The document outlines various cyber offenses and crimes, detailing how such attacks are planned and executed, including methods like hacking, phishing, and social engineering. It discusses the framework of the Information Technology Act 2000 in India, categorizing offenses and associated penalties while emphasizing the need for legal protection against increasing online crimes. Additionally, it highlights preventive measures individuals and organizations can adopt to safeguard against cyber threats, including securing devices and being cautious with sensitive information.

1. CYBER SECURITY

2. Module 2: Cyber offenses & Cybercrimes

3. Topics in Module 2
How criminal plan the attacks, Industrial Spying/Industrial Espionage
Hacking, Online Frauds, Pornographic Offenses
E-Mail Spoofing, Spamming,data diddling, Salami attack, Cyber defamation, Internet Time Theft,
SocialEngg, Cyber stalking, Cyber café and Cybercrimes, Botnets, Attack vector, Cloud
computing, Proliferation of Mobile and Wireless Devices
Trends in Mobility, Credit Card Frauds in Mobile and Wireless Computing Era.
Self learning Topic: Security Challenges Posed by Mobile Devices.

4. Introduction Cyber offenses & Cybercrimes
● The faster world-wide connectivity has developed numerous online crimes and these
increased offences led to the need of laws for protection.
● In order to keep in stride with the changing generation, the Indian Parliament passed
the Information Technology Act 2000 that has been conceptualized on the United
Nations Commissions on International Trade Law (UNCITRAL) Model Law.
● The law defines the offenses in a detailed manner along with the penalties for each
category of offence.
● CrPC is the Procedural Criminal Code of India that classifies the offenses into these
major categories based on their nature of offenses under Schedule

5. Classification of Offences
Depending on the nature and gravity of an offence they can be classified under
any of the following heads:
1. Bailable(Sec2 (A))436 and non-bailable437 offence
2. Cognizable and non-cognizable offence.
3. Compoundable and non-compoundable offence(Self study)

6. Cognizable offences are those in which the police can arrest without any warrant. These are
more serious in nature. Non-cognizable offences on the other hand are those for which a
police officer has no authority to arrest, unless with a warrant.
1. Murder,
2. Rape,
3. Dowry Death,
4. Kidnapping,
5. Theft,
6. Criminal Breach of Trust,
7. Unnatural Offenses.
1. Assault,
2. Cheating,
3. Forgery
Cognizable offences
Non-cognizable offences

7. Cyber offences
Cyber offences are the illegitimate actions, which are carried out in a classy manner where either the
computer is the tool or target or both.
Cyber-crime usually includes the following −
● Unauthorized access of the computers
● Data diddling
● Virus/worms attack
● Theft of computer system
● Hacking
● Denial of attacks
● Logic bombs
● Trojan attacks
● Internet time theft
● Web jacking
● Email bombing
● Salami attacks
● Physically damaging computer system.

8. Cyber offences :
The offences included in the I.T. Act 2000 are as follows −
● Tampering with the computer source documents.
● Hacking with computer system.
● Publishing of information which is obscene in electronic form.
● Power of Controller to give directions.
● Directions of Controller to a subscriber to extend facilities to decrypt information.
● Protected system.
● Penalty for misrepresentation.
● Penalty for breach of confidentiality and privacy.
● Penalty for publishing Digital Signature Certificate false in certain particulars.
● Publication for fraudulent purpose.
● Act to apply for offence or contravention committed outside India Confiscation.
● Penalties or confiscation not to interfere with other punishments.
● Power to investigate offences.

9. Cyber offences :
Offences Under The It Act 2000
Section 65. Tampering with computer source documents
Whoever knowingly or intentionally conceals, destroys or alters or intentionally or knowingly causes
another to conceal, destroy or alter any computer source code used for a computer, computer
program, computer system or computer network, when the computer source code is required to be
kept or maintained by law for the being time in force, shall be punishable with imprisonment up to
three year, or with fine which may extend up to two lakh rupees, or with both.
Explanation − For the purpose of this section “computer source code” means the listing of programs,
computer commands, design and layout and program analysis of computer resource in any form.

10. Object − The object of the section is to protect the “intellectual property” invested in the computer. It is an
attempt to protect the computer source documents (codes) beyond what is available under the Copyright Law
Essential ingredients of the section
knowingly or intentionally concealing
knowingly or intentionally destroying
knowingly or intentionally altering
knowingly or intentionally causing others to conceal
knowingly or intentionally causing another to destroy
knowingly or intentionally causing another to alter.
This section extends towards the Copyright Act and helps the companies to protect their source code of their
programs.
Penalties − Section 65 is tried by any magistrate.
This is cognizable and non-bailable offence.
Penalties − Imprisonment up to 3 years and / or
Fine − Two lakh rupees.

