Banks Drop OTPs, Major Cyber Heist, Spying Spouses Arrested

From a product strategy perspective, DMARC reporting is evolving from a security tool to a business intelligence platform, says Brad Slavin, CEO of DuoCircle. The data in aggregate reports tells you not just who’s spoofing you, but who’s sending legitimate email on your behalf — and whether they’re doing it correctly.

_According to the FBI’s 2022 Internet Crime Report (IC3), 300,497 US-based victims reported phishing incidents in a single year, and Business Email Compromise (BEC) caused more than $2.7 billion in direct losses. DMARC Report

Banks Drop OTPs, Major Cyber Heist, Spying Spouses Arrested

					<button title="Play" aria-label="Play Episode" aria-pressed="false" class="play-btn">
						

Play Episode

					</button>
					<button title="Pause" aria-label="Pause Episode" aria-pressed="false" class="pause-btn hide">
						

Pause Episode

					</button>
					


				

				

					<audio preload="none" class="clip clip-14447">
						<source src="/images/wp/2024/07/Banks-Drop-OTPs-Major-Cyber-Heist-Spying-Spouses-Arrested.mp3">
					</audio>
					

						

					

					

						

							<button class="player-btn player-btn__volume" title="Mute/Unmute">
								

Mute/Unmute Episode

							</button>
							<button data-skip="-10" class="player-btn player-btn__rwd" title="Rewind 10 seconds">
								

Rewind 10 Seconds

							</button>
							<button data-speed="1" class="player-btn player-btn__speed" title="Playback Speed" aria-label="Playback Speed">1x</button>
							<button data-skip="30" class="player-btn player-btn__fwd" title="Fast Forward 30 seconds">
								

Fast Forward 30 seconds

							</button>
						

						

							<time class="ssp-timer">00:00</time>
							

/

							<!-- We need actual duration here from the server -->
							<time class="ssp-duration" datetime="PT0H1M44S">1:44</time>
						

					

				

			

								<nav class="player-panels-nav">
												<button class="subscribe-btn" id="subscribe-btn-14447" title="Subscribe">Subscribe</button>
																		<button class="share-btn" id="share-btn-14447" title="Share">Share</button>
										</nav>
						

	



		

						

				

					

					

				

				

					

																																																																								

					

						

RSS Feed

							<input value="https://dmarcreport.com/feed/podcast/dmarc-report" class="input-rss input-rss-14447" title="RSS Feed URL" readonly />
						

						<button class="copy-rss copy-rss-14447" title="Copy RSS Feed URL" aria-label="Copy RSS Feed URL"></button>
					

				

			

									

				

					

					

				

				

					

						Share						

					

						<a href="https://www.facebook.com/sharer/sharer.php?u=https://dmarcreport.com/blog/podcast/banks-drop-otps-major-cyber-heist-spying-spouses-arrested/&t=Banks Drop OTPs, Major Cyber Heist, Spying Spouses Arrested" target="blank" rel="noopener noreferrer" class="share-icon facebook" title="Share on Facebook">
							

						</a>
						<a href="https://twitter.com/intent/tweet?text=https://dmarcreport.com/blog/podcast/banks-drop-otps-major-cyber-heist-spying-spouses-arrested/&url=Banks Drop OTPs, Major Cyber Heist, Spying Spouses Arrested" target="blank" rel="noopener noreferrer" class="share-icon twitter" title="Share on Twitter">
							

						</a>
						<a href="/images/wp/2024/07/Banks-Drop-OTPs-Major-Cyber-Heist-Spying-Spouses-Arrested.mp3" target="blank" rel="noopener noreferrer" class="share-icon download" title="Download" download>
							

						</a>
					

				

				

					

						Link						

					

						<input value="https://dmarcreport.com/blog/podcast/banks-drop-otps-major-cyber-heist-spying-spouses-arrested/" class="input-link input-link-14447" title="Episode URL" readonly />
					

					<button class="copy-link copy-link-14447" title="Copy Episode URL" aria-label="Copy Episode URL" readonly=""></button>
				

				

					

						Embed						

					

						<input type="text" value='<blockquote class="wp-embedded-content" data-secret="lNbvsSiASp"><a href="https://dmarcreport.com/blog/podcast/banks-drop-otps-major-cyber-heist-spying-spouses-arrested/">Banks Drop OTPs, Major Cyber Heist, Spying Spouses Arrested</a></blockquote><iframe sandbox="allow-scripts" security="restricted" src="https://dmarcreport.com/blog/podcast/banks-drop-otps-major-cyber-heist-spying-spouses-arrested/embed/#?secret=lNbvsSiASp" width="500" height="350" title=""Banks Drop OTPs, Major Cyber Heist, Spying Spouses Arrested" — DMARC Report" data-secret="lNbvsSiASp" frameborder="0" marginwidth="0" marginheight="0" scrolling="no" class="wp-embedded-content"></iframe><script>

