CYBER CRIME Presented By : Ronson Calvin Fernandes. Manipal Institute of Technology - Manipala 22/02/2013 Cyber Crime 1 22/02/2013

Cyber crime & security

Embed Size (px)


Uploader : RONSON CALVIN FERNANDES Currently pursuing MCA@MIT,Manipal

Citation preview

Page 1: Cyber crime & security

Cyber Crime 1


Presented By : Ronson Calvin Fernandes.

Manipal Institute of Technology - Manipala


Page 2: Cyber crime & security

Cyber Crime


A quick peek into . . . .


What is Cyber Crime ? What is Crime Ware ? CrimeWare - Bot’s , Trojan’s & Spywares. Online fraud – Phishing & Pharming. Kinds of Cyber Crime. Basic Prevention Tips. Cyber laws @ your disposal. References.

Page 3: Cyber crime & security

Cyber Crime



Crime committed using a computer and the internet to steal a person’s identity or illegal imports or malicious programs.

Cybercrime is nothing but where the computer used

as an object or subject of crime.

Most of these crimes are not new. Criminals simply devise different ways to undertake standard criminal activities such as fraud , theft , blackmail and forgery using the new medium , often involving the Internet .

What is cyber crime?

Page 4: Cyber crime & security

Cyber Crime


Types of Cyber Crimes


Cyber Crime refers to all activities done with criminal intent in cyberspace. These fall into three slots.

Those against persons.

Against Business and Non-business organizations.

Crime targeting the government.

Page 5: Cyber crime & security

Cyber Crime



Page 6: Cyber crime & security

Cyber Crime


What is Crime Ware ?


The software tools used in cybercrime is sometimes referred to as Crimeware.

Crimeware is software that is used in the commission of the criminal act.

Not generally regarded as a desirable software or hardware application

Page 7: Cyber crime & security

Cyber Crime



Page 8: Cyber crime & security

Cyber Crime


Crimeware – Bots


What's a Bot? "Bot" is actually short for robot – not the

kind found in science fiction movies.  Bots are one of the most sophisticated

types of crimeware. They are similar to worms and Trojans,

performs automated tasks on behalf of their master (the cybercriminals) (i.e) co-ordinated "denial-of-service" attack.

Victim machines = “Zombies." 

Page 9: Cyber crime & security

Cyber Crime


Bots (continued . .)


 Bots search for vulnerable, unprotected computers to infect and stay hidden till they are activated.

Bots do not work alone, but are part of a network of infected machines called a "botnet.“

 A botnet is typically composed of large number victim machines that stretch across the globe.

Page 10: Cyber crime & security

Cyber Crime


How BotNet works ?


Page 11: Cyber crime & security

Cyber Crime


Trojan Horses , Spyware & Crime


Trojans and spyware are crimeware—two of the essential tools a cybercriminal.

Used to obtain unauthorized access and steal information from a victim as part of an attack.

The creation and distribution of these programs

is on the rise, almost 37% of unauthorised access and info stealing is through trojan’s and spywares. [2]

Page 12: Cyber crime & security

Cyber Crime


Trojan Horses


 A Trojan horse program presents itself as a useful computer program, while it actually causes havoc and damage to your computer. 

Trojans are the first stage of an attack. Primary purpose - stay hidden while downloading

and installing a stronger threat such as a bot. Cannot spread by themselves - often delivered

to a victim through an email message. Trojan horse lurks silently on the infected

machine, downloading spyware, while the victim continues on with their normal activities.

Page 13: Cyber crime & security

Cyber Crime




 Programs that covertly monitor your activity on your computer, gathering usernames, passwords, account numbers, files, and even driver's license or social security numbers.

Some spyware focuses on monitoring a person's Internet behavior; Tracks the places you visit and things you do on the web.

Spyware is similar to a Trojan horse in that users unknowingly install the product when they install something else. 

Page 14: Cyber crime & security

Cyber Crime


Phishing [2]


What is Phishing? Phishing is essentially an online con

game, and phishers are nothing more than tech-savvy con artists and identity thieves.

They use spam, fake Web sites, crimeware and other techniques to trick people into divulging sensitive information, such as bank and credit card account details.

 For example, a flaw in the IRS Web site.

Page 15: Cyber crime & security

Cyber Crime


How phishing works ?


In most cases, phishers send out a wave of spam email, sometimes up to millions of messages.

 Each email contains a message that appears to come from a well-known and trusted company.

The bogus Web site urges the visitor to provide confidential information — social security numbers, account numbers, passwords, etc.

While it is impossible to know the actual success rates to all phishing attacks, it is commonly believed that about 1 to 10 percent of success. [2]

Page 16: Cyber crime & security

Cyber Crime


How Phishing works ? [3]


Page 17: Cyber crime & security

Cyber Crime


How phishing works (continued . .)