17. How criminal plan the attacks
Criminals use many methods and tools to locate the vulnerabilities of their target. The
target can be an individual and/or an organization.Criminals plan passive and active
attacks.Active attacks are usually used to alter the system, whereas passive attacks
attempt to gain information about the target. Active attacks may affect the availability,
integrity and authenticity of data whereas passive attacks lead to breaches of
confidentiality.
The following phases are involved in planning cybercrime:
1. Reconnaissance (information gathering) is the first phase and is treated as passive
attacks.
2. Scanning and scrutinizing the gathered information for the validity of the information
as well as to identify the existing vulnerabilities.
3. Launching an attack (gaining and maintaining the system access).

18. 1. Reconnaissance
The literal meaning of "Reconnaissance" is an act of reconnoitering- explore, often with the
goal of finding something or somebody (especially to gain information about an enemy or
potential enemy).
In the world of "hacking," reconnaissance phase begins with "Footprinting" - this is the
preparation toward preattack phase, and involves accumulating data about the target's
environment and computer architecture to find ways to intrude into that environment.
Footprinting gives an overview about system vulnerabilities and provides a judgment about
possible exploitation of those vulnerabilities. The objective of this preparatory phase is to
understand the system, its networking ports and services, and any other aspects of its
security that are needful for launching the attack.
Thus, an attacker attempts to gather information in two phases: passive and active attacks.

19. 2. Passive Attacks
A passive attack involves gathering information about a target without his/her (individual's
or company's) knowledge. It can be as simple as watching a building to identify what time
employees enter the building's premises.
1. Google or Yahoo search: People search to locate information about employees.
2. Surfing online community groups like Orkut/Facebook will prove useful to gain the
information about an individual.
3. Organization's website may provide a personnel directory or information about key
employees, for example, contact details, E-Mail address, etc. These can be used in
a social engineering attack to reach the target.
4. Blogs, newsgroups, press releases, etc. are generally used as the mediums to gain
information about the company or employees.
5. Going through the job postings in particular job profiles for technical persons can
provide information about type of technology, that is, servers or infrastructure
devices a company maybe using on its network.

20. 3. Active Attacks
An active attack involves probing the network to discover individual hosts to confirm
the information (IP addresses, operating system type and version, and services on the
network) gathered in the passive attack, phase. It involves the risk of detection and is
also called "Rattling the doorknobs" or "Active reconnaissance."
Active reconnaissance can provide confirmation to an attacker about security
measures in place,, but the process can also increase the chance of being caught or
raise suspicion.

21. 4. Scanning and Scrutinizing Gathered Information
Scanning is a key step to examine intelligently while gathering information about the target. The
objectives of scanning are as follows:
1. Port scanning: Identify open/close ports and services.
2. Network scanning: Understand IP Addresses and related information about the computer network
systems.
3. Vulnerability scanning: Understand the existing weaknesses in the system.
The scrutinizing phase is always called "enumeration" in the hacking world. The objective behind this step
is to identify:
4. The valid user accounts or groups;
5. Network resources and/or shared resources
6. OS and different applications that are running on the OS.

22. 5. Attack (Gaining and Maintaining the System Access)
After the scanning and enumeration, the attack is launched using the following steps:
1. Crack the password
2. Exploit the password
3. Execute the malicious command/applications;
4. Hide the files (if required);
5. Cover the tracks - delete the access logs, so that there is no trail illicit activity.

23. Social Engineering
Social engineering is the term used for a broad range of
malicious activities accomplished through human interactions. It uses psychological
manipulation to trick users into making security mistakes or giving away sensitive
information.
Social engineering attacks happen in one or more steps. A perpetrator first investigates
the intended victim to gather necessary background information, such as potential points
of entry and weak security protocols, needed to proceed with the attack. Then, the
attacker moves to gain the victim’s trust and provide stimuli for subsequent actions that
break security practices, such as revealing
sensitive information or granting access to critical resources.