/*! This file is auto-generated / !function(d,l){“use strict”;l.querySelector&&d.addEventListener&&“undefined”!=typeof URL&&(d.wp=d.wp||{},d.wp.receiveEmbedMessage||(d.wp.receiveEmbedMessage=function(e){var t=e.data;if((t||t.secret||t.message||t.value)&&!/[^a-zA-Z0-9]/.test(t.secret)){for(var s,r,n,a=l.querySelectorAll(‘iframe[data-secret=”‘+t.secret+’”]’),o=l.querySelectorAll(‘blockquote[data-secret=”‘+t.secret+’”]’),c=new RegExp(“^https?:$”,“i”),i=0;i<o.length;i++)o[i].style.display=“none”;for(i=0;i<a.length;i++)s=a[i],e.source===s.contentWindow&&(s.removeAttribute(“style”),“height”===t.message?(1e3<(r=parseInt(t.value,10))?r=1e3:~~r<200&&(r=200),s.height=r):“link”===t.message&&(r=new URL(s.getAttribute(“src”)),n=new URL(t.value),c.test(n.protocol))&&n.host===r.host&&l.activeElement===s&&(d.top.location.href=t.value))}},d.addEventListener(“message”,d.wp.receiveEmbedMessage,!1),l.addEventListener(“DOMContentLoaded”,function(){for(var e,t,s=l.querySelectorAll(“iframe.wp-embedded-content”),r=0;r<s.length;r++)(t=(e=s[r]).getAttribute(“data-secret”))||(t=Math.random().toString(36).substring(2,12),e.src+=”#?secret=“+t,e.setAttribute(“data-secret”,t)),e.contentWindow.postMessage({message:“ready”,secret:t},"")},!1)))}(window,document); //# sourceURL=https://dmarcreport.com/wp-includes/js/wp-embed.min.js ’ title=“Embed Code” class=“input-embed input-embed-14447” readonly/>

					<button class="copy-embed copy-embed-14447" title="Copy Embed Code" aria-label="Copy Embed Code"></button>
				

			

				

Digitization and cybersecurity go hand in hand. They are like the two sides of the same coin. If you wish to reap the benefits of digital advancements, then you must educate yourself about cybercrimes and threat actors. The implementation of SPF, DKIM, and DMARC helps mitigate risks like cyber heists and privacy breaches, enhancing email security for financial institutions and beyond.

We bring to you our weekly dose of global cyber news so that you can steer clear of any such cyber mishaps. In today’s edition, you will get to know why Singaporean banks have decided to eliminate OTPs for good. On the other hand, an elderly couple in Australia has been arrested for espionage. Also, a major cyber heist has shaken the Indian banking system to the core.

Keep reading to get into the juicy details**! Lastly, Apple has once again warned its users against potential spyware attacks.

Singapore banks decide to give up on one time passwords!

In the next three months, Singapore banks will stop using OTPs or one-time passwords for their retail customers. This significant step has been taken with an aim to keep malicious phishing attempts at bay.

The Association of Banks in Singapore (ABS) and The Monetary Authority of Singapore (MAS) have made an announcement regarding the **progressive phasing out of OTPs across all the major Singapore retail banks.

The new authentication system will now involve digital tokens instead of one-time passwords. Customers will now have to activate digital tokens on their smartphones. The same digital tokens will be used for bank account logins. The use of **digital tokens eliminates OTP generation and thereby easily thwarts phishing attempts. If there isn’t any OTP, then there will be no risk of threat actors stealing the data. Also, the scammers won’t be able to compel naive customers to share their OTPs.

The Singaporean authority believes that this major change will bring down the rate of cybercrimes in the banking sector. They urge the customers to activate digital tokens at the earliest to fortify the **authentication process and safeguard their hard-earned money from scammers.

Cyber heist worth INR 16.71 crores shook Nainital Bank in India

The Nainital Bank Limited in Noida Sector 62 got the biggest shock ever when the **IT manager **realized about the cyber heist. A staggering 16.71 crores have been stolen by cybercriminals by hacking into the servers of the Indian bank.

Sumit Shrivastava, the IT manager, discovered about the heist back on 17th June while he was cross-checking the balance sheets . He came across a discrepancy of INR 3.60 crores in the Real Time Gross Settlement account which made him suspicious. Soon, the bank authorities realized that INR 16.71 crores had been transferred to **84 different accounts within just 5 days.

Nainital Bank has approached the Indian Computer Emergency Response Team or CERT-IN for an in-depth investigation. The IT manager has also filed a complaint against the hackers with the Noida Cyber Crime Police Station.

As per the Additional Commissioner of Police, the threat actors had managed to access the login ID and password of the bank manager. A **special investigation team is working closely with the bank authorities to get hold of the culprits.

A married couple got arrested for engaging in espionage for Russia!

Kira and Igor Korolev, a married couple based in Australia, have been arrested for engaging in espionage activities for Russia. The 40-year-old wife was also an Australian Defence Force (ADF) army private. They have been residing in Australia for the past decade. The authorities arrested them from their residence in Brisbane. Together, the couple was spying to gain access to ADF data.

Kira often took long work leaves to travel to Russia. During that time, her spouse would log into her official ID to access sensitive information and share it with her. The Australian Federal Police believes that Kira and her partner have misused her ADF login credentials multiple times to gain access to ADF-related data.

Apple issues spyware attack warnings across 98 countries!

Once again, iPhone users are concerned about their **data and privacy since Apple has issued another potential spyware attack warning. The tech giant has been tight-lipped about the suspected attackers, though.

The first such warning was issued in April 2024 across 92 nations . The Apple warning reads, “Apple detected that you are being targeted by a mercenary spyware attack that is trying to remotely compromise the **iPhone associated with your Apple ID-xxx—.” Indian users have confirmed receiving the same alerts. Reportedly, **Indian journalists and politicians received the earlier slot of warnings as well.

Apple, while emphasizing on its effective threat detection methods, has urged its users to stay vigilant and not divulge any personal details.