This document discusses various types of cyber crimes including crimes against individuals, property, organizations and society. It describes causes of cyber crimes such as passion of youngsters, desire for recognition or money, and security issues. It then focuses on specific cyber crimes like unauthorized access, viruses, trojans, hacking, social engineering techniques like phishing and baiting, and spam. Common hacking tools are also outlined. Throughout, methods of prevention and popular examples are provided for each topic.
2. Introduction
• Crimes that are done against persons or groups of persons
with a criminal intention to deliberately harm the status of
the victim or cause physical or psychological destruction to
the victim directly or indirectly, using modern
telecommunication networks such as Internet (Chat rooms,
emails, notice boards and groups) and mobile phones
(SMS/MMS)"
3. • Cyber-crime includes a wide range of activities. Generally,
however, it may be classified into 4 classes:
Crimes against Individual
Crimes against Property
Crimes against Organization
Crimes against Society
4.
5. Causes of Cyber Crime.
Passion of youngsters
For the sake of recognition
Desire of making quick money
Misconception of fighting a just cause
Dissatisfied/disappointed employees
Drawbacks in judiciary systems
Lack of evidence
Negligence of security of data
Confidential information is online
7. • The term 'unauthorised access' describes the act of
directly or indirectly accessing information online without a
unauthorisation.
• Unauthorised access is often done with the intention of
getting data for personal gain, or causing loss to another
person.
• Some system administrators set up alerts to let them know
when there is an unauthorized access attempt, so that they
may investigate the reason. These alerts can help stop
hackers from gaining access to a secure or confidential
system.
8. How to prevent unauthorised access?
• Don’t give out any personal information unless you know exactly
who’s asking for it and why they want it. If you’re not sure, ask.
• Choose unique passwords for your online accounts — don’t use the
same password for every account you have.
• Turn on multifactor authentication for your online accounts.
• Always update your operating system and your apps when new
versions are available.
• Install antivirus and anti-ransomware software on your computer if
you don’t already have it, and update it regularly.
• Scan for viruses regularly and clean up any infections straight away.
• Be cautious when connecting your computer to unsecure networks
like free WiFi or internet cafés
9. Trojans
• The term Trojan horse comes from the Greek-Trojan war, in which
Greeks infiltrated the city of Troy by sending soldiers covertly inside a
huge wooden horse as a gift to the Trojan King called as trojan horse.
• It is a type of computer software that is camouflaged in the form of
regular software such as utilities, games and sometimes even
antivirus programs.
• Mostly Trojans are introduced via email attachments. These emails
are disguised in a way that they look authentic.
• Once the user downloads the attached file and runs it, the file starts
corrupting the system
10. • Trojans can have multiple usages, which depend on the motives of
the attacker. These could be identity theft, data theft, crashing
computers, spying or tracking user activities.
• Installing a good and licensed anti-virus software, keeping virus
definitions of computers up-to-date, being cautious while opening
email attachments even if it looks authentic
• Paying attention towards system security popup messages are some
of the ways by which you can keep a computer safe and secure
11. Popular Trojans
• Netbus
• Subseven or Sub7
• Y3K Remote Administration Tool
• Back Orifice
• Beast
• Zeus
• The Blackhole exploit kit
• Flashback Trojan
12. Viruses
• A computer virus is a program made to damage or cause destruction
on an infected computer.
• It extends by e-mail attachments, transferable devices, websites
having malevolent scripts and file downloads.
• Computer virus attaches itself with the host files and will activate
whenever one open the infected files.
• The virus can duplicate itself and then infect the other files on the
computer causing more harm.
13. Different Types Of Computer Virus On The
Basis Of Action
Macro Viruses
• These viruses infect the files formed using several applications or
programs that include macros like doc, pps, xls and mdb.
• They hide in files shared from e-mail and networks.
• Example: Relax ,bablas , Melissa.A
14. Memory Resident Viruses
• They generally attach themselves within the computer memory. They
become active when the OS runs and end up infecting other open
files. They conceal in RAM.
• Example: meve , randex , mrklunky.
15. Overwrite Viruses
• These kinds of viruses erase any information in a file they infect,
making them partially or entirely useless if they are infected.
• Once in the computer, they substitute each of the file content but
the file size doesn’t change.
• Overwrite Viruses Include: Trj.Reboot ,way , trivial.88.D.
16. Directory Virus
• It is also recognized as cluster virus or file system virus. They infect
the computer’s directory by altering the pathway signifying file
position.