26. Social engineering attacks may be divided into two categories.
1. Computer based social engineering.
2. Human based social engineering.
Social Engineering

27. 1. Computer based social engineering.
Computer based social engineering attacks may include the below.
● Email attachments
● Fake websites
● Pop-up windows

28. 1. Computer based social engineering.
● On-line Scams : Emails sent by scammers may have attachments that include malicious
code inside the attachment. Those attachments may include Keyloggers to capture users
passwords,Viruses, Trojans, or worms.
● Worm attacks : Attackers will trick users to click on a link or download a file then click on it,
the executable file is a worm and will propagate from computer to computer copying itself.
● A well known example is the “LoveLetter” worm that comes as an attachment in an email.
The email requests the user to open an attachment in an email. When the users opens the
attachment the worm copies itself to all the contacts in the users address book. This worm
overloaded a huge number of email servers in the year 2000.
● Sometimes pop-up windows can also be used in social engineering attacks. pop-up
windows that advertise special offers may tempt users to unintentionally install malicious
software.
● Phishing attacks : This type of social engineering attack commonly uses emails to trick
users in getting credentials to their bank accounts or maybe email accounts. The email
mostly claims to be from a well known source, a highly reputed organization, and asks the
user to click on a link that takes the users to a site similar to the organizations web site but
this site is a fraudulent website that harvests users credentials. The fraudsters use these
credentials to gain access to bank or email accounts and steal important information and
money.

29. How to avoid being a victim
● Do not input confidential information into websites without checking the website security.
● Make sure the site is legitimate by checking the URL of the web site.
● Do not click on links inside suspicious emails.
● Fraudsters may even use events such as natural disasters(Asian Tsunami, Hurricane Katrina) or
popular events(Olympics) for their benefit, be aware.
● If you are unsure of the legitimacy of an email try calling the company directly with the use of
contact information used previously.
● Do not click or download suspicious attachments from email senders that you have not heard
before.
● Use email filters, firewalls,virus guards to reduce the threat.
● When you are on the web, be aware that pop-ups that advertise bargains may request you to
install malicious software to claim prices.
What can you do if you are a victim
● If you think you have entered your user id and password to a fraudulent website change your
password as soon as possible.
● Inform the necessary authorities of the fraudulent object.
● If financial information have been compromised, close down or lock account to prevent harm.

30. Human-Based Attacks:
Impersonation: Acting like someone else to get access to the information.
They may act as a legitimate user and request for information or they pose as a
higher authority and may ask for sensitive information or they pose as a technical
support person and try to gather sensitive and confidential details.

31. Human-Based Attacks:
Other types are Human-based attacks are:
Tailgating: When an authorised person enters into a restricted area, the unauthorised
person also enters the restricted AREA without the employee’s knowledge.
Piggybacking: Here the attacker may pose as an employee and ask the authorised
employee to allow him to enter along with him. He may give fake reasons like he forgot
his smart badge, etc.
Dumpster Diving: Any confidential or sensitive document should be properly
shredded before disposed into the dustbin. If not, an attacker may just look into the
dustbin to access the confidential information.
Eavesdropping: Unauthorised listening to conversations thereby collecting important
data is called as eavesdropping.

32. Human-Based Attacks:
Shoulder surfing: It is a direct observation technique like looking over someone’s shoulder
to know the sensitive information like password, pin numbers, etc.

33. Cyberstalking
● Cyberstalking is stalking or harassment carried out over the internet. It might target
individuals, groups, or even organizations and can take different forms including
slander, defamation and threats. Motives may be to control or intimidate the victim
or to gather information for use in other crimes, like identity theft or offline stalking.
● it is stalking or harassment that takes place via online channels such as social
media, forums or email. It is typically planned and sustained over a period of time.
● For example, if you’ve received a few negative comments on Facebook and
Instagram, it may upset or annoy you, but this isn’t cyberstalking yet. For some
people, such as semi-celebrities looking for attention, negative comments are
actually welcomed.

36. How to avoid cyberstalking?
1) KEEP A LOW PROFILE
2) UPDATE YOUR SOFTWARE
3) HIDE YOUR IP ADDRESS
4) MAINTAIN GOOD DIGITAL HYGIENE
5) AVOID DISCLOSING SENSITIVE
INFORMATION
What to do in case you are being
cyberstalked ?
● Block the person
● Report to the platform involved
● Call the police

37. Cybercrime and cyber cafe
● In February 2009 survey, 90% of the audience across eight cities and
3500 cafes were male and in the age group of 15-35 years.
● 52% were graduates and postgraduates.
● Almost 50% were students.
● In India, cybercafes are known to be used for either real or false terrorist
communication.

38. Cybercrime and cyber cafe
Cybercafe hold two types of risks :
1. We do not know what programs are installed on the computer like keyloggers or
spyware.
2. Over the shoulder peeping can enable others to find out your passwords.

39. Cybercrime and cyber cafe
● Cyber criminals prefer cybercafes to carry out their activities.
● A recent survey conducted in one of the metropolitan cities in India reveals the following
facts :
○ 1.Pirated software are installed in all the computers.
○ 2.Antivirus was not updated with latest patch.
○ 3.Several cybercafes has installed “Deep Freeze” to protect computer which helps
cyber criminals.
○ 4.Annual Maintenance Contract (AMC) was not found for servicing of the computer.
○ 5.Pornographical websites were not blocked.
○ 6.Cybercafe owner have very less awareness about IT security.
○ 7.Cybercafe association or State Police do not seem to conduct periodic visits to
cybercafe.

