This document discusses cyber crime. It begins by defining cyber crime as crimes committed using computers and the internet, such as identity theft. It then discusses different types of cyber crimes like those against individuals, businesses, and governments. It also covers crimeware tools used like bots, trojans, spyware, and their functions. Common cyber crimes like phishing and pharming are explained in detail. The document concludes with prevention tips, actions to take if victimized, relevant cyber laws, and references.
1. Cyber Crime 1
CYBER
CRIME
Presented By : Ronson Calvin Fernandes.
Manipal Institute of Technology - Manipala
22/02/2013 22/02/2013
2. A quick peek into . . . .
2
What is Cyber Crime ?
What is Crime Ware ?
CrimeWare - Bot’s , Trojan’s & Spywares.
Online fraud – Phishing & Pharming.
Kinds of Cyber Crime.
Basic Prevention Tips.
Cyber laws @ your disposal.
References.
Cyber Crime 22/02/2013
3. What is cyber crime?
3
Crime committed using a computer and the internet to
steal a person’s identity or illegal imports or
malicious programs.
Cybercrime is nothing but where the computer used as
an object or subject of crime.
Most of these crimes are not new. Criminals simply
devise different ways to undertake standard criminal
activities such as fraud , theft , blackmail and forgery
using the new medium , often involving the Internet .
Cyber Crime 22/02/2013
4. Types of Cyber Crimes
4
Cyber Crime refers to all activities done with
criminal intent in cyberspace. These fall into
three slots.
Those against persons.
Against Business and Non-business
organizations.
Crime targeting the government.
Cyber Crime 22/02/2013
6. What is Crime Ware ?
6
The software tools used in cybercrime is
sometimes referred to as Crimeware.
Crimeware is software that is used in the
commission of the criminal act.
Not generally regarded as a desirable software
or hardware application
Cyber Crime 22/02/2013
8. Crimeware – Bots
8
What's a Bot?
"Bot" is actually short for robot – not the kind
found in science fiction movies.
Bots are one of the most sophisticated types
of crimeware.
They are similar to worms and Trojans,
performs automated tasks on behalf of their
master (the cybercriminals) (i.e) co-ordinated
"denial-of-service" attack.
Victim machines = ―Zombies."
Cyber Crime 22/02/2013
9. Bots (continued . .)
9
Bots search for vulnerable, unprotected
computers to infect and stay hidden till they
are activated.
Bots do not work alone, but are part of a
network of infected machines called a "botnet.―
A botnet is typically composed of large
number victim machines that stretch across
the globe. Cyber Crime 22/02/2013
11. Trojan Horses , Spyware &
11
Crime
Trojans and spyware are crimeware—two of
the essential tools a cybercriminal.
Used to obtain unauthorized access and steal
information from a victim as part of an attack.
The creation and distribution of these
programs is on the rise, almost 37% of
unauthorised access and info stealing is
through trojan’s and spywares. [2]
Cyber Crime 22/02/2013
12. Trojan Horses
12
A Trojan horse program presents itself as a
useful computer program, while it actually
causes havoc and damage to your computer.
Trojans are the first stage of an attack.
Primary purpose - stay hidden while
downloading and installing a stronger threat
such as a bot.
Cannot spread by themselves - often delivered
to a victim through an email message.
Trojan horse lurks silently on the infected
machine, downloading spyware, while the
victim continues on with Cyber Crime 22/02/2013activities.
their normal
13. Spywares
13
Programs that covertly monitor your activity
on your computer, gathering usernames,
passwords, account numbers, files, and even
driver's license or social security numbers.
Some spyware focuses on monitoring a
person's Internet behavior; Tracks the places
you visit and things you do on the web.
Spyware is similar to a Trojan horse in that
users unknowingly install the product when
they install something else.
Cyber Crime 22/02/2013
14. Phishing [2]
14
What is Phishing?
Phishing is essentially an online con game,
and phishers are nothing more than tech-
savvy con artists and identity thieves.
They use spam, fake Web sites, crimeware
and other techniques to trick people into
divulging sensitive information, such as bank
and credit card account details.
For example, a flaw in the IRS Web site.
Cyber Crime 22/02/2013
15. How phishing works ?
15
In most cases, phishers send out a wave of
spam email, sometimes up to millions of
messages.
Each email contains a message that appears
to come from a well-known and trusted
company.
The bogus Web site urges the visitor to
provide confidential information — social
security numbers, account numbers,
passwords, etc.
While it is impossible to know the actual
success rates to all phishing attacks, it is
Cyber Crime 22/02/2013
17. How phishing works (continued
17
. .)
Over 2005, phishers became much more
sophisticated.
This trend means that by simply following the
link in a phishing email to a bogus Website, a
user's identity could be stolen as the phisher
would no longer need to get you to enter your
personal information .
