Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Cyber crime & security

766 views

Published on

Hacking
Phishing
Denial of Service
Spam Email
Spyware, Adware
Malware (Trojan, Virus, Worms etc. )
ATM Skimming and Point of Scale Crimes
Ransomware

Published in: Internet
  • Be the first to comment

Cyber crime & security

  1. 1. Cyber Security
  2. 2. Contents • Introduction • Categories of Cyber Crime • Types of Cyber Crime • Advantages of Cyber Security • Safety Tips to Cyber Crime • Latest Cyber Attack
  3. 3. Introduction • The Internet in India is growing rapidly. There are two sides to a coin. Internet also has it’s own disadvantages is cyber crime-illegal activity committed on the Internet. • Crime committed using a computer and the internet to steal a person’s identity or illegal imports or malicious programs. Cyber crime is an activity done using computers and the internet. • Cyber security refers to the technologies and processes designed to protect computers, networks and data from unauthorized access and attacks delivered via the internet by cyber criminals. Though, cyber security is important for the network, data and application security.
  4. 4. Categories of Cyber Crime We can categorize cyber crime in two ways:- The computer as a target: Using a computer to attacks other computer e.g. Hacking, Virus/Worms attacks, DoS attack etc. The computer as a weapon: Using a computer to commit real world crime e.g. credit card fraud etc.
  5. 5. Types of Cyber Crime • Hacking • Phishing • Denial of Service • Spam Email • Spyware, Adware • Malware (Trojan, Virus, Worms etc. ) • ATM Skimming and Point of Scale Crimes • Ransomware
  6. 6. History of Hacking • Hacking has been a part of computing for 40 years. • The first computer hacker emerged at MIT. • Hacking is began in the 1960s at MIT, origin of the term “hacker”. • The true hacker amongst our societies have thirst for the knowledge. • Boredom is never an object of challenge for hacker.
  7. 7. • While a hacker is really just a clever programmer who is adept at manipulating or modifying a computer system or computing network, a malicious hacker is someone who uses their computer skills to gain unauthorized access to data such as credit card info or personal pictures, either for fun, profit, to cause harm or for other reasons. • Computer hacking refers to manipulating the normal behavior of a computer and its connected systems. This is usually done using scripts or programs that manipulate the data passing through a network connection in order to access information from the system. Hacking techniques include using viruses, worms, Trojan horses, ransomware, browser hijacks, rootkits and denial of service attacks. What is Hacking?
  8. 8. Types of Hacking • Website Hacking • Network Hacking • Ethical Hacking • Email Hacking • Password Hacking • Online Banking Hacking • Computer Hacking
  9. 9. How to Remove Hacking • Since hacking refers to a method of accessing your computer system or network, the best way to remove hacks is to use high-quality anti-hacking software, commonly referred to as antivirus software, which will scan your computer for any malicious software and remove it. How to Prevent Hacking • Don’t open any attachments sent from suspicious email addresses • Never send your banking logins or credit card numbers via email • Don’t download unknown software to your computer
  10. 10. Spam Email • Email Spam is the electronic version of junk mail. It involves sending unwanted messages, often unsolicited advertising, to a large number of recipients. Spam is a serious security concern as it can be used to deliver Trojan horses, viruses, worms, spyware, and targeted phishing attacks.
  11. 11. Ways to Reduce Spam • Delete junk e-mail messages without opening them. • Don’t reply to spam. • Don’t give personal information in an e-mail or instant messages. • Think twice before you open attachments or click links in e-mail or instant messages. • Don’t forward chain e-mail messages.
  12. 12. You Should: • Report abusive, harassing, or threatening e-mail messages to your internet service provider. • Report phishing, scams and other fraudulent e-mail to the company that has been misrepresented.
  13. 13. What is Phishing? • Phishing is a fraudulent attempt, usually made through email, to steal your personal information. • Phishing is attempt to obtain sensitive information such as username, password and credit card details (and sometimes, indirectly, money), often for malicious reasons through an electronic communication (such as Email).