40. Cybercrime and cyber cafe
SECURITYTIPS FOR CYBER CAFE….
● Always Logout–While checking email or logging in for chatting, always click logout/sign
out.
● Stay with the computer–While surfing, don’t leave the system unatteneded for any period
of time.
● Clear history and temporary files–Before browsing deselect AutoComplete option. Browser
-> Tools -> Internet options -> Content tab.–Tools -> Internet Option -> General Tab ->
Temporary Internet Files -> Delete files and then Delete Cookies.
● Avoid online financial transactions–One should avoid online banking, shopping, etc.–Don’t
provide sensitive information such as credit card number or bank account details.
● Change Passwords / Virtual Keyboard–Change password after completion of transaction.
● Be alert–One have to be alert for snooping over the shoulder.

41. Botnets: The Fuel for Cybercrime
● The dictionary meaning of Bot is "(computing) an automated program for doing some
particular task, often over a network.
● Botnet is a term used for collection of software robots, or Bots, that run autonomously
and automatically. The term is often associated with malicious software but can also
refer to the network of computers using distributed computing software.
● In simple terms, a Bot is simply an automated computer program. One can gain the
control of your computer by infecting them with a virus or other Malicious Code that
gives the access. Your computer system maybe a part of a Botnet even though it
appears to be operating normally. Botnets are often used to conduct a range of
activities, from distributing Spam and viruses to conducting denial-of-service
(DoS) attacks.

42. Botnets: The Fuel for Cybercrime
A Botnet (also called as zombie network) is a network of computers infected with a
malicious program that allows cybercriminals to control the infected machines
remotely without the users' knowledge. "Zombie networks" have become of income
for entire groups of cybercriminals.
The invariably low cost of maintaining a Botnet and the ever diminishing degree of
knowledge require to manage one are conducive to the growth in popularity and,
consequently, the number of Botnets.

44. To secure the system from botnet:
1. Use antivirus and anti-Spyware software and keep it up-to-date: It is important to
remove and/or quarantine the viruses. The settings of these softwares should be done
during the installations so that these softwares get updated automatically on a daily basis.
2. Set the OS to download and install security patches automatically: OS companies
issue the security patches for flaws that are found in these systems.
3. Use a firewall to protect the system, from hacking attacks while it is connected on
the Internet: A firewall is a software and/or hardware that is designed to block
unauthorized access while permitting authorized communications. It is a device or set of
devices configured to permit, deny, encrypt, decrypt, or proxy all (in and out) computer
traffic between different security domains based upon a set of rules and other criteria. A
firewall is different from antivirus protection. Antivirus software scans incoming
communications and files for troublesome viruses vis-a-vis properly configured firewall that
helps to block all incoming communications from unauthorized sources.

45. 4. Disconnect from the Internet. when you are away from your computer: Attackers cannot get
into the system when the system is disconnected from the Internet. Firewall, antivirus, and anti-
Spyware softwares are not foolproof mechanisms to get access to the system.
5. Downloading the freeware only from websites that are known and trustworthy: It is always
appealing to download free software(s) such as games, file-sharing programs, customized
toolbars, etc. However, one should remember that many free software(s) contain other software,
which may include Spyware.
6. Check regularly the folders in the mail box- "sent items" or "outgoing"-for those
messages, you did not send: If you do find such messages in your outbox, it is a sign that your
system may have infected with Spyware, and maybe a part of a Botnet. This is not foolproof; many
spammers have learned to hide their unauthorized access.
7. Take an immediate action if your system is infected: If your system is found to be infected by
a virus, disconnect it from the Internet immediately. Then scan the entire system with fully updated
antivirus, and anti-Spyware software. Report the unauthorized accesses to ISP and to the legal
authorities. There is a possibility that your passwords may have been compromised in such cases,
so change all the passwords immediately.

46. Attack Vector
In cyber security, an attack vector is a method or pathway used by a hacker to
access or penetrate the target system. Hackers steal information, data and
money from people and organizations by investigating known attack vectors and
attempting to exploit vulnerabilities to gain access to the desired system.
Once a hacker gains access to an organization's IT infrastructure, they can install
a malicious code that allows them to remotely control IT infrastructure, spy on the
organization or steal data or other resources.

47. Attack surface, attack vectors, and breaches defined
An attack vector is a method of gaining unauthorized access to a network or
computer system.
An Attack Surface is the total number of attack vectors an attacker can use to
manipulate a network or computer system or extract data.
A Data breach is any security incident where sensitive, protected, or confidential data
is accessed or stolen by an unauthorized party.

