CHAPTER 1 : INTRODUCTION

Internet Based Fraud is when the internet is used to seal information and resources for Financial
Gain or any Personal Attacks. Simple Fraud Scams are the one which are been made by using the
Application (UPIs) to seek money or personal details, While other seeks personal information
that can be misused to obtain money, resources or information by deceptive means.

Fraud can occurs in many ways – from somebody using credit card, debit card or by using
mobile phones some use cards to buy illegally shopping, to have a person identify to open a bank
account also while using the identity to get a loans from very banks. Information gathering tools
like Malware and Spyware enable fraudsters to gather personal’s information’s about the person
they target.

Phishing scams are also the latest scam that takes place which looks like the same website and
everything looks like original and then you don't hesitate to put the information of your wealth
on the account when making the payment, you see all the money has disappeared from your
account.

Hacking is identifying and exploiting weaknesses in computer systems and or computer

networks. Cybercrime is committing a crime with the aid of computers and information
technology infrastructure.

Ethical Hacking is about improving the security of computer/phone or Other Platforms.

What is Hacking ? Hacking is nothing but being able to access a system or an application that
you are not supposed to have access to. In simple terms, hacking can be referred to as gaining
unauthorized access.A hacker is any person who uses computer programming or technical skills
to solve a challenge or problem. As it goes there is a good side and a bad side, there are also
people who fall somewhere in between.

Hacking according to oxford dictionary means to “Gain unauthorized access to data in a

computer. Banks defines hacking as something that boring mainframe computer operates did to
improve performance and battle boredom.
Inspirations driving Hacking:

Programmer's brain science and the fuel that energizes him/her to perform such criminal
operations, additionally on the grounds that programmers see about the thing they are doing is far
unique in relation to our perspectives as casualties Furnell

Pipkin, in his paper Halting the programmer, says "the difficult piece of the programmer's
character as the greatest inspiration; this implies that the programmer feels the delight and energy
while hacking frameworks that are furnished with the practically wonderful security apparatuses"
One of the principle purposes behind hacking is energy where programmers discover adrenalin
hurry to overstep the law, to locate a simple admittance to bring in cash by hacking significant
data of the clients by making unbelievable shopping sites and getting installment subtleties,
charge card subtleties.

Furnell made a decision about programmers "contingent upon the mischief they cause whatever
was their inspiration, in light of the fact that hacking is an illness and ought to be eliminated so
the impact of programmer assaults will be limited". The inspirations driving hacking are an issue
that is examined intensely because of the significance of comprehension the

A moral programmer endeavors to copy the goal and activities of malignant programmers
without causing hurt. Moral programmers direct infiltration tests to figure out what an assailant
can get some answers concerning a data framework, regardless of whether a programmer can
acquire and keep up admittance to the framework, and whether the programmer's tracks can be
effectively covered without being distinguished. The moral programmer works with the consent
and information on the association they are attempting to guard and attempts to discover
shortcomings in the data framework that can be abused.

At times, to test the adequacy of their data framework security group, an association won't
educate their group regarding the moral programmer's exercises. The present circumstance is
alluded to as working in a twofold visually impaired climate. To work successfully, the moral
programmer should be educated regarding the resources that ought to be secured, potential
danger sources, and the degree to which the association will uphold the moral programmer's
endeavors.

Programmer and Ethical Hacker Characteristics and Operation:

Programmers can be classified into the three general classes of dark caps, dim caps, and white
caps. A dark cap programmer or saltine has the fundamental processing mastery to complete
unsafe assaults on data frameworks. A dark cap is a programmer with a split character. Now and
again, this individual won't overstep the law and, indeed, may assist with shielding an
organization. At different occasions, the dark cap programmer returns to dark cap exercises. The
white cap individual generally has extraordinary PC aptitudes and utilizations their capacities to
expand the security stance of data frameworks and safeguard them from malignant assaults. This
individual may be a data security specialist or security investigator.

Elements that perform moral hacking capacities for associations for the most part can be
categorized as one of three classifications: white caps, previous dark caps, and autonomous
counseling associations. The white cap moral programmer has the fitting PC abilities and
comprehension of the dark cap programmer mindset and techniques. This individual may be an
autonomous expert recruited to perform moral hacking exercises. The previous dark cap
programmer is, we may trust, changed and brings genuine dark cap insight to their work. There
is a worry about this person in that you can never be sure that the individual won't return to their
previous pernicious exercises. The third classification of moral programmer is taken by
counseling organizations that play out an assortment of administrations for associations
including bookkeeping, evaluating, and data framework security.

Related Types of Computer Crime and assault:

Distinctive sort of hacking assaults are considered as PC violations. Coming up next is the
rundown of wrongdoings which are submitted oftentimes:

Secret word Hacking.

Programmers figure out how to illicitly hack into the passwords of clients of government
department, banks to acquire profits by them.
Organization interruptions.

Vindictive Trojan, worms and infections to obtain entrance into the data frameworks.

Cheat.

Unlawful utilization of individuals personalities, for example, charge card subtleties.

Programming theft.

Unlawful duplicating and utilization of programming

Infections.

Infections, Trojan ponies and worm cause the PCs to turn out to be more helpless and powerless
to equipment harm.

IP address ridiculing.

Masking the IP address and utilizing that to acquire illicit access into nations most secret records.
1.1.2 Details about yours specific industry

What is the Role of an Ethical Hacker?

At the point when you consider a 'programmer,' you presumably imagine an individual who
adores a decent riddle and likes to approach breaking into PC frameworks. Somebody who
realizes how to crawl their way in and out in order to get the data and information they need or
need. Numerous people are programmers and are really paid by undertakings to precisely sort
out how a criminal could hack into the association's PC framework.

These people are alluded to as moral programmers and are endowed with the specific assurance
of how an average criminal programmer could break into a foundation's PC frameworks. Moral
hacking is a developing control for people that are keen on PCs; the admonition is that you don't
really require a confirmation or degree. In any case, any kind of post-optional training is
unquestionably viewed as a resource for any individual hoping to seek after moral hacking.

What is Ethical Hacking?

