SlideShare a Scribd company logo

Cyber Crimes Guide Under 40 Characters

Download as PPTX, PDF
kiran yadav
kiran yadav

This document discusses various types of cyber crimes including crimes against individuals, property, organizations and society. It describes causes of cyber crimes such as passion of youngsters, desire for recognition or money, and security issues. It then focuses on specific cyber crimes like unauthorized access, viruses, trojans, hacking, social engineering techniques like phishing and baiting, and spam. Common hacking tools are also outlined. Throughout, methods of prevention and popular examples are provided for each topic.

Education
1 of 61
Cyber crimes
Introduction • Crimes that are done against persons or groups of persons with a criminal intention to deliberately harm the status of the victim or cause physical or psychological destruction to the victim directly or indirectly, using modern telecommunication networks such as Internet (Chat rooms, emails, notice boards and groups) and mobile phones (SMS/MMS)"
• Cyber-crime includes a wide range of activities. Generally, however, it may be classified into 4 classes: Crimes against Individual Crimes against Property Crimes against Organization Crimes against Society
Causes of Cyber Crime. Passion of youngsters For the sake of recognition Desire of making quick money Misconception of fighting a just cause Dissatisfied/disappointed employees Drawbacks in judiciary systems Lack of evidence Negligence of security of data Confidential information is online
Unauthorized access
• The term 'unauthorised access' describes the act of directly or indirectly accessing information online without a unauthorisation. • Unauthorised access is often done with the intention of getting data for personal gain, or causing loss to another person. • Some system administrators set up alerts to let them know when there is an unauthorized access attempt, so that they may investigate the reason. These alerts can help stop hackers from gaining access to a secure or confidential system.
How to prevent unauthorised access? • Don’t give out any personal information unless you know exactly who’s asking for it and why they want it. If you’re not sure, ask. • Choose unique passwords for your online accounts — don’t use the same password for every account you have. • Turn on multifactor authentication for your online accounts. • Always update your operating system and your apps when new versions are available. • Install antivirus and anti-ransomware software on your computer if you don’t already have it, and update it regularly. • Scan for viruses regularly and clean up any infections straight away. • Be cautious when connecting your computer to unsecure networks like free WiFi or internet cafés
Trojans • The term Trojan horse comes from the Greek-Trojan war, in which Greeks infiltrated the city of Troy by sending soldiers covertly inside a huge wooden horse as a gift to the Trojan King called as trojan horse. • It is a type of computer software that is camouflaged in the form of regular software such as utilities, games and sometimes even antivirus programs. • Mostly Trojans are introduced via email attachments. These emails are disguised in a way that they look authentic. • Once the user downloads the attached file and runs it, the file starts corrupting the system
• Trojans can have multiple usages, which depend on the motives of the attacker. These could be identity theft, data theft, crashing computers, spying or tracking user activities. • Installing a good and licensed anti-virus software, keeping virus definitions of computers up-to-date, being cautious while opening email attachments even if it looks authentic • Paying attention towards system security popup messages are some of the ways by which you can keep a computer safe and secure
Popular Trojans • Netbus • Subseven or Sub7 • Y3K Remote Administration Tool • Back Orifice • Beast • Zeus • The Blackhole exploit kit • Flashback Trojan
Viruses • A computer virus is a program made to damage or cause destruction on an infected computer. • It extends by e-mail attachments, transferable devices, websites having malevolent scripts and file downloads. • Computer virus attaches itself with the host files and will activate whenever one open the infected files. • The virus can duplicate itself and then infect the other files on the computer causing more harm.
Different Types Of Computer Virus On The Basis Of Action Macro Viruses • These viruses infect the files formed using several applications or programs that include macros like doc, pps, xls and mdb. • They hide in files shared from e-mail and networks. • Example: Relax ,bablas , Melissa.A
Memory Resident Viruses • They generally attach themselves within the computer memory. They become active when the OS runs and end up infecting other open files. They conceal in RAM. • Example: meve , randex , mrklunky.
Overwrite Viruses • These kinds of viruses erase any information in a file they infect, making them partially or entirely useless if they are infected. • Once in the computer, they substitute each of the file content but the file size doesn’t change. • Overwrite Viruses Include: Trj.Reboot ,way , trivial.88.D.
Directory Virus • It is also recognized as cluster virus or file system virus. They infect the computer’s directory by altering the pathway signifying file position. • They are generally to be found in the disk but have an effect on the entire directory. • For example: dir-2 virus
Multipartite Virus • These kinds of viruses can spread in various ways. • Their method varies according to their OS installed and existence of certain files. • They tend to hide in the computer’s memory but do not infect the hard disk.
Logic bomb
• A logic bomb is a malicious program timed to cause harm at a certain point in time, but is inactive up until that point. • A set trigger, such as a preprogrammed date and time, activates a logic bomb. • Once activated, a logic bomb implements a malicious code that causes harm to a computer. • A logic bomb's application programming points may also include other variables such that the bomb is launched after a specific number of database entries. • A logic bomb is also known as slag code, malicious logic and time bomb.
• Software that is inherently malicious, such as viruses and worms, often contain logic bombs that execute a certain payload at a pre- defined time or when some other condition is met. • This technique can be used by a virus or worm to gain momentum and spread before being noticed. • Some viruses attack their host systems on specific dates, such as Friday the 13th or April Fools' Day.
Social engineering Social engineering is the term used for a broad range of malicious activities accomplished through human interactions. It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information. Social engineering attacks happen in one or more steps. A perpetrator first investigates the intended victim to gather necessary background information, such as potential points of entry and weak security protocols, needed to proceed with the attack. Then, the attacker moves to gain the victim’s trust and provide stimuli for subsequent actions that break security practices, such as revealing sensitive information or granting access to critical resources.
Social engineering attack techniques Social engineering attacks come in many different forms and can be performed anywhere where human interaction is involved. The following are the most common forms of digital social engineering assaults. Baiting As its name implies, baiting attacks use a false promise to pique a victim’s greed or curiosity. They lure users into a trap that steals their personal information or inflicts their systems with malware. The most reviled form of baiting uses physical media to disperse malware. For example, attackers leave the bait—typically malware-infected flash drives—in conspicuous areas where potential victims are certain to see them (e.g., bathrooms, elevators, the parking lot of a targeted company). The bait has an authentic look to it, such as a label presenting it as the company’s payroll list.
Scareware Scareware involves victims being bombarded with false alarms and fictitious threats. Users are deceived to think their system is infected with malware, prompting them to install software that has no real benefit (other than for the perpetrator) or is malware itself. Scareware is also referred to as deception software, rogue scanner software and fraudware. A common scareware example is the legitimate-looking popup banners appearing in your browser while surfing the web, displaying such text such as, “Your computer may be infected with harmful spyware programs.” It either offers to install the tool (often malware-infected) for you, or will direct you to a malicious site where your computer becomes infected. Scareware is also distributed via spam email that doles out bogus warnings, or makes offers for users to buy worthless/harmful services.
Pretexting Here an attacker obtains information through a series of cleverly crafted lies. The scam is often initiated by a perpetrator pretending to need sensitive information from a victim so as to perform a critical task. The attacker usually starts by establishing trust with their victim by impersonating co-workers, police, bank and tax officials, or other persons who have right-to-know authority. The pretexter asks questions that are ostensibly required to confirm the victim’s identity, through which they gather important personal data. All sorts of pertinent information and records is gathered using this scam, such as social security numbers, personal addresses and phone numbers, phone records, staff vacation dates, bank records.
Phishing Is the act of attempting to trick customers into disclosing their personal security information; their credit card numbers, bank account details, or other sensitive information by masquerading as trustworthy businesses in an e-mail. Their messages may ask the recipients to “update,” “validate,” or “confirm” their account information. Phishing is a two time scam, first steals a company’s identity and then use it to victimize consumers by stealing their credit identities. The term Phishing (also called spoofing) comes from the fact that Internet scammers are using increasingly sophisticated lures as they “fish” for user’s financial information and password data.
Sending mass-mails to thousands of potential victims increases the chance of getting someone hooked. There are usually three separate steps in order for such attacks to work, these are: 1. Setting up a mimic web site. 2. Sending out a convincingly fake e-mail, luring the users to that mimic site. 3. Getting information then redirect users to the real site.
In step 1, the hacker steals an organization’s identity and creates a look- alike website. This can easily be done by viewing the targeted site’s source code, then copying all graphics and HTML lines from that real web site. Due to this tactic, it would really be very hard for even an experienced user to spot the differences. On the mimic web site, usually there will be a log-in form, prompting the user to enter secret personal data. Once the data are entered here, a server-side script will handle the submission, collecting the data and send it to the hacker, then redirect users to the real web site so everything look unsuspicious.
