Cyber Crime (Dos and Donts)

Hacking

Hacking in simple terms means an illegal intrusion into a computer system and /or network. There is an equivalent term to hacking i.e. cracking, but from Indian Laws perspective there is no difference between the term hacking and cracking. Every act committed towards breaking into a computer and/or network is hacking. Hackers write or use ready-made computer programs to attack the target computer. They possess the desire to destruct and they get the kick out of such destruction. Some hackers hack for personal monetary gains, such as to stealing the credit card information, transferring money from various bank accounts to their own account followed by withdrawal of money. They extort money from some corporate giant threatening him to publish the stolen information which is critical in nature.

Government websites are the hot targets of the hackers due to the press coverage, it receives. Hackers enjoy the media coverage.

Motive behind the Crime

  • Greed
  • Power
  • Publicity
  • Revenge
  • Adventure
  • Desire to access forbidden information
  • Destructive mindset
  • Wants to sell n/w security services

Child Pornography

The Internet is being highly used by its abusers to reach and abuse children sexually, worldwide. The internet is very fast becoming a household commodity in India. Its explosion has made the children a viable victim to the cyber crime. As more homes have access to internet, more children would be using the internet and more are the chances of falling victim to the aggression of pedophiles.

The easy access to the pornographic contents readily and freely available over the internet lowers the inhibitions of the children. Pedophiles lure the children by distributing pornographic material, and then they try to meet them for sex or to take their nude photographs including their engagement in sexual positions. Sometimes Pedophiles contact children in the chat rooms posing as teenagers or a child of similar age, and then they start becoming friendlier with them and win their confidence. Then slowly pedophiles start sexual chat to help children shed their inhibitions about sex and then call them out for personal interaction. Then starts actual exploitation of the children by offering them some money or falsely promising them good opportunities in life. The pedophiles then sexually exploit the children either by using them as sexual objects or by taking their pornographic pictures in order to sell those over the internet.

In physical world, parents know the face of dangers and they know how to avoid & face the problems by following simple rules and accordingly they advice their children to keep away from dangerous things and ways. But in case of cyber world, most of the parents do not themselves know about the basics in internet and dangers posed by various services offered over the internet. Hence the children are left unprotected in the cyber world. Pedophiles take advantage of this situation and lure the children, who are not advised by their parents or by their teachers about what is wrong and what is right for them while browsing the internet

How do they Operate

  1. Pedophiles use false identity to trap the children/teenagers
  2. Pedophiles contact children/teens in various chat rooms which are used by children/teen to interact with other children/teen.
  3. Befriend the child/teen.
  4. Extract personal information from the child/teen by winning his confidence.
  5. Gets the e-mail address of the child/teen and starts making contacts on the victims e-mail address as well.
  6. Starts sending pornographic images/text to the victim including child pornographic images in order to help child/teen shed his inhibitions so that a feeling is created in the mind of the victim that what is being fed to him are normal and that everybody does it.
  7. Extract personal information from child/teen.
  8. At the end of it, the pedophile set up a meeting with the child/teen out of the house and then drags him into the net to further sexually assault him or to use him as a sex object.

Cyber Stalking

Cyber Stalking can be defined as the repeated acts harassment or threatening behavior of the cyber criminal towards the victim by using internet services. Stalking in General terms can be referred to as the repeated acts of harassment targeting the victim such as following the victim, making harassing phone calls, killing the victims pet, vandalizing victims property, leaving written messages or objects. Stalking may be followed by serious violent acts such as physical harm to the victim and the same has to be treated and viewed seriously. It all depends on the course of conduct of the stalker.

Both kind of Stalkers Online & Offline – have desire to control the victims life. Majority of the stalkers are the dejected lovers or ex-lovers, who then want to harass the victim because they failed to satisfy their secret desires. Most of the stalkers are men and victim female.

How do they Operate

  1. Collect all personal information about the victim such as name, family background, Telephone Numbers of residence and work place, daily routine of the victim, address of residence and place of work, date of birth etc. If the stalker is one of the acquaintances of the victim he can easily get this information. If stalker is a stranger to victim, he collects the information from the internet resources such as various profiles, the victim may have filled in while opening the chat or e-mail account or while signing an account with some website.
  2. The stalker may post this information on any website related to sex-services or dating services, posing as if the victim is posting this information and invite the people to call the victim on her telephone numbers to have sexual services. Stalker even uses very filthy and obscene language to invite the interested persons.
  3. People of all kind from nook and corner of the World, who come across this information, start calling the victim at her residence and/or work place, asking for sexual services or relationships.
  4. Some stalkers subscribe the e-mail account of the victim to innumerable pornographic and sex sites, because of which victim starts receiving such kind of unsolicited e-mails.
  5. Some stalkers keep on sending repeated e-mails asking for various kinds of favours or threaten the victim.
  6. In online stalking the stalker can make third party to harass the victim.
  7. Follow their victim from board to board. They “hangout” on the same BB’s as their victim, many times posting notes to the victim, making sure the victim is aware that he/she is being followed. Many times they will “flame” their victim (becoming argumentative, insulting) to get their attention.
  8. Stalkers will almost always make contact with their victims through email. The letters may be loving, threatening, or sexually explicit. He will many times use multiple names when contacting the victim.
  9. Contact victim via telephone. If the stalker is able to access the victims telephone, he will many times make calls to the victim to threaten, harass, or intimidate them.
  10. Track the victim to his/her home.

Nature and Extent of Cyber stalking

An existing problem aggravated by new technology although online harassment and threats can take many forms, cyber stalking shares important characteristics with offline stalking. Many stalkers – online or off – are motivated by a desire to exert control over their victims and engage in similar types of behavior to accomplish this end. As with offline stalking, the available evidence (which is largely anecdotal) suggests that the majority of cyber stalkers are men and the majority of their victims are women, although there have been reported cases of women cyber stalking men and of same-sex cyber stalking. In many cases, the cyber stalker and the