Moral hacking alludes to the hacking done by an individual or organization to figure out where
potential security dangers could originate from inside an association's PC organization. The data
that the moral programmer uncovers is then controlled to address the likely dangers and reinforce
the PC network as it is required.

Notwithstanding, there should be a couple of boundaries set up for hacking to be considered as

moral: You need to have composed or communicated authorization to test the's organization and
pinpoint any security hazards.

You regard the association's or individual's security.

You ensure the errand you were performing to ensure that you don't get presented to any
potential security dangers. You let the equipment maker and programming engineer know about
any apparent security hazards that you uncover except if the organization was at that point
mindful of these dangers.
Every one of these boundaries being set up imply that you can legitimately hack an association's
organization to find any security hazards. On the off chance that any of the previously mentioned
components is missing, you are only a normal programmer.

How would You Become an Ethical Hacker?

To turn into a moral programmer, you are needed to acquire the right certificate, which not just
shows that you comprehend the business and innovation ramifications of hacking to reinforce
security, yet you likewise fathom the moral necessitations of legitimate hacking. This implies
that you should be a guaranteed programmer to land an administration, counseling or corporate
occupation in the field.

Moral programmers who are confirmed normally go through their day looking for intends to
assault data frameworks and organizations. They search for ways they can abuse weak
frameworks simply like an illicit programmer does. Their disclosures help governments and
business associations to improve their security and guarantee their frameworks, organizations,
information, and applications are protected from extortion and robbery.

Certificate and Exam

To turn into a confirmed moral programmer, you should get confirmation from the EC-Council.
You must be guaranteed in the event that you breeze through a test that costs about $500.

A moral hacking test necessitates that you get fitting preparing. Aside from an accreditation
course, a network safety degree will go far in encouraging you finish the test and land a top
work.

This course will likewise offer you Soft Skill preparing that is fundamental for your prosperity as
a legitimate programmer. Social abilities are used each day in three significant manners:

Social Engineering. As an affirmed legitimate programmer, you should persuade people to

confide in you with their login subtleties, execute documents, or even restart or shut down
frameworks. This is the thing that is known as social designing, and it needs preparing and
practice.
Critical thinking. In the event that you are attempting to hack a framework morally, you will
undoubtedly experience barriers. You need to thoroughly consider your concern and uncover a
creative answer for accomplish your objective.

Correspondence. You are legitimately needed to report your disclosures and make suggestions
for the business to take out weaknesses and fortify security. This implies that must have the
option to discuss successfully with people at all levels across the organization to spread your
outcomes and accumulate data.

Moral hacking positively appears to be a heap of fun, in any case, the line among unlawful and
lawful hacking is very fine. At the point when you acquire a confirmation course, you will find
out about the morals and laws of white cap hacking to guarantee you don't fall into difficulty.
Occurrence MOBILE/DESKTOP

1. Unapproved access Stealing data, settling on decisions, sending messages, taking passwords
and taking contacts

Burglary of data, admittance to applications, robbery of passwords

2. Gear misuse Theft of minutes, Internet robbery (information).

Utilize the machine as an assailant (appropriated assaults).

3. PC infections Information robbery, refusal of cell administration, breakdown.

Data robbery, forswearing of administration, breakdown.

4. Burglary of hardware Theft or loss of information, abuse of communication and web.

Lost or taken information.

5. Infections, trojans, spyware Theft of contacts, information, hardware breakdown,

refusal of telephone utility Data robbery, passwords, meetings, PC glitch.

6. Refusal of administration You can not get or send notices, messages or calls

It doesn't react to asks for, without the accessibility of basic workers.

7. Sniffers They can take information, passwords, meetings, contacts, instant messages.

They can take information or meetings.

8. Fakes Theft of data, charge cards, money.

Robbery of data, Visas, money.

9. Spam Denial of administration during synchronization with email.

Refusal of administration because of hard plate immersion.

1.1.3 Details about the Departments

The departments which I’m making a Capstone Project from Aditya Institute of Management
Studies Research and Studies which is almost the most important Project in the whole
Academics. So talking about the departments of A Study on Mobile Hacking Which

Effects the Youth. This Projects content the details of the various ways and model of Internet
Hacking through various ways of and how to tackle. The Most important to about this Topic is
been neglected by various Old age people and always they are been targeted because of lack of
knowledge about the Finance Technology which they are using on cellphone.

1.2 Identified Problem

The problem statement research work “A study on mobile hacking which effects the youth” is to
done to help people understand about the FinTech Technology and getting Hacked or looted by
youth not only youth but by other various tricks. A hacker can’t described by his age or sex it can
be Male or Female. Data is not been provided by any analytics website or tools where I can show
the actually data where the numbers of cases are reports or been looted. All the rules, conditions
and requirements and instructions of the departments provided by the Legal Websites .
Coordinate with the mentor of the department under his guidance to avoid errors and increase
efficiency and productivity.

1.1.2 Need to Study

People will understand the importance of Hacking / Cyber-Security sector in today's scenario as
the whole world is facing Covid-19 situation. They will be able to understand the different types
of Antivirus / SMS OTP offered by companies. This will be helpful in creating awareness about
Hacking / Looted among the people of rural areas, which is provided, as it will be helpful for
them to secure their loved one with financial problem / solution. It will also be helpful for some
private companies to understand the position of each segment and revise or revise some new
policies for the betterment of each segment.
1.2.2 Objectives

To Study about Cybercrime and its effect on business

To study the effects of hacking on business processes and how to take counter measures to avoid

To study ethical hacking as an effective counter measure to cybercrime

To study the awareness of UPI system in customers of Vasai Region

3.1 Type of Project
So fundamentally this activities is about how the things functions when you get hacked or
focused on. I chipped away at different stage where now a days its difficult to get the information
of different people due to different organizations accompanying arrangement which causes the
business sectors to work smooth. Arrangement thinking of the IT business which is driving
Sector in today ages. using all the assets to finish my every day assignment of the undertaking. I
began my Projects on January with the assistance of Col. Venkat Sir, My tutor who encouraged
me a ton due to him the undertaking would have been fragmented.