  14. 14. Phishing Motives • Financial gain: Phishers can use stolen banking credential to their Financial benefits. • Identity hiding: Instead of using stolen identities directly, phishers might sell the identities to others whom might be criminals seeking ways to hide their identities and activities (e.g. purchase of goods). • Frame and notoriety: phishers might attack victims for the sake of peer recognition.
  15. 15. Types of Phishing Attacks • Deceptive Phishing The common method is deceptive phishing is E-mail. Phishers sends a bulk of deceptive emails which command the user to click on link provided. • Malware-Based Phishing Running malicious software on the other’s machine. Key-Loggers & Screen-Loggers Session Hijackers
  16. 16. • DNS-Based Phishing It is used to Pollute the DNS Cache with Incorrect Information which directs the user to the other location.  This type of phishing can be done directly when the user has a misconfigured DNS cache. • Content-Injection Phishing In this attack, a malicious content is injected into a legitimate site. This malicious content can direct the user to some other sites or it can install malwares on the computers.
  17. 17. Anti-Phishing Tools • NET Craft It alert the user when connect to the phishing sites. When a user connects to a phishing site it block the user by showing a warning sign. It traps suspicious URLs in which the character have no common purpose other than to deceive the user.
  18. 18. • Threat Fire Threat Fire provides behavior based security monitoring solution protecting unsafe system. It continuously analyses the programs and processes on the system and if it find any suspicious actions. It can be used with the normal antivirus programs or firewall which adds an additional level of security of the system.
  19. 19. Other Anti-Phishing Tools • Spyware Doctor • Phish Tank Site Checker • Spoof-Guard • Trust-Watch Toolbar • Adware Inspector
  20. 20. How to Avoid Phishing Attack • Don’t click on links, download files or open attachments in emails from unknown senders. • Never email personal or financial information, even if you are close the recipient. • Check your online accounts and bank statements regularly. • Do not divulge personal information over the phone unless you initiate the call. • Verify any person who contacts (phone or email) you.
  21. 21. Popular Examples of Phishing Attack
  22. 22. Phishing Attack Email Example
  23. 23. What should I be Aware of When Receiving a Suspicious Email? • Look for the following clues: Misspelled word, unprofessional tone, bad grammar or other problems with content. • Other things to look for: They are asking you to verify your confidential information, will hold you liable if you don’t respond, telling you that the account will be closed if you don’t respond, etc. All these are signs of a phishing message.
  24. 24. Denial of Service • This is an act by the criminals who floods the Bandwidth of the victims network. • In the DoS attack, a hacker uses a single internet connection to either exploit a software vulnerability or flood a target with fake request-usually in an attempt to exhaust server resources. • On the other hand, DDoS attacks are launched from multiple connected devices that are distributed across the internet. • DoS = When a single host attacks. • DDoS = when multiple hosts attack simultaneously and continuously.
  25. 25. Types of DDoS Attack • There are mainly two kinds of DDoS attack: 1) Typical DDoS attack 2) Distributed Reflector (DRDoS) DoS attack • Typical DDoS Attacks:
  26. 26. • DRDoS Attacks:
  27. 27. Tools Which Used for DDoS Attack • LOIC (Low Orbit Ion Cannon) • Silent-DDOSer • PHP DOS • JANIDOS
  28. 28. Common DoS Attacks 1) SYN flooding 2) PING flood 3) Ping of death 4) Teardrop attack 5) Smurf attack 6) Spoofing attack
  29. 29. Phases in the DDoS Attack • Step 1: Recruiting of slave/zombie machines e.g.: using pirated software, unknown links, untrusted sites etc. When a computer has become a zombie it has the code to infect other computers to which it is connected. • Step 2: Discovering the vulnerability of the target (using small scale attacks before the actual attack). This is done to check whether the target has taken any precautionary measures or not.
  30. 30. • Step 3: Sending the attack instructions to the slaves. This usually done using IRC or Internet Relay Chats or by other forms of communication between the attacker i.e. maker of the botnet and the virus which is present in a zombie computer. • Step 4: Attack On getting the instruction to attack, all the zombie computers start sending messages simultaneously and continuously to the target server. The server tries to reply to all requests but after sometimes server gets overpowered and it crashes.