In second step, the hacker will make a convincingly fake e-mail which later will be sent by a “ghost” mailing program, enabling the hacker to fake the source address of the e- mail. The main purpose of this fake e-mail is to urge the users going to the mimic web site and entering their data that hackers wanted to capture. Commonly employed tactics are asking users to response over emergency matters such as warning that customers need to log-in immediately or their accounts could be blocked; notifying that someone just sends the user some money and they need to log in now in order to get it (this usually is an effective trap to PayPal users), etc. Inside this fake e-mail, users often find a hyperlink, which once clicked, will open the mimic web site so they can “log in.”
In the last step, once a user has opened the mimic web site and “log in,” their information will be handled by a server-side script. That information will later be sent to hacker via e-mail and user will be redirected to the real web site. However, the confidentiality of user’s financial data or secret password has now been breached.
Signs of phishing email include: Misspelled words Discrepancies between the language of links and the URLs they direct to Requests for personal information Forms within emails Highly emotional or charged language
SPAM Another form of Cybercrime is spam mail, which is arguably the most profound product of the Internet’s ability to place unprecedented power into the hands of a single person. Spam mail is the distribution of bulk e-mails that advertise products, services or investment schemes, which may well turn out to be fraudulent. The purpose of spam mail is to trick or con customers into believing that they are going to receive a genuine product or service, usually at a reduced price. However, the spammer asks for money or sensible security information like credit card number or other personal information before the deal occur. After disclosing their security information the customer will never hear from the spammer.
What to Do About Spam Here are a few ways to protect yourself from spam: Don't open it. The best thing to do about spam that makes it to your inbox is to not open it or reply in any way. Even when you click the blurb at the bottom of an email that instructs the sender not to send you any more email, that response may be considered positive by the sender.
Don't give out personal information. Never enter any personal information into an email that requests your username, account number, or other personal information. Be suspicious. If you receive an email from your bank, and you aren't sure it is legitimate, call the bank instead of supplying any personal information in an email. Mark it as spam in your inbox. Report an email as spam using the spam or junk mail feature in your mail interface. The email service learns from your spam reports and slowly reduces the amount of junk mail you are sent. Filter it out of your inbox. Set up filters in your email program to automatically trash messages from a specific person or company that frequently sends spam to you. That way, you never have to see them.
HACKING Hacking is one of the most widely analyzed and debated forms of cyber-criminal activity, and serves as an intense focus for public concerns about the threat that such activity poses to society. The clear-cut definition of hacking is “the unauthorized access and subsequent use of other people’s computer systems”
Types of Hackers around the Globe ‘Black Hat’ Hackers The term “black hat” originated from Western movies, where the bad guys wore black hats and the good guys wore white hats. A black-hat hacker is an individual who attempts to gain unauthorized entry into a system or network to exploit them for malicious reasons. The black-hat hacker does not have any permission or authority to compromise their targets. They try to inflict damage by compromising security systems, altering functions of websites and networks, or shutting down systems. They often do so to steal or gain access to passwords, financial information, and other personal data.
‘White Hat’ Hackers White-hat hackers, on the other hand, are deemed to be the good guys, working with organizations to strengthen the security of a system. A white hat has permission to engage the targets and to compromise them within the prescribed rules of engagement. White-hat hackers are often referred to as ethical hackers. This individual specializes in ethical hacking tools, techniques, and methodologies to secure an organization’s information systems.
‘Grey Hat’ Hackers Grey hats exploit networks and computer systems in the way that black hats do, but do so without any malicious intent, disclosing all loopholes and vulnerabilities to law enforcement agencies or intelligence agencies. Usually, grey-hat hackers surf the net and hack into computer systems to notify the administrator or the owner that their system/network contains one or more vulnerabilities that must be fixed immediately. Grey hats may also extort the hacked, offering to correct the defect for a nominal fee.
Common Hacking Tools To accomplish a perfect hack, hackers implement a wide variety of techniques such as: Rootkits A rootkit is a program or set of software tools that allow threat actors to gain remote access to control a computer system that interacts or connects with the internet. Originally, a rootkit was developed to open a backdoor in a system to fix specific software issues. Unfortunately, this program is now used by hackers to destabilize the control of an operating system from its legitimate operator or user. There are different ways to install rootkits in a victim’s system, the most famous of them being social engineering and phishing attacks. Once rootkits are installed in the system, it secretly allows the hacker to access and control the system, giving them the opportunity to bring the system down or steal crucial data.
Keyloggers This is a specially designed tool that logs or records every key pressed on a system. Keyloggers record every keystroke by clinging to the API (application programming interface) when typed through the computer keyboard. The recorded file then gets saved, which includes data like usernames, website visit details, screenshots, opened applications, etc. Keyloggers can capture credit card numbers, personal messages, mobile numbers, passwords, and other details––as long as they are typed. Normally, keyloggers arrive as malware that allows cybercriminals to steal sensitive data.
The user who installed the program or hardware device can then view all keys typed in by that user. Because these programs and hardware devices monitor the keys entered, a hacker user can easily find user passwords and other information a user may wish and believe to be private. Keyloggers, as a surveillance tool, are often used by employers to ensure employees use work computers for business purposes only. Unfortunately, keyloggers can also be embedded in spyware, allowing information to be transmitted to an unknown third party. Cyber criminals use these tools to deceive the potential target into releasing their personal sensitive data and restoring it for later access to the user’s machine, if the data obtained contained the target ID and password. Furthermore, a keylogger will reveal the contents of all e-mails composed by the user and there are also other approaches to capturing information about user activity. • Some keyloggers capture screens, rather than keystrokes. • Other keyloggers will secretly turn on video or audio recorders, and transmit what they capture over your Internet connection.
CYBER HARASSMENT OR BULLYING Cyber-harassment or bullying is the use of electronic information and communication devices such as e-mail, instant messaging, text messages, blogs, mobile phones, pagers, instant messages and defamatory websites to bully or otherwise harass an individual or group through personal attacks or other means. Cyber-bullying, taunts, insults and harassment over the Internet or text messages sent from mobile phones has become rampant among young people, in some cases with tragic consequences.
INTERNET AUCTION FRAUD Internet auction fraud is when items bought are fake or stolen goods, or when seller advertises nonexistent items for sale which means goods are paid for but never arrives. Fraudsters often use money transfer services as it is easier for them to receive money without revealing their true identity. Auction fraud is a classic example of criminals relies on the anonymity of the internet. According to action fraud 2013, some of the most common complaints involve: • Buyers receiving goods late, or not at all • Sellers not receiving payment • Buyers receiving goods that are either less valuable than those advertised or significantly different from the original description • Failure to disclose relevant information about a product or the terms of sale. These fraudulent “sellers” use stolen IDs when they register with the auction sites, therefore tracing them is generally a very difficult tasks.
Data Didling: Involves altering the raw data just before a computer processes it and then changing it back after processing is completed.
Buffer overflow: The condition when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them
Denial of Service (DoS) attack or Distributed Denial-of-Service (DDoS) attack In this kind of attack, an important service offered by a Web site or a server is denied or disrupted thereby causing loss to the intended users of the service. Typically, the loss of service is the inability of a particular network service, such as e-mail, to be available or the temporary loss of all network connectivity and services. In some cases, DoS attacks have forced the Web sites to temporarily cease operation. This often involves sending large amount of traffic in the form of e-mails and other requests to the targeted network or server so that it occupies the en- tire bandwidth of the system and ultimately results in a crash. ICMP flooding, teardrop attacks, peer-to-peer attacks, application-level flooding, etc. are few examples of DDoS attacks. These attacks make use of multiple systems to flood the bandwidth of the targeted system.
Website defacement It is an attack on a Web site, which will change the visual appearance, and the attacker may post some other indecent, hostile and obscene images, messages, videos, etc., and sometimes make the Web site dysfunctional. It is most commonly done by hackers of one country to the Web sites of other enemy or rival neighbouring country to display their technological superiority and infecting with malware.
Digital Devices – Sources for Digital Evidences
Cyber Crimes Guide Under 40 Characters
Cyber Crimes Guide Under 40 Characters
Cyber Crimes Guide Under 40 Characters