In this Projects I have demonstrated how the tasks of the hacking functions and how its swipe all
the information by sitting some place far simply by sending the Link which are phishing joins on
pervious pages I have given the short subtleties on What is Phishing and Phishing works. What's
more, Various model of OTP administrations coming all through the Industry had changed the
Game of Hackers however that insufficient to be protected there are more things additionally to
be information without help from anyone else. Talking more synopsis of the undertakings in this
I have indicated what are the Law considering in the event that you found Hacking into another
person profile it can end you upto years on Jail or perhaps an until you pass on.

3.3 Assumptions, Constraints and Limitations of the Project

Assumptions

1. Data on R&D
2. Phishing Like and Other application Fake a like Paytm Money, BHIM, GooglePay etc
3. QR Code are the most Important Factors which can every data is been saved.

Restrictions

1. Data Updated and Cases registered

2. Lack of IT Support / Knowledge on Fintech
3. Dispersal
Chapter 2: Literature Survey
 1. UPI fraud: Scammers are tricking users, here’s how to keep yourself

safe
The Unified Payments Interface or UPI has made transferring money very simple, thanks to the
rising popularity of apps like Google Pay, PhonePe, and others. But while UPI is fostering a new
way of digital payments, it has also opened up new ways to trick unsuspecting users. I found out
just how common such scams on UPI are thanks to my father’s recent interactions on OLX,
where he wanted to sell his bike.
The scam unfolded like this– My father, who lives in a small town in Uttar Pradesh received a
call from someone who claimed to be from a nearby city, and said was keen to purchase the
listed motorcycle. He also offered to pay Rs 10,000 in advance and promised to pay the rest of
the amount in cash within two days when he would come to pick it up.
This person did not want to see the bike and persisted to pay the advance, even when assured that
my father would not make a deal with anyone else in that period. The caller continued to badger
my father to send his UPI address so the amount could be transferred. This raised enough
suspicion for my father to cut him off.

Watch out! Don’t fall for fraud calls or SMS for Paytm KYC
A week later, he refreshed the listing and within an hour, he received a call and the same thing
followed. My father was now sure that it is some kind of fraud, but could not understand how
giving up his UPI ID alone could result in a scam. He called me to look into the matter and when
I searched for ‘UPI fraud OLX’ on Google, there was plenty to show how such scams were being
executed.
However, I soon found out that it was not the only way that people were being conned. I myself
received a call in the office where the caller claimed that I have pending cashback in my
PhonePe account. “Do you want me to ‘pay’ the amount or do you wish to ‘decline’ it,” the
caller said. Obviously, he did not have the answers to my questions like– “Since when did
cashback needs to be accepted,” and “Why the cashback is on hold,” and “Why have I got
cashback in the first place?”
The person even sent a payment request on PhonePe with three options as usual — “Pay”,
“Later”, and “Decline”.
How the fraud happens
What follows after you tell the fraudster your UPI ID is that user gets a payment request. The
scammer might have promised to transfer the money for the item you have listed on the
classified site, but instead sends a request demanding money from you.
The scammer tells you that he has sent the money, please accept this ‘request’. He says that in
order to receive the money you will have to tap on the ‘Pay’ button, while tapping on ‘Decline’
will result in cancellation of the said transaction.
However, the receiver in a UPI transaction does not need to do anything to get their
money. People, unaware of the very fact, end up paying the scammer in the hopes of receiving
the money. This small negligence on your part makes you a victim of UPI fraud.
How to save yourself from fraud
To transfer money or make a transaction using the UPI apps, users need to enter their M-PIN,
which differs for every linked bank account. The M-PIN is like a digital ATM PIN. If at any
point of time, you are entering your M-PIN into the UPI app, you are either checking your
account balance or you are making a transaction where money will be deducted from your linked
bank account.
 2. Treat your M-PIN exactly like you treat your ATM PIN. Do not disclose or share
your M-PIN with anyone. 
The same applies for UPI login passcode– a password that you need to enter to log in to your
UPI app. To be on the safer side, put a lock on your payment apps.
receive the money, you do not need to do anything on your part. The sender can either send
you money using your bank details (account number, IFSC code, and name), UPI ID, or mobile
number in case both parties are using the same UPI app.
In all of these scenarios, you do not need to even open your UPI app. If your work requires
you to engage with new people and do transactions using UPI, you can ask for their UPI ID
instead and raise money request.
If someone sends you unwanted money request on your UPI app, there is nothing to worry about.
You can simply decline it. The amount will not be deducted from your account unless and until
you accept the request and put in your M-PIN.
While using the UPI apps, read the text on the screen carefully. If you are not comfortable
in a certain language, a number of UPI apps come with language options.
Earlier, scammers used to trick people into installing remote access apps like AnyDesk and
TeamViewer on their phone in the guise of completing their KYC. With remote access,
scammers used to exploit the data on the phone as well as banking apps. So, it is recommended
to not write your M-PINs anywhere on your phone.
 3. UPI SCAMS : A MEN LOST 10Lakhs.

Facebook finds it itself in the middle of its first scam of the new decade and the catalyst seems to

be its online marketplace. However, the related report highlights a much larger issue that has

nothing to do with Facebook, at all. Instead, it alerts users of the misuse of online marketplaces

and UPI platforms by scammers. According to reports by GadgetsNow and India TV, a man

from Thane, Maharashtra, got scammed into losing Rs. 1.01 lakhs by a UPI based scammer.The

scammer first approached the victim on Facebook Marketplace regarding an ad posting about

furniture. The accuser reports that the deal was made smoothly without any price negotiations

from the buyer’s end. The scammer posing as the buyer chose to make the payment using the

UPI based platform PayTM

UPI based platforms like PayTM and Google Pay allow users to make, receive, and request

payments. Making a payment always requires an OTP. On the other hand, receiving a payment

requires no action from the recipient’s end. Requests are slightly more complex. The willing

recipient can request a certain amount of money from others using their mobile number or UPI

id. However, it is up to the requested person to accept or decline this request. In case they accept

the request, they need to complete the transaction using an OTP. In the incident at hand, the

scammer took all relevant UPI details from the victim and made a request instead of a payment.

