead of Elon Musk got Twitter, the corporate’s control had faithful important sources to combating manipulated or deceptive data. After Musk took over, renaming the platform, he slashed head rely in groups devoted to combating incorrect information and criticized the corporate’s previous paintings with the U.S. executive on Covid-19 disinformation.

    Underneath Musk, X has prioritized user-driven content material tagging with Group Notes, the preexisting function previously referred to as Birdwatch. However a September find out about from the EU discovered that regardless of the function, which provides crowdsourced context to posts, disinformation was once extra discoverable on X than on every other social media platform and gained extra engagement than on different platforms, on a relative foundation.

    Alex Goldenberg, an analyst on the Community Contagion Analysis Institute, research hate and right-wing extremism on social media and in the true international. Goldenberg instructed CNBC that even earlier than Musk’s tenure, Twitter had a difficult time dealing with non-English disinformation.

    “I have steadily discovered that mis- and disinformation and incitement to violence within the English language are prioritized, however the ones in Arabic are steadily lost sight of,” Goldenberg mentioned. He added that NCRI has famous an uptick in “recycled movies and footage from older warfare being related, deliberately infrequently, with this actual warfare.”

    Customers have spotted the have an effect on of the adjustments to X’s content material moderation, and a few have fallen prey to sharing disinformation at the platform.

    “It is outstanding how Elon Musk has destroyed what was once most likely the most efficient factor about Twitter: the facility to get moderately correct and faithful information in genuine time when there is a disaster,” Paul Bernal, an IT regulation professor on the College of East Anglia in England, wrote on X on Monday.

    On Sunday, a British baby-kisser shared a video purportedly from a BBC correspondent. “Following some lovely appalling equivocation and whataboutary from the BBC the day before today and this morning, now this from a BBC journalist,” wrote Chris Clarkson, a member of parliament for Heywood & Middleton.

    The video was once no longer from a BBC correspondent; Clarkson wrote Monday that his “feedback at the BBC stand” however conceded that the unique put up was once no longer from a BBC journalist.

    Despite the fact that executive verification now awards sure accounts a silver checkmark, verification for notable folks and journalists was once phased out in choose of paid Twitter Blue verification, making it “much more tricky to determine whether or not the messenger of a specific message or its content material is original,” Goldenberg mentioned.

    Some Hamas-created propaganda movies have additionally been circulating on X. Whilst the 15 may organization is banned from maximum social media platforms, together with X, it continues to proportion movies on Telegram. The ones movies — together with some from the newest attack on Israel — are steadily reshared onto X, Goldenberg instructed CNBC. And that may have real-world results.

    “As we’ve got observed prior to now, particularly in Would possibly of 2021, as an example, when tensions upward thrust within the area, there is a prime chance of a upward thrust in hate crimes concentrated on the Jewish neighborhood outdoor of the area,” Goldenberg mentioned.

    Paid verification purportedly boosts a person’s posts and feedback on X, and a few posts tagged as deceptive have come from the ones verified customers. Musk himself has amplified such posts on a number of events — each relating the warfare in Ukraine and extra lately in Israel. On Sunday, Musk inspired his 160 million fans to observe two accounts which Musk mentioned had “excellent” content material concerning the warfare.

    A type of customers had made anti-Semitic posts prior to now, together with one the place the individual instructed a Twitter person to “thoughts your personal trade, jew.” Musk later deleted his put up selling the account.

    Correction: This newsletter has been up to date to appropriately replicate Alex Goldenberg’s touch upon English-language disinformation on X and Twitter. A prior model contained a transcription error.

  • Snap AI chatbot investigation introduced in UK over teen-privacy considerations

    The Snapchat utility on a smartphone organized in Saint Thomas, Virgin Islands, Jan. 29, 2021.

    Gabby Jones | Bloomberg | Getty Pictures

    Snap is beneath investigation within the U.Okay. over doable privateness dangers related to the corporate’s generative synthetic intelligence chatbot. 

    The Data Commissioner’s Administrative center (ICO), the rustic’s information coverage regulator, issued a initial enforcement realize Friday, alleging dangers the chatbot, My AI, might pose to Snapchat customers, in particular 13-year-olds to 17-year-olds.

    “The provisional findings of our investigation counsel a being concerned failure via Snap to adequately determine and assess the privateness dangers to kids and different customers earlier than launching ‘My AI’,” Data Commissioner John Edwards mentioned within the unlock.

    The findings don’t seem to be but conclusive and Snap may have a chance to deal with the provisional considerations earlier than a last resolution. If the ICO’s provisional findings lead to an enforcement realize, Snap will have to forestall providing the AI chatbot to U.Okay. customers till it fixes the privateness considerations.

    “We’re intently reviewing the ICO’s provisional resolution. Just like the ICO, we’re dedicated to protective the privateness of our customers,” a Snap spokesperson informed CNBC in an e mail. “In step with our same old way to product building, My AI went thru a strong prison and privateness evaluate procedure earlier than being made publicly to be had.”

    The tech corporate mentioned it is going to proceed operating with the ICO to make sure the group is ok with Snap’s risk-assessment procedures. The AI chatbot, which runs on OpenAI’s ChatGPT, has options that alert folks if their kids were the use of the chatbot. Snap says it additionally has normal pointers for its bots to practice to chorus from offensive feedback.

    The ICO didn’t supply further remark, mentioning the provisional nature of the findings.

    The company in the past issued a “Steering on AI and information coverage” and adopted up with a normal realize in April list questions builders and customers will have to ask about AI.

    Snap’s AI chatbot has confronted scrutiny since its debut previous this 12 months over irrelevant conversations, equivalent to advising a 15-year-old learn how to cover the odor of alcohol and marijuana, in keeping with The Washington Submit.

    Snap mentioned in its most up-to-date income that greater than 150 million other folks have used the AI bot.

    Different kinds of generative AI have additionally confronted grievance as lately as this week. Bing’s image-creating generative AI, for example, has been utilized by extremist messaging board 4chan to create racist pictures, 404 reported.