Online system hacked and purchase of tickets worth 35 lakhs, cyber bureau alerted

by | June 8, 2023 | Articles |

The work of providing service through online system is increasing day by day in Nepal. Government services, private sector and media world and industries, banks and travel agencies are doing their daily business entirely online. However, while these services are being effective, they have been targeted by foreign hackers.


ad

Recently, it has been found that a foreign hacker targeted various Nepali travel agencies and stole bank funds. The mystery came to light after the travel agency operators filed a complaint with the Cyber ​​Bureau of Nepal Police saying that money had been stolen.

On June 4, a travel agency called C Links Holidays in Kathmandu received a ticket bill of 35 lakh rupees, which was deducted by various airlines. Even those bills were not deducted for air travel from Nepal.

They were cut off to go to Iraq from India, China, Qatar, UAE etc. The company requested information from the airlines after receiving the bill for the tickets that they had not booked. It was only then that it was discovered that so many bills and tickets were cut by the hacker and not by the company.

Cyber ​​Bureau of Police wrote a letter to the Nepal Tourism Board on Tuesday after other travel agencies like C Links also complained that the travel agencies that sell and distribute tickets of various airlines in Nepal are under the target of foreign hackers, says Cyber ​​Bureau spokesperson and Superintendent of Police Pashupati Kumar Rai.

He says, ‘Like Sea Links, other types of travel also came with a complaint, then it was found out that the foreign hacker had started an attack on travel bookings. And we alerted Nepal Tourism Board by writing a letter.

According to him, for a few days, four or five travel agency operators had come to file a complaint saying that money had been stolen from the bank and that foreign tickets had been issued. According to him, during the investigation, it was found that foreign hackers stole money by using username and password in a phishing attack.

‘Rs 50 lakh is missing from the bank accounts of the operators who come to the Cyber ​​Bureau to file complaints,’ he says, ‘travel agencies have huge amounts of money. That’s why travel agencies are targeted by hackers. The Cyber ​​Bureau has alerted us early because a large amount of money is stolen at once.’

According to him, the bureau has also asked the travel agency that conducts ticketing in this matter to provide the information requested by the police in coordination with the related airlines and software companies.

He says, ‘Our work is also public awareness, so we have asked the agencies to be aware through the concerned bodies so that no further damage occurs. This matter will be revealed only after further investigation.’

On the other hand, according to cyber security experts, foreign hackers target banks, financial institutions, government websites, and travel agencies with large amounts of money.

Vijay Senihang Limbu, CEO of Bhairav ​​Technologies and a cyber security expert, says, ‘Hackers are thinking of new ways every day and keep changing the seasons of the game. Phishing hackers send requests for games to the websites they want to hack through email, and give lures such as saying there is a prize. When the client clicks, all their data goes to the hacker.’

Therefore, if you receive an email from someone you don’t know or if you receive an advertisement for a prize, you should be alert. ‘You should stay away from and be aware of attractive advertisements such as the chance to win a prize or if you click on it, you will know everything about the future.’

What are you fishing?

Phishing is a type of cyber crime. Phishing attacks are used to steal personal information such as bank account information and passwords.

Phishing attacks are carried out through emails, messages, websites and social networks. For phishing, information is placed on you in any social network, email, message in such a way that it looks like official. But actually it is not official. There is a trick to steal your information.

How is fishing going on in Nepal?

In Nepal, various phishing incidents are happening on social media. In this, Facebook, Viber, WhatsApp, Imo are ahead.

Phishing is being done by using the names and logos of reputed companies including Nepal Telecom and Ncell on Facebook. At a glance, the official pages of companies like Telecom, Ncell, Xiaomi can be seen, but they are not official.

They are just fake pages designed to steal your personal information and cheat you. In the same way, there has been an increase in cheating by showing the greed of lakhs and crores by saying that you have won the lottery from Imo, Viber, WhatsApp.

Cyber ​​Bureau of Nepal Police has prosecuted some of the fraudsters and brought them under the legal ambit. In addition, phishing is being done by using the name and logo of Nepal Telecom to give free iPhone 12 and show greed for free data.

Emphasis on public awareness

Naresh Lamgade, Chief Executive Officer of Cynical Technology and founder of BugV, says that emphasis should be placed on public awareness to prevent phishing.

According to him, due to lack of public awareness, phishing incidents are increasing. Phishing posts are boosted by people doing phishing through Facebook. Lamgade said that Facebook itself could not control the phishing posts.

According to him, it is important for the user to know which link is real and which is not, which link to click and which not to click.

Nepal Telecommunication Authority, the regulatory body of the telecommunication sector, does not seem to be conducting public awareness programs to prevent phishing. Some time ago, the authority gave suggestions on how to avoid phishing.

How to avoid phishing?

The Telecommunication Authority has requested not to open suspicious emails from unknown persons or addresses, not to click on links and to delete or block such suspicious emails.

The authority has also said not to reply or respond to e-mails, messages, phone calls, etc. sent with various inducements including prizes, gifts, lottery, or threats.

Emails from country domains and sub domains that are not related to you should be deleted without opening them. Similarly, do not subscribe to unnecessary mailing lists and if you have subscribed, you should unsubscribe. Do not send details like your password, OTP, bank account number and pin code by email.

Anti-virus should be used on computers and mobiles and personal information such as username, password, bank credit card number, citizenship number etc. should not be shared without properly identifying any website. You can also report it on Facebook.

Images mentioned above related to are either copyright property of ICT-Samachar or respective image owners.

Tags:

Rabins Sharma Lamichhane

Rabins Sharma Lamichhane is senior ICT professional who talks about #it, #cloud, #servers, #software, and #innovation. Rabins is also the first initiator of Digital Nepal. Facebook: rabinsxp Instagram: rabinsxp

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

Best Web Hosting Deals

hostingsewa-web-host-nepal

Get your best website hosting in Nepal from HostingSewa.

You can hire me for freelancing jobs. I am open for NodeJS, NextJS, Python, MySQL, PostgreSQL and others. I'm also available for backend and frontend code/error/bug fixations.