The seller reports sharing an OTP with the alleged buyer When confronted about the debited

amount, the scammer obliged to return the money to the seller but insisted on doing it using a

different UPI platform, Google Pay. However, the scammer once again requested money from

the buyer’s UPI account and successfully had it transferred to theirs. After losing Rs. 1.01 lakhs

in these 2 incidents, the seller realized he was being scammed and rejected the scammer’s second

attempt at a refund.
 4. UPI Scams In India

UPI is a widely used service among the Indian population. It’s the primary mode of digital

transactions all over the country, with users belonging to both, urban and rural areas. 1,308

million transactions with a value of Rs. 2,02,520 crore were made using the service in December

2019. In October 2019, the service crossed the 1 billion transactions milestone and gained its

first 100 million users. The expansive user base, however, makes it a desirable platform for

scammers to misuse. UPI has been long used for scams similar to the one mentioned above on

other online marketplaces like OLX and Quikr. Multiple reports of identical incidents have

surfaced in the past year or so, For instance, another seller from Mumbai lost Rs. 50,000 while

trying to sell an air conditioner in June last year. While the best course of action to take in such

cases is taking legal action, it’s often a long process with a very low chance of successful

resolution due to shortcomings on the end of Indian law enforcement and the tricks employed by

scammers to keep their tracks covered.

Hence, the best way to avoid being scammed while listing items on online marketplaces is to be

careful with buyers. All UPI transactions should be made carefully, preferably in person. If

possible, the seller can demand a cheque or cash payment. One should also be careful about scam

text messages and calls. A general rule of thumb is not sharing OTPs, bank details, and CVV

with anyone.
 5. Patterns of UPI/Bank Scams

We’ve observed fraudsters follow similar pattern to execute these frauds

Step 1 – They Call the victim as Bank Representative to get their attention. They usually target
people who are educationally weak & who are easy to get scammed
Step 2 – They tell you your personal information for verification to sound legit. Personal
information may be Name, DOB, and address.
Step 3 – They will ask the victim for OTP ( One Time Password) as the given personal
information is not correct ( Here is the main part)
or

Step 3 – They will ask the victim to get their KYC done virtually and once the victim is
convinced they’ll ask you to download Screen sharing applications such as AnyDesk,
ScreenShare, Team Viewer Etc.
Step 4 – If the fraudster gets the OTP he’ll be able to make the transaction and then will cut the
call and block you.

OR

Step 4 – Once you Download any of the screen sharing application they’ll ask you to open the
application and read out the OTP which is on screen.

Step 5– Once You’ve told them the OTP they’ll get the remote access of your device and can get
any of the sensitive information without you getting noticed.
Investing
 6. Digital Thieves Are Hacking Brokerage Accounts: Is Your Money Safe?

It feels as easy as it does safe. With a few swipes of the thumb, investors anywhere can trade
stocks straight from their mobile phones, identifying themselves with the unique biometric data
stored in their fingerprints or faces.

But an expanding pool of consumer complaints suggests that online trading, which has soared in
popularity during the Covid-19 pandemic, may be less secure than investors would hope.
Bloomberg News reported last week on the experience of some users on Robinhood Markets
Inc.’s brokerage app who say their money was stolen.

Robinhood says the issue didn’t stem from a breach of its systems. Yet the lack of an emergency
phone number left customers feeling stranded with little avenue for help as their funds vanished,
they said.

Cybersecurity experts say the boom in online stock trading has created a parallel opportunity for
hackers. And even the most diligent traders can fall prey to the increasingly sophisticated tactics
of today’s digital thieves.

“Cyber hacking has now become the biggest threat to investors’ financial well-being,” said
Andrew Stoltmann, a Chicago-based lawyer and former president of the Public Investors
Advocate Bar Association. “Unfortunately, brokerage firms haven’t invested the money needed
in order to keep cyber hacking of brokerage accounts from happening.”

What are the new tricks?

Messages from alleged Nigerian princes writing about unmissable investment opportunities have
been replaced by more believable “phishing” emails, said Jonathan Care, a research director who
specializes in cybersecurity and fraud at Gartner.

Such missives might use personal information gathered from publicly visible social-media
accounts. They may use the logos of financial institutions to look official to even the most
discerning eye. The result? Unwitting investors may be baited into forking over their log-in
information.

Other tactics take place in the background and make legitimate-seeming web activity risky.
Some hackers set up WiFi networks in public places with monikers that sound credible — such
as the name of a nearby business — which can in fact be used to take control of a system.
Malicious software installed on some machines can detect when users log into financial accounts
and even make additional transactions they did not intend to authorize, Care said.

What can you do?

“Any of us could have our brokerage account hacked if we do not take precautions to protect
ourselves,” said Mark McCreary, chair of the privacy and data-security practice group at Fox
Rothschild, a law firm based in Philadelphia.

Digital traders should change their passwords frequently, experts say, and avoid unfamiliar WiFi
networks. They should be sure to have two-factor authentication enabled, which requires a
secondary code to sign in.

But more than anything else, even savvy users could benefit from simply paying more attention
to the flurry of emails, texts and other messages that flood their devices.

“Frankly, none of us are completely immune to an effective phishing email, simply because we
may be distracted,” McCreary wrote in an email.

Can you get your money back?

McCreary recommends that investors who think their accounts are compromised immediately
notify their brokers, who may be able to track down where funds were wired and reverse the
transfer.

“The bottom line is that unlike a credit card with federal law protections, and unlike a bank
account where lack of authorization will restore funds (e.g., a forged check), a brokerage account
has no such legal protections,” McCreary said.

The Securities Investor Protection Corp., which functions for brokerage accounts in a way
similar to the FDIC for U.S. bank accounts, does not cover situations in which money and
securities are stolen due to a hack.