Recommended

Cyber crime and its types
Cyber crime and its typesCyber crime and its types
Cyber crime and its typesDINESH KAMBLE
 
Cybercrime
CybercrimeCybercrime
CybercrimeSERCOD
 
Cybercrime
CybercrimeCybercrime
CybercrimeKomal003
 
Phishing Presentation
Phishing Presentation Phishing Presentation
Phishing Presentation Nikolaos Georgitsopoulos
 
Introduction to Cyber Crime
Introduction to Cyber CrimeIntroduction to Cyber Crime
Introduction to Cyber CrimeDr Raghu Khimani
 
cyber stalking
cyber stalking cyber stalking
cyber stalking Rishabh Kataria
 
Cybercrime And Cyber forensics
Cybercrime And Cyber forensics Cybercrime And Cyber forensics
Cybercrime And Cyber forensics sunanditaAnand
 
CYBER TERRORISM
CYBER TERRORISM CYBER TERRORISM
CYBER TERRORISM Tejesh Dhaypule
 

Recommended

Cyber crime and its types
Cyber crime and its typesCyber crime and its types
Cyber crime and its typesDINESH KAMBLE
 
Cybercrime
CybercrimeCybercrime
CybercrimeSERCOD
 
Cybercrime
CybercrimeCybercrime
CybercrimeKomal003
 
Phishing Presentation
Phishing Presentation Phishing Presentation
Phishing Presentation Nikolaos Georgitsopoulos
 