The Trojan or spyware placed onto your
machine would capture this information the
next time you visit the legitimate Web site of
your bank or other online service.
Cyber Crime 22/02/2013
19. Pharming [2]
19
Pharming is another form of online fraud.
More difficult to detect as they are not entirely
reliant upon the victim accepting a "bait"
message.
Instead of relying completely on users clicking
on an enticing link in fake email messages,
pharming instead re-directs victims to the
bogus Web site even if theyCrime 22/02/2013right Web
Cyber
type the
address.
20. How Pharming works ? [5]
20
Pharmers re-direct their victims using a ploy
called DNS cache poisoning.
DNS cache poisoning is an attack on the
Internet Domain Naming System.
The naming system relies upon DNS servers
to handle the conversion of the letter-based
Web site names, into the machine-
understandable digits (IP Address) that directs
users to the Web site of their choice.
Cyber Crime 22/02/2013
21. How Pharming works
21
(continued . .)
When a pharmer mounts a successful DNS
cache poisoning attack, they are effectively
changing the rules of how traffic flows for an
entire section of the Internet!
Phishers drop a couple lines in the water and
wait to see who will take the bait. Where as
Pharmers are more like cybercriminals
harvesting the Internet at a scale larger than
anything seen before.
Cyber Crime 22/02/2013
23. Kinds of Cyber Crimes
23
E-Mail bombing : Sending huge amounts
of E-mails.
Salami attacks: These attacks are used
for the commission of financial crimes.
Denial of Service: This involves flooding
computer resources with more requests
than it can handle.
Cyber Crime 22/02/2013
24. Kinds of Cyber Crimes
24
(continued ..)
Sale of illegal articles : This would include
sale of narcotics, weapons and wildlife etc.
Cyber Pornography : This would include
pornographic websites.
E-Mail spoofing : A spoofed email is one that
appears to originate from one source but
actually has been sent from another source.
Online gambling : There are millions of
websites, all hosted on servers abroad, that
offer online gambling.
Cyber Crime 22/02/2013
25. Basic Prevention Tips
25
Cybercrime prevention can be straight-forward - when armed
with a little technical advice and common sense, many
attacks can be avoided.
In general, online criminals are trying to make their money as
quickly and easily as possible. The more difficult you make
their job, the more likely they are to leave you alone and
move on to an easier target.
Keep your computer current with the latest patches and updates.
Make sure your computer is configured securely.
Choose strong passwords and keep them safe.
Protect your computer with security software.
Protect your personal information.
Online offers that look too good to be true usually are.
Review bank and credit card statements regularly.
Cyber Crime 22/02/2013
26. What To Do If You're a Victim
26
If You're a Victim of Crimeware.
Disconnect immediately.
Scan your computer with an up-to-date
antivirus program
Back up your critical information.
Consider going back to ground-zero
Cyber Crime 22/02/2013
27. What To Do If You're a
27
Victim(cont..)
If You're a Victim of Online Fraud.
Close affected accounts immediately
File a police report.
Contact government agencies
Watch your credit reports closely.
Look for signs of identity theft.
Cyber Crime 22/02/2013
28. Cyber laws @ your disposal
28
Snapshot of Important Cyberlaw Provisions in
India
Offence Section under IT Act
Offence Section
Tampering with Computer source Sec.65
documents
Hacking with Computer systems, Sec.66
Data alteration
Publishing obscene information Sec.67
Un-authorized access to protected Sec.70
system
Breach of Confidentiality and Sec.72
Privacy
Publishing false digital signature Sec.73
Cyber Crime 22/02/2013
certificates
29. Cyber laws @ your disposal
29
(cont ..)
Computer Related Crimes covered under Indian
Penal Code and Special Laws .
Offence Section
Threatening messages by E-mail Sec 503 IPC
Defamatory messages by E-mail Sec 499 IPC
Forgery of electronic records Sec 463 IPC
Bogus websites, cyber frauds Sec 420 IPC
Email spoofing Sec 463 IPC
Web-Jacking Sec 383 IPC
E-Mail Abuse Sec 500 IPC
Online sale of Drugs NDPS Act
Online sale of Arms Arms Act
Cyber Crime 22/02/2013
30. References
30
[1]. Susan W. Brenner, Cybercrime: Criminal Threats
from
Cyberspace
[2]. Norton , Symantec Group.
http://in.norton.com/cybercrime
[3]. SEMCOM Cyberlaw Clinic.
www.cyberlawclinic.org
[4]. ―Cyber Crime Statistics in India‖.
http://www.indiafacts.in
[5]. Carnegie Cyber Academy - National Cyber Security
Awareness.
http://www.carnegiecyberacademy.com
Cyber Crime 22/02/2013