There is no magic bullet for international investors seeking compensation, either. However, those
in Europe may have an additional avenue to pursue in the General Data Protection Regulation,
said Simon Shooter, a partner at law firm Bird & Bird in London who heads its cybersecurity
group.
GDPR is a stringent regime governing how companies gather and use citizens’ information,
giving consumers more control of their data. Investors may have a right to some compensation if
a hacked firm failed to comply with GDPR requirements when it comes to the security and safety
of data, said Shooter. While regulators may not be able to get you your money back, brokerage
firms have a strong incentive to compensate consumers for losses. “With most of these firms, the
judgments are really reputational,” said Adam Fee, a former federal prosecutor in the Southern
District of New York who is now a partner at Milbank, a law firm. “When something bad
happens, they are asking, ‘Do we want a bunch of articles about how people are out money
because we messed up and didn’t react?’” With that in mind, Fee said investors shouldn’t “sit on
their rights.” They should make themselves aware of what they may be entitled to in their
investor agreements. After alerting their brokers, investors may also find it helpful to file a
complaint with law enforcement. The most direct way to do that in the U.S. is with the FBI’s
Internet Crime Complaint Center. Don’t expect agents to show up at your door, however. Fee
said this step simply helps formalize the complaint.

What do the brokerages say?

A common industry practice is to promise to cover 100% of losses as a result of unauthorized
activity in a brokerage account. The sticking point, of course, is whether the company will rule
the breach was indeed unauthorized or lay the blame on you.
“If we determine through our investigation that the customer has sustained losses because of
unauthorized activity, we will compensate the customer fully for those losses,” said Dan
Mahoney, a spokesman for Robinhood. He also said the company works to “resolve any issues
as quickly as possible.” The company is hiring a Fraud Investigations Team Lead in Denver,
according to its website. Charles Schwab Corp. says on its website that it will cover all losses
stemming from unauthorized activity in one of its brokerage accounts. Schwab says it employs
more than 2,500 people in its service team and call centers alone, and over 1,300 others in client-
facing roles at its branches.

Interactive Brokers has been hiring more client services staff, faced with big increases in client
accounts and trading activity. It has live, chat and email support with centers around the world,
and its phone service runs Sunday through Friday. Another tool called IBot uses artificial
intelligence to answer some customer questions.
 7. How To Avoid Debit Card Fraud

Debit card fraud occurs when a criminal gains access to your debit card number—and in some
cases, personal identification number (PIN)—to make unauthorized purchases or withdraw cash
from your account. There are many different methods of obtaining your information, from
unscrupulous employees to hackers gaining access to your data from a retailer's insecure
computer or network. Fortunately, it doesn't take any special skills to detect debit card fraud.

How To Detect Debit Card Fraud

When your debit card is used fraudulently, the money goes missing from your account instantly.
Payments you've scheduled or checks you've mailed may bounce, and you may not be able to
afford necessities. It can take a while for the fraud to be cleared up and the money restored to
your account.

The easiest way to spot problems early is to sign up for online banking if you haven't already.
Check your balance and recent transactions daily. The sooner you detect fraud, the easier it will
be to limit its impact on your finances and your life. If you see unfamiliar transactions, call the
bank right away. If you're the forgetful type, start hanging on to the receipts from your debit card
transactions so you can compare these against your online transactions.

If you don't want to bank online, you can likely still keep tabs on your recent transactions via
phone banking. At the very least, you should review your monthly bank statement as soon as you
receive it and check your account balance whenever you visit an ATM or bank teller. However,
it can take much longer to detect fraud using these methods.

Nine Ways To Protect Yourself

While you may not have any control over hackers and other thieves, there are many things you
can control that will help you avoid becoming a victim.

1. Get Banking Alerts

In addition to checking your balance and recent transactions online daily, you can sign up for
banking alerts. Your bank will then contact you by email or text message when certain activity
occurs on your accounts, such as a withdrawal exceeding an amount you specify or a change of
address.

2. Go Paperless
Signing up for paperless bank statements will eliminate the possibility of having bank account
information stolen from your mailbox. Shredding existing bank statements and debit card
receipts using a paper shredder when you're done with them will significantly reduce the
possibility of having bank account information stolen from your trash.

3. Don't Make Purchases With Your Debit Card

Use a credit card, which offers greater protection against fraud, rather than a debit card.
4. Stick to Bank ATMs
Bank ATMs tend to have better security (video cameras) than automated teller machines at
convenience stores, restaurants, and other places.

5. Destroy Old Debit Cards

Some shredders will take care of this for you; otherwise, your old card floating around puts your
information at risk.

6. Don't Keep All Your Money in One Place

If your checking account is compromised, you want to be able to access cash from another
source to pay for necessities and meet your financial obligations.

7. Beware of Phishing Scams

When checking your email or doing business online, make sure you know who you're interacting
with. An identity thief may set up a phishing web site that looks like it belongs to your bank or
another business you have an account with. In reality, the scammer is looking to get access
to your personal information and may attempt to access your bank account.

8. Protect Your Computer and Mobile Devices

Use firewall, anti-virus, and anti-spyware software on your computer and mobile devices,
while keeping it updated regularly.

9. Use a Secured Network

Don't do financial transactions online, when using your mobile devices or computer in a public
place or over an unsecured network.

What To Do If Fraud Happens to You

If you learn that your debit card information has been compromised, contact your bank
immediately to limit the damage the thief can do, and limit your financial responsibility for the
fraud. Make contact immediately by phone, and follow up with a detailed letter stating the full
name of the bank employee you spoke with, details of the fraudulent transactions, and any ideas
you have about how your account may have been compromised. Ask your bank to waive any
non-sufficient funds (NSF) fees that may be incurred because of the fraud, and to restore the
fraudulently withdrawn funds to your account.

Hopefully, you won't have any trouble resolving the issue directly with your bank, but if you do
run into obstacles, you can contact a legitimate consumer advocacy group such as Privacy Rights
Clearinghouse. There are also government organizations to contact if your bank isn't cooperating.
 8. Identity Theft: What to Do, Who To Call

The data breach at Equifax, revealed in fall 2017, exposed the personal data – including Social
Security numbers, birth dates, credit card numbers, and other details – of 147 million
Americans.1 That makes all the people affected vulnerable to misuse of this data for anything
ranging from fake credit purchases to tax refund theft. If you are the victim of identity theft, you
need to take action – and quickly. By doing so, you minimize the thief's opportunity to inflict
further damage, and you may be able to minimize your financial liability. We'll show you what
you can do and who to contact – protecting yourself in as many areas as possible – if your
personal information or identity has been stolen.