• They are generally to be found in the disk but have an effect on the
entire directory.
• For example: dir-2 virus
17. Multipartite Virus
• These kinds of viruses can spread in various ways.
• Their method varies according to their OS installed and existence of
certain files.
• They tend to hide in the computer’s memory but do not infect the
hard disk.
19. • A logic bomb is a malicious program timed to cause harm at a certain
point in time, but is inactive up until that point.
• A set trigger, such as a preprogrammed date and time, activates a
logic bomb.
• Once activated, a logic bomb implements a malicious code that
causes harm to a computer.
• A logic bomb's application programming points may also include
other variables such that the bomb is launched after a specific
number of database entries.
• A logic bomb is also known as slag code, malicious logic and time
bomb.
20. • Software that is inherently malicious, such as viruses and worms,
often contain logic bombs that execute a certain payload at a pre-
defined time or when some other condition is met.
• This technique can be used by a virus or worm to gain momentum
and spread before being noticed.
• Some viruses attack their host systems on specific dates, such
as Friday the 13th or April Fools' Day.
21.
22.
23. Social engineering
Social engineering is the term used for a broad range of malicious activities
accomplished through human interactions. It uses psychological manipulation to trick
users into making security mistakes or giving away sensitive information.
Social engineering attacks happen in one or more steps. A perpetrator first investigates
the intended victim to gather necessary background information, such as potential
points of entry and weak security protocols, needed to proceed with the attack. Then,
the attacker moves to gain the victim’s trust and provide stimuli for subsequent actions
that break security practices, such as revealing sensitive information or granting
access to critical resources.
24.
25. Social engineering attack techniques
Social engineering attacks come in many different forms and can be performed
anywhere where human interaction is involved. The following are the most common
forms of digital social engineering assaults.
Baiting
As its name implies, baiting attacks use a false promise to pique a victim’s greed or
curiosity. They lure users into a trap that steals their personal information or inflicts
their systems with malware.
The most reviled form of baiting uses physical media to disperse malware. For
example, attackers leave the bait—typically malware-infected flash drives—in
conspicuous areas where potential victims are certain to see them (e.g., bathrooms,
elevators, the parking lot of a targeted company). The bait has an authentic look to it,
such as a label presenting it as the company’s payroll list.
26. Scareware
Scareware involves victims being bombarded with false alarms and fictitious threats.
Users are deceived to think their system is infected with malware, prompting them to
install software that has no real benefit (other than for the perpetrator) or is malware itself.
Scareware is also referred to as deception software, rogue scanner software and
fraudware.
A common scareware example is the legitimate-looking popup banners appearing in your
browser while surfing the web, displaying such text such as, “Your computer may be
infected with harmful spyware programs.” It either offers to install the tool (often
malware-infected) for you, or will direct you to a malicious site where your computer
becomes infected.
Scareware is also distributed via spam email that doles out bogus warnings, or makes
offers for users to buy worthless/harmful services.
27. Pretexting
Here an attacker obtains information through a series of cleverly crafted lies. The
scam is often initiated by a perpetrator pretending to need sensitive information
from a victim so as to perform a critical task.
The attacker usually starts by establishing trust with their victim by impersonating
co-workers, police, bank and tax officials, or other persons who have right-to-know
authority. The pretexter asks questions that are ostensibly required to confirm the
victim’s identity, through which they gather important personal data.
All sorts of pertinent information and records is gathered using this scam, such as
social security numbers, personal addresses and phone numbers, phone records,
staff vacation dates, bank records.
28. Phishing
Is the act of attempting to trick customers into disclosing their personal security
information; their credit card numbers, bank account details, or other sensitive
information by masquerading as trustworthy businesses in an e-mail.
Their messages may ask the recipients to “update,” “validate,” or “confirm” their
account information. Phishing is a two time scam, first steals a company’s identity
and then use it to victimize consumers by stealing their credit identities.
The term Phishing (also called spoofing) comes from the fact that Internet
scammers are using increasingly sophisticated lures as they “fish” for user’s
financial information and password data.
29.
30.
31.
32.
33. Sending mass-mails to thousands of potential victims increases the
chance of getting someone hooked. There are usually three separate
steps in order for such attacks to work, these are:
1. Setting up a mimic web site.
2. Sending out a convincingly fake e-mail, luring the users to that
mimic site.
3. Getting information then redirect users to the real site.
34. In step 1, the hacker steals an organization’s identity and creates a look-
alike website.
