Cyber Crimes

Cyber Crimes

• Introduction• Definition• Types• Classification

Introduction: • Crime committed using a computer and the

internet to steal a person's identity or illegal imports or malicious programs

• Cybercrime is nothing but where the computer used as an object or subject of crime

Definition:• Cybercrime is a term for any illegal activity that

uses a computer as its primary means of commission

Cyber Crimes

TypesHackingTheftCyber StalkingIdentity TheftMalicious SoftwareChild soliciting and Abuse

TypesHacking:

i. Type of crime wherein a person’s computer is broken into so that his personal or sensitive information can be accessed

ii. The criminal uses a variety of software to enter a person’s computer and the person may not be aware that his computer is being accessed from a remote location

TypesTheft:

i. occurs when a person violates copyrights and downloads music, movies, games and software

ii. there are laws that prevent people from illegal downloading

Cyber Stalking: i. kind of online harassment wherein the

victim is subjected to a barrage of online messages and emails

TypesIdentity Theft:i. major problem with people using the Internet for

cash transactions and banking servicesii. a criminal accesses data about a person’s bank

account, credit cards, Social Security, debit card and other sensitive information to siphon money or to buy things online in the victim’s name

Malicious Software:i. Internet-based software or programs that are used

to disrupt a network. The software is used to gain access to a system to steal sensitive information or data or causing damage to software present in the system.

Cyber CrimesClassification:

Against a personAgainst PropertiesCrime targetting the government

CategoriesIndividual:

i.  This type of cyber crime can be in the form of cyber stalking, distributing pornography, trafficking and “grooming”

Property:i. can steal a person’s bank details and siphon off

money; misuse the credit card to make numerous purchases online; run a scam to get naïve people to part with their hard earned money; use malicious software to gain access to an organization’s website or disrupt the systems of the organization.

CategoriesGovernment:

i. crimes against a government are referred to as cyber terrorism

ii. criminals hack government websites, military websites or circulate propaganda. The perpetrators can be terrorist outfits or unfriendly governments of other nations

Cyber crimes in mobile environment:

Smishing : In a smishing scam, people receive a text

message on their phone telling them there's a problem with their bank account. The message will contain a phone number to call or a website to log into

Vishing: Vishing is similar to smishing except instead of an

SMS, a person will receive a voicemail giving them the same information.

Spamming : Spam can appear in text messages as well as

electronic mail. Besides the inconvenience of deleting spam, users may face charges for unwanted text messages.

Cyber crimes in mobile environment:

Data interception: Data interception can occur when an attacker is eavesdropping

on communications originating from or being sent to a mobile device. Electronic eavesdropping is possible through various techniques, such as

1. when a mobile device connects to an unsecured WiFi network and an attacker

intercepts

2. WiFi sniffing, which occurs when data are sent to or from a device over an

unsecured (i.e., not encrypted) network connection

Browser exploits: Visiting certain web pages and/or clicking on certain hyperlinks

can trigger browser exploits that install malware or perform other adverse actions on a mobile device.

Cyber crimes in mobile environment:

Keystroke logging:

This is a type of malware that records keystrokes on mobile devices in order to capture sensitive information, such as credit card numbers. Generally keystroke loggers transmit the information they capture to a cyber criminal's website or e-mail address

Copy names of popular apps Cybercriminals have also created and distributed

malware using the names of popular apps that are not yet available on the Android Market. Android users anticipating these games are the likely victims of this ruse

Example : A recent example is a fake version of Temple Run we found in the Android Market

Spoofing: Attackers may create fraudulent websites to

mimic or "spoof" legitimate sites and in some cases may use the fraudulent sites to distribute malware to mobile devices. E-mail spoofing occurs when the sender address and other parts of an e-mail header are altered to appear as though the e-mail originated from a different source.

Unauthorized location tracking: Location tracking allows the whereabouts of

registered mobile devices to be known and monitored. While it can be done openly for legitimate purposes, it may also take place surreptitiously. Location data may be obtained through legitimate software applications as well as malware loaded on the user's mobile device.

Cyber crimes in mobile environment:

Stealing personal data like files, contacts, photos and other private details.

Charging a ‘fee’ for use, update or installation of a legitimate and usually free app.

Pretending to be a mobile AV solution but actually having no useful functionality.

Attacks against mobile devices generally occur through four different channels of activities:

Software downloadsVisiting a malicious websiteDirect attack through the communication

network.Physical attacks

Anatomy of a Hacked Mobile Device: How a hacker can profit from your smartphone

PreventionsCyber securityPrivacy policy Keep software up to dateUse good passwordsDisable remote connectivity