To know if your personal details were breached, check the Equifax website here. Once you know
that you were hacked, you need to get into damage control mode. 

Credit Cards May Limit Your Liability

According to the Consumer Financial Protection Bureau (CFPB), "If there is unauthorized use of
your card before you report it missing, the most you will owe for unauthorized charges on the
card is $50. You have no liability if someone makes unauthorized charges using your credit card
account number. Many cardholder agreements say you are not responsible for any charges in any
of these circumstances. If you have not lost the card itself, but your account number has been
stolen, you have no liability for unauthorized use.

Reporting the Fraud

Reporting the theft and fraudulent use of your identity is the first step in your fight to reclaiming
your identity. The steps you will need to take vary based on the actions the criminal has taken,
but below, we go over the entities victims of identity theft commonly need to contact.

Credit-Reporting Agencies
The major credit-reporting agencies (Equifax, Experian, and TransUnion) have entire
departments dedicated to addressing fraud. In theory, if you contact one, all of them will be
alerted, but you may want to contact them individually just to be certain. Ask the agencies to flag
your report with a fraud alert, which tells companies not to issue credit to anyone applying for it
under your name. There are two types of fraud alerts you can request: an initial alert and an
extended alert. An initial alert remains on your credit report for one year, and an extended alert
remains on your credit report for seven years (to request an extended alert, you need to provide
an identity theft report) The fraud alert is a good first step to take, and when you file a fraud
alert, you are entitled to a free copy of your credit report. Request the report and review it for
discrepancies. When you inform credit-reporting agencies of fraudulent activity that has taken
place in your name, the alert tells agencies to protect your credit rating from being damaged.
Keep in mind, however, that the credit-reporting agencies are not legally bound to observe a
fraud alert.
9. Norton Technical Number for Solve The Issues The Norton Antivirus

Norton Antivirus issues can be worked out via remote support. In the event, the problem
persists then stick to the upcoming actions. Moreover, if you're also a casualty of such a
problem, then you don't need to be a worry. After restarting the computer still, the issue
persists, the company with the following techniques to prevent the trouble. Sometimes
resolving your Runtime Errors problems could be as easy as updating Windows with the
most recent Service Pack or another manner that Microsoft releases on a continuous basis.
Restart the computer and check whether the issue was resolved. If you receive any issue by
means of your Norton product, then with no delay, you are able to take support from the
Antivirus certified team technicians. When the issue appears, all you need to do is to look out
for the indicators. Through our services, it's easy to find rid of any problems with Norton. IF
you're facing login issues with Norton Identity safe then continue reading to understand how
to solve them call our Norton technical number 1866-266-6880 (Toll-free) Antivirus services
claim to supply you with the most amazing and the most effective viral protection, but they
fail to achieve that. Personalized Antivirus Customer Service is available in case you have
other problems associated with your device. To be able to have Norton 360 technical support,
there are several other means to contact antivirus customer services. In order to supply
solutions for the issue, there is Norton Antivirus Customer Service, where you are able to
have quick assistance from the experts and call our Norton technical number 1866-266-6880
(Toll-free) Get complete suite ready and tested according to your need and see the way that it
is simple to work with Antivirus. Antivirus provides instant customer service which aids in
ensuring the very best protection for the customer and solving any issues encountered in the
item. He has a very powerful system that uses behavior and signature to find built-in program
used for phishing and e-mail spam. He is the best and most commonly used antivirus all over
the world.There can be several varieties of Norton technical problems that you face in Norton
Antivirus, but if you decide to decide on technical assistance you will receive the finest in
class solution for your concern technical matter. Norton Antivirus is among the most well-
known products and used for computer security. Norton Antivirus supplies you with the
variety of features in the antivirus. It's always recommended that you use antivirus in your
desktop or laptop to which you can use it with no fear of malware. Norton Antivirus is a
great antivirus service program used by most users worldwide. Antivirus is a favorite
excellent for safeguarding your Operating System. Antivirus Identity Safe is a password
manager tool which is totally cloud-based It is simple to access and it makes it less difficult
for you to access your private information like your login credentials, passwords, address,
bank card information, etc from throughout the world. Norton technical Internet security is
vital for every single malware disorders in computers. It is able to protect your computer
from the malicious websites. It is one of the important programs because it protects your
computer from viruses and malware infections. Updating the program is imperative to steer
clear of internet threats.
 10. Internet Security Software Guide: How Can You Choose the Right
Cyber Protection for Your Needs?

One cannot be complacent about security these days. There are always hackers and thieves doing
all they can to steal people's money, personal information, photos, identities, etc. Much of today's
cyber threats involve fraud on some level. If you don't already have reliable internet security
software, it's time to get it. If you do have one, either make sure it is up to date or choose another
one. There should always be a security suite running on your computer and mobile devices at all
times.A regular antivirus program isn't really enough these days, as cybercriminals are
continuously looking for new ways to bypass security. The good thing about a lot of security
packages is that their pricing usually includes protection for multiple devices as well as parental
control tools. This means you can protect not only yourself but your children from
cybercriminals and predators.On the other hand, you might not need all of the tools and features
internet security software comes with. Too many processes could just lead to your computer or
device being clogged up. Carefully look over a list of the features that are included in each
subscription plan and decide which plan will be enough for you. Do you really need everything?
For instance, not everyone needs extra webcam protection. You can simply cover yours up when
not using it. If you're not on social networking sites that much, you might not need extra
protection for it. A Wi-Fi security advisor is good for businesses to have, but do you need it for
your home network?