48. 8 common cyber attack vectors and how to avoid it
1. Compromised Credentials : Compromised credentials describe a case where user
credentials, such as usernames and passwords, are exposed to unauthorized entities. This
typically happens when unsuspecting users fall prey to phishing attempts and enter their login
credentials on fake websites. When lost, stolen or exposed, compromised credentials can give
the intruder an insider’s access. Although monitoring and analysis within the enterprise can
identify suspicious activity, these credentials effectively bypass perimeter security and
complicate detection.
Do this to avoid it:
● Common usernames and weak passwords can lead to compromised credentials, so it’s
important that the enterprise has effective password policies that ensure suitable
password strength.
● Password sharing across services makes all applications that share credentials
vulnerable as a consequence of the breach of one service or application in the cohort. Do
not reuse the same password to access multiple apps and systems.
● Using two-factor authentication via a trusted second factor can reduce the number of
breaches that occur due to compromised credentials within an organization.

49. 2. Weak and Stolen Credentials : Weak passwords and password reuse make credential
exposure a gateway for initial attacker access and propagation. Recent malware attacks
such as Mirai highlight this threat not only for managed devices but also IoT connected
devices.
Apps and protocols sending login credentials over your network pose a significant security
threat. An attacker connected to your network can easily locate and utilize these credentials
for lateral movement. For example, in the Target attack, adversaries were able to steal
Active Directory credentials and propagate their attack into the enterprise payment network.
Do this to avoid it:
● Track password hygiene and use across your entire enterprise to identify high risk
users and their devices.

50. MIRAI

51. 3. Malicious Insiders
‍
Disgruntled employees can expose private information or provide information about
company specific vulnerabilities.
Do this to avoid it:
● Keep an eye out for disgruntled employees and monitor data and network
access for every device and user to expose insider risk.

52. 4. Missing or Poor Encryption
‍
Common encryption methods like SSL certificates and DNSSEC can prevent
man-in-the-middle attacks and protect the confidentiality of data being transmitted.
Missing or poor encryption for data at rest can mean that sensitive data or credentials
are exposed in the event of a data breach or data leak.
Do this to avoid it:
● Don’t rely solely on low-level encryption or assume that following compliance
means that the data is securely encrypted.
● Ensure that sensitive data is encrypted at rest, in-transit, and in processing.

53. 5. Misconfiguration
‍
Misconfiguration of cloud services, like Google Cloud Platform, Microsoft Azure or AWS, or
using default credentials can lead to data breaches and data leaks,
check your S3 permissions or someone else will. Automate configuration management
where possible to prevent configuration drift.
For example, if setup pages are enabled or a user uses default usernames and passwords,
this can lead to breaches. With setup/app server configuration not disabled, the hacker can
determine hidden flaws, and this provides them with extra information. Misconfigured
devices and apps present an easy entry point for an attacker to exploit.
Do this to avoid it: Put procedures and systems in place that tighten your configuration
process and use automation wherever possible. Monitoring application and device settings
and comparing these to recommended best practices reveals the threat for misconfigured
devices located across your network.

54. 6. Ransomware
Ransomware is a form of cyber-extortion in which users are unable to access their data
until a ransom is paid. Users are shown instructions for how to pay a fee to get the
decryption key. The costs can range from a few hundred dollars to thousands, payable
to cybercriminals in Bitcoin.
Do this to avoid it:
● Make sure you have systems in place that protect all your devices from
ransomware including keeping your operating system patched and up-to-date to
ensure you have fewer vulnerabilities to exploit and not installing software or
giving it administrative privileges unless you know exactly what it is and what it
does.

56. 7. Phishing
Phishing is a cybercrime tactic in which the targets are contacted by email, telephone or
text message by someone posing as a legitimate institution to lure individuals into
providing sensitive data such as personally identifiable information, banking and credit
card details, and passwords. It continues to be one of the most effective
social engineering attack vectors. Some phishing schemes are incredibly intricate and can
sometimes look completely innocent. The Office of Personnel Management (OPM) hack
demonstrates how phishing can defeat almost all layers of traditional security such as
email gateways and endpoint controls.
Do this to avoid it:
● Measuring web browsing and email click-through behavior for users and devices
provides valuable risk insight for your enterprise.
● When in doubt, it’s best to call the organization you received the email from to
determine if it is a phishing scam or not.