This can easily be done by viewing the targeted site’s source code, then
copying all graphics and HTML lines from that real web site. Due to this
tactic, it would really be very hard for even an experienced user to spot
the differences.
On the mimic web site, usually there will be a log-in form, prompting
the user to enter secret personal data. Once the data are entered here, a
server-side script will handle the submission, collecting the data and
send it to the hacker, then redirect users to the real web
site so everything look unsuspicious.
35. In second step, the hacker will make a convincingly fake e-mail which later will be sent
by a “ghost” mailing program, enabling the hacker to fake the source address of the e-
mail.
The main purpose of this fake e-mail is to urge the users going to the mimic web site and
entering their data that hackers wanted to capture.
Commonly employed tactics are asking users to response over emergency matters such
as warning that customers need to log-in immediately or their accounts could be blocked;
notifying that someone just sends the user some money and they need to log in now in
order to get it (this usually is an effective trap to PayPal users), etc.
Inside this fake e-mail, users often find a hyperlink, which once clicked, will open the
mimic web site so they can “log in.”
36. In the last step, once a user has opened the mimic web site and “log
in,” their information will be handled by a server-side script.
That information will later be sent to hacker via e-mail and user will
be redirected to the real web site.
However, the confidentiality of user’s financial data or secret
password has now been breached.
37. Signs of phishing email include:
Misspelled words
Discrepancies between the language of links and the URLs they direct to
Requests for personal information
Forms within emails
Highly emotional or charged language
38. SPAM
Another form of Cybercrime is spam mail, which is arguably the most profound
product of the Internet’s ability to place unprecedented power into the hands of a
single person.
Spam mail is the distribution of bulk e-mails that advertise products,
services or investment schemes, which may well turn out to be fraudulent. The purpose
of spam mail is to trick or con customers into believing that they are going to
receive a genuine product or service, usually at a reduced price.
However, the spammer asks for money or sensible security information like credit card
number or other personal information before the deal occur. After disclosing their
security information the customer will never hear from the spammer.
39.
40.
41.
42. What to Do About Spam
Here are a few ways to protect yourself from spam:
Don't open it. The best thing to do about spam that makes it to your
inbox is to not open it or reply in any way. Even when you click the
blurb at the bottom of an email that instructs the sender not to send you
any more email, that response may be considered positive by the
sender.
43. Don't give out personal information. Never enter any personal information into
an email that requests your username, account number, or other personal
information. Be suspicious. If you receive an email from your bank, and you
aren't sure it is legitimate, call the bank instead of supplying any personal
information in an email.
Mark it as spam in your inbox. Report an email as spam using the spam or junk
mail feature in your mail interface. The email service learns from your spam
reports and slowly reduces the amount of junk mail you are sent.
Filter it out of your inbox. Set up filters in your email program to automatically
trash messages from a specific person or company that frequently sends spam to
you. That way, you never have to see them.
44.
45. HACKING
Hacking is one of the most widely analyzed and debated forms of cyber-criminal
activity, and serves as an intense focus for public concerns about the threat that
such activity poses to society.
The clear-cut definition of hacking is “the unauthorized access and subsequent
use of other people’s computer systems”
46. Types of Hackers around the Globe
‘Black Hat’ Hackers
The term “black hat” originated from Western movies, where the bad guys wore black
hats and the good guys wore white hats.
A black-hat hacker is an individual who attempts to gain unauthorized entry into a
system or network to exploit them for malicious reasons. The black-hat hacker does
not have any permission or authority to compromise their targets. They try to inflict
damage by compromising security systems, altering functions of websites and
networks, or shutting down systems. They often do so to steal or gain access to
passwords, financial information, and other personal data.
47. ‘White Hat’ Hackers
White-hat hackers, on the other hand, are deemed to be the good guys, working with
organizations to strengthen the security of a system. A white hat has permission to
engage the targets and to compromise them within the prescribed rules of
engagement.
White-hat hackers are often referred to as ethical hackers. This individual specializes
in ethical hacking tools, techniques, and methodologies to secure an organization’s
information systems.
48. ‘Grey Hat’ Hackers
Grey hats exploit networks and computer systems in the way that black hats do, but
do so without any malicious intent, disclosing all loopholes and vulnerabilities to law
enforcement agencies or intelligence agencies.
Usually, grey-hat hackers surf the net and hack into computer systems to notify the
administrator or the owner that their system/network contains one or more
vulnerabilities that must be fixed immediately. Grey hats may also extort the hacked,
offering to correct the defect for a nominal fee.
