By using this site, you agree to the Privacy Policy and Terms of Use.
Accept
TechgoonduTechgoondu
  • Audio-visual
  • Enterprise
    • Software
    • Cybersecurity
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
    • Cellphones
    • Tablets
  • PC
  • Telecom
Search
© 2023 Goondu Media Pte Ltd. All Rights Reserved.
Reading: Expect phone hacking, fraud to rise as mobile transactions become common
Share
Aa
TechgoonduTechgoondu
Aa
  • Audio-visual
  • Enterprise
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
  • PC
  • Telecom
Search
  • Audio-visual
  • Enterprise
    • Software
    • Cybersecurity
  • Gaming
  • Imaging
  • Internet
  • Media
  • Mobile
    • Cellphones
    • Tablets
  • PC
  • Telecom
Follow US
© 2023 Goondu Media Pte Ltd. All Rights Reserved.
Techgoondu > Blog > Mobile > Cellphones > Expect phone hacking, fraud to rise as mobile transactions become common
CellphonesInternetMobile

Expect phone hacking, fraud to rise as mobile transactions become common

Alfred Siew
Last updated: January 31, 2016 at 5:14 PM
Alfred Siew Published January 31, 2016
5 Min Read
SHARE

unlocking a phone screen

This week’s story of a man who got his phone hacked by thieves to make fraudulent purchases should give pause to everyone who’s embracing online shopping.

When 47-year-old Philip Loh found that he was swept up in a scam last September, it was already too late for him to reverse the credit card charges.

His bank, United Overseas Bank, is now insisting that he pay S$5,000 of the more than S$12,000 that hackers likely spent on plane tickets in Eastern Europe after they stole his information.

The bank argues that its security systems were not compromised. This includes the one-time password (OTP) that was sent to the user’s phone, as an additional security measure.

If there’s one lesson here, it’s clear that the crooks have caught up with the technology. It is not as safe as before to send a password to your phone to verify an online purchase with your credit card.

A report out of China this week claims that over 370 million phone users received malware in 2015, and the number is still rising. Indeed, phones have become the main channel of fraud, cautioned Qihoo 360, a China-based security software provider.

In the case of Loh, what could have happened is hackers accessing his phone and stealing the one-time passwords it received as SMSes, whenever an online purchase was attempted. The perpetrators then approved the transactions with these passwords.

This meant the cyber criminals had access to both his credit card details and the “second-factor” authentication device – his phone – that provided an additional layer of security.

Such break-ins were seen in the past as too much trouble for cyber criminals because they involve hacking into various devices. However, as financial institutions and consumers have tightened up security over the years, so have the crooks upped their game.

Opportunity is knocking too. With people buying more things on their phones and storing important information on them, it’s natural that these devices will become the next big target for hackers.

Sure, you can avoid being a victim, say, by not downloading software from dubious sources or clicking on links that bring you to websites infecting your phone with malicious code.

But it’s also time to rethink the use of SMS passwords, which are now routinely sent to phones that are often open to tampering.

This is one reason why banks will force you to use your physical token when transferring large amounts of money online. Similarly, if you add a new payee, for example, you will be challenged again for another password.

These are measures that make it a lot harder for criminals to break into your account and steal money online. In particular, a hardware token – one you physically hold in your hands – is less likely to be tampered with than a PC or phone that’s connected to the Net all day.

But will users always favour a token over SMS? Imagine if you had to go dig up your token whenever you wanted to buy cinema tickets or some groceries online.

Tokens can be a pain to use – particularly if you have too many of them. Plus, you may not carry a token with you everywhere. What if you’re travelling and need to transfer some money? You might have to turn up at the bank.

The dilemma is a familiar one. It’s one of security versus convenience. For a long time, SMS passwords have proven to be a good barrier against fraud (it’s better than just a simple credit card number and expiry date). They are convenient too.

Yet, this practice is becoming less trustworthy as hackers find new ways to break into smartphones. They will only get more sophisticated as their tools become more widespread.

The question for consumers, as more turn to the phone as a mobile wallet, is whether they value more convenience or security. What kind of compromise would they accept?

You Might Also Like

Five ways the Roborock S8 robot vacuum will change the way you clean your home

After another DBS outage, is it time to make banks publicly report service uptime?

Xiaomi 13 Pro review: A photography powerhouse with 1-inch image sensor

IT leaders must manage the tension point between application development and security by embracing a DevSecOps approach

Oppo Find N2 Flip review: A worthy flip phone alternative to Samsung

TAGGED: 2FA, cyber crime, hacking, mobile banking, security token, Singapore, SMS password, think, UOB

Sign up for the TG newsletter

Never miss anything again. Get the latest news and analysis in your inbox.

By signing up, you agree to our Terms of Use and acknowledge the data practices in our Privacy Policy. You may unsubscribe at any time.
Alfred Siew January 31, 2016
Share this Article
Facebook Twitter Whatsapp Whatsapp LinkedIn Copy Link Print
Share
Avatar photo
By Alfred Siew
Follow:
Alfred is a writer, speaker and media instructor who has covered the telecom, media and technology scene for more than 20 years. Previously the technology correspondent for The Straits Times, he now edits the Techgoondu.com blog and runs his own technology and media consultancy.
Previous Article Out in Singapore, Visa Checkout promises easier online shopping
Next Article One in three home routers to double as public Wi-Fi hotspots
Leave a comment

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Stay Connected

Facebook Like
Twitter Follow

Latest News

Five ways the Roborock S8 robot vacuum will change the way you clean your home
Internet March 31, 2023
After another DBS outage, is it time to make banks publicly report service uptime?
Enterprise Internet March 30, 2023
Xiaomi 13 Pro review: A photography powerhouse with 1-inch image sensor
Cellphones Mobile March 29, 2023
IT leaders must manage the tension point between application development and security by embracing a DevSecOps approach
Cybersecurity Enterprise Software March 29, 2023
//

Techgoondu.com is published by Goondu Media Pte Ltd, a company registered and based in Singapore.

.

Started in June 2008 by technology journalists and ex-journalists in Singapore who share a common love for all things geeky and digital, the site now includes segments on personal computing, enterprise IT and Internet culture.

banner banner
Everyday DIY
PC needs fixing? Get your hands on with the latest tech tips
READ ON
banner banner
Leaders Q&A
What tomorrow looks like to those at the leading edge today
FIND OUT
banner banner
Advertise with us
Discover unique access and impact with TG custom content
SHOW ME

 

 

POWERED BY READYSPACE
The Techgoondu website is powered by and managed by Readyspace Web Hosting.

TechgoonduTechgoondu
Follow US

© 2023 Goondu Media Pte Ltd. All Rights Reserved | Privacy | Terms of Use | Advertise | About Us | Contact

Join Us!

Never miss anything again. Get the latest news and analysis in your inbox.

Zero spam, Unsubscribe at any time.
 

Loading Comments...
 

    Welcome Back!

    Sign in to your account

    Lost your password?