57. 8. Trust Relationships
Trust relationships refer to a certain level of trust that exists between users and systems.
For example, trust relationships can connect two domains, so a user only has to log in
once in order to access resources. The two domains in a trust relationship are the trusted
domain (the domain that authenticates the user the first time), and the trusting domain
(the domain that relies on the trusted domain to authenticate users and gives access to
its resources without re-authenticating the user). One common breach scenario example
is when credentials are cached on the trusted client, which then gets breached, wreaking
havoc.
Do this to avoid it:
● Managing trust relationships can help you limit or eliminate the impact or damage an
attacker can inflict. Google’s BeyondCorp is an example of zero-trust security
practice.

58. Cloud Computing
Definition of Cloud Computing
The delivery of various kinds of services over the Internet is a clear example of cloud
computing. Anything can be distributed via the cloud, from applications and analytics to
reliable and stable data storage and networking infrastructure.

59. Cloud Computing
The reasons for this growth are simple, in the same way cloud computing gives greater flexibility
and functionality options to companies, it can offer the same flexibility to cyber criminals, and the
pay-as-you-play usage model means that they can also benefit from utility billing (and might not
have to pay at all).
For companies, the challenge is a side-effect of the nature of cloud itself – in moving away from
physical servers that you control, see, touch and manage directly to a cloud platform that can be
anywhere, is virtual and isn’t under your direct control, you simplify the management and
purchasing processes, but expose new vulnerabilities that derive from this more “arms-length”
way of providing access to data and delivering IT capability.

60. Cloud Computing
● Criminals using cloud as a business platform
● Criminals using cloud to mount attacks like DoS
● Cloud as a platform for employee misuse

61. Proliferation of Mobile and Wireless Devices

62. 1. Portable computer: It is a general-purpose computer that can be easily moved from one
place to another, but cannot be used while in transit, usually because it requires some "setting-
up" and an AC power source.
2. Tablet PC: It lacks a keyboard, is shaped like a slate or a paper notebook and has features
of a touchscreen with a stylus and handwriting recognition software. Tablets may not be best
suited for applications requiring a physical keyboard for typing, but are otherwise capable of
carrying out most tasks that an ordinary laptop would be able to perform.
3. Internet tablet: It is the Internet appliance in tablet form. Unlike a Tablet PC, the Internet
tablet does not have much computing power and its applications suite is limited. Also it cannot
replace a general-purpose computer. The Internet tablets typically feature an MP3 and video
player, a Web browser, a chat application and a picture viewer.
4. Personal digital assistant (PDA): It is a small, usually pocket-sized, computer with limited
functionality. It is intended to supplement and synchronize with a desktop computer, giving
access to contacts, address book, notes, E-Mail and other features.

63. 5. Ultramobile (PC): It is a full-featured, PDA-sized computer running a general-
purpose operating system (OS).
6. Smartphone: It is a PDA with an integrated cell phone functionality. Current
Smartphones have a wide range of features and installable applications.
7. Carputer: It is a computing device installed in an automobile. It operates as a
wireless computer, sound system, global positioning system (GPS) and DVD player. It
also contains word processing software and is Bluetooth compatible.
8. Fly Fusion Pentop computer: It is a computing device with the size and shape of
a pen. It functions as a writing utensil, MP3 player, language translator, digital storage
device and calculator.

64. Trends in
Mobility

65. Popular types of attacks against 3G mobile networks are as
follows:
1. Malwares, viruses and worms:
● Skull Trojan: I targets Series 60 phones equipped with the Symbian mobile OS.
● Cabir Worm: It is the first dedicated mobile-phone worm infects phones running on
Symbian OS and scans other mobile devices to send a copy of itself to the first
vulnerable phone it finds through Bluetooth Wireless technology. The worst thing
about this worm is that the source code for the Cabir-H and Cabir-I viruses is
available online.
● Mosquito Trojan: It affects the Series 60 Smartphones and is a cracked version of
"Mosquitos" mobile phone game.
● Brador Trojan: It affects the Windows CE OS by creating a svchost. exe file in the
Windows start-up folder which allows full control of the device. This executable file is
conductive to traditional worm propagation vector such as E-Mail file attachments.
● Lasco Worm: It was released first in 2005 to target PDAs and mobile phones
running the Symbian OS. Lasco is based on Cabir's source code and replicates over
Bluetooth connection.

66. Popular types of attacks against 3G mobile networks are as follows:
2. Denial-of-service (DoS): The main objective behind this attack is to make the system
unavailable to the intended users. Virus attacks can be used to damage the system to
make the system unavailable.
3. Overbilling attack: Overbilling involves an attacker hijacking a subscriber's IP
address and then using it (i.e., the connection) to initiate downloads that are not "Free
downloads" or simply use it for his/her own purposes.

