Cyber crime


Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Cyber crime

  1. 1. Cyber Crime
  2. 2. Because – Everybody is using COMPUTERS From white collar criminals to terrorist organizations And from Teenagers to Adults Conventional crimes like Forgery,, extortion, kidnapping etc are being committed with the help off computers New generation is growing up with computers MOST IMPORTANT - Monetary transactions are moving on to the IINTERNET
  3. 3. WHAT IS CYBERCyber crime is defined as crimes committed on theinternet using the computer as either a tool or a targetedvictim. It is very difficult to classify crimes in general intodistinct groups as many crimes evolve on a daily basis. Evenin the real world, crimes like rape, murder or theft need notnecessarily be separate. However, all cybercrimes involveboth the computer and the person behind it as victims, itjust depends on which of the two is the main target.Hence, the computer will be looked at as either a target ortool for simplicity’s sake. For example, hacking involvesattacking the computer’s information and other resources.It is important to take note that overlapping occurs inmany cases and it is impossible to have a perfectclassification system.
  4. 4. Like traditional crime, cybercrime can take many shapes and can occur nearly anytime or anyplace. Criminals committing cybercrime use a number of methods, depending on their skill-set and their goal. This should not be surprising: cybercrime is, after all, simply crime with some sort of computer or cyber aspect. Every 3 seconds an identity is stolen** Without security, your unprotected PC can become infected within four minutes of connecting to the internet*** Cybercrime has surpassed illegal drug trafficking as a criminal moneymaker*
  5. 5. The Council of Europes Cybercrime Treaty uses the term cybercrime to refer to offenses ranging from criminal activity against data to content and copyright infringement [Krone, 2005]. However, others [Zeviar-Geese, 1997-98] suggest that the definition is broader, including activities such as fraud, unauthorized access, child pornography, and cyber stalking. The United Nations Manual on the Prevention and Control of Computer Related Crime includes fraud, forgery, and unauthorized access [United Nations, 1995] in its cybercrime definition. References *“Cybercrime More Profitable Than Drugs”, NineMSN **Identity Theft Statistics, Identity Protection Online ***“Eliminating Mobile Security Blindfolds”, Tech News World Krone, T., 2005. High Tech Crime Brief. Australian Institute of Criminology. Canberra, Australia. ISSN 1832-3413. 2005. Zeviar-Geese, G. 1997-98. The State of the Law on Cyber jurisdiction and Cybercrime on the Internet. California Pacific School of Law. Gonzaga Journal of International Law. Volume 1. 1997-1998.
  6. 6. Profile of Cyber Criminal Disgruntled employees Teenagers Political Hacktivist Professional Hackers Business Rival Ex-Boy Friend Divorced Husband.etc
  7. 7. VICTIMS Gullible Desperados and greedy people Unskilled & Inexperienced Unlucky people
  8. 8. Computer Crimes are VulnerableBecause off :-AnonymityComputers storage capacityWeakness in Operating SystemLack off Awareness off user
  10. 10. HACKINGHacking in simple terms means illegal intrusion intoa computer system without the permission of thecomputer owner/user. The most prominent definition ofhacking is the act of gaining access without legalauthorization to a computer or computer network. Ahacker first attacks an easy target, and then uses it to hidehis or her traces for launching attacks at more secure sites.The goal of an attack is to gain complete control of thesystem (so you can edit, delete, install, or execute any filein any user’s directory), often by gaining access to a "super-user" account. This will allow both maximum access andthe ability to hide your presence.
  11. 11. COMPUTER VIRUSA computer virus is a computer program that can copy itself andinfect a computer without permission or knowledge of the user.The original may modify the copies or the copies may modifythemselves. A virus can only spread from one computer toanother when its host is taken to the uninfected computer, forinstance by a user sending it over a network or carrying it on aremovable medium such as a floppy disk, CD, or USB drive.Additionally, viruses can spread to other computers by infectingfiles on a network file system or a file system that is accessed byanother computer.The term comes from the term virus in biology. A computervirus reproduces by making, possibly modified, copies of itselfin the computers memory, storage, or over a network. This issimilar to the way a biological virus works
  12. 12. SOFTWARE PIRACY Theft of software through the illegal copying of genuine programs or the counterfeiting and distribution of products intended to pass for the original Retail revenue losses worldwide are ever increasing due to this crime Can be done in various ways- End user copying,, Hard disk loading,, Counterfeiting,, Illegal downloads from the internet etc
  13. 13. PORNOGRAPHY Pornography is the first consistently successful ecommerce product Deceptive marketing tactics and mouse trapping technologies Pornography encourage customers to access their websites Anybody including children can log on to the internet and access websites with pornographic contents with a click of a mouse Publishing, transmitting any material in electronic form which is lascivious or appeals to the prurient interest is an offence under the provisions of section 67 of I.T. Act -2000.