Introduction to Cyber Crime
Introduction to Cyber CrimeIntroduction to Cyber Crime
Introduction to Cyber CrimeDr Raghu Khimani
 
cyber stalking
cyber stalking cyber stalking
cyber stalking Rishabh Kataria
 
Cybercrime And Cyber forensics
Cybercrime And Cyber forensics Cybercrime And Cyber forensics
Cybercrime And Cyber forensics sunanditaAnand
 
CYBER TERRORISM
CYBER TERRORISM CYBER TERRORISM
CYBER TERRORISM Tejesh Dhaypule
 
Cybercrime investigation
Cybercrime investigationCybercrime investigation
Cybercrime investigationProf. (Dr.) Tabrez Ahmad
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber CrimeAvinash Rajput
 
Cyber Space
Cyber SpaceCyber Space
Cyber SpaceDINESH KAMBLE
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber securityjyoti_lakhani
 
Social engineering
Social engineering Social engineering
Social engineering Vîñàý Pãtêl
 
Cyber Crime and a Case Study
Cyber Crime and a Case StudyCyber Crime and a Case Study
Cyber Crime and a Case StudyPratham Jaiswal
 
Social engineering
Social engineeringSocial engineering
Social engineeringVishal Kumar
 
Cybercrimes (Against Children)
Cybercrimes (Against Children)Cybercrimes (Against Children)
Cybercrimes (Against Children)Can R. PAHALI
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing AttacksSysCloud
 
Cyber crime
Cyber crimeCyber crime
Cyber crimeMd. Atiqur Rahman
 
Power point cybercrime
Power point cybercrimePower point cybercrime
Power point cybercrime12698
 
cyber crime
cyber crimecyber crime
cyber crimeSaba MuShtaq
 
Social Engineering Attacks & Principles
Social Engineering Attacks & PrinciplesSocial Engineering Attacks & Principles
Social Engineering Attacks & PrinciplesLearningwithRayYT
 
Cyber Crime and Social Media Security
Cyber Crime and Social Media SecurityCyber Crime and Social Media Security
Cyber Crime and Social Media SecurityHem Pokhrel
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Cybercrime online presentation
Cybercrime online presentationCybercrime online presentation
Cybercrime online presentationsarahj6
 
Internet Fraud
Internet FraudInternet Fraud
Internet FraudVasundhara Singh Gautam
 
Phishing
PhishingPhishing
PhishingAlka Falwaria
 
Cyber crimes and their prevention
Cyber crimes and their preventionCyber crimes and their prevention
Cyber crimes and their preventionTejasvi Bhatia
 
cyber security and threats.pptx
cyber security and threats.pptxcyber security and threats.pptx
cyber security and threats.pptxVSAM Technologies India Private Limited
 
Cybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptxCybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptxMustafa Amiri
 
Cyber crime , threats and their security measures
Cyber crime , threats and their security measuresCyber crime , threats and their security measures
Cyber crime , threats and their security measuresshraddhazad
 

More Related Content

What's hot

Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber securityjyoti_lakhani
 
Cyber Crime and a Case Study
Cyber Crime and a Case StudyCyber Crime and a Case Study
Cyber Crime and a Case StudyPratham Jaiswal
 
Social engineering
Social engineeringSocial engineering
Social engineeringVishal Kumar
 
Cybercrimes (Against Children)
Cybercrimes (Against Children)Cybercrimes (Against Children)
Cybercrimes (Against Children)Can R. PAHALI
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing AttacksSysCloud
 
Power point cybercrime
Power point cybercrimePower point cybercrime
Power point cybercrime12698
 
Social Engineering Attacks & Principles
Social Engineering Attacks & PrinciplesSocial Engineering Attacks & Principles
Social Engineering Attacks & PrinciplesLearningwithRayYT
 
Cyber Crime and Social Media Security
Cyber Crime and Social Media SecurityCyber Crime and Social Media Security
Cyber Crime and Social Media SecurityHem Pokhrel
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Fabiha Shahzad
 
Cybercrime online presentation
Cybercrime online presentationCybercrime online presentation
Cybercrime online presentationsarahj6
 
Cyber crimes and their prevention
Cyber crimes and their preventionCyber crimes and their prevention
Cyber crimes and their preventionTejasvi Bhatia
 

What's hot (20)

Cybercrime investigation
Cybercrime investigationCybercrime investigation
Cybercrime investigation
 
Cyber Crime
Cyber CrimeCyber Crime
Cyber Crime
 
Cyber Space
Cyber SpaceCyber Space
Cyber Space
 
Cyber crime and cyber security
Cyber crime and cyber securityCyber crime and cyber security
Cyber crime and cyber security
 
Social engineering
Social engineering Social engineering
Social engineering
 
Cyber Crime and a Case Study
Cyber Crime and a Case StudyCyber Crime and a Case Study
Cyber Crime and a Case Study
 
Social engineering
Social engineeringSocial engineering
Social engineering
 
Cybercrimes (Against Children)
Cybercrimes (Against Children)Cybercrimes (Against Children)
Cybercrimes (Against Children)
 
Different Types of Phishing Attacks
Different Types of Phishing AttacksDifferent Types of Phishing Attacks
Different Types of Phishing Attacks
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Power point cybercrime
Power point cybercrimePower point cybercrime
Power point cybercrime
 
cyber crime
cyber crimecyber crime
cyber crime
 
Social Engineering Attacks & Principles
Social Engineering Attacks & PrinciplesSocial Engineering Attacks & Principles
Social Engineering Attacks & Principles
 
Cyber Crime and Social Media Security
Cyber Crime and Social Media SecurityCyber Crime and Social Media Security
Cyber Crime and Social Media Security
 
Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)Network security (vulnerabilities, threats, and attacks)
Network security (vulnerabilities, threats, and attacks)
 
Cybercrime online presentation
Cybercrime online presentationCybercrime online presentation
Cybercrime online presentation
 