67. Popular types of attacks against 3G mobile networks are as
follows:
4. Spoofed policy development process (PDP): These of attacks exploit the
vulnerabilities in the GTP [General Packet Radio Service (GPRS) Tunneling Protocol].
5. Signaling-level attacks: The Session Initiation Protocol (SIP) is a signaling
protocol used in IP multimedia subsystem (IMS) networks to provide Voice Over
Internet Protocol (VoIP) services. There are several vulnerabilities with SIP-based
VolP systems.

68. Credit Card Frauds in Mobile and Wireless Computing Era
● These are new trends in cybercrime that are coming up with mobile computing -
● Mobile commerce (M-Commerce) and mobile banking (M-Banking)
● Credit card frauds are now becoming commonplace given the ever-increasing power
and the ever-reducing prices of the mobile hand-held devices, factors that result in
easy availability of these gadgets to almost anyone.
● Mobile credit card transactions are now very common; new technologies combine low-
cost mobile phone technologies with the capabilities of a point-of-sale (POS) terminal.

69. Elements of Credit Card Fraud :
Debit/credit card fraud is thus committed when a person
1) fraudulently obtains, takes, signs, uses, sells, buys, or forges someone else’s credit
or debit card or card information;
2) uses his or her own card with the knowledge that it is revoked or expired or that the
account lacks enough money to pay for the items charged
3) sells goods or services to someone else with knowledge that the credit or debit
card being used was illegally obtained or is being used without authorization.

70. Credit Card Frauds in Mobile and Wireless Computing Era
1. Merchant sends a
transaction to bank
2. The bank transmits the
request to the authorized
cardholder
3. The cardholder approves or
rejects (password protected)
4. The bank/merchant is
notified
5. The credit card transaction
is completed.

71. Types and Techniques of Credit Card Frauds
Traditional Techniques :
The traditional and the first type of credit card fraud is paper-based-application fraud, wherein a
criminal uses stolen or fake documents such as utility bills and bank statements that can build
up useful personally Identifiable Information (PII) to open an account in someone else's name.
Application fraud can be divided into
1. ID theft: Where an individual pretends to be someone else.
2. Financial fraud: Where an individual gives false information about his or her financial status
to acquire credit.
Illegal use of lost and stolen cards is another form of traditional technique. Stealing a credit card
is either by pickpocket or from postal service before it reaches its final destination.

72. Types and Techniques of Credit Card Frauds
Modern Techniques :
Sophisticated techniques, enable criminals to produce fake and doctored cards. Then there are
also those who use skimming to commit fraud.
Skimming is where the information held on either the magnetic strip on the back of the credit
card or the data stored on the smart chip are copied from one card to another.
Site cloning and false merchant sites on the Internet are becoming a popular method of fraud
and to direct the users to such bogus/fake sites is called Phishing.Such sites are designed to get
people to hand over their credit card details without realizing that they have been directed to a
fake weblink/website (i.e., they have been scammed).

73. Types and Techniques of Credit Card Frauds
Modern Techniques :
1. Triangulation: It is another method of credit card fraud and works in the fashion as explained
further.
● The criminal offers the goods with heavy discounted rates through a website designed and
hosted
● The customer registers on this website with his/her name, address, shipping address and
valid credit card details.
● The criminal orders the goods from a legitimate website with the help of stolen credit card
details and supply shipping address that have been provided by the customer while
registering on the criminal's website.
● The goods are shipped to the customer and the transaction gets completed.
● The criminal keeps on purchasing other goods using fraudulent credit card details of
different customers till the criminal closes existing website and starts a new one.

74. Types and Techniques of Credit Card Frauds
Modern Techniques :
● 2. Credit card generators: It is another modern technique computer emulation software
that creates valid credit card numbers and expiry dates. The criminals highly rely on these
generators to create valid credit cards. These are available for free download on the
Internet.

75. Self learning Topic: Security Challenges Posed by Mobile Devices.

76. Industrial Spying/Industrial Espionage
● The term industrial espionage refers to the illegal and unethical theft of
business trade secrets for use by a competitor to achieve a
competitive advantage.
● This activity is a covert practice often done by an insider or an employee
who gains employment for the express purpose of spying and stealing
information for a competitor.
● Industrial espionage is conducted by companies for commercial purposes
rather than by governments for national security purposes.

77. Types of Industrial Espionage
● Industrial espionage can be divided into two types.
● The first and most common actively seeks to gather intelligence about a company or
organization.
● It may include the theft of intellectual property, such as manufacturing processes,
chemical formulas, recipes, techniques, or ideas. Industrial espionage may also entail
the concealment or denial of access to key information related to pricing, bidding,
planning, research, and more. Such a practice is meant to create a competitive
advantage for the party who has the information

78. Industrial Espionage vs. Competitive Intelligence
● Industrial espionage should be differentiated from competitive intelligence. The
latter, also called corporate intelligence, is the legal gathering of public
information by examining corporate publications, websites, and patent filings in
order to determine a corporation's activities.
● Unlike industrial espionage, competitive intelligence is an ethical practice, where
information may be collected from one or multiple sources. It helps corporations
understand the competitive landscape as well as any and all challenges it may
present.

