Mitigating Risks Posed by Emerging Fraud TacticsAttorney Describes New Fraud Tactics and How to Change Risk Management
Seeking to capitalize on the COVID-19 pandemic, fraudsters in India are devising new tactics, such as impersonating charity organizations and healthcare organizations and dropping fake emails related to vaccines and treatments, says cybersecurity legal expert Khushbu Jain, advocate, the Supreme Court of India. (See: 'Hack-for-Hire' Groups Spoof WHO Emails to Steal Data)
For example, fraudsters are sending fake emails portrayed as loan discount messages from banks that are designed to lure customers and get them to click on malicious link that then downloads malware. In the past two months there have been multiple welfare schemes announced by the government, making it easier for criminals to design such fake emails.
Jain says it's important for CISOs to constantly monitor network activity - including the websites that employees are browsing - and conduct education and awareness campaigns about the risks of phishing and other fraud schemes. "Incident management is a key here. If a breach happens, how do you handle the media, etc.? You need to work out a proper security policy."
In this interview (see audio link below image), Jain also discusses:
- The kinds of fraud that are on the rise;
- The changes in criminals' methods;
- How CISOs should change their risk mitigation strategies in light of these trends;
- Tips on breach notification.
Jain is a practicing advocate before the Supreme Court of India, and founding partner ARK Legal. She is also a public speaker, skills trainer, opinion column writer for newspapers and a popular guest on national television. She specializes in business litigation and handle legal matters pertaining to information technology.