Why Not Go With Free Internet Security Software

Free software isn't the best choice because it tends to come with strings attached, like
advertisements all over the interface. You'll often get popup notifications trying to get you to pay
for the full version. The interface for a premium suite of security software is usually cleaner and
easier to use. If you want to protect multiple devices and PCs, it's important to select a company
that simplifies the process, by offering some type of remote control and scanning. Will you be
able to login to the company's website and access your account and take control of the network?
It's also very helpful when the security program automatically updates itself so that you won' t
have to keep up with everything on all of your devices. While there is some great internet
security software to choose from, Bitdefender Internet Security is the one worth mentioning the
most. Bitdefender products are easy to use and come with a variety of subscription options. AV-
Comparatives named it the "Product of the Year" in Feb. 2018. Whether you want Antivirus
Plus, Family Plus, or internet security software, Bitdefender 2019 coupon codes are available and
can be applied to save you money. Bitdefender is a trusted and reliable provider of computer
security products, and has been winning awards for years.
 11. Bank frauds more than double in FY20 to ₹1.85 trillion: RBI annual

report

MUMBAI: Frauds reported by banks of ₹100,000 and above have more than doubled in value
to ₹1.85 trillion in FY20, with the number of such cases increasing 28% in the same period, the
Reserve Bank of India’s annual report showed on Tuesday.
However, the date of occurrence of these frauds are spread over several previous years and are
accounted for in the financial year when they are reported. Data from the central bank also
showed that a majority of these frauds are in loan portfolios of banks, both in terms of number
and value.

“There was a concentration of large value frauds, with the top 50 credit-related frauds
constituting 76% of the total amount reported as frauds during 2019-20. Incidents relating to
other areas of banking, like off-balance sheet and forex transactions, fell in 2019-20," said RBI.

Public sector banks accounted for 80% of the ₹1.85 trillion reported as frauds in FY20, followed
by private sector banks at 18%. Frauds in loans constituted 98% of the total frauds or at ₹1.82
trillion, with other segments like off-balance sheet and cards or internet banking forming much
smaller part of it.
Once an account is declared fraud, banks need to set aside 100% of the outstanding loans as
provisions, either in one go or over four quarters, according to RBI rules. The central bank has
been trying to reduce the gap between the occurrence of a fraud and its reporting. The annual
report said that while the frauds framework focuses on prevention, early detection and prompt
reporting, the average lag in detection of frauds remains long.
The average lag between the date of occurrence of frauds and their detection by banks and other
financial institutions was 24 months during 2019-20. However, the delay was even greater for
large frauds of ₹100 crore and above with an average lag of 63 months.
“Weak implementation of early warning signals (EWS) by banks, non-detection of EWS during
internal audits, non-cooperation of borrowers during forensic audits, inconclusive audit reports
and lack of decision making in joint lenders' meetings account for delay in detection of frauds,"
said the report.
According to RBI, the EWS mechanism is getting revamped alongside strengthening of the
concurrent audit function, with timely and conclusive forensic audits of borrower accounts under
scrutiny. In this regard, it had set up the advisory board for banking frauds (ABBF) in
consultation with the central vigilance commission (CVC).
CHAPTER 3 : METHODOLOGY
CHAPTER 4 : RESULTS & CONCLUSION
 How Computer Hacking Works

Generally, computer hackers gain access to a computer or to a similar device by exploiting a

flaw in the computer's software or configuration, or by using stolen usernames and passwords.
Once hackers have access, they can impersonate legitimate users for accessing data, as well as
change files and configurations, or they can manipulate other devices connected to the
compromised computer. Consequences of hacking can be serious, depending on which
machines hackers have accessed and what level of access they have achieved.

How to Reduce the Impact of Hacking

Hackers can use exploits, or flaws in computing technology, to gain access that they shouldn't
be able to access. To avoid this happening to you, make sure you keep your software up to
date, and pay special attention to the various security fixes that software creators roll out. You
can also use firewall software, which limits hackers' abilities to access your computer across
the internet and antivirus software, which detects and restricts automated malicious software.

Watching for Phishing Attacks

Hackers can also use actual usernames and passwords or other credentials to impersonate the
actual users, so that they can access the computers. They can either guess passwords if users
choose weak or obvious ones or attempt to steal them from users by fraud. Fraudulent
messages tricking people into revealing their usernames and passwords are commonly known
as phishing messages, and they can be sent by email, text message or other channels.

Steps for Preventing Phishing Attacks

If you're unsure whether a person, website or app asking for your password is legitimate, play
it safe and avoid revealing your login information. Contact the person or organization in
question and verify the request is legitimate. If you do think you've given your username and
password to a scammer, take action as soon as possible. Change the password and notify the
organization that issued the account, whether it's your employer's IT department or a third
party.
 Hacking and Data Theft 

One of the most common consequences of hacking is data theft. Hackers will gain access to a
computer in order to steal sensitive information, including additional usernames andpasswords,
credit card numbers, sensitive corporate data or other valuable information. They might do this
for monetary gain or simply out of curiosity.

Data Theft Has Serious Consequences

Data theft can be serious for an organization or an individual. Losing business information to
thieves can mean a loss of competitive advantage for a company. It can also bring legal
consequences, if the data is protected information that belongs to a third party, such as a
customer. If private communications such as text messages or email messages are stolen, this
can also be quite embarrassing for the people involved, if sensitive subjects were discussed.

If the data stolen includes additional usernames and passwords, the stolen data can be used to
compromise additional computers. If bank or credit card data is stolen, that can also be used to
steal money or make fraudulent purchases. If you think your usernames and passwords have
been stolen, then change usernames and passwords immediately. Additionally, contact
financial institutions if your account information seems as if it has been compromised.

Hacking and Sabotage

The effects of hacking can also include damage to digital data or even to physical equipment.
Some hackers may purposely destroy data in order to harm their targets. In other cases,
valuable data may be accidentally damaged or not saved, because of interference from hackers
or the software that hackers use. Data may also be encrypted and held for ransom and rendered
unusable, if hackers aren't paid. In rare cases, hackers may even use computers that control
other devices to damage hardware or physical equipment.
 Analysis of Awareness of UPI systems Table
Table 2 : shows the study on respondent about the awareness of various electronic payment
systems.

