At 5.14 pm the previous evening, I got an email from Amazon informing me that my registered email id has been changed. Under normal circumstances, I would not even have bothered opening the mail assuming it to be just another newsletter that they spam me with. However, I was lucky I did. I replied to the email informing them that I had not authorised any such change. Since that bounced right back, I decided to call the customer services.
What happened for the next hour was pure torture. When I tried logging into my Amazon account, I realised I had been signed out and hence was unable to access the customer service tab either. So I was stuck knowing that my account was hacked and also that the money in my Amazon pay balance was perhaps getting spent as I sat wondering what to do.
I asked my husband to contact the Amazon customer care for me to talk. The agent took my number and called back, but the situation was just warming up.
It took me about 45 minutes of waiting and convincing the agent that the account was indeed mine and had been hacked. Since both my email ID and registered phone number had been changed, I had to provide many details such as last purchase made, address and other relevant info to establish my identity.
By this time, the hacker had accessed my account and managed to make purchases worth Rs 3,000 in gift cards. Amazon was prompt enough to freeze my account, reverse the purchases and credit the amount to my account.
I was told that the investigation team was looking into the case, and my account remains frozen until the process gets completed. While I do take adequate care while using my accounts, it takes just one small slip to give an opening for hackers to exploit.
The purpose of this article is to help people in situations similar to the one in which I had inadvertently found myself.
Following are the steps to take if you are a victim of an online hack:
1. Report it immediately
Once you find out about the breach, raise an alarm immediately. You can either call the helpline numbers listed on the website or send an email. If it is your bank account that has been hacked, ask for the account to be suspended temporarily until you can find the source of the breach. Remember that the quicker you are in raising a complaint, the better the chances of reversing the damage done.
2. Change your password
If you can log in to the site then you must change your password first. The new password should be different and not just a combination of the previous one.
3. Contact the cyber crime cell
Most States have their Cyber Crime Cell websites where you can file a complaint. A simple Google search can help you locate the contact details of the correct cyber crime cell designated for your area. In addition to this, you may also contact the nearest police station to lodge a complaint and remember to go armed with relevant information to help the department solve the case at the earliest. Be forthcoming with the information they seek from you.
Here are some tips to ensure you don’t fall prey to online hacking:
1. Refrain from logging via unsecured networks
If you are accessing the Internet in a public place like a coffee shop or an airport, then you must not log into any commercial or banking/financial website. These unsecured networks are hotbeds for hackers to prey on.
2. Be mindful of your passwords
The easiest passwords are usually names, dates of birth, and/or names of kids, and pets, etc. Stay away from using these as your password – use various permutations and combinations while locking in on a strong password. Also, do not use the same password across platforms like banks, social media sites, Netflix etc. Keep changing your passwords periodically and do not share them with anyone.
Remember that long passwords are good and those that make no sense are even better, however, you need to set a password that you will remember. Including numbers, symbols, and letters in uppercase will also help in building a strong password.
3. Logging out
Those of us who use our own laptop seldom log out after a session. I cannot remember the last time I logged out and shut down my laptop. However, post the hacking episode, I will ensure that I always do. You ought to always log out from all the open browsers before your session ends automatically. Do note that simply closing the browser will not help, you must log out every time you are shutting down the laptop or computer.
4. Update your antivirus software
Investing in good antivirus software is of great importance. Remember that we all use the Internet to do pretty much everything, and hence open ourselves to online attacks. Keep the software updated and run the weekly scan as prompted.
Innovations like the internet banking and online shopping provide us with much-needed comfort and convenience, and we are so used to this way of life that it is unimaginable to go back to the traditional methods.
The more the online commercial institutions tighten the encryption and security levels, the more it eggs the hackers on to crack them using any means possible.
Some well-known online hacking episodes:
1. Zomato hack
In May 2017, the restaurant app Zomato suffered a major security breach. Data of some 17 million users was stolen and hacker by the name “nclay” claimed to have hacked Zomato was offering the data on the darkweb marketplace. This hack was subsequently acknowledged by Zomato, saying that no payment information was stolen or used.
2. Cosmos bank
In 2018 a Pune branch of the Cosmos bank was the victim of a cyber attack and saw Rs 94 crores being siphoned off. The money was transferred to a Hong Kong bank and what was surprising was that the balances and all bank account statistics remained unchanged. This was the first malware attack in India against the switching system, which broke the communication between the payment gateway and the bank.
While there are various checks and balances put in place, there are these cases which crop up every once in a while. The responsibility lies with us to bolt the doors shut instead of leaving them tantalisingly ajar.
(Edited by Saiqua Sultan)