Over 2005, phishers became much more sophisticated.

This trend means that by simply following the link in a phishing email to a bogus Website, a user's identity could be stolen as the phisher would no longer need to get you to enter your personal information .

The Trojan or spyware placed onto your machine would capture this information the next time you visit the legitimate Web site of your bank or other online service.

Page 18: Cyber crime & security

Cyber Crime


Phishing Process


Page 19: Cyber crime & security

Cyber Crime


Pharming [2]


Pharming is another form of online fraud.

 More difficult to detect as they are not entirely reliant upon the victim accepting a "bait" message.

Instead of relying completely on users clicking on an enticing link in fake email messages, pharming instead re-directs victims to the bogus Web site even if they type the right Web address. 

Page 20: Cyber crime & security

Cyber Crime


How Pharming works ? [5]


Pharmers re-direct their victims using a ploy called DNS cache poisoning.

DNS cache poisoning is an attack on the Internet Domain Naming System.

The naming system relies upon DNS servers to handle the conversion of the letter-based Web site names, into the machine-understandable digits (IP Address) that directs users to the Web site of their choice.

Page 21: Cyber crime & security

Cyber Crime


How Pharming works (continued . .)


When a pharmer mounts a successful DNS cache poisoning attack, they are effectively changing the rules of how traffic flows for an entire section of the Internet!

 Phishers drop a couple lines in the water and wait to see who will take the bait. Where as

Pharmers are more like cybercriminals harvesting the Internet at a scale larger than anything seen before. 

Page 22: Cyber crime & security

Cyber Crime



Page 23: Cyber crime & security

Cyber Crime


Kinds of Cyber Crimes


E-Mail bombing : Sending huge amounts of E-mails.

Salami attacks: These attacks are used for the commission of financial crimes.

Denial of Service: This involves flooding computer resources with more requests than it can handle.

Page 24: Cyber crime & security

Cyber Crime


Kinds of Cyber Crimes (continued ..)


Sale of illegal articles : This would include sale of narcotics, weapons and wildlife etc.

Cyber Pornography : This would include pornographic websites.

E-Mail spoofing : A spoofed email is one that appears to originate from one source but actually has been sent from another source.

Online gambling : There are millions of websites, all hosted on servers abroad, that offer online gambling.

Page 25: Cyber crime & security

Cyber Crime


Basic Prevention Tips


Cybercrime prevention can be straight-forward - when armed with a little technical advice and common sense, many attacks can be avoided.

In general, online criminals are trying to make their money as quickly and easily as possible. The more difficult you make their job, the more likely they are to leave you alone and move on to an easier target.

Keep your computer current with the latest patches and updates. Make sure your computer is configured securely. Choose strong passwords and keep them safe. Protect your computer with security software. Protect your personal information. Online offers that look too good to be true usually are. Review bank and credit card statements regularly.

Page 26: Cyber crime & security

Cyber Crime


What To Do If You're a Victim


If You're a Victim of Crimeware. Disconnect immediately. Scan your computer with an up-to-date

antivirus program Back up your critical information. Consider going back to ground-zero

Page 27: Cyber crime & security

Cyber Crime


What To Do If You're a Victim(cont..)


If You're a Victim of Online Fraud.

Close affected accounts immediately File a police report.  Contact government agencies Watch your credit reports closely. Look for signs of identity theft.

Page 28: Cyber crime & security

Cyber Crime


Cyber laws @ your disposal


Snapshot of Important Cyberlaw Provisions in India Offence Section under IT Act

Offence Section

Tampering with Computer source documents


Hacking with Computer systems, Data alteration


Publishing obscene information Sec.67

Un-authorized access to protected system


Breach of Confidentiality and Privacy


Publishing false digital signature certificates


Page 29: Cyber crime & security

Cyber Crime


Cyber laws @ your disposal (cont ..)


Offence Section

Threatening messages by E-mail Sec 503 IPC

Defamatory messages by E-mail Sec 499 IPC

Forgery of electronic records Sec 463 IPC

Bogus websites, cyber frauds Sec 420 IPC

Email spoofing Sec 463 IPC

Web-Jacking Sec 383 IPC

E-Mail Abuse Sec 500 IPC

Online sale of Drugs NDPS Act

Online sale of Arms Arms Act

Computer Related Crimes covered under Indian Penal Code and Special Laws .

Page 30: Cyber crime & security

Cyber Crime




[1]. Susan W. Brenner, Cybercrime: Criminal Threats from

Cyberspace [2]. Norton , Symantec Group.

http://in.norton.com/cybercrime [3]. SEMCOM Cyberlaw Clinic.

www.cyberlawclinic.org [4]. “Cyber Crime Statistics in India”.

http://www.indiafacts.in [5]. Carnegie Cyber Academy - National Cyber Security



Page 31: Cyber crime & security

Cyber Crime

