Cybersecurity Cloud & Data

Cyber trigger: Fraudsters leverage remote working, COVID-19 to give sleepless nights

With yet another data breach incident putting thousands or millions of user data at risk, cyber fraud is indeed giving sleepless nights to individuals and organizations.

Yet another data breach incident has occurred with BabyChakra, one of India’s biggest online pregnancy and parenting platforms, according to vpnMentor. 5.5 million files are at stake, with the potential impact of fraud, phishing, malware, and possibly child endangerment.


Read more: A look at the data breaches that rocked India in 2021 on World Password Day


Such incidents are increasing manifold owing to the sudden shift of services to online platforms. Especially in India, digitization has entered some industries almost overnight, with organizations hardly getting time to understand the security nuances of such a move.

Even IT, in the last few years, has seen rapid changes, from the advent of the cloud to an increase in disruptive technology adoption by enterprises.

If cybercrime were a country, it would be the world’s third-largest economy after the US and China

As cyber threats evolve, becoming more frequent, stealthy, and lethal, the significance of cybersecurity drives home like never before. In the current pandemic times, cyber security issues have risen four-fold. According to data from Comparitech, global cybercrime is expected to wreak costs adding up to US$6 trillion in 2021. If cybercrime were a country, it would be the world’s third-largest economy after the US and China.

What kind of cyber fraud threats are we seeing most right now? And how are they caused? The Tech Panda asked a few experts and analyzed.

Mobile Phishing

Our smart mobile phones may be the source of multiple tasks today, but at the same time, they are also a gateway through which cyber criminals are flourishing. There has been an 845% spike in cyberattacks on mobile devices alone between October 2020 and March 2021, according to Check Point Software Technologies’ Mobile Security Report 2021.

Verizon, the American wireless network giant, lists a number of mobile scams to beware of, which include cloning, fake apps, phone insurance scams, and robocalls.

“Since mobile screen sizes have a limited display as compared to other devices, and many-a-times promotional messages have quick links and action-oriented buttons, the possibility of getting hacked while using our mobile phones increases. And since we are always online and connected via different WiFi networks around us, which may or may not always be 100% secure, WiFi interference is also one concern that could lead to data leakages,” Govindraj Basatwar, Head of Global Business for INKA Entworks, told The Tech Panda.

Govindraj Basatwar

The age-old practice of fooling unsuspecting users with ´attractive offers´ or suspicious links is definitely going to have a gala time this year too

He adds that mobile ad frauds are particularly important since losses are pegged to reach US$100 billion per year by 2023.

“Madware, which basically stands for mobile adware, can easily collect a user’s data from the background while the user interacts with an app in the front end,” he says.

Suspect No. 1: Remote Working

In the current context, with remote work on the rise, malicious actors find it easy to hack remote devices by means of attacks of various natures. Of these, phishing attacks are often the most common, Sandip Kumar Panda, Co-founder and CEO at InstaSafe, told The Tech Panda.

Sandip Kumar Panda

A lack of basic cyber hygiene on the part of employees contributes to a massive increase in such attacks

“A lack of basic cyber hygiene on the part of employees contributes to a massive increase in such attacks,” Panda says.

On the enterprise front, ransomware attacks have seen a two-fold increase in the last year, with companies gaining access to critical resources by exploiting VPN vulnerabilities and threatening to expose them if they are not paid a certain ransom.

“By nature, these attacks are extremely dangerous and have the potential to destroy the financial standing and brand standing of companies in a jiffy,” he adds.

Phishing attacks occur when attackers impersonate popular pages or innocuous looking links to gain control of devices and exploit data. Especially in the current remote-working environment, phishing attacks have gone up almost six fold. Work From Home (WFH), it seems, is the culprit.

“As a large workforce have moved to WFH, and as homes are not as secured as office spaces, hackers are using this opportunity to the fullest. The biggest threats are social engineering, ransomware attacks, and cloud computing vulnerabilities,” Raj N, a Serial Entrepreneur, Angel Investor, and Founder of fintech firms Zaggle and ZIK ZUK, told The Tech Panda.

