With considerable trend of online payments and growing usability of plastic money (debit and credit cards), e-theft is increasing in all sorts of financial transactions handled through ATMs (automated teller machines), cellular phones, internet and various online mechanism.

Lack of foolproof digital security, poor public awareness of e-transactions, easy availability of skimming and cloning devices and untrained law enforcement agencies are key reasons behind rise in online frauds and ATM attacks.

Numerous methods of stealing e-data and money from ATMs are in practice. Using hacking technology, criminals breach the systems of companies that deal with credit card data. Stolen data is easily used for illegal digital transaction.

"Most popular technique is called ATM skimming. It allows criminals to install illegal monitoring devices at various ATM interface points camouflaged as a part of the machine. This enables criminals to record card data as well as to steal cardholders’ PIN codes. After data is duplicated and cloned, counterfeit cards are produced to withdraw cash or make online purchases," says Zia Ul Islam, Deputy Director Federal Investigation Agency (FIA).

Talking about methods that are becoming common in rural areas or small towns, Islam, who has years of experience in curbing e-banking frauds, revealed that criminals have started targeting ATMs placed in remote areas. As villagers and town people generally have a limited understanding regarding the usability of cards, they become easy victims. Criminals pour gluing material in the card-inserting cavity. When the card gets stuck, people have no other option but to contact officials of the relevant bank branch the next morning -- giving the criminals enough time to take the card out tactfully and withdraw money.

Islam claims that usually an ATM attack is not possible without the help of bank officials. We nabbed the first ATM fraud gang in 2009 in which a bank manager was found to be involved.

As banks are scrambling to add new security features to keep a watch over illegal e-transactions, another challenge in the form of malware attacks on ATMs seems to be taking shape. Criminals insert a customised circuit board through the card slot in ATM. The circuit board activates malware that compromises the ATM system and picks card and PIN data of every user. Later, the stolen data is used to make counterfeit cards. Criminals are using technological advancement to their advantage.

Along with ATM attacks, sim card cloning is also in practice to steal money electronically. Almost every bank has made it mandatory to use phone number to get access code to complete online financial transaction. Since sim cards can be cloned easily, threats of unlawful e-transaction have manifold.

Sources in the State Bank of Pakistan (SBP) reveal that new security protocols to discourage cybercrime are in the offing. They add that with improved technology, some banks have introduced new security protocols, featuring a combination of bio-metrics, facial and retinal recognition to authenticate the user at ATM. This will protect users from fraudulent transaction.

Syed Murtaza Ali, branch manager at Muslim Commercial Bank (MCB) says that online transaction is unavoidable despite increase in the incidence of ATM skimming and other malicious e-transactions.

Banks have witnessed 3.30 trillion financial transactions through ATMs which accounts for 12 per cent of the total retail electronic payments in 2015. With people becoming more comfortable with electronic transactions, efforts are being made to expand the network from 9,000 ATMs to 20,000 ATMs, informs Islam.

It’s not just in Pakistan where illegal e-transactions are on the rise. This is, in fact, a global menace.

According to the Global Fraud Index, online fraud attacks have increased by 12 per cent in the US. Credit card fraud has been a massive problem in the US, with retailers losing $32 billion to the crime.

Two months ago, criminals took out $13 million from 1,500 ATMs in less than 3 hours from all over Japan by getting hold of credit and debit card data and making counterfeit copies of banking cards.

SBP issued recommendations to curtail e-transaction frauds especially ATM skimming suggests to always inspect the ATM or card reader at any retail outlet before using them. If you find anything to be suspicious and tampered with, loose, or damaged, you are advised to bring it into the notice of the concerned bank without any loss of time. Better to use ATMs installed in banks. Always insert the pin code secretly. Have your card in sight whenever it is being used for payment anywhere as it takes only a few seconds to steal the data by skimming machines.

Software engineer, Rehan Jahanzaib shares a few tips to deal with the problem. He says that whenever engaging in internet banking for online transaction -- whether through mobile or laptop -- the best approach is to keep changing passwords and setting more complex ones. He also encourages users to avoid using public internet to do financial transaction.

Dr Usman Anwar, Director FIA, is optimistic about his organisation’s work to eradicate the menace of online frauds. "National Response Center for Cyber Crime (NR3C), high-tech crime fighting unit working since 2007, identifies and curbs the phenomenon of technological abuse. It has expertise in digital forensics, technical investigation, information system security audits, penetration testing and trainings," he says.

Syed Shahid Hassan, FIA Cyber Crime Circle (Punjab), says that in the wake of gradual increase in digital crime, the government enacted prevention of electronic crime 2007 that lapsed in 2010. Now, "the Electronic Transaction Ordinance (2002) promulgated in the Musharraf regime is in practice to combat cyber crime."

However, he endorses the cybercrime bill 2016 and underscores the need for its immediate enforcement.

He thinks public awareness campaigns must be initiated to increase understanding of secure digital transactions. He also proposes that all existing loopholes used by criminals to bring in skimming devices and other gadgets into Pakistan via sea, air and land routes must be tackled.

Without capacity-building of the relevant organisations and availability of required resources, it will be tough to deal with the curse of cybercrime, he adds.