August8 , 2022

zerodha: Temporary one-time password not enough, says Zerodha’s Nithin Kamath on demat hacking

Related

Business News LIVE Today: Latest Business News, Share Market News, Economy & Finance News

Search Quotes, News, Mutual Fund NAVs Tata Steel INE081A01020, TATASTEEL,...

Business News LIVE Today: Latest Business News, Share Market News, Economy & Finance News

Search Quotes, News, Mutual Fund NAVs Tata Steel INE081A01020, TATASTEEL,...

Why Apple and Amazon results are important

Apple and Amazon added about $175 billion to...

Business News LIVE Today: Latest Business News, Share Market News, Economy & Finance News

Search Quotes, News, Mutual Fund NAVs Tata Steel INE081A01020, TATASTEEL,...

Share

[ad_1]

India’s large brokerage house Zerodha swept into action to safeguard clients facing cyberattacks after a local media channel revealed how demat accounts of many customers, including some from the firm, were compromised.

Mumbai Police this week arrested five people on allegations of gaining access to demat accounts of the share broker and scamming them of Rs 3.5 crore.

Zerodha will soon launch a feature that will not allow orders for options to be placed at abnormal prices, Nithin Kamath, founder and chief executive at the brokerage house wrote in a LinkedIn post, acknowledging that their method of asking for a temporary one-time password is not enough.

“Money cannot be withdrawn from trading accounts to third party bank accounts. To move money, fraudsters create artificial losses by trading illiquid options (buy high, sell low) or buying scammy penny stocks. Our best bet is to find ways to block such suspicious trades,” he wrote.

Incidents will reduce from September 30, when OTP/TOTP/Biometric becomes mandatory when logging in, Kamath said.

While India has in recent years seen a surge among retail investors, and more so among the millennials, to bet on the equity markets that sprung to record highs post the coronavirus pandemic, cyberattacks via phishing or other modes have also increased in tandem.

The modus operandi of the hackers includes sending fake websites to random people through text messages, e-mails, social media and capturing their username, password, personal identification number or date of birth when unsuspecting investors try to login by clicking the fake website. The hackers then can use these credentials to login to the investor’s trading account to execute buy or sell transactions on illiquid penny stocks as planned by the fraudsters, according to brokers.

Amid growing instances of cyber scams, India’s capital markets regulator also mandated last month that stock brokers and depository participants need to report all cyber attacks, threats and breaches within six hours of detecting such cases. The Securities and Exchange Board of India had also prescribed the framework for cyber security and cyber resilience for stock brokers.

However, it is not individual accounts that are compromised but hackers the world over have also attacked stock exchanges – be it New Zealand, Moscow or Tel Aviv.

The International Organization of Securities Commissions, recognized as the global standard setter for the securities sector, said in a recent report that the pandemic has increased cyber security risks, accelerated the use of existing, new and emerging technologies and disrupted some outsourcing arrangements.

Cybercrime has gone up across banking-to-broking-to-social media, Kamath said.

To be sure though, safeguard measures will only work if users are careful enough not to share their account access by believing get-rich-quick schemes, which is how most frauds happen, he added.

[ad_2]

Source link