Leveraging the Pandemic

The pandemic has made every angle of business vulnerable. Undoubtedly, cyber attackers are clever enough to use the current situation. For example, an email that looks like it has come from a government website, talking about the do’s and don’ts of COVID-19, complete with a link to get authentic oxygen cylinders, ventilators, or medication, can be a potent bait right now.

Raj N

People who are already under stress would be less careful in these times and are likely to fall victim to such phishing emails. But the common theme is going to be utilizing the current pandemic to its fullest

“People who are already under stress would be less careful in these times and are likely to fall victim to such phishing emails. But the common theme is going to be utilizing the current pandemic to its fullest,” says Raj N.

In fact, he adds that while cybercrimes have hit multiple sectors, healthcare and financial sectors have been the most hit.

“Healthcare data is extremely critical and confidential, and in the light of a failing and overburdened health infrastructure during the pandemic, the focus on security of customer data has been lax to say the least. Similarly, financial institutions, despite their claims of top-notch security, have been the slowest in adopting security models like the Zero Trust Model, and have relied on obsolete security tech for their protection,” he says.

What Will ´Fool´ Us in 2021?

2021 has already lined up data breaches in sectors like fintech (Mobikwik, Juspay), healthcare (COVID-19 test results), social media (Facebook), etc. This track record only predicts more doom in the months ahead.

Basatwar predicts that email will win hands down as the most used means of cybercrime. Miscreants seeking two-factor authentication codes is another area to beware of.

2021 has already lined up data breaches in sectors like fintech (Mobikwik, Juspay), healthcare (COVID-19 test results), social media (Facebook), etc. This track record only predicts more doom in the months ahead

“The age-old practice of fooling unsuspecting users with ´attractive offers´ or suspicious links is definitely going to have a gala time this year too. Email will definitely be the number one channel for cybercrimes. We also hear a lot of cases where hackers sometimes trick users to share their two-factor authentication codes,” he says.

He adds that poor password practices would also require special attention in 2021, since many are mixing personal and professional work because of the rise in BYOD culture.

“Some personal work does spill over during office hours or vice versa. So, people have to be mindful of how they treat passwords, untrusted emails, and outside communication,” he advises.

Red Alert Ahead

Data from Comparitech suggests that the number of devices connected with the Internet is projected to spike to 35 billion in 2021 from 31 billion in 2020. This number is expected to go up to 75 billion in 2025. After all, we never give way to thoughts of cyber security when logging ourselves online on a new device.


Read more: Are upskilling and reskilling the answer to India´s dire need for cybersecurity professionals?


With the Babychakra incident coming to light, we can never know where the next attack is going to occur. Also, we cannot take these attacks lightly. US$150 is the average cost of each record that is compromised, US$ 3.92 million the average cost of a single data breach.

The numbers say it´s worth being on the alert.

Navanwita Bora Sachdev

Navanwita is the editor of The Tech Panda who also frequently publishes stories in news outlets such as The Indian Express, Entrepreneur India, and The Business Standard

Recent Posts

DeepSource’s new autonomous AI agents promise to scan, fix code security vulnerabilities

As artificial intelligence (AI) continues to progress exponentially, the future of industries like software engineering…

6 hours ago

Retail’s Return Rate Crisis: The Urgent Need for Proactive Solutions

The average return rate in eCommerce is estimated at 17.6% for 2024. Nearly 1 in 5 products…

22 hours ago

AI Launches: Cybersecurity, AI Agents, product specs, business operating system, automobile, consumer & MSME lending, cloud, data streaming

The Tech Panda takes a look at recent launches in the superfast field of Artificial…

2 days ago

As India’s tech sector on track to surpass $300 billion, CEO of Ness shares insights into AI’s important role 

The tech sector in India has been going from strength to strength in recent years.…

2 days ago

Unknown & uncontrolled machine identities within organizations leading to emergence of new identity security challenges

Experts are saying that organizations are inadvertently creating a new identity-centric attack surface through growing…

2 days ago

Outbound & inbound: India attracts businesses from US & Singapore while expanding to UAE, Europe & Philippines

The Tech Panda takes a look at how India has been attracting foreign businesses from…

3 days ago