Upload
others
View
5
Download
2
Embed Size (px)
Citation preview
CA Sachin Patil , IPS DCP, Cyber Crime, Crime Branch, Mumbai.
CYBER CRIME, CYBER SECURITY AND CYBER LAWS
TYPES OF CYBER CRIME
TYPES OF CYBER CRIME
Financial Frauds
Hacking and Web Defacement
DoS and DDoS Attack
Virus Dissemination
Software Piracy
Pornography
Fake Profiles
Matrimonial Frauds
Cyber Terrorism
FINANCIAL FRAUDS
1. Credit Card / Debit Card frauds. – Phishing & Vishing.
Phishing - Sending fraudulent e-mail to the victim compelling him to clickon a supposedly banking site link and thereafter gleaning his username,password, transaction password on a fake webpage which is exactly like theoriginal web page.
Vishing – Calling the victim on his mobile phone and impersonating as aBank Official, gleaning details of his credit/debit cards including OTP senton his mobile and thereafter using his card ONLINE for fraudulent means.
2. Nigerian Lottery fraud / Legacy fraud / Job Fraud – Enticing the victim with Lottery winning or receiving legacy, offering huge
sum of money and on that pretext siphoning off money from him. Enticing the victim with job offer in a multinational company with excellent
package and on that pretext siphoning off money from him.
3. Email Spoofying – Enticing the victim(eg. CFO) with email which purportedly seems to be from
the management (MD) or foreign supplier and asking for funds to betransferred to a bank account, which turns out to be fraud and siphoning offmoney of the entity.
4. ATM Fraud – SKIMMER to record Card details and Camera to record PIN details.
Original FAKE/SKIMMER
ATM FRAUD - SKIMMING
HACKING
Hacking
DENIAL OF SERVICE ATTACK
This is an act by the criminal who floods the
bandwidth of the victim’s network or fills his e-
mail box with spam mail depriving him of the
services he is entitled to access or provide.
VIRUS DISSEMINATIONVirus is a malicious software that attaches itself to othersoftware and causes break down of the operating systemin extreme cases. The variants of viruses are –
worms, Trojan Horse, Time bomb virus, Logic Bomb, True Love, Spyware, Malware, Hoaxes Rabbit and Bacterium etc. are the malicious software.
SOFTWARE PIRACY Theft of software through illegal copying of original
programs or counterfeiting and distribution of theproducts intended to pass for the original.
Retail revenue losses worldwide are ever increasing dueto this crime.
This can be done in various ways -End user copying,Hard disk loading, Counterfeiting, illegal downloadsfrom the internet etc.
PORNOGRAPHYPornography is the first consistently successful e-commerce
product. Deceptive marketing tactics and mouse trappingtechnologies used in Pornographic sites encourage customers toaccess these sites. Anybody, irrespective of age, can fall prey to thepornographic sites at a click of mouse.
Publishing, transmitting any material in electronic form whichis lascivious or appeals to the prurient interest is an offence underthe provisions of section 67, 67–A of I.T. Act.
PAEDOPHILE – CHILD PORNOGRAPHY
Transmission of obscene, nude, vulgar photographs ofchildren is an offence under the provisions of Section67-B of I.T. Act.
Fake Profiles and Hacking (Guessing of password ) & taking control of Social Site Profiles and sending offensive messages
through it
FAKE PROFILE
Cheating Prospective Brides
by contacting them through
Matrimonial sites
MATRIMONIAL FRAUD
How to prevent online Predators?
• Don’t post too much of your personal details in social networking where everyone can see your details
• Always avoid the topics related to your gender, age, location and don’t share problems of home and school / college.
• Always take security measures like privacy settings and set the limited view of your profile.
How to prevent online Predators?
• Ignore or delete the mails from unknown users.
• It is suggested to hide personal information like interests, hobbies and family details to outsiders.
TIPS FOR YOUNG NETIZENS(Social Networking)
• Do not give identifying information (name, phone, etc.) in a chat-room.
• Do not send photographs of self or family members, friends on net without consultation of guardians.
• Do not respond to attractive or threatening or cautionary messages.
• Never arrange face to face meeting with net-mets, without proper caution.
• Remember ! The people online may not be the same who they seem to be.
FACEBOOK PRIVACY ( 5 TIPS )
• The following TIPS may help in securing Facebook Privacy.
• 1. Option of search visibility :• Go to search privacy setting page and choose from options, e.g. friends.• To prevent the public from searching your profile on Facebook through different search engines, choose the
option from public search listing.
• 2. Option of viewers :• Go to photo privacy page and choose from options, so that only the desired viewers can see photographs posted
by you.
• 3. Profile and contact information :• Go to profile privacy page and choose from the settings of personal information.• NEVER SHARE PERSONAL INFORMATION WITH STRANGERS
• 4. Option to protect yours friends’ privacy :• Go to profile privacy page and choose from the options, so that unwanted person can not peep into your friends’
list.
• 5. Option of updates :• Go to application page to choose from the settings of updates suitable to your profile.
TIPS FOR COMPUTER SAFETY
• Update your antivirus protection.• Use a personal firewall.• Update your antispyware.• Encrypt sensitive data.• Use a strong password.• Change the password at regular intervals.• Scan all email attachments.• Create backup for your files.• Don’t share your password.• Don’t use pirated software.• Single password for all accounts? Mitigate the risk
Mobile Security
• There are various threats which can affect the mobile users in several ways.
