CA Sachin Patil , IPS DCP, Cyber Crime, Crime Branch, Mumbai.

CYBER CRIME, CYBER SECURITY AND CYBER LAWS

TYPES OF CYBER CRIME

TYPES OF CYBER CRIME

Financial Frauds

Hacking and Web Defacement

DoS and DDoS Attack

Virus Dissemination

Software Piracy

Pornography

Fake Profiles

Matrimonial Frauds

Cyber Terrorism

FINANCIAL FRAUDS

1. Credit Card / Debit Card frauds. – Phishing & Vishing.

Phishing - Sending fraudulent e-mail to the victim compelling him to clickon a supposedly banking site link and thereafter gleaning his username,password, transaction password on a fake webpage which is exactly like theoriginal web page.

Vishing – Calling the victim on his mobile phone and impersonating as aBank Official, gleaning details of his credit/debit cards including OTP senton his mobile and thereafter using his card ONLINE for fraudulent means.

2. Nigerian Lottery fraud / Legacy fraud / Job Fraud – Enticing the victim with Lottery winning or receiving legacy, offering huge

sum of money and on that pretext siphoning off money from him. Enticing the victim with job offer in a multinational company with excellent

package and on that pretext siphoning off money from him.

3. Email Spoofying – Enticing the victim(eg. CFO) with email which purportedly seems to be from

the management (MD) or foreign supplier and asking for funds to betransferred to a bank account, which turns out to be fraud and siphoning offmoney of the entity.

4. ATM Fraud – SKIMMER to record Card details and Camera to record PIN details.

Original FAKE/SKIMMER

ATM FRAUD - SKIMMING

HACKING

Hacking

DENIAL OF SERVICE ATTACK

This is an act by the criminal who floods the

bandwidth of the victim’s network or fills his e-

mail box with spam mail depriving him of the

services he is entitled to access or provide.

VIRUS DISSEMINATIONVirus is a malicious software that attaches itself to othersoftware and causes break down of the operating systemin extreme cases. The variants of viruses are –

worms, Trojan Horse, Time bomb virus, Logic Bomb, True Love, Spyware, Malware, Hoaxes Rabbit and Bacterium etc. are the malicious software.

SOFTWARE PIRACY Theft of software through illegal copying of original

programs or counterfeiting and distribution of theproducts intended to pass for the original.

Retail revenue losses worldwide are ever increasing dueto this crime.

This can be done in various ways -End user copying,Hard disk loading, Counterfeiting, illegal downloadsfrom the internet etc.

PORNOGRAPHYPornography is the first consistently successful e-commerce

product. Deceptive marketing tactics and mouse trappingtechnologies used in Pornographic sites encourage customers toaccess these sites. Anybody, irrespective of age, can fall prey to thepornographic sites at a click of mouse.

Publishing, transmitting any material in electronic form whichis lascivious or appeals to the prurient interest is an offence underthe provisions of section 67, 67–A of I.T. Act.

PAEDOPHILE – CHILD PORNOGRAPHY

Transmission of obscene, nude, vulgar photographs ofchildren is an offence under the provisions of Section67-B of I.T. Act.

Fake Profiles and Hacking (Guessing of password ) & taking control of Social Site Profiles and sending offensive messages

through it

FAKE PROFILE

Cheating Prospective Brides

by contacting them through

Matrimonial sites

MATRIMONIAL FRAUD

How to prevent online Predators?

• Don’t post too much of your personal details in social networking where everyone can see your details

• Always avoid the topics related to your gender, age, location and don’t share problems of home and school / college.

• Always take security measures like privacy settings and set the limited view of your profile.

How to prevent online Predators?

• Ignore or delete the mails from unknown users.

• It is suggested to hide personal information like interests, hobbies and family details to outsiders.

TIPS FOR YOUNG NETIZENS(Social Networking)

• Do not give identifying information (name, phone, etc.) in a chat-room.

• Do not send photographs of self or family members, friends on net without consultation of guardians.

• Do not respond to attractive or threatening or cautionary messages.

• Never arrange face to face meeting with net-mets, without proper caution.

• Remember ! The people online may not be the same who they seem to be.

FACEBOOK PRIVACY ( 5 TIPS )

• The following TIPS may help in securing Facebook Privacy.

• 1. Option of search visibility :• Go to search privacy setting page and choose from options, e.g. friends.• To prevent the public from searching your profile on Facebook through different search engines, choose the

option from public search listing.

• 2. Option of viewers :• Go to photo privacy page and choose from options, so that only the desired viewers can see photographs posted

by you.

• 3. Profile and contact information :• Go to profile privacy page and choose from the settings of personal information.• NEVER SHARE PERSONAL INFORMATION WITH STRANGERS

• 4. Option to protect yours friends’ privacy :• Go to profile privacy page and choose from the options, so that unwanted person can not peep into your friends’

list.

• 5. Option of updates :• Go to application page to choose from the settings of updates suitable to your profile.

TIPS FOR COMPUTER SAFETY

• Update your antivirus protection.• Use a personal firewall.• Update your antispyware.• Encrypt sensitive data.• Use a strong password.• Change the password at regular intervals.• Scan all email attachments.• Create backup for your files.• Don’t share your password.• Don’t use pirated software.• Single password for all accounts? Mitigate the risk

Mobile Security

• There are various threats which can affect the mobile users in several ways.