Internet Fraud
Internet FraudInternet Fraud
Internet Fraud
 
Phishing
PhishingPhishing
Phishing
 
Cyber crimes and their prevention
Cyber crimes and their preventionCyber crimes and their prevention
Cyber crimes and their prevention
 
cyber security and threats.pptx
cyber security and threats.pptxcyber security and threats.pptx
cyber security and threats.pptx
 

Similar to Cyber Crimes Guide Under 40 Characters

Cybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptxCybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptxMustafa Amiri
 
Cyber crime , threats and their security measures
Cyber crime , threats and their security measuresCyber crime , threats and their security measures
Cyber crime , threats and their security measuresshraddhazad
 
Cybersecurity
CybersecurityCybersecurity
CybersecurityA. Shamel
 
Security threats and safety measures
Security threats and safety measuresSecurity threats and safety measures
Security threats and safety measuresDnyaneshwar Beedkar
 
Computer Security Presentation
Computer Security PresentationComputer Security Presentation
Computer Security PresentationPraphullaShrestha1
 
Presentation on cyber security
Presentation on cyber securityPresentation on cyber security
Presentation on cyber security9784
 
2nd Class PPT.pptx
2nd Class PPT.pptx2nd Class PPT.pptx
2nd Class PPT.pptxSibyJames1
 
BCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptxBCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptxKirti Verma
 
Guest Lecture-Computer and Cyber Security.pptx
Guest Lecture-Computer and Cyber Security.pptxGuest Lecture-Computer and Cyber Security.pptx
Guest Lecture-Computer and Cyber Security.pptxGudipudiDayanandam
 
Cyber-Security-CIT good for 1st year engineering students
Cyber-Security-CIT good for 1st year engineering studentsCyber-Security-CIT good for 1st year engineering students
Cyber-Security-CIT good for 1st year engineering studentsDrPraveenKumar37
 
Computer virus
Computer virusComputer virus
Computer virussajeena81
 
Computer security ethics_and_privacy
Computer security ethics_and_privacyComputer security ethics_and_privacy
Computer security ethics_and_privacyArdit Meti
 
Cybersecurity awareness session.pptx
Cybersecurity awareness session.pptxCybersecurity awareness session.pptx
Cybersecurity awareness session.pptxUmaraZahidLecturer
 
Cyber-Security-20211013105857.ppt
Cyber-Security-20211013105857.pptCyber-Security-20211013105857.ppt
Cyber-Security-20211013105857.pptSukhdev48
 

Similar to Cyber Crimes Guide Under 40 Characters (20)

Cybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptxCybersecurity Awareness Training for Employees.pptx
Cybersecurity Awareness Training for Employees.pptx
 
Cyber crime , threats and their security measures
Cyber crime , threats and their security measuresCyber crime , threats and their security measures
Cyber crime , threats and their security measures
 
Cybersecurity
CybersecurityCybersecurity
Cybersecurity
 
Security threats and safety measures
Security threats and safety measuresSecurity threats and safety measures
Security threats and safety measures
 
Cyber crimes
Cyber crimesCyber crimes
Cyber crimes
 
Computer Security Presentation
Computer Security PresentationComputer Security Presentation
Computer Security Presentation
 
Presentation on cyber security
Presentation on cyber securityPresentation on cyber security
Presentation on cyber security
 
THESIS-2(2)
THESIS-2(2)THESIS-2(2)
THESIS-2(2)
 
COMPUTER APPLICATIONS Module 4.pptx
COMPUTER APPLICATIONS Module 4.pptxCOMPUTER APPLICATIONS Module 4.pptx
COMPUTER APPLICATIONS Module 4.pptx
 
2nd Class PPT.pptx
2nd Class PPT.pptx2nd Class PPT.pptx
2nd Class PPT.pptx
 
BCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptxBCE L-3omputer security Basics.pptx
BCE L-3omputer security Basics.pptx
 
Guest Lecture-Computer and Cyber Security.pptx
Guest Lecture-Computer and Cyber Security.pptxGuest Lecture-Computer and Cyber Security.pptx
Guest Lecture-Computer and Cyber Security.pptx
 
Cyber-Security-CIT good for 1st year engineering students
Cyber-Security-CIT good for 1st year engineering studentsCyber-Security-CIT good for 1st year engineering students
Cyber-Security-CIT good for 1st year engineering students
 
Cyber crime
Cyber crimeCyber crime
Cyber crime
 
Computer virus
Computer virusComputer virus
Computer virus
 
Computer security ethics_and_privacy
Computer security ethics_and_privacyComputer security ethics_and_privacy
Computer security ethics_and_privacy
 
CYBER SECURITY
CYBER SECURITY CYBER SECURITY
CYBER SECURITY
 
Cybersecurity awareness session.pptx
Cybersecurity awareness session.pptxCybersecurity awareness session.pptx
Cybersecurity awareness session.pptx
 
Cyber-Security-20211013105857.ppt
Cyber-Security-20211013105857.pptCyber-Security-20211013105857.ppt
Cyber-Security-20211013105857.ppt
 
cyber security
cyber security cyber security
cyber security
 

More from kiran yadav

Forensic science soil and glass final
Forensic science soil and glass finalForensic science soil and glass final
Forensic science soil and glass finalkiran yadav
 
Forensics of soil complete
Forensics of soil completeForensics of soil complete
Forensics of soil completekiran yadav
 
crime scene.pptx
crime scene.pptxcrime scene.pptx
crime scene.pptxkiran yadav
 
Analysis of alcohol
Analysis of alcoholAnalysis of alcohol
Analysis of alcoholkiran yadav
 
forensic analysis of serological evidences
forensic analysis of serological evidencesforensic analysis of serological evidences
forensic analysis of serological evidenceskiran yadav
 

More from kiran yadav (6)

Soil case study
Soil case studySoil case study
Soil case study
 
Forensic science soil and glass final
Forensic science soil and glass finalForensic science soil and glass final
Forensic science soil and glass final
 
Forensics of soil complete
Forensics of soil completeForensics of soil complete
Forensics of soil complete
 
crime scene.pptx
crime scene.pptxcrime scene.pptx
crime scene.pptx
 
Analysis of alcohol
Analysis of alcoholAnalysis of alcohol
Analysis of alcohol
 
forensic analysis of serological evidences
forensic analysis of serological evidencesforensic analysis of serological evidences
forensic analysis of serological evidences
 