  31. 31. Aftereffect After a website’s server has been hit by a DDoS attack all the other legitimate user who want to use the website are denied access to it and they see a timeout error as follows:
  32. 32. How do We Avoid the DDoS Attack? • Install & maintain anti virus. • Install a firewall. • Configure the firewall to restrict incoming & outgoing traffic. • Follow good security practices for distributing your email address. • Applying email filters may help you manage unwanted traffic.
  33. 33. Spyware & Adware • Both are independent programs that can be automatically installed when you surf the internet or when you install free software. • Most adware is spyware in a different sense than “advertising supported software”, for a different reason: it displays advertisements related to what it finds from spying on you.
  34. 34. What is Spyware? • Spyware – is computer software which is installed surreptitiously on a personal computer; it takes partial control over the user’s computer, without the user’s informed consent. • Collect various types of personal information – such as Internet surfing habits, visited sites, can also interfere installing additional software and redirecting Web browser activity. • Spyware is known to change computer settings, resulting in slow connection speeds, loss of Internet or functionality of other programs.
  35. 35. Common Spyware Forms • Browser session hijacking • Browser helper objects • Cookies and web bags • False antispyware tools • Autonomous spyware • Bots
  36. 36. What is Adware? • Adware or advertising – supported software is any software package which automatically plays, displays or downloads advertisements to a computer after the software is installed on it or while the application is being used. • Comes in the forms of popups and unexplained advertising programs on your computer. • Advertising companies hope to generate money from customers who receive the popups or unexplained programs on their computers.
  37. 37. Well-Known Adware Programs • 123 Messenger • AOL Instant Messenger • DivX • Micro Antivirus • RealPlayer • Zango
  38. 38. How to Detect that your Computer has Spyware or Adware • Continuous popups. • Persistent change in your homepage. • Slower computer processing, takes the computer longer to process or startup.
  39. 39. Extreme Symptoms of Spyware or Adware • The spyware program is rarely alone on a computer: an affected machine usually has multiple infections. • Internet browser does not start up. • Parts of your computer you cannot access without freezing. • Major core data is lost or changed.
  40. 40. What Programs are there to Help Get rid of Spyware/Adware? • Spybot search and destroy • Spy sweeper • Symantee Antivirus • Ad – aware 6.0
  41. 41. • Spyware is often bundled with other software or downloads on file-sharing sites (e.g., sites where you download free music or movies), or is installed when you open an email attachment. • Antivirus software can find and remove any spyware on your computer, since these usually include anti- spyware protection as well as spyware removal tools. • Just like spyware, adware is most often built into free software, but can also be installed on your browser or operating system through a security hole.
  42. 42. How to Prevent Spyware • Use antivirus and anti-spyware software. • Ensure that your browser, operating system, and software have the latest updates and security patches. • Set your browser security and privacy levels higher. • Use extreme caution if you frequent file-sharing sites. • Don't click on pop-up ads.
  43. 43. How to Prevent Adware • Use an antivirus with an adware cleaner. • Ensure that your browser, operating system, and software have the latest updates and security patches. • Turn on a firewall when using the Internet.
  44. 44. Recommendations • Do not download unnecessary software from the internet, especially free ones because they most likely have adware or spyware inside them. • If a download screen appears, asking you to confirm your download, click no if you are not trying to install anything. • Avoid clicking advertised popups especially ones that mention “free” stuff if possible.
  45. 45. • Some adware/spyware files like to hide in the temporary internet folders. • Disable saving of temporary files by going to Program Files, Control Panel, Network and Internet Connections, Internet Options, Temporary Internet File Settings, Check Never under “Check for Never Version of Stored Pages”. • Constantly delete old temporary files and cookies by going to Program Files, Control Panel, Network and Internet Connections, Internet Options, Delete Cookies and Delete Temporary Files.
