cyber crimes
TRANSCRIPT
Dr. Debarati Halder and Dr. K. Jaishankar defines Cybercrimes as: "Offences that are committed against individuals or groups of individuals with a criminal motive to intentionally harm the reputation of the victim or cause physical or mental harm to the victim directly or indirectly, using modern telecommunication networks such as Internet (Chat rooms, emails, notice boards and groups) and mobile phones.
DEFINATION
We can categorize cyber crime in two ways.
• The computer as a target :- using a computer to attacks other computer, e.g. Hacking, virus/worms attacks, Dos attack etc.
• The computer as a weapon :- using a computer to commit real world crime e.g. cyber terrorism, credit card fraud and pornography etc.
Categories of cyber crimes
1. Cyber crimes against persons : Cyber harassment is a distinct Cyber crime. Various kinds of harassment can and do occur in cyberspace, or through the use of cyberspace. Harassment can be sexual, racial, religious, or other. 2. Cyber crimes against property : These crimes include computer vandalism (destruction of others' property), transmission of harmful programs, unauthorized trespassing through cyber space, unauthorized possession of computer information. 3. Cyber crimes against government : Cyber terrorism is one distinct kind of crime in this category. The growth of internet has shown that the medium of Cyberspace is being used by individuals and groups to threaten the international governments as also to terrorize the citizens of a country.
AGAINST WHOM ?
Cyberstalking
It is a very serious form of online harassment as it involves the sending of repeated annoying and unwelcome messages. Cyberstalking involves a disturbed obsession with the target, and a perverse desire to control that target in some way, even by attacking the target's family members.
What Exactly Does Cyberstalking Look Like? Cyberstalkers like to use email, Facebook, Twitter, Foursquare, text messaging, and sexting as their primary tools. They sometimes use online dating services, discussion forums, and mobile phone devices to stalk their prey. If the stalker is a sophisticated user, he/she will use many of these means in combination.Cyberstalkers commonly have four objectives:1.locate,2.surveil,3.emotionally harass,4.and criminally manipulate their prey.
Spoofing
1.IP Spoofing2.URL spoofing3.Caller ID spoofing4.E-mail Address Spoofing
Types of Spoofing
Attacker spoofs the address of another machine and inserts itself between the attacked machine and the spoofed machine to intercept replies thus gaining access to all messages in both directions without the trouble of any cryptanalytic effort.
IP Spoofing
In this attack, a legitimate web page such as a bank's site is reproduced in "look and feel" on another server under control of the attacker. The main intent is to fool the users into thinking that they are connected to a trusted site, for instance to harvest user names and passwords.
URL Spoofing
Unfortunately, there are now technologies that allow callers to lie about their identity, and present false names and numbers, which could of course be used as a tool to defraud or harass. Because there are services and gateways that interconnect VoIP with other public phone networks, these false Caller IDs can be transmitted to any phone on the planet, which makes the whole Caller ID information now next to useless!
Caller ID
Spoofing
By changing certain properties of the e-
mail, such as the From, Return-Path and
Reply-To fields ill-intentioned users can
make the e-mail appear to be from
someone other than the actual sender. The
result is that, although the e-mail appears
to come from the address indicated in the
From field, it actually comes from another
source.
E-mail Address Spoofing
Credit card fraud Credit card fraud is a form of
identity theft that involves an unauthorized taking of another’s credit card information for the purpose of charging purchases to the account or removing funds from it.WAYS OF FRAUDStolen cards
Application fraudAccount takeover
PhishingNowadays, sophisticated Internet hackers
simply lead victims into an authoritative-looking website (usually one claiming to be their bank or credit card company.)
Once the victims land on these websites, they are asked to fork over their credit card or bank details as part of a “routine security check.” At no point is it clear that such websites are stealing your information.
Great care is taken to mimic the look and feel of real bank websites down to the most intricate details (including logos, URLs and slogans), such that the entire process of keying in your information feels natural and safe. Only once you have clicked “Submit” will your credit card information fall into the hands of ruthless identity thieves.
An example of a phishing email, disguised as an official email from a (fictional) bank. Note the misspelling of the words received and discrepancy. Also note that although the URL of the bank's webpage appears to be legitimate, the hyperlink would actually be pointed at the phisher's webpage.
SkimmingSkimming is the theft of
credit card information used in an otherwise legitimate transaction. The thief can procure a victim's credit card number using basic methods such as photocopying receipts
Common scenarios for skimming are restaurants or bars where the skimmer has possession of the victim's credit card out of their immediate view.