79. Hacking
Greed, power, publicity, revenge, adventure, desire to access forbidden
information, destructive mindset
Hacking is typically technical in nature (like creating malvertising that deposits
malware in a drive-by attack requiring no user interaction). But hackers can also use
psychology to trick the user into clicking on a malicious attachment or providing
personal data. These tactics are referred to as “social engineering.”
Besides social engineering and malvertising, common hacking techniques
include: Botnets, Browser hijacks, Denial of service (DDoS) attacks, Ransomware,
Rootkits, Trojans, Viruses, Worms

80. Example of Hacking
Windows users are reportedly the target of a wide-spread cybercriminal effort offering
remote access to IT systems for just $10 via a dark web hacking store—potentially
enabling attackers to steal information, disrupt systems, deploy ransomware, and
more. Systems advertised for sale on the forum range from Windows XP through to
Windows 10. The store owners even offer tips for how those using the illicit logins can
remain undetected.

81. Hacking prevention
● Anti-malware protection
● Be careful with apps
● Update your software
● Browse carefully
● Password safety

82. Hacking news
● Podcast: Hackers, tractors, and a few delayed actors. How hacker Sick Codes learned too much abo
ut John Deere
● The Olympics: a timeline of scams, hacks, and malware
● North Korean hackers charged with $1.3 billion of cyberheists
● Credit card skimmer piggybacks on Magento 1 hacking spree
● Misleading cybersecurity lessons from pop culture: how Hollywood teaches to hack
● Video game portrayals of hacking: NITE Team 4
● Hacking with AWS: incorporating leaky buckets into your OSINT workflow

83. Online Fraud
Fraud that is committed using the internet is “online fraud.” Online fraud can involve
financial fraud and identity theft.
Online fraud comes in many forms. It ranges from viruses that attack computers with the
goal of retrieving personal information, to email schemes that lure victims into wiring money
to fraudulent sources, to “phishing” emails that purport to be from official entities (such as
banks or the Internal Revenue Service) that solicit personal information from victims to be
used to commit identity theft, to fraud on online auction sites (such as Ebay) where
perpetrators sell fictional goods. The methods used by perpetrators of online fraud are
constantly evolving.

84. Types of Fraud
1. Triangulation Fraud
2. Identity Fraud
3. Refund Fraud
4. Credit Fraud

85. Ways To Protect Your Business From Online Fraud
1. Use Fraud Detection Solutions
2. Be Vigilant During Peak Seasons
3. Make A Blacklist
4. Conduct Social Engineering Training

86. Ponographic Offenses
Child pornography (also called child sexual abuse material or child porn) is pornography that
exploits children for sexual stimulation.
It may be produced with the direct involvement or sexual assault of a child (also known as
child sexual abuse images[
) or it may be simulated child pornography. Abuse of the child
occurs during the sexual acts or lascivious exhibitions of genitals or pubic areas which are
recorded in the production of child pornography. Child pornography may use a variety of
mediums, including writings,magazines, photos, sculpture,drawing, painting,[
animation,
sound recording, film, video, and video games. Child pornography may be created for profit
or other reasons.http://marripedia.org/pornography_and_sexual_offense

88. Children'S Online Privacy Protection Act (COPPA)
The Children's Online Privacy Protection Act (COPPA) is a U.S. federal law designed to limit
the collection and use of personal information about children by the operators of Internet
services and Web sites. Passed by the U.S. Congress in 1998, the law took effect in April
2000. It is administered and enforced by the Federal Trade Commission (FTC).
COPPA is "the first U.S. privacy law written for the Internet," Melissa Campanelli wrote in
Entrepreneur. "It was written specifically for Internet marketers that operate Web sites visited
by children under the age of 13 and collect personal information from those kids. Its purpose
is to regulate that collection."
● Refer :
https://www.ftc.gov/enforcement/rules/rulemaking-regulatory-reform-proceedings/childr
ens-online-privacy-protection-rule
https://www.inc.com/encyclopedia/childrens-online-privacy-protection-act-coppa.html#:
~:text=The%20Children%27s%20Online%20Privacy%20Protection%20Act%20%28C
OPPA%29%20is,and%20enforced%20by%20the%20Federal%20Trade%20Commissi
on%20%28FTC%29
.