  46. 46. • Remember though, adware and spyware can be tricky, no matter how cautious you are, there are bound to be adware or spyware programs that install into your computer. • Always constantly scan your computer for adware and spyware and keep your Adware/Spyware killer programs fully updated at all times.
  47. 47. • Malware refers to any type of malicious software that tries to infect a computer or mobile device. Hackers use malware for any number of reasons such as, extracting personal information or passwords, stealing money, or preventing owners from accessing their device. You can protect yourself against malware by using anti-malware software. • Malware (short for “malicious software”) is considered an annoying or harmful type of software intended to secretly access a device without the user's knowledge. Types of malware include viruses, trojan horses, worms, ransomware. Malware
  48. 48. Where Malware Comes from • Malware most commonly gets access to your device through the Internet and via email, though it can also get access through hacked websites, game demos, music files, toolbars, software, free subscriptions, or anything else you download from the web onto a device which is not protected with anti-malware software.
  49. 49. How to Recognize Malware • A slow computer is often a sign that your device may be infected with malware, as are pop-ups, spam, and frequent crashes. You can use a malware scanner (which is included in all malware removal tools) to check if your device is infected.
  50. 50. • Most people have heard of computer viruses and know that they can do significant damage to our computers. Not only should you be aware of what viruses are, but you should also know why it’s important to protect yourself with antivirus software. • A computer virus is a program or piece of code that is loaded onto your computer without your knowledge or permission. Some viruses are merely annoying, but most viruses are destructive and designed to infect and gain control over vulnerable systems. A virus can spread across computers and networks by making copies of itself, just like a biological virus passes from one person to another.
  51. 51. Where a PC Virus Comes from • Computer viruses are usually hidden in a commonly used program, such as a game or PDF viewer, or you may receive an infected file attached to an email or from another file you downloaded from the Internet. As soon as you interact with the file (run the program, click on an attachment or open the file), the virus runs automatically. The code can then copy itself to other files and make changes on your computer.
  52. 52. How to Prevent Viruses • Avoid programs from unknown sources. • Don't open attachments from unsolicited email or in Facebook. • Only download apps from Google’s official Android Market. • Regularly scan your devices with a virus scanner, and remove all detected viruses using virus removal software.
  53. 53. • A Trojan Horse is a type of malware that pretends to be something useful, helpful, or fun while actually causing harm or stealing data. Trojans are often silently downloading other malware (e.g. spyware, adware, ransomware) on an infected device as well. One of the most dangerous Trojans is Zeus. Where a Trojan Comes from • Trojan viruses often are spread via an infected email attachment or a download that hides in free games, applications, movies or greeting cards.
  54. 54. Some Well Known Trojan • Net Bus • Beast • Sub Seven • BOXP
  55. 55. How to recognize a Trojan virus • Your computer will often slow down because of the burden on the processor. The best way to identify if you have been infected is to use a Trojan scanner, found in any Trojan removal software. How to prevent Trojan viruses • Avoid opening unknown files attached to email. These have extensions such as .exe, .vbs, and .bat. • Maintain up-to-date antivirus protection, preferably with a firewall.
  56. 56. RATS- Remote Access Trojans • This is a trojan that infects your computer the same way a trojan horse does, but it lets a criminal view, change, monitor, record or control your computer through your internet connection. They can: • Expose you to scams by making your computer think that a fraudulent website is actually a website your trust, therefore gaining access to your password and other information that will allow the criminal to steal your money or identity.
  57. 57. • Find your files and view, copy, alter or delete them. • Create pop-ups/capture video and audio and send to criminal PC. • Record your typing and send the information to another computer. • Run or end a program, process or connection on your computer. • Use your computer as part of a Zombie Army or BOT.
  58. 58. • Worms unlike viruses do not need the host to attach themselves. They merely make functional copies of themselves and do this repeatedly till they eat up all the available space on the computer’s memory. Where a Worm Comes from • Common ways of transmitting worms include attachments, file-sharing networks and links to malicious websites.
  59. 59. How to Recognize a PC Worm • Because worms consume a large amount of system memory or network bandwidth, servers, network servers and individual computers often stop responding. How to Prevent Computer Worms • Be careful with file-sharing networks and suspicious attachments and/or links. • Maintain up-to-date antivirus protection, preferably with a firewall.