LOTTERY FRAUD
Lottery frauds are most common online fraud that happens every day on internet. Every day Gmail, Yahoo or Hotmail like mailing portal users receive mails regarding lottery. Such mails comes with popular brand names saying that "You have won 50 Million dollars" from Coca-Cola, Yahoo, Hotmail and other big names. When you reply to those mails they ask for your bank details to transfer your lottery money. When you send them the details asked, then they ask you to give a processing fee or handling charges. To tell you the fact, such e mails are always misleading and money is never transferred and your bank details are used for other scams or frauds
Pedophiles use false identity to trap the children/teenagers
Pedophiles contact children/teens in various chat rooms which are used by children/teen to interact with other children/teen.
Befriend the child/teen.
Extract personal information from the child/teen by winning his confidence.
Gets the e-mail address of the child/teen and starts making contacts.
Starts sending pornographic images/text to the victim including child pornographic images in order to help child/teen shed his inhibitions so that a feeling is created in the mind of the victim that what is being fed to him is normal and that everybody does it.
Extract personal information from child/teen
At the end of it, the pedophile set up a meeting with the child/teen out of the house and then drag him into the net to further sexually assault him or to use him as a sex object.
CHILD PORNOGRAPHY
Internet Relay Chat (IRC) servers have chat rooms in which people from anywhere the world can come together and chat with each other. Ø Criminal use it for meeting co-conspirators. Ø Hackers use it for discussing their exploits / sharing the techniques. Ø Paedophiles use chat rooms to allure small children. Reason behind IRC Crime: Ø Sexually harassing an individual by winning their confidence through chatting. Ø Blackmailing people for ransom if not paid, they will publish their nude pictures or videos on internet. Ø Some are paedophiles who harass children for their own benefits. Ø Earning money by offering fake job or fake lottery.
INTERNET RELAY CHAT
IRC CRIME
PHARMING Pharming is the hijacking of an official
website's address, usually by hacking a Domain Name System server and altering the legitimate website's IP address so that users who enter the correct Web address (for example, www.bankersonline.com) are directed instead to a 'knock of' of the correct page, where user names, passwords and perhaps additional personal information is collected for later illegal use.
* Digital Piracy
Digital piracy is the illegal distribution of copyrighted material. This can mean anything from illegally downloading a song, movie, e-book, or software. If you share a song, movie, e-book, or software, you are also considered a digital pirate.
HACKER
In the computer security context, a hacker is someone who seeks and exploits weaknesses in a computer system or computer network.
TYPES OF HACKERS White hat Black hat Grey hat Script kiddie
• A white hat hacker breaks security for non-malicious reasons, perhaps to test their own security system or while working for a security company which makes security software. The term "white hat" in Internet slang refers to an ethical hacker.
A "black hat" hacker is a hacker who "violates computer security for little reason beyond maliciousness or for personal gain" . Black hat hackers break into secure networks to destroy data or make the network unusable for those who are authorized to use the network. Black hat hackers also are referred to as the "crackers“.
A grey hat hacker is a combination of a black hat and a white hat hacker. A grey hat hacker may surf the internet and hack into a computer system for the sole purpose of notifying the administrator that their system has a security defect, for example.
In April 2000, hackers known as "{}" and "Hardbeat" gained unauthorized access to Apache.org.[11] They chose to alert Apache crew of the problems rather than try to damage the Apache.org servers.
A script kiddie (also known as a skid or skiddie) is a non-expert who breaks into computer systems by using pre-packaged automated tools written by others, usually with little understanding of the underlying.
What to do when your account is hacked???
Contact your bank and first block your bank credit/debit card.
If the bank account is hacked immediately after you have done some online transaction from some PC, then first scan and clean your PC with latest anti-virus scanner. This is to get rid of any rootkit or key logger that may have been installed on the PC and which would have compromised your login details and sent it to the hacker.
Reset your login password, pin, security questions answers.
Verify your contact details like address, phone number are not changed by the hacker.
Report the scam to right authority in the bank. Report a fraud to local police station.