  14. 14. IRC CRIME Internet Relay Chat (IRC) servers have chat rooms in which people from anywhere the world can come together and chat with each other Criminals use it for meeting coconspirators Hackers use it for discussing their exploits / sharing the techniques Pedophiles use chat rooms to allure small children Cyber Stalking - In order to harass a woman her telephone number is given to others as if she wants to befriend males
  15. 15. CREDIT CARD FRAUDYou simply have to type credit card number into wwwpage off the vendor for online transaction.If electronic transactions are not secured the creditcard numbers can be stolen by the hackers who canmisuse this card by impersonating the credit cardowner
  16. 16. Credit card skimmer
  17. 17. Skimmer
  18. 18. How the credit card skimmer is used
  19. 19. Credit Card Writer
  20. 20. 1- ATM machine as usual ?
  21. 21. 2- Is there an additional slot ?
  22. 22. 3- A monitor and pamphlet holder at the side...nothing wrong
  23. 23. 5-False pamphlet box affixed to the ATM cubicle side
  24. 24. 6-Inside the “pamphlet box”
  25. 25. SPAMMINGSpamming is the abuse of electronic messaging systems to sendunsolicited bulk messages, which are generally undesired. While themost widely recognized form of spam is email spam, the term isapplied to similar abuses in other media: instant messagingspam, Usenet newsgroup spam, Web search engine spam, spam inblogs, mobile phone messaging spam, internet forum spam and junkfax transmissions.Spamming is economically viable because advertisers have nooperating costs beyond the management of their mailing lists, and it isdifficult to hold senders accountable for their mass mailings. Becausethe barrier to entry is so low, spammers are numerous, and the volumeof unsolicited mail has become very high. The costs, such as lostproductivity and fraud, are borne by the public and by Internet serviceproviders, which have been forced to add extra capacity to cope withthe deluge. Spamming is widely reviled, and has been the subject oflegislation in many jurisdictions.
  26. 26. PHISHINGIt is technique of pulling out confidential information fromthe bank/financial institutional account holders bydeceptive meansIn most cases, phishers send out a wave of spamemail, sometimes up to millions of messages. Each emailcontains a message that appears to come from a well-known and trusted company. Usually the message includesthe companys logo and name, and it often tries to evoke anemotional response to a false crisis. Couched inurgent, business-like language, the email often makes arequest of the user’s personal information. Sometimes theemail directs the recipient to a spoofed Web site. The Website, like the email, appears authentic and in someinstances its URL has been masked so the Web addresslooks real.
  27. 27. SpoofingGetting one computer on a network to pretend to have theidentity off another computer,, usually one with specialaccess privileges ,, so as to obtain access to the othercomputers on the network.A common misconception is that "IP spoofing" can be usedto hide your IP address while surfing the Internet, chattingon-line, sending e-mail, and so forth. This is generally nottrue. Forging the source IP address causes the responses tobe misdirected, meaning you cannot create a normalnetwork connection. However, IP spoofing is an integralpart of many network attacks that do not need to seeresponses (blind spoofing).
  28. 28. DENIAL OF SERVICE ATTACKThis is an act by the criminal, who floods thebandwidth of the victims network or fills his e-mailbox with spam mail depriving him of the services heis entitled to access or provide
  29. 29. CYBER STALKINGThe Criminal follows the victim by sendingemails, entering the chat rooms frequently.
  30. 30. CYBER DEFAMATIONThe Criminal sends emails containing defamatorymatters to all concerned off the victim or post thedefamatory matters on a website.(disgruntled employee may do this against boss,, ex-boys friend against girl,, divorced husband against wifeetc)
  31. 31. THREATENINGThe Criminal sends threatening email or comes incontact in chat rooms with victim.(Any one disgruntled may do this against boss,, friendor official)
  32. 32. SALAMI ATTACKIn such crime criminal makes insignificant changes insuch a manner that such changes would go unnoticed.Criminal makes such program that deducts smallamount like Rs. 2.50 per month from the account of allthe customer of the Bank and deposit the same in hisaccount. In this case no account holder will approachthe bank for such small amount but criminal gainshuge amount.