  60. 60. How to Prevent Malware • Use powerful antivirus and anti-malware software. • Don't open email attachments from unknown or unexpected sources. Use Anti-Malware to Protect Yourself • There is no better way to recognize, remove and prevent malware than to use an antivirus & anti-malware tool.
  61. 61. ATM Skimming and Point of Scale Crimes • It is a technique of compromising the ATM machine by installing a skimming device a top the machine keypad to appear as a genuine keypad or a device made to be affixed to the card reader to look like a part of the machine. • Additionally, malware that steals credit card data directly can also be installed on these devices. Successful implementation of skimmers cause in ATM machine to collect card numbers and personal identification number codes that are later replicated to carry out fraudulent transaction.
  62. 62. Methods of card skimming 1) Hidden Card Reader 2) Petrol Station pumps where cards are accepted 3) Point of sale machines 4) Contactless Smart card readers
  63. 63. What is Ransomware? • Ransomware is a type of malware that attempts to extort money from a computer user by infecting and talking control of the victim’s machine, all the files or documents stored on it. • Typically, the ransomware will either ‘lock’ the computer to prevent normal usage, or encrypt the documents and files on it to prevent access to the saved data.
  64. 64. How do Criminals Install Ransomware? • Ransomware generates a pop-up window, webpage, or email warning from what looks like an official authority. • Ransomware is usually installed when you open  A malicious email attachment  Click malicious link  an email message  an instant message  on social networking site • Ransomware can even be installed when you visit a malicious website.
  65. 65. Types of Ransomware • Encryption Ransomware • Lock Screen Ransomware • Master Boot Record Ransomware
  66. 66. As shown above that is the opening image of the Wannacry ransomware when your system has been infected by that particular ransomware.
  67. 67. As shown above in the image when your system has been infected by Petya variant you can probably see how they ask for bitcoins to decrypt your data .
  68. 68. When is Ransomware Successful? • To be considered successful, an attack must: 1. Take control of a system or device. 2. Prevent access to the device and its data to some degree. 3. Inform the user that the device is being held for ransom along with a price and a method of payment. 4. Accept payment from the user. 5. Return full access to the device once payment is received.
  69. 69. How to prevent ransomware? • Keep all of the software on your computer up to date. • Make sure automatic updating is turned on to get all the latest Microsoft security updates and browser-related components (Java, Adobe and the like). • Keep your firewall turned on. • Don’t open spam email messages or click links on suspicious websites. (CryptoLocker spreads via .zip files sent as email attachments, for example. )
  70. 70. • Download Microsoft Security Essentials, which is free, or use another reputable antivirus and anti-malware program. • If you run Windows 8 or Windows RT, you don’t need Microsoft Security Essentials. • Scan your computer with the Microsoft Safety Scanner. • Keep your browser clean. • Always have a good backup system in place, just in case your PC does become infected and you can’t recover your files.
  71. 71. Identify the Ransomware Most commonly, ransomware is saved to one of the following locations: • C:Programdata(random alpha numerics).exe • C:Users(username)0.(random numerics).exe • C:UsersUsernameAppData(random alpha numerics).exe
  72. 72. Removal-Microsoft Procedure The following Microsoft products can detects can detect and remove this threat: • Windows Defender (built into Windows 8) • Microsoft Security Essentials • Microsoft Safety Scanner • Windows Defender Offline
  73. 73. Advantages of Cyber Security • It will defend us from hacks and virus. It helps us to browse the safe website. • Internet Security process all the incoming and outgoing data on our computer. • The cyber security will defend us from critical attacks. • The application of cyber security used in our PC needs update every week. • The security developers will update their database every week once. Hence the new virus also detected.
  74. 74. Safety Tips to Cyber Crime • Use Antivirus Software. • Insert Firewalls. • Uninstall unnecessary software. • Maintain backup. • Check security settings. • Never give your full name or address to strangers. • Learn more about the internet privacy.

×