Know your customer (KYC) is a measure adopted by financial institutions like banks to render timely services to their legitimate customers. Cybercriminals are resorting to KYC fraud through Vishing and SMiShing attacks. Customers have been falling prey to such frauds in the name of KYC updation. The chapter proposes the application of the supervised machine learning model to detect KYC fraud related to SMS and prevent such frauds. A dataset of sample KYC fraud messages and non-fraud messages is taken to train the machine learning model. The model is trained to extract the relevant features that distinguish fraud messages from valid messages, thus detecting fraud messages. The model was tested with popular supervised machine learning algorithms. The proposed model may be made as part of a security patch in the messaging service. KYC fraud has become rampant in recent times, and the chance of an individual falling for such attacks are highest given that it is a mandatory process. Previous research studies provided generic solutions for such frauds.
Purpose Today, online shopping and online business has become a new norm especially in the current pandemic scenario. With more businesses running online, cyber criminals are coming up with different tactics to steal identity and sensitive information such as credit card and banking credentials either for personal monetary gain or to sell in the dark Web. One form of such attack that is seen in the recent times is formjacking attack. This paper aims to review the current scenario of formjacking attack and its modus operandi. The paper also provides certain counter measures that can be adopted by the users and website owners. Design/methodology/approach The paper mainly focuses on the modus operandi of formjacking attack to understand the severity of the problem. Based on the way the attack is carried out, some guidelines to be followed are provided. Later, a brief review of machine learning techniques is furnished to understand how it may help as secure defense mechanism. Findings Formjacking attacks are on a rise in the past two years, especially during the holiday season. Cyber criminals have been using smart tactics to carry out these attacks which are very difficult to detect. Machine learning techniques may prove to be effective in combating these attacks. Originality/value Formjacking attack is not just a concern of the customers who may lose their sensitive data, but the onus also lies on the companies itself to ensure they protect their customer’s data from theft. Not much research is found regarding formjacking attack, as it is relatively a new form of attack. The paper reviews this attack and provides some measure that can be followed. It also provides few guidelines which can be used for further research in devising a security tool to mitigate this problem.
Purpose – The purpose of the paper is to assess the precautionary measures adopted by the popular websites in India, and, thus, find out how vulnerable the Indian Web users are to this form of attack. Today almost all work is done through the Internet, including monetary transactions. This holds true even for developing countries like India, thus making secure browsing a necessity. However, an attack called “clickjacking” can help Internet scammers to carry out fraudulent tasks. Even though researchers had proposed different techniques to face this threat, it remains a question on how effectively they are deployed in practice. Design/methodology/approach – To carry out the study, top 100 Indian and global websites in India were identified and were divided into static and dynamic websites based on the level of interaction they offer to the users. These websites were checked to see whether they offer any basic protection against clickjacking and, if so, which defence technique is used. A comparison between Indian websites and global websites is done to see where India stands in terms of providing security. Findings – The results show that 86 per cent of Indian websites offer no protection against clickjacking, in contrast to 51 per cent of global websites. It is also observed that in the case of dynamic websites, only 18 per cent of Indian websites offer some form of protection, when compared to 63 per cent of global websites. This is quite alarming, as dynamic websites such as social networking and banking websites are the likely candidates for clickjacking, resulting in serious consequences such as identity and monetary theft. Originality/value – In this paper, vulnerability of Indian websites to clickjacking is presented, which was not addressed before. This will help in creating awareness among the Indian Web developers as well as the general public, so that precautionary measures can be adopted.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
Contact Info
customersupport@researchsolutions.com
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Product
Resources
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.