WORLD FAMOUS HACKERSJONATHAN JAMES :
Jonathan James was known as “c0mrade” on the Internet. What is his ticket to fame? He was convicted and sent to prison for hacking in the United States–all while he was still a minor. At only fifteen years of age, he managed to hack into a number of networks, including those belonging to Bell South, Miami-Dade, the U.S. Department of Defense, and NASA.Yes, James hacked into NASA’s network and downloaded enough source code to learn how the International Space Station worked. The total value of the downloaded assets equaled $1.7 million. To add insult to injury, NASA had to shut down their network for three whole weeks while they investigated the breach, which cost them $41,000.
ALBERT GONZALEZ :Albert Gonzalez paved his way to Internet fame when he collected over 170 million credit card and ATM card numbers over a period of 2 years. Yep. That’s equal to a little over half the population of the United States.Gonzalez started off as the leader of a hacker group known as ShadowCrew. This group would go on to steal 1.5 million credit card numbers and sell them online for profit. ShadowCrew also fabricated fraudulent passports, health insurance cards, and birth certificates for identity theft crimes totaling $4.3 million stolen.The big bucks wouldn’t come until later, when Gonzalez hacked into the databases of TJX Companies and Heartland Payment Systems for their stored credit card numbers. In 2010, Gonzalez was sentenced to prison for 20 years (2 sentences of 20 years to be served out simultaneously).
PROTECT YOURSELF FROM CYBER CRIME
1. Use anti-virus
software
Your net-savvy friend may tell
you that he doesn't have
anti-virus on his computer
because it slows things down. But
look at it this way, one wrong
click and he may have to make the
entire college project from
scratch.
2. If in doubt, block
Just say no to social media
invitations (such as Facebook-
friend or LinkedIn
connection requests) from
people you don't know. It's the
cyber equivalent of inviting home the guy with an eye-patch who stares at you at
the bus stop
3. Ignore pop-upsPop-ups can contain malicious software which can trick a user into verifying something. "[But
if and when you do], a download will be performed in the background, which will
install malware. This is known as a drive-by download. Always ignore pop-ups offering
things like site surveys on ecommerce sites.
4. Censor yourself on social networks
How much of your data is public? What do you post about yourself—location, habits, plans? Disclosing where you're
taking your vacation or turning on the tracker enables identity theft. In addition, be mindful of what you post online about
others. We sit on vast amounts of data concerning family and friends. Be a good steward of that information.
5. Only shop online on secure sites
Before entering your card details, always ensure that the locked padlock or unbroken key symbol is showing in
your browser. Additionally, the beginning of the online retailer's internet address will change from
"http" to "https" to indicate a connection is secure. Be wary of sites that change back to http once you've
logged on.
6. Different site, different passwordsKeeping a common password for all
online accounts is a lot like having the same key for all locks.Never reuse your main email password. But most online
users own accounts in over a dozen sites. So either try and use clever
variations or start doing some really heavy memory-enhancement exercise.
7. Keep any device connected to the Internet free of malware infections. Make sure you're running up-to-date security software, operating systems and applications.
8. Create a password you can remember but that's difficult for others to guess. Lock your mobile devices and tablets. Thirty percent to half of users have not enabled a password or PIN on their mobile devices
Union home minister Shivraj Patil said that the rising level of cyber crime is an indication of enormous threat to national security. On Google’s social networking site have been perplexing authorities . Fan clubs of Underworld Dons like Dawood Ibrahim and Chhota Shakeel and other wanted underworld dons are also doing the rounds on social networking sites. There is huge potential for damage to national security through cyber attacks. The internet is
a means for money bounding and funding terrorist attacks in an organized manner.
CYBER CRIMES THREATENS NATIONAL SECURITY
As someone rightly said that “bytes are replacing bullets in the crime world”.
The growth of cyber crime in India, as all over the world, is on the rise and to curb its scope and complexity is the pertinent need today.
Cyber space offers a plethora of opportunities for cyber criminals either to cause harm to innocent people, or to make a fast buck at the expense of unsuspecting citizens.
India ranks fifth in the world for cyber crime. Even under the IT Act, investigations in India are not easy. This is mainly due to the lack of what is called “cyber forensics.” We know that forensic evidence is important in normal criminal investigations. But the collection and presentation of electronic evidence to prove cyber crimes have posed a challenge to investigation and prosecution agencies and the judiciary.
To sum up, India needs a good combination of laws and technology, in harmony with the laws of other countries and keeping in mind common security standards.
CONCLUSION
Gomini dhingraJaspreet bangaMaria mamtaPriya bhardwajSakshi gupta Vasudha tanjea