  33. 33. SALE OF NARCOTICS Sale & Purchase through net There are web site which offset sale and shipment off contrabands drugs They may use the techniques off stenography for hiding the messages
  34. 34. Now in its tenth year, the Internet Crime Complaint Center (IC3) hasbecome a vital resource for victims of online crime and for lawenforcement investigating and prosecuting offenders.In 2010, IC3 received the second-highest number of complaints since itsinception. IC3 also reached a major milestone this year when it receivedits two-millionth complaint. On average, IC3 receives and processes25,000 complaints per month.IC3 is more than a repository for victim complaints. It serves as a conduitfor law enforcement to share information and pursue cases that oftenspan jurisdictional boundaries. IC3 was founded in 2000 as a joint effortbetween the National White Collar Crime Center (NW3C)/Bureau ofJustice Assistance (BJA) and the Federal Bureau of Investigation (FBI).That partnership leveraged the
  35. 35. resources necessary to aid law enforcement in every aspect of anInternet fraud complaint.The most common victim complaints in 2010 were non-deliveryof payment/merchandise, scams impersonating the FBI(hereafter “FBI-related scams”) and identity theft. Victims ofthese crimes reported losing hundreds of millions of dollars.Through a number of technological advancements, IC3 hasstreamlined the way it processes and refers victim complaints tolaw enforcement. In 2004, IC3 developed Automatch, anautomated internal complaint grouping and analytical searchtool. The design of Automatch is based on an assessment of theIC3 partnership aimed at defining a joint workflow for theproject partners with different service requirements. IC3 IT staffcontinually review and update
  36. 36. Automatch to meet the needs of analysts who build casesfor law enforcement worldwide gathering all relatedinformation based on commonalities in the IC3 data. In2009, NW3C developed the state-of-the-art InternetComplaint Search and Investigation System (ICSIS), whichfosters seamless collaboration among law enforcementfrom multiple jurisdictions.Expert IC3 analysts also provide key analytical and casesupport.The 2010 Internet Crime Report demonstrates howpervasive online crime has become, affecting people in alldemographic groups. The report provides specific detailsabout various crimes, their victims and the perpetrators. Italso shows how IC3 continually adapts its methods to meetthe needs of the public and law enforcement.
  37. 37. Type Percent1. Non-delivery Payment/Merchandise 14.4%2. FBI-Related Scams 13.2%3. Identity Theft 9.8%4. Computer Crimes 9.1%5. Miscellaneous Fraud 8.6%6. Advance Fee Fraud 7.6%7. Spam 6.9%8. Auction Fraud 5.9%9. Credit Card Fraud 5.3%10. Overpayment Fraud 5.3%
  38. 38. UN RESOLUTION A broad, inclusive focus is necessary to address problems of cybercrime, going beyond criminal law, penal procedures and law enforcement. The focus should include requirements for the secure functioning of a cyber-economy optimizing business confidence and individual privacy, as well as strategies to promote and protect the innovation and wealth-creating potential and opportunities of information and computing technologies, including early warning and response mechanisms in case of cyber attacks. Behind the prevention and prosecution of computer-related crime looms the larger challenge of creating a global culture of cyber security, addressing the needs of all societies, including developing countries, with their emerging and still vulnerable information technology structures.
  39. 39. EU RESOLUTIONThe European Commission adopted a proposal for new laws againstcybercrime to harmonies laws that deal with hacking, viruses anddenial of service attacks. All EU Member States are also members ofthe Council of Europe which recently agreed a Cybercrime Conventionwith the same aim The Commission adopted its proposal for a Council FrameworkDecision on "Attacks against information systems" seeks to ensure thatEuropes law enforcement and judicial authorities can take actionagainst crimes for which existing laws were not designed. It also aims toencourage and promote information security. AntonioVitorino, European Commissioner for Justice and Home Affairs, said:"Member States laws contain some significant gaps which couldhamper the ability of law enforcement and judicial authorities torespond to crimes against information systems. Given the trans-national nature of hacking, virus and denial of service attacks, it isimportant that the European Union takes action in this area to ensureeffective police and judicial co-operation."
  40. 40. DOs or DONTsWhat you should not do Expose yourself that you are not available in town or give your details about location and itinerary when email auto responder enabled Hand over your credit card to any person Auto-connect to open Wi-Fi (wireless fidelity) networks Get confused, frightened or pressured into divulging information if you receive an e-mail purporting to be from your bank or credit card provider as criminal use scare tactics Keep passwords stored on your computer
  41. 41.  Open email attachment if you are not sure about it. Assume a company is legitimate based on "appearance" of the website. Be wary of investments that offer high returns at little or no risk. Accept packages that you didnt order. Go online without virus protection and a firewall in place.
  42. 42. What you should do Install and use a firewall, pop-up blocker and spyware detector Ensure that your virus definitions are up to date and run anti-virus and spyware detectors/cleaners regularly Make Backups of Important Files and Folders to protect important files and records on your computer if your computer malfunctions or is damaged by a successful attacker Use strong passwords - Easy to remember and difficult to guess type password. Use alphanumeric and special characters in your password. The length of password should be as long as possible (More than 8 characters)
  43. 43.  Use a variety of passwords, not same for all of your accounts Be extremely wary of spam legitimate looking email asking for confidential information. Never ever click on the link given in the spam email. Always delete spam emails immediately and empty the trash box to prevent accidental clicking on the same link. Be wary of websites that require your card details up front before you actually place an order. Not to believe everything you read online Take your time - do not rush into things
  44. 44. Reference*“Cybercrime More Profitable Than Drugs”, NineMSN **Identity Theft Statistics, Identity Protection Online ***“Eliminating Mobile Security Blindfolds”, Tech News World Krone, T., 2005. High Tech Crime Brief. Australian Institute of Criminology. Canberra, Australia. ISSN 1832-3413. 2005. Zeviar-Geese, G. 1997-98. The State of the Law on Cyber jurisdiction and Cybercrime on the Internet. California Pacific School of Law. Gonzaga Journal of International Law. Volume 1. 1997-1998.