49. Common Hacking Tools
To accomplish a perfect hack, hackers implement a wide
variety of techniques such as:
Rootkits
A rootkit is a program or set of software tools that allow threat actors to gain remote
access to control a computer system that interacts or connects with the internet.
Originally, a rootkit was developed to open a backdoor in a system to fix specific
software issues. Unfortunately, this program is now used by hackers to destabilize the
control of an operating system from its legitimate operator or user.
There are different ways to install rootkits in a victim’s system, the most famous of
them being social engineering and phishing attacks. Once rootkits are installed in the
system, it secretly allows the hacker to access and control the system, giving them the
opportunity to bring the system down or steal crucial data.
50. Keyloggers
This is a specially designed tool that logs or records every key pressed on a system.
Keyloggers record every keystroke by clinging to the API (application programming
interface) when typed through the computer keyboard. The recorded file then gets saved,
which includes data like usernames, website visit details, screenshots, opened
applications, etc.
Keyloggers can capture credit card numbers, personal messages, mobile numbers,
passwords, and other details––as long as they are typed. Normally, keyloggers arrive as
malware that allows cybercriminals to steal sensitive data.
51. The user who installed the program or hardware device can then view all keys typed in by
that user. Because these programs and hardware devices monitor the keys entered, a
hacker user can easily find user passwords and other information a user may wish and
believe to be private.
Keyloggers, as a surveillance tool, are often used by employers to ensure employees use
work computers for business purposes only. Unfortunately, keyloggers can
also be embedded in spyware, allowing information to be transmitted to an unknown third
party.
Cyber criminals use these tools to deceive the potential target into releasing their personal
sensitive data and restoring it for later access to the user’s machine,
if the data obtained contained the target ID and password. Furthermore, a keylogger
will reveal the contents of all e-mails composed by the user and there are also other
approaches to capturing information about user activity.
• Some keyloggers capture screens, rather than keystrokes.
• Other keyloggers will secretly turn on video or audio recorders, and transmit
what they capture over your Internet connection.
52. CYBER HARASSMENT OR BULLYING
Cyber-harassment or bullying is the use of electronic information and
communication devices such as e-mail, instant messaging, text messages, blogs,
mobile phones, pagers, instant messages and defamatory websites to bully or
otherwise harass an individual or group through personal attacks or other means.
Cyber-bullying, taunts, insults and harassment over the Internet or text messages sent
from mobile phones has become rampant among young people, in some cases with
tragic consequences.
53. INTERNET AUCTION FRAUD
Internet auction fraud is when items bought are fake or stolen goods, or when seller
advertises nonexistent items for sale which means goods are paid for but never arrives.
Fraudsters often use money transfer services as it is easier for them to receive
money without revealing their true identity.
Auction fraud is a classic example of criminals relies on the anonymity of the internet.
According to action fraud 2013, some of the most common complaints involve:
• Buyers receiving goods late, or not at all
• Sellers not receiving payment
• Buyers receiving goods that are either less valuable than those advertised or
significantly different from the original description
• Failure to disclose relevant information about a product or the terms of sale.
These fraudulent “sellers” use stolen IDs when they register with the auction sites,
therefore tracing them is generally a very difficult tasks.
54. Data Didling:
Involves altering the raw data just before a computer processes it and then changing it back after processing is
completed.
55. Buffer overflow:
The condition when a program or process tries to store more data in a buffer (temporary data storage
area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra
information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting
the valid data held in them
56. Denial of Service (DoS) attack or Distributed Denial-of-Service (DDoS)
attack
In this kind of attack, an important service offered by a Web site or a server is denied or
disrupted thereby causing loss to the intended users of the service. Typically, the loss of
service is the inability of a particular network service, such as e-mail, to be available or
the temporary loss of all network connectivity and services.
In some cases, DoS attacks have forced the Web sites to temporarily cease operation.
This often involves sending large amount of traffic in the form of e-mails and other
requests to the targeted network or server so that it occupies the en- tire bandwidth of the
system and ultimately results in a crash. ICMP flooding, teardrop attacks, peer-to-peer
attacks, application-level flooding, etc. are few examples of DDoS attacks. These attacks
make use of multiple systems to flood the bandwidth of the targeted system.
57. Website defacement
It is an attack on a Web site, which will change the visual appearance, and the attacker
may post some other indecent, hostile and obscene images, messages, videos, etc., and
sometimes make the Web site dysfunctional. It is most commonly done by hackers of
one country to the Web sites of other enemy or rival neighbouring country to display
their technological superiority and infecting with malware.