Short URLs come in handy for cybercrooks

They use this trick to swindle money from your bank accounts

By Anil Rachamalla

Some URLs may look so ridiculously long. Not anymore, because we now have URL shorteners. They take lengthy URLs and make them shorter and easier for the recipient. There are lots of benefits of short URLs, including the ability to track the performance; they use fewer characters; they lead to a higher click-through rate and also, they drive traffic back to our websites.

---

However, there are downsides too. URL shorteners are often used by online fraudsters to trick users into following a link to compromise their systems, swindle money from their bank accounts or even trick them into mine cryptocurrency without the intervention of the user. Recipients could be clicking a malware link (short links) or be directed to a spoofing page where the victim’s sensitive information could be recorded and later used for stealing sensitive data or money.

Validating short links /emails/websites: –

(a) Validating the SMS – https://smsheader.trai.gov.in/

(b) Unshorten the URLS – (i) www.unshorten.it (ii) www. checkshorturl.com (iii) https://www.expandurl.net

(b) Validating the Websites – (i) https://isitphishing.org/ (ii) https://www.urlvoid.com/ (iii) https://www.site24x7.com/link-checker.html (iv) https://transparencyreport.google.com/safe-browsing/search

(c) Validating the Email Headers (i) https://mxtoolbox.com/EmailHeaders.aspx (ii) https://dnschecker.org/email-header-analyzer.php (iii) https://mailheader.org/
(iv) https://www.dmarcanalyzer.com/spf/checker/

(d) Checking for Virus (File or URL) – https://www.virustotal.com/gui/

A few tips to prevent fraud

• Verify and validate, all emails and SMS verify carefully as fraudsters usually send fake/spoofed SMS & emails to gain the faith of the victim
• Never click on short links sent via SMS or any other Messengers from unknown senders
• Contact the business via email or instant messenger that is listed on the App or website or credit/debit cards
• Neither bank officials nor any reputed e-commerce platforms ask for sensitive financial information like card details, OTP, bank account details, net banking credentials, UPI PIN etc.
• Don’t pay in advance towards courier charges, processing fees, duty fees, customs amount etc.
• Do a proper verification on seller’s / buyer’s credentials like name, website, address, phone number, etc,.
• Transfer money only when you receive the goods and make sure if you transfer through recommended payment methods of reputed e-commerce platforms
• Fraudsters deposit extra amount than the actual negotiated price of product intentionally and on the pretext of refunding, swindle money from sellers by requesting to scan QR codes or to send UPI or OTP/Password
• Never transfer money during phone conversations
• To receive money, you don’t need to scan QR codes or share OTP

Contact us

The “CFCFRM” Citizen Financial Cyber Fraud Reporting and Management System is a platform that integrates law enforcement agencies and banks and financial intermediaries. This facility empowers both banks and cybercrime police sharing online fraud information online almost in real-time. It is supported with a dedicated support number 155260 and website https://cyberpolice.nic.in

Process of complaining via 155260

• Victims can call dedicated support number 155260, which is managed by the respective State Cybercrime Police wings. Cybercrime officer notes down fraud transaction details (A/C number, Wallet, UPI, Transaction ID, Date, Card Details Etc.) and other basic personal information of the caller and submits a request on portal
• Requests get connected to Banks, Wallets, Merchants, depending on whether they are the victim’s bank or the bank/wallet in which the defrauded money has gone.
• An SMS is also sent to the victim with the acknowledgement number of the complaint with directions to submit complete details of the fraud on the portal within 24 hours, using the acknowledgement number.
• The bank can see the request details on the Reporting Portal, checks /validate the details within its internal systems.
• If the victim’s money is still available, the bank puts it on hold. If the victim’s money has moved out to another bank, the request gets routed to the next bank. This process is repeated and if the money is found, it is reversed to the victim’s bank account.

Stay Tuned to Cyber Talk Column for more on internet ethics and digital wellness brought to you by Anil Rachamalla, End Now Foundation, www.endnowfoundation.org

Now you can get handpicked stories from Telangana Today on Telegram everyday. Click the link to subscribe.

Click to follow Telangana Today Facebook page and Twitter .