Recently uploaded

Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxPoojaSen20
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsanshu789521
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991RKavithamani
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Sakshi Ghasle
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Celine George
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfUmakantAnnand
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdfssuser54595a
 

Recently uploaded (20)

Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docx
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Presiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha electionsPresiding Officer Training module 2024 lok sabha elections
Presiding Officer Training module 2024 lok sabha elections
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
 
Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application ) Hybridoma Technology ( Production , Purification , and Application )
Hybridoma Technology ( Production , Purification , and Application )
 
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
“Oh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
 
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
Incoming and Outgoing Shipments in 1 STEP Using Odoo 17
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
Model Call Girl in Bikash Puri Delhi reach out to us at 🔝9953056974🔝
 
Concept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.CompdfConcept of Vouching. B.Com(Hons) /B.Compdf
Concept of Vouching. B.Com(Hons) /B.Compdf
 
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
18-04-UA_REPORT_MEDIALITERAСY_INDEX-DM_23-1-final-eng.pdf
 

Cyber Crimes Guide Under 40 Characters

  • 2. Introduction • Crimes that are done against persons or groups of persons with a criminal intention to deliberately harm the status of the victim or cause physical or psychological destruction to the victim directly or indirectly, using modern telecommunication networks such as Internet (Chat rooms, emails, notice boards and groups) and mobile phones (SMS/MMS)"
  • 3. • Cyber-crime includes a wide range of activities. Generally, however, it may be classified into 4 classes: Crimes against Individual Crimes against Property Crimes against Organization Crimes against Society
  • 4.
  • 5. Causes of Cyber Crime. Passion of youngsters For the sake of recognition Desire of making quick money Misconception of fighting a just cause Dissatisfied/disappointed employees Drawbacks in judiciary systems Lack of evidence Negligence of security of data Confidential information is online
  • 7. • The term 'unauthorised access' describes the act of directly or indirectly accessing information online without a unauthorisation. • Unauthorised access is often done with the intention of getting data for personal gain, or causing loss to another person. • Some system administrators set up alerts to let them know when there is an unauthorized access attempt, so that they may investigate the reason. These alerts can help stop hackers from gaining access to a secure or confidential system.
  • 8. How to prevent unauthorised access? • Don’t give out any personal information unless you know exactly who’s asking for it and why they want it. If you’re not sure, ask. • Choose unique passwords for your online accounts — don’t use the same password for every account you have. • Turn on multifactor authentication for your online accounts. • Always update your operating system and your apps when new versions are available. • Install antivirus and anti-ransomware software on your computer if you don’t already have it, and update it regularly. • Scan for viruses regularly and clean up any infections straight away. • Be cautious when connecting your computer to unsecure networks like free WiFi or internet cafés
  • 9. Trojans • The term Trojan horse comes from the Greek-Trojan war, in which Greeks infiltrated the city of Troy by sending soldiers covertly inside a huge wooden horse as a gift to the Trojan King called as trojan horse. • It is a type of computer software that is camouflaged in the form of regular software such as utilities, games and sometimes even antivirus programs. • Mostly Trojans are introduced via email attachments. These emails are disguised in a way that they look authentic. • Once the user downloads the attached file and runs it, the file starts corrupting the system
  • 10. • Trojans can have multiple usages, which depend on the motives of the attacker. These could be identity theft, data theft, crashing computers, spying or tracking user activities. • Installing a good and licensed anti-virus software, keeping virus definitions of computers up-to-date, being cautious while opening email attachments even if it looks authentic • Paying attention towards system security popup messages are some of the ways by which you can keep a computer safe and secure
  • 11. Popular Trojans • Netbus • Subseven or Sub7 • Y3K Remote Administration Tool • Back Orifice • Beast • Zeus • The Blackhole exploit kit • Flashback Trojan
  • 12. Viruses • A computer virus is a program made to damage or cause destruction on an infected computer. • It extends by e-mail attachments, transferable devices, websites having malevolent scripts and file downloads. • Computer virus attaches itself with the host files and will activate whenever one open the infected files. • The virus can duplicate itself and then infect the other files on the computer causing more harm.
  • 13. Different Types Of Computer Virus On The Basis Of Action Macro Viruses • These viruses infect the files formed using several applications or programs that include macros like doc, pps, xls and mdb. • They hide in files shared from e-mail and networks. • Example: Relax ,bablas , Melissa.A
  • 14. Memory Resident Viruses • They generally attach themselves within the computer memory. They become active when the OS runs and end up infecting other open files. They conceal in RAM. • Example: meve , randex , mrklunky.
  • 15. Overwrite Viruses • These kinds of viruses erase any information in a file they infect, making them partially or entirely useless if they are infected. • Once in the computer, they substitute each of the file content but the file size doesn’t change. • Overwrite Viruses Include: Trj.Reboot ,way , trivial.88.D.
  • 16. Directory Virus • It is also recognized as cluster virus or file system virus. They infect the computer’s directory by altering the pathway signifying file position. • They are generally to be found in the disk but have an effect on the entire directory. • For example: dir-2 virus
  • 17. Multipartite Virus • These kinds of viruses can spread in various ways. • Their method varies according to their OS installed and existence of certain files. • They tend to hide in the computer’s memory but do not infect the hard disk.
  • 19. • A logic bomb is a malicious program timed to cause harm at a certain point in time, but is inactive up until that point. • A set trigger, such as a preprogrammed date and time, activates a logic bomb. • Once activated, a logic bomb implements a malicious code that causes harm to a computer. • A logic bomb's application programming points may also include other variables such that the bomb is launched after a specific number of database entries. • A logic bomb is also known as slag code, malicious logic and time bomb.
  • 20. • Software that is inherently malicious, such as viruses and worms, often contain logic bombs that execute a certain payload at a pre- defined time or when some other condition is met. • This technique can be used by a virus or worm to gain momentum and spread before being noticed. • Some viruses attack their host systems on specific dates, such as Friday the 13th or April Fools' Day.
  • 21.
  • 22.
