By Abhishek Mitra, Founder & CEO, Indian Cyber Security Solutions (ICSS)
Recent years have seen an increase in email fraud, or “phishing,” concerns in India. According to a report by the cybersecurity company RSA Security, India ranked fifth on the global list of countries targeted by phishing attacks in 2020. Banking and financial institutions, e-commerce sites, and governmental entities are the usual targets of phishing attacks in India. These attacks employ strategies like impersonating genuine emails in fraudulent emails and using urgency or alluring offers to entice unwary victims into divulging personal information or downloading malware-filled attachments.
Due to the country’s growing digital economy and increased use of digital payments, India is more vulnerable to phishing attacks. In India, the number of phishing attacks rose by 60 percent in 2020 compared to 2019, according to a report by the cybersecurity company Kaspersky. The report strongly emphasises the value of people and organisations taking preventative security measures to protect themselves from these attacks.
Phishing attacks can have serious repercussions, including financial loss, identity theft, and reputational harm. Businesses are also at risk of losing money and their reputation, in addition to the risks faced by individuals.
According to the Reserve Bank of India (RBI), more than 1,800 phishing incidents were reported in India in 2020, resulting in more than Rs 71 crore (roughly $10 million) losses. This highlights the gravity of the issue and the necessity for people and companies to take preventative action to safeguard themselves against these attacks. About 82 percent of Indian organisations experienced email-borne attacks in the last 12 months, according to research from Vanson Bourne, commissioned by Barracuda. India-based organisations surveyed have invested a lot in improving their email security, with 32 percent increasing their spending in the past 12 months. Additionally, 45 percent of Indian organisations feel unprepared to handle email account takeover, which is a valid concern given the country’s higher-than-average proportion of remote workers. This is closely followed by data loss (35 percent), malware and virus attacks (38 percent), and hacked business emails (35 percent).
For their protection against these attacks, businesses must take preventive measures. Employees can learn to recognise phishing emails and stay away from them by regularly receiving training and awareness programs. Antivirus software and spam filters are two tools that can be used to identify and block phishing emails. Strong one-time password requirements and multi-factor authentication can both help to prevent account hacking.
To protect themselves from phishing attacks in India, both individuals and businesses must exercise caution and take preventative measures. Phishing emails can be distinguished from legitimate emails by checking the sender’s email address and looking for suspicious links or attachments. We can lessen the possibility of falling victim to phishing attacks and protect our personal and professional information by following best practices and remaining vigilant.
- Employee education can assist them in identifying phishing emails and preventing them from becoming a victim.
- Using tools like spam filters and antivirus software can help detect and block phishing emails.
- Enforcing strong passwords and multi-factor authentication can help prevent attackers from gaining access to accounts.
- Verifying the sender’s email address and checking for suspicious links or attachments can help identify phishing emails.
The growing digital economy and the use of electronic payments in India make it more vulnerable to phishing attacks. A fraudulent email can lead the client to their payment gateway, leading to higher levels of fraud. To protect themselves from these attacks, both individuals and businesses must take preventative action. By adhering to best practices and exercising caution, we can reduce the likelihood of falling victim to phishing attacks and safeguard our personal and professional information.
