Business Standard

BFSI Summit: Fear in people main factor behind cyberfraud, says SBI's Chugh

In cybersecurity, social engineering refers to manipulating a victim to gain control over a computer system or steal personal and financial information

Nitin Chugh

Sundar Sethuraman Mumbai

Listen to This Article

Fear has replaced greed as the dominant factor that makes people vulnerable to cyber frauds, said Nitin Chugh, head of digital banking and transformation at State Bank of India (SBI), at Business Standard BFSI Insight Summit 2024.
 
“We see people being threatened. People are told something wrong has happened. And they, in a state of panic, don’t apply their mind and give in.” 
 
No matter how aware people are, they fall prey to such tactics, and it proves fraudsters exploit their vulnerabilities, he added.
 
“This is another form of social engineering and relatively new.”
 
Social engineering in cybersecurity refers to manipulating a victim to gain control over a computer system or steal personal and financial information.
 
 
Chugh said intimidating tactics were used usually for high-value transactions.
 
“High value could be a few crores. For small value, phishing is used, where people give their credentials or an account takeover.” 
 
Chugh said with technological expansion, it was people’s responsibility to guard themselves against cyber frauds.
 
“A bank is a fiduciary body. It will keep your money safe. But what if you compromise your credentials? And that is where even the law doesn’t help you beyond a point. When it comes to matters related to your money in your bank account, it is important to be aware of what can happen.” 
 
Chugh said mule accounts were pre-recruited.
 
“It is part of an organised setup. They (mules) don’t know what they recruited for. They are kept in readiness and told that at some point in time they will get a message that there will be a transaction in their accounts. The only thing they need to do is withdraw that money and bring it to a particular place. And this is the money they will get in return.” 
 
Chugh said there was technology to protect mule accounts from cross-border payments. And there is a need for a similar technology to stop such payments in India.
 
Chugh, however, added identifying who could be a mule account was a challenge.
 
A mule account refers to one that facilitates illegal transactions. Chugh said data science could help identify people vulnerable to fraud and could be used as mules.
 
“We are discussing building some bit of friction, at least for vulnerable profiles, so that they have to go through some steps of authentication, some more checks before they can move their money willingly.” 
 
Regarding punitive action against mule account holders, Chugh said banks could not do so but could report a suspicious transaction.
 
“You re-verify the account credentials. You ask a few questions that are not satisfactory, and you report the account as suspicious. And then the law takes its course. You can go ahead and block a few cards.”
 
When asked about reports of the central bank’s plans to set up an intelligence platform on digital payments, Chugh said real-time payments were being misused to send money earned by means of fraud.
 
“Shared intelligence is going to be key intelligence, not from just banks but also from other digital-economy players, e-commerce and telecom companies, or all kinds of other regulators, so that this collective intelligence will help us in also finding and narrowing down on some of these patterns and deciding one part of the industry is getting hit with one sort of fraud. It’s only a matter of time before it spills over to another industry. Most of the themes are around collaboration, that is, how we collaborate and bring a collective intelligence to keep pace with how fraudsters think.” 

Don't miss the most important news and views of the day. Get them on our Telegram channel

First Published: Nov 07 2024 | 9:34 PM IST

Explore News