  • 23. Social engineering Social engineering is the term used for a broad range of malicious activities accomplished through human interactions. It uses psychological manipulation to trick users into making security mistakes or giving away sensitive information. Social engineering attacks happen in one or more steps. A perpetrator first investigates the intended victim to gather necessary background information, such as potential points of entry and weak security protocols, needed to proceed with the attack. Then, the attacker moves to gain the victim’s trust and provide stimuli for subsequent actions that break security practices, such as revealing sensitive information or granting access to critical resources.
  • 24.
  • 25. Social engineering attack techniques Social engineering attacks come in many different forms and can be performed anywhere where human interaction is involved. The following are the most common forms of digital social engineering assaults. Baiting As its name implies, baiting attacks use a false promise to pique a victim’s greed or curiosity. They lure users into a trap that steals their personal information or inflicts their systems with malware. The most reviled form of baiting uses physical media to disperse malware. For example, attackers leave the bait—typically malware-infected flash drives—in conspicuous areas where potential victims are certain to see them (e.g., bathrooms, elevators, the parking lot of a targeted company). The bait has an authentic look to it, such as a label presenting it as the company’s payroll list.
  • 26. Scareware Scareware involves victims being bombarded with false alarms and fictitious threats. Users are deceived to think their system is infected with malware, prompting them to install software that has no real benefit (other than for the perpetrator) or is malware itself. Scareware is also referred to as deception software, rogue scanner software and fraudware. A common scareware example is the legitimate-looking popup banners appearing in your browser while surfing the web, displaying such text such as, “Your computer may be infected with harmful spyware programs.” It either offers to install the tool (often malware-infected) for you, or will direct you to a malicious site where your computer becomes infected. Scareware is also distributed via spam email that doles out bogus warnings, or makes offers for users to buy worthless/harmful services.
  • 27. Pretexting Here an attacker obtains information through a series of cleverly crafted lies. The scam is often initiated by a perpetrator pretending to need sensitive information from a victim so as to perform a critical task. The attacker usually starts by establishing trust with their victim by impersonating co-workers, police, bank and tax officials, or other persons who have right-to-know authority. The pretexter asks questions that are ostensibly required to confirm the victim’s identity, through which they gather important personal data. All sorts of pertinent information and records is gathered using this scam, such as social security numbers, personal addresses and phone numbers, phone records, staff vacation dates, bank records.
  • 28. Phishing Is the act of attempting to trick customers into disclosing their personal security information; their credit card numbers, bank account details, or other sensitive information by masquerading as trustworthy businesses in an e-mail. Their messages may ask the recipients to “update,” “validate,” or “confirm” their account information. Phishing is a two time scam, first steals a company’s identity and then use it to victimize consumers by stealing their credit identities. The term Phishing (also called spoofing) comes from the fact that Internet scammers are using increasingly sophisticated lures as they “fish” for user’s financial information and password data.
  • 29.
  • 30.
  • 31.
  • 32.
  • 33. Sending mass-mails to thousands of potential victims increases the chance of getting someone hooked. There are usually three separate steps in order for such attacks to work, these are: 1. Setting up a mimic web site. 2. Sending out a convincingly fake e-mail, luring the users to that mimic site. 3. Getting information then redirect users to the real site.
  • 34. In step 1, the hacker steals an organization’s identity and creates a look- alike website. This can easily be done by viewing the targeted site’s source code, then copying all graphics and HTML lines from that real web site. Due to this tactic, it would really be very hard for even an experienced user to spot the differences. On the mimic web site, usually there will be a log-in form, prompting the user to enter secret personal data. Once the data are entered here, a server-side script will handle the submission, collecting the data and send it to the hacker, then redirect users to the real web site so everything look unsuspicious.
  • 35. In second step, the hacker will make a convincingly fake e-mail which later will be sent by a “ghost” mailing program, enabling the hacker to fake the source address of the e- mail. The main purpose of this fake e-mail is to urge the users going to the mimic web site and entering their data that hackers wanted to capture. Commonly employed tactics are asking users to response over emergency matters such as warning that customers need to log-in immediately or their accounts could be blocked; notifying that someone just sends the user some money and they need to log in now in order to get it (this usually is an effective trap to PayPal users), etc. Inside this fake e-mail, users often find a hyperlink, which once clicked, will open the mimic web site so they can “log in.”
  • 36. In the last step, once a user has opened the mimic web site and “log in,” their information will be handled by a server-side script. That information will later be sent to hacker via e-mail and user will be redirected to the real web site. However, the confidentiality of user’s financial data or secret password has now been breached.
  • 37. Signs of phishing email include: Misspelled words Discrepancies between the language of links and the URLs they direct to Requests for personal information Forms within emails Highly emotional or charged language
  • 38. SPAM Another form of Cybercrime is spam mail, which is arguably the most profound product of the Internet’s ability to place unprecedented power into the hands of a single person. Spam mail is the distribution of bulk e-mails that advertise products, services or investment schemes, which may well turn out to be fraudulent. The purpose of spam mail is to trick or con customers into believing that they are going to receive a genuine product or service, usually at a reduced price. However, the spammer asks for money or sensible security information like credit card number or other personal information before the deal occur. After disclosing their security information the customer will never hear from the spammer.
  • 39.
  • 40.
  • 41.
  • 42. What to Do About Spam Here are a few ways to protect yourself from spam: Don't open it. The best thing to do about spam that makes it to your inbox is to not open it or reply in any way. Even when you click the blurb at the bottom of an email that instructs the sender not to send you any more email, that response may be considered positive by the sender.
  • 43. Don't give out personal information. Never enter any personal information into an email that requests your username, account number, or other personal information. Be suspicious. If you receive an email from your bank, and you aren't sure it is legitimate, call the bank instead of supplying any personal information in an email. Mark it as spam in your inbox. Report an email as spam using the spam or junk mail feature in your mail interface. The email service learns from your spam reports and slowly reduces the amount of junk mail you are sent. Filter it out of your inbox. Set up filters in your email program to automatically trash messages from a specific person or company that frequently sends spam to you. That way, you never have to see them.
