Tamil Nadu sees bank frauds triple as state gains tech edge

Hi-tech Scams Outnumber Violent Bank Robberies, Dacoity And Theft

CHENNAI: The state has witnessed a threefold increase in white collar crime with banking frauds above Rs 1 lakh tripling to as much as Rs 1831.08 crore in 2014-15 from the previous year.

Skimming of debit cards and phishing of data is the common type of crime in the state, said police officials. “But more sophisticated frauds have happened -where the bank's website or the server gets hacked. We have also seen cheques being intercepted at ATM deposit boxes or by the courier service used.Interceptors then change the payee name with chemicals. Another lesser known fraud is the tampering of ATMs,“ added a police official.

Cases of bank theft, robbery and dacoity were less in Tamil Nadu when compared to states like Maharashtra, Jharkhand and Bihar. “We have had a few instances of people actually breaking into ATMs and making away with cash boxes -but they have become fewer and far between. Violent crimes are not as frequent in Tamil Nadu as phishing attempts,“ said an official at the city police commissioner's office.

Phishing attempts -where confidence tricksters try to dupe bank customers into parting with confidential information such as passwords, credit card numbers, etc -have increased in the state. “Senior citizens are particularly vulnerable as we have had many instances of conmen getting them to part with their ATM pin, bank passbook and other bank details. Sometimes these fraudsters operate at crowded bank branches and pretend to be bank clerks. What is worse is that these crooks usually tie-up with database providers so that they have other details like your full name, father's name and date of birth to get by multiple-levels of the bank's security checks,“ said an SBI official, citing the recent March incident where a senior citizen, having an account with Indian Overseas Bank (IOB) in Chennai, was defrauded of Rs 27 lakh from a phishing attempt.

Another popular trend in Chennai has been skimmingcloning of debit cards with hackers buying card read er-writers off sites like Amazon, Flipkart. “A magnetic card which has tracks 1, 2 and 3 (where data including the cardholder's name, account number and other discretionary data is stored) can be copied onto a dummy card very easily with a card readerwriter and a laptop. Once the debit card is swiped on the card readerwriter, the software automatically collects the data of the card. If the blank card is now swiped, all the data is transferred to the blank card which is now a clone of the original debit card,“ said Vinod Senthil, a Chennaibased ethical hacker and founder of Infysec. “Most indian banks have IT systems that are easily susceptible to hacksfrauds,“ he adds.

The less than top-level priority that banks in the state place on IT security is “borne out of the fact that public-sector banks have so far not insured themselves against data breaches. Despite being at the receiving end of various frauds in the last two years,“ opine senior executives at two public sector general insurance companies.

Another clouding factor, when it comes to measuring bank frauds is internal frauds. These are perpetrated by employees themselves and written off as a business loss by the bank.“Technically it would fall under the bucket of non-performing assets (NPAs) and not be listed as a fraud,“ said the SBI official.

Frauds within the network are on the rise with definite collusion between employees or vendors or third parties. “These days bank employees, especially those in private banks are under a lot of pressure to achieve targets. If an employee who has had a sluggish performance through a quarter meets his target in the last few days, it would be worthwhile for the bank to do a scrutiny check on him.There is scope for fraud there,“ says Rajesh Mirjankar, CEO, InfrasoftTech.

Most private banks have an incentive-based salary structure for their employees. Poor performers may be tempted to misuse their knowledge of systems. For instance, a private bank employee recently swiped unissued credit cards and spirited away Rs 40 crore. A recent RBI directive asked white-label ATM operators to switch from magnetic stripe to EMV-enabled chips (that are less vulnerable to hacks) to help mitigate the risks, said Puneet Kapoor, senior executive vice president of Kotak Mahindra Bank.He added that the bank has set up sophisticated rules to ensure alerts in the system are triggered by unusual transactions.

The National Payments Corporation of India (NPCI) has also come up with a lot of initiatives to counter fraud. “We have a system in place to check fraud and individual banks have fine-tuned their set of rules. For instance, if your card has been used in an ATM in Delhi, you can't use the same card in Chennai within 40 minutes. The bank's intelligence system is accounting for the fact that it would have been physically impossible for you to have travelled that distance in that space of time,“ said NPCI CEO A P Hota in an earlier interaction with TOI.

Stay updated with the latest news on Times of India. Don't miss daily games like Crossword, Sudoku, and Mini Crossword.