• Worms may disturb the phone network by spreading from one mobile to other mobile through bluetooth transfer, infrared transfer or through MMS attachment.

• Applications downloaded to a mobile device can be as virus-prone as desktop applications.

• Spyware that has entered in to the mobile phone through Bluetooth transfer the personal information to the outside network.

WI-FI SECURITY

• To maintain internal security and safety of the nation, public and their property, below mentioned guidelines must be followed by all internet users and establishments.

• Router should always be away from the windows and door.

• Range of a router should be limited.(e.g. the area of office is 1000 sq.ft., then range of the router should not exceed 500 sq.ft.)

• Always switch off the internet/router when not in use.

• Keep wireless router password protected and never keep default setting ON.

• Also change the user ID of the router. It should never be by default. This will help to deny access to stranger laptops & desktops. Change the password of router quarterly/half yearly

CYBER SECURITY

1. Increase in fraud cases viz. Phising, Vishing, Lottery scam, Jobfraud as it is easy to con people without physical presence.

2. Increase in Matrimonial frauds i.e. inducing the gullible victim- girl / woman to part with large sum of money on pretext ofmarrying her. (Latest crime registered in Cyber Police Stationincludes cheating to the tune of Rs. 1 cr., Rs. 45 lacs, etc.)

3. Credit Card / Debit Card fraud by phishing and vhishing.

4. DATA leaking of Banking customers leading to vhishing.

5. DATA theft from Corporates or false cases against Employeeswho resign from one Company to join rival Company.

6. Change of Banking Details by intercepting e-mailconversations between Buyer and Seller and inducing thevictim to deposit money in fraudster’s account.

FUTURE SCENERIO OF CYBER CRIME

CYBER LAWS

lk;cj xqUgs Ekfgrh o

ra=Kku

dk;nk

Hkk-n-fo-

la

gWdhax (Hacking) 43 (a), 66 379, 406

MsVk pksjh dj.ks (Data Theft) 43 (b), 66, 66(b) 379, 406, 420

Okk;jl iljfo.ks (Spreading Virus & Worms) 43(c), 66 -

lax.kdkyk gkuh iksgpfo.ks

(Damaging any Computer) ¼lax.kd]

MsVkcsl] usVodZ] izksxzke½

43(d), 66 426, 477 (a)

lax.kd] usVodZ] lOgZj] bR;knh dkekr O;R;;

vk.k.ks (Disruption to any Computer or

Network)

43(e), 66 -

vf/kd`r O;Drhyk lax.kd] lkW¶Vosvj fdaok

usVodZ okij.;kl eTtko dj.ks (Denial of

Service)

43(f), 66 -

Legal Provisions for Cyber Crime

lk;cj xqUgs Ekfgrh o

ra=Kku dk;nk

¼lq/kkjhr½

2008

Hkk-n-fo-la

lax.kdkrhy dqBY;kgh ekfgrhr cny dj.ks]

[kksM.ks] u"V dj.ks] ;kOnkjs ,[kk|k O;Drhyk

gkuh iksgpfo.ks

(Data Destruction)

43(i), 66 465

lax.kdkrhy izksxzke yio.ks] pksjh] u"B] cny

dj.ks fdaok vls dj.;kl enr dj.ks (Destroying

Computer Source Code)

43(j), 65, 66 381, 420, 465,

477 (a)

vHknz ,l~-,e~-,l~-] bZ&esy ikBfo.ks

(Sending offensive Messages through

Communication Service)

66 (a)

(Now Removed)

500, 506, 507

Hkze.k/ouh] ykWiVkWi] lax.kd pksjh (Theft) 66 (b) 379

bZysdVªksfud flXuspj] ikloMZ fdaok vksG[k

pksj.ks (Electronic Signature, Password or

Unique Identification Theft)

66 (c) -

vU; O;Drhps lksax ?ksÅu Qlo.kwd dj.ks

(Identity Theft)

66 (d) 419

,[kk|kP;k 'kkfjjhd [kktxh Hkkxkpk ¼fp=Qhr½

QksVks dk<wu rs izdkf’kr dj.ks fdaok nql&;kl

ikBfo.ks (Capturing & transmitting image of

private area)

66 (e) 292, 293, 294,

500, 506, 509

Lkk;cj ng’krokn

(Cyber terrorism)

66 (f) 153 (a)

v’yhy lkfgR;@lkexzh bZysDVªksfud ek/;ekOnkjs

iz{ksfir dj.ks (Transmitting Obscene Material)

67 500, 506, 509

bZysDVªksfud ek/;ekOnkjs ySafxd fdz;k vlysys

lkfgR; iz{ksfir dj.ks (Pornography)

67 (a) 292, 293, 294,

500, 506, 509

fd’kksjo;hu eqykaps@eqyhaps bZysDVªksfud

ek/;ekOnkjs ySafxd fØ;k vlysys lkfgR; iz{ksfir dj.ks

(Child Pornography)

67 (b) 292, 293, 294,

500, 506, 509

bZysDVªksfud flXusp~jdjhrk l{ke vf/kdk&;kyk

[kksVh ekfgrh ns.ks fdaok ekfgrh nMo.ks

(Providing wrong information to Competent Authority)

71 417, 420

xksifu; o [kktxh ekfgrh voS/kfjR;k izkIr dj.ks (Breach

of Confidentiality and privacy)

72 406, 408