  • 44.
  • 45. HACKING Hacking is one of the most widely analyzed and debated forms of cyber-criminal activity, and serves as an intense focus for public concerns about the threat that such activity poses to society. The clear-cut definition of hacking is “the unauthorized access and subsequent use of other people’s computer systems”
  • 46. Types of Hackers around the Globe ‘Black Hat’ Hackers The term “black hat” originated from Western movies, where the bad guys wore black hats and the good guys wore white hats. A black-hat hacker is an individual who attempts to gain unauthorized entry into a system or network to exploit them for malicious reasons. The black-hat hacker does not have any permission or authority to compromise their targets. They try to inflict damage by compromising security systems, altering functions of websites and networks, or shutting down systems. They often do so to steal or gain access to passwords, financial information, and other personal data.
  • 47. ‘White Hat’ Hackers White-hat hackers, on the other hand, are deemed to be the good guys, working with organizations to strengthen the security of a system. A white hat has permission to engage the targets and to compromise them within the prescribed rules of engagement. White-hat hackers are often referred to as ethical hackers. This individual specializes in ethical hacking tools, techniques, and methodologies to secure an organization’s information systems.
  • 48. ‘Grey Hat’ Hackers Grey hats exploit networks and computer systems in the way that black hats do, but do so without any malicious intent, disclosing all loopholes and vulnerabilities to law enforcement agencies or intelligence agencies. Usually, grey-hat hackers surf the net and hack into computer systems to notify the administrator or the owner that their system/network contains one or more vulnerabilities that must be fixed immediately. Grey hats may also extort the hacked, offering to correct the defect for a nominal fee.
  • 49. Common Hacking Tools To accomplish a perfect hack, hackers implement a wide variety of techniques such as: Rootkits A rootkit is a program or set of software tools that allow threat actors to gain remote access to control a computer system that interacts or connects with the internet. Originally, a rootkit was developed to open a backdoor in a system to fix specific software issues. Unfortunately, this program is now used by hackers to destabilize the control of an operating system from its legitimate operator or user. There are different ways to install rootkits in a victim’s system, the most famous of them being social engineering and phishing attacks. Once rootkits are installed in the system, it secretly allows the hacker to access and control the system, giving them the opportunity to bring the system down or steal crucial data.
  • 50. Keyloggers This is a specially designed tool that logs or records every key pressed on a system. Keyloggers record every keystroke by clinging to the API (application programming interface) when typed through the computer keyboard. The recorded file then gets saved, which includes data like usernames, website visit details, screenshots, opened applications, etc. Keyloggers can capture credit card numbers, personal messages, mobile numbers, passwords, and other details––as long as they are typed. Normally, keyloggers arrive as malware that allows cybercriminals to steal sensitive data.
  • 51. The user who installed the program or hardware device can then view all keys typed in by that user. Because these programs and hardware devices monitor the keys entered, a hacker user can easily find user passwords and other information a user may wish and believe to be private. Keyloggers, as a surveillance tool, are often used by employers to ensure employees use work computers for business purposes only. Unfortunately, keyloggers can also be embedded in spyware, allowing information to be transmitted to an unknown third party. Cyber criminals use these tools to deceive the potential target into releasing their personal sensitive data and restoring it for later access to the user’s machine, if the data obtained contained the target ID and password. Furthermore, a keylogger will reveal the contents of all e-mails composed by the user and there are also other approaches to capturing information about user activity. • Some keyloggers capture screens, rather than keystrokes. • Other keyloggers will secretly turn on video or audio recorders, and transmit what they capture over your Internet connection.
  • 52. CYBER HARASSMENT OR BULLYING Cyber-harassment or bullying is the use of electronic information and communication devices such as e-mail, instant messaging, text messages, blogs, mobile phones, pagers, instant messages and defamatory websites to bully or otherwise harass an individual or group through personal attacks or other means. Cyber-bullying, taunts, insults and harassment over the Internet or text messages sent from mobile phones has become rampant among young people, in some cases with tragic consequences.
  • 53. INTERNET AUCTION FRAUD Internet auction fraud is when items bought are fake or stolen goods, or when seller advertises nonexistent items for sale which means goods are paid for but never arrives. Fraudsters often use money transfer services as it is easier for them to receive money without revealing their true identity. Auction fraud is a classic example of criminals relies on the anonymity of the internet. According to action fraud 2013, some of the most common complaints involve: • Buyers receiving goods late, or not at all • Sellers not receiving payment • Buyers receiving goods that are either less valuable than those advertised or significantly different from the original description • Failure to disclose relevant information about a product or the terms of sale. These fraudulent “sellers” use stolen IDs when they register with the auction sites, therefore tracing them is generally a very difficult tasks.
  • 54. Data Didling: Involves altering the raw data just before a computer processes it and then changing it back after processing is completed.
  • 55. Buffer overflow: The condition when a program or process tries to store more data in a buffer (temporary data storage area) than it was intended to hold. Since buffers are created to contain a finite amount of data, the extra information - which has to go somewhere - can overflow into adjacent buffers, corrupting or overwriting the valid data held in them
  • 56. Denial of Service (DoS) attack or Distributed Denial-of-Service (DDoS) attack In this kind of attack, an important service offered by a Web site or a server is denied or disrupted thereby causing loss to the intended users of the service. Typically, the loss of service is the inability of a particular network service, such as e-mail, to be available or the temporary loss of all network connectivity and services. In some cases, DoS attacks have forced the Web sites to temporarily cease operation. This often involves sending large amount of traffic in the form of e-mails and other requests to the targeted network or server so that it occupies the en- tire bandwidth of the system and ultimately results in a crash. ICMP flooding, teardrop attacks, peer-to-peer attacks, application-level flooding, etc. are few examples of DDoS attacks. These attacks make use of multiple systems to flood the bandwidth of the targeted system.
  • 57. Website defacement It is an attack on a Web site, which will change the visual appearance, and the attacker may post some other indecent, hostile and obscene images, messages, videos, etc., and sometimes make the Web site dysfunctional. It is most commonly done by hackers of one country to the Web sites of other enemy or rival neighbouring country to display their technological superiority and infecting with malware.
  • 58. Digital Devices – Sources for Digital Evidences