• Worms may disturb the phone network by spreading from one mobile to other mobile through bluetooth transfer, infrared transfer or through MMS attachment.
• Applications downloaded to a mobile device can be as virus-prone as desktop applications.
• Spyware that has entered in to the mobile phone through Bluetooth transfer the personal information to the outside network.
WI-FI SECURITY
• To maintain internal security and safety of the nation, public and their property, below mentioned guidelines must be followed by all internet users and establishments.
• Router should always be away from the windows and door.
• Range of a router should be limited.(e.g. the area of office is 1000 sq.ft., then range of the router should not exceed 500 sq.ft.)
• Always switch off the internet/router when not in use.
• Keep wireless router password protected and never keep default setting ON.
• Also change the user ID of the router. It should never be by default. This will help to deny access to stranger laptops & desktops. Change the password of router quarterly/half yearly
CYBER SECURITY
1. Increase in fraud cases viz. Phising, Vishing, Lottery scam, Jobfraud as it is easy to con people without physical presence.
2. Increase in Matrimonial frauds i.e. inducing the gullible victim- girl / woman to part with large sum of money on pretext ofmarrying her. (Latest crime registered in Cyber Police Stationincludes cheating to the tune of Rs. 1 cr., Rs. 45 lacs, etc.)
3. Credit Card / Debit Card fraud by phishing and vhishing.
4. DATA leaking of Banking customers leading to vhishing.
5. DATA theft from Corporates or false cases against Employeeswho resign from one Company to join rival Company.
6. Change of Banking Details by intercepting e-mailconversations between Buyer and Seller and inducing thevictim to deposit money in fraudster’s account.
FUTURE SCENERIO OF CYBER CRIME
CYBER LAWS
lk;cj xqUgs Ekfgrh o
ra=Kku
dk;nk
Hkk-n-fo-
la
gWdhax (Hacking) 43 (a), 66 379, 406
MsVk pksjh dj.ks (Data Theft) 43 (b), 66, 66(b) 379, 406, 420
Okk;jl iljfo.ks (Spreading Virus & Worms) 43(c), 66 -
lax.kdkyk gkuh iksgpfo.ks
(Damaging any Computer) ¼lax.kd]
MsVkcsl] usVodZ] izksxzke½
43(d), 66 426, 477 (a)
lax.kd] usVodZ] lOgZj] bR;knh dkekr O;R;;
vk.k.ks (Disruption to any Computer or
Network)
43(e), 66 -
vf/kd`r O;Drhyk lax.kd] lkW¶Vosvj fdaok
usVodZ okij.;kl eTtko dj.ks (Denial of
Service)
43(f), 66 -
Legal Provisions for Cyber Crime
lk;cj xqUgs Ekfgrh o
ra=Kku dk;nk
¼lq/kkjhr½
2008
Hkk-n-fo-la
lax.kdkrhy dqBY;kgh ekfgrhr cny dj.ks]
[kksM.ks] u"V dj.ks] ;kOnkjs ,[kk|k O;Drhyk
gkuh iksgpfo.ks
(Data Destruction)
43(i), 66 465
lax.kdkrhy izksxzke yio.ks] pksjh] u"B] cny
dj.ks fdaok vls dj.;kl enr dj.ks (Destroying
Computer Source Code)
43(j), 65, 66 381, 420, 465,
477 (a)
vHknz ,l~-,e~-,l~-] bZ&esy ikBfo.ks
(Sending offensive Messages through
Communication Service)
66 (a)
(Now Removed)
500, 506, 507
Hkze.k/ouh] ykWiVkWi] lax.kd pksjh (Theft) 66 (b) 379
bZysdVªksfud flXuspj] ikloMZ fdaok vksG[k
pksj.ks (Electronic Signature, Password or
Unique Identification Theft)
66 (c) -
vU; O;Drhps lksax ?ksÅu Qlo.kwd dj.ks
(Identity Theft)
66 (d) 419
,[kk|kP;k 'kkfjjhd [kktxh Hkkxkpk ¼fp=Qhr½
QksVks dk<wu rs izdkf’kr dj.ks fdaok nql&;kl
ikBfo.ks (Capturing & transmitting image of
private area)
66 (e) 292, 293, 294,
500, 506, 509
Lkk;cj ng’krokn
(Cyber terrorism)
66 (f) 153 (a)
v’yhy lkfgR;@lkexzh bZysDVªksfud ek/;ekOnkjs
iz{ksfir dj.ks (Transmitting Obscene Material)
67 500, 506, 509
bZysDVªksfud ek/;ekOnkjs ySafxd fdz;k vlysys
lkfgR; iz{ksfir dj.ks (Pornography)
67 (a) 292, 293, 294,
500, 506, 509
fd’kksjo;hu eqykaps@eqyhaps bZysDVªksfud
ek/;ekOnkjs ySafxd fØ;k vlysys lkfgR; iz{ksfir dj.ks
(Child Pornography)
67 (b) 292, 293, 294,
500, 506, 509
bZysDVªksfud flXusp~jdjhrk l{ke vf/kdk&;kyk
[kksVh ekfgrh ns.ks fdaok ekfgrh nMo.ks
(Providing wrong information to Competent Authority)
71 417, 420
xksifu; o [kktxh ekfgrh voS/kfjR;k izkIr dj.ks (Breach
of Confidentiality and privacy)
72 406, 408