Five years ago, India had just two mobile manufacturing plants and more than half of the population purchased imported smartphones. Today, the country has over 127 mobile manufacturing plants and is the second-highest market for these devices. In parallel, the number of active social media users has soared beyond 450 million and at least 273 crore transactions through BHIM UPI just in March 2021. Digital India is here, and how.
But not all is great. In the first six months of 2020 alone, there was a reported loss of a record high of almost $117 million to scams that started on social media alone, according to Data Spotlight. The most popular social media scam currently is that of online sellers using various platforms to “sell” products they never intended to dispatch in the first place – this constitutes more than 25% of all reported scams on social media!
The flip side to the fast-paced adoption of ‘cyber’ is that people are often left ignorant about basic cybersecurity habits. The increase in access to digital platforms has unfortunately not translated to a mentality that puts cybersecurity first. For instance, if one has to appear for a driving test before being allowed to navigate the roads, shouldn’t cybersecurity also be aforethought to being allowed to use the internet?
A few weeks back, a new type of social media influencer was discovered. These influencers use their reach to trade Personally Identifiable Information (PII) of people to anyone willing to spend money. The information, in influencer colloquial, is known as ‘fullz’. The source of fullz data is either through large breaches that led to data dumping on the deep web or fraudsters carrying out phishing activities themselves or commissioning it to others.
There are two distinct layers that need attention here:
a) Social media is fast becoming the go-to place for cybercrime as a result of its largely unregulated nature; the users have to be well-informed while navigating various platforms.
b) Information (PII) leaked from one data breach can easily be misused for other scams, thereby reiterating the need for good overall cyber hygiene.
In such a scenario, it becomes extremely important for people to beware of what they post, who they interact with, and even where they are while using any form of digital platform. Something as simple as ‘switching off notifications text on lock screen’ can prevent a bystander from seeing your OTP… or knowing that you shouldn’t carry out sensitive transactions over free ‘public’ WiFi at airports or railway stations can save you from being the next victim.
While digital platforms including Twitter, Facebook, Snapchat, Instagram, YouTube, and others do not allow fraud on their platforms and are continuously doubling down on criminal content – the onus for security on cyber is a shared responsibility. For instance, did you know that Facebook has the option of recovering a hacked account through 3-5 known friends? Snapchat gives its users the option to enhance privacy by activating the ‘Ghost Mode’ that hides the user’s location on the SnapMap.
Google Pay also has the option of using fingerprint authentication along with the pattern/numeric password, adding an extra layer of security. Such information can be the foundation for building strong cyber awareness.
Whether it is having the knowledge of how and when their PII has been breached and the steps that can be taken to rectify it, keeping abreast of the latest trends of cyberattacks, or knowing how secure their devices and social media accounts are; people need a platform that is able to give them all the answers. However, there is a lack of such a comprehensive and single source of truth for anyone looking for cybersecurity advice in real-time.
Fostering a cybersecurity mindset will take time, effort, and patience. Actively seeing results makes any activity more interesting- be it losing (or gaining!) inches after exercising, or passing an exam with good grades. Similarly, gamifying cybersecurity has the distinct advantage of making it interesting and competitive, and conditions the human mind to adapt to a cybersecurity-first mentality.
Knowing exactly how secure you are to navigate cyberspace, in real-time, instills a sense of confidence and shares the onus of cybersecurity and digital privacy between large corporates and the end-user. Think about it – if you knew your cyber risk score as a 4 out of a possible 5 versus if you scored just a 2 out of 5 – when would you be more confident of being online?
Rahul Tyagi is co-founder of Safe Security