TABLE 2 : Various Electronic payment systems

No. of
Electronic payment system Percentage
Respondent

E-Banking 23
UPI 34
Mobile-Banking 19
Debit card/Credit Card 24
Total 100
 Methods of Cashless Transactions

The Digital India programme is an important programme of the Government of India with a
vision to transform India into a digitally empowered society and knowledge economy. “Faceless,
Paperless, Cashless” is one of professed role of Digital India. As part of promoting cashless
transactions systems and converting India into less-cash society, various methods of digital
payments are available. They are as follows

1. Cheque The cheque is one of the oldest or conventional methods of cashless payment
mechanism. It is a well known method to everyone. In this method, you issue a cheque for the
specific amount to someone else. The cheque gets deposited in the respective bank account. The
bank processes a payment through a clearing house. The whole transaction done through cheque
gets recorded and there is a document of payment. However, but sometimes cheque payments get
dishonored due to signature mismatch or insufficient fund in bank accout. In order to avoid such
problem, you can use other cashless payment options.

2. Demand Draft Demand draft is another primary way of cashless transaction. It is a very safest
method to receive payment from anyone. Demand draft (DD) never gets defaulted as it is signed
by the banker. The drawbacks of DD and cheque are you need to visit a bank in order to deposit
cheque and demand draft. The clearance of cheque or DD takes additional time.

3. Online Transfer- NEFT or RTGS The third simplest way for the cashless transaction is online
transfer using NEFT or RTGS. In order to do online money transfer, you need internet banking
facility. Online transfer using NEFT or RTGS is comparatively faster than Cheque or DD.
Online transfer can be done from anywhere using internet facility.

4. Credit Card or Debit Card Credit card or Debit card is another method of cashless payment.
The usage of credit card and debit card was limited in India compared to other developed
countries in the world. However, usage of credit card and debit card is increasing now a day. The
limitation of this payment method is an availability of swipe card facility (PoS) at merchant end.

5. E-Wallets E-wallet means Electronic Wallet is another cashless payment options are available
for people. E-wallet can be used to purchase products or services starting from grocery to airline
tickets. In order to use E-wallets customer and merchant, both require a smart phone with active
internet connection. The most popular example of E-wallet is PayPal. Apart from PayPal, you
can also use Payoneer, Transferwise, Skrill, PayZa and others. After registering for E-wallet you
need to link your credit card or debit card with your E-wallet id. You can use E-wallet for fund
transfer from one account to another account or online shopping. It is a simplest cashless
method.
 6. Mobile Wallets The next cashless payment option is a mobile wallet. You do not required
debit card, credit card or internet banking password for making payment using a mobile wallet.
Just load money in your wallet via IMPS and use it on the move. You can download mobile
wallet app from play store in smart phone. Some examples of mobile wallets are Paytm,
PayUmoney, Oxigen, Lime, MobiKwik etc.

7. UPI Apps UPI is a mobile payment method which allows you to do different financial
transactions on your smart phone. UPI allows you to send or receive money using virtual
payment address without entering bank information. Merchants can enroll with banks to accept
payments using UPI. Like in the case of a PoS machine, the merchant would require a current
account with a bank to accept UPI payments. The examples of few UPI Apps are SBI Pay, ICICI
Pocket, Axis Pay UPI App, Union Bank UPI App, PNB UPI, PhonePe, TranZapp etc.

8. Gift Card The next cashless payment system is a gift card. Gift Card is a readymade card and
can be purchased from a merchant or from the bank. The gift card is loaded with a fix cash
amount you can purchase any item from the specific vendor by using a gift card.

9. Aadhaar Enabled Payment System Aadhaar Enabled Payment System (AEPS) is one of the
better and transparent cashless payment methods. AEPS is like Micro ATM, it uses smart phone
and a finger-print scanner for the transaction. In order to use this facility, it is compulsory to link
your Aadhaar card number to your bank account. You can use AEPS in order to perform
transaction like Aadhar to Aadhar fund transfer, Cash withdrawal, Cash deposit etc.

10. Unstructured Supplementary Service Data You can use USSD cashless method if you don’t
have a smart phone or internet connection. Unstructured Supplementary Service Data is mobile
banking service. From any mobile phone, you can dial *99# and use this service. You can do all
these things which are available to a person with smart phone and internet connection. Almost all
banks including SBI, ICICI, BOB, Axis Bank and PNB support USSD payment option.
CONCLUSION

UPI developed the m-payment technology by facilitating mobile phone to be used as a main
payment device for giving and accepting payments. In contrast to all of payment systems it can
be say that UPI is the most advanced payment system in the world.UPI payment system allows
money transfer between any two bank accounts by using a smart phone. It allows a customer to
pay directly from a bank account to different merchants, both online and offline, without the
hassle of typing credit card details, IFSC code, or net banking/wallet passwords. It aims to
simplify and provide a single interface to money transfers easy, quick and hassle free. These
features of UPI motivates the respondents of service sectors to adopt the tool and the above study
revealed that there also a significant difference found between the gender towards the adoption
of UPI. The use of smart phones, the availability of an online verifiable identity, universal access
to banking and the introduction of biometric sensors in phones will proactively encourage UPI
Transactions and findings revealed that the respondent have positive attitude towards the UPI
transaction for ushering in a less-cash society in India.

The study concludes that cashless transaction economy is one of the good and strong decisions of
government of India. Many people accept the concept of cashless transactions system. It helps to
fight against major illegal or unethical activities in the economy like terrorism, corruption,
money laundries etc. But main problems are the working of cash less transaction in India is cyber
crime and illegal access of customer’s data. Therefore it’s important to strengthen internet
security from protection against online mischievous. Customers and small retailers are faced the
high degree of risk and problems in the application of cash less transaction. The main reason is
low literacy rate in rural area. Government should be educated towards cash less transactions
services. Government tries to promote customers mind towards the risk factors. Cashless
transaction helps to develop the Indian economy is more strong. Hence, each and everyone
should access and use the digital based transaction. The Government to need more efforts
financial literacy campaign time to time to make population aware of benefits of electronic
payments.