Page 141 - DCAP306_DCAP511_E-COMMERCE_AND_E-BUSINESS
P. 141

E-Commerce and E-Business



                          3.  Hacking: Externally accessible systems are hacking targets. Hackers can spoil Web sites and steal
                              valuable data  from systems  resulting in a  significant  loss of revenue.  Hackers often hide the
                              identity of computers that are used to carry out an attack by falsifying the source address of the
                              network communication. This makes it  more difficult to identify the sources of attack and
                              sometimes shifts attention to innocent third parties.


                                      Hi­Tech Cybercrimes

                            Case Study
                            T         his case study is about potential threats of using net banking. A person’s bank account

                                     was hacked.  The amount that was lost was Rs. 3,00,000.


                           Fact in Net Banking
                           Individuals, who want to transfer money from their account to another account, will have to add the
                           recipient in their net banking profile as a third party beneficiary. During this transaction, the bank
                           sends a Unique Reference  Number (URN) to their registered mobile number. Sachin who  had
                           registered personally and had access to net banking did not update the registered mobile number
                           with his bank when he was transferred to another state. He had assumed that his bank account could
                           not be hacked and that he would receive the URN for all transactions.
                           But Sachin’s account was hacked from Nigeria on three different dates. The hackers were successful
                           as they adopted the following methods:
                           1.  The hackers collected Sachin’s user name and password by using a phishing page or a remote
                               key logger.
                           2.  They learnt Sachin’s details including his mobile number.

                           3.  They learnt from their Indian  agent the details of the mobile subscriber. The hackers then
                               registered a case of mobile theft and deactivated the number which was in the other state. The
                               mobile service provider re-issued the same number with a different Electronic Serial Number
                               (ESN).
                           4.  Then they added five accounts as third party beneficiary accounts. The culprits got the URN in
                               their mobile and transferred the amount to those five accounts.
                           Question:

                           1.  What were the methods adopted by the hackers to transfer money from Sachin’s account?
                          Source:  http://urproblemmysolution.blogspot.com



                                      Find out the different mechanisms used by attackers to hack Web sites.




















                          134                  LOVELY PROFESSIONAL UNIVERSITY
   136   137   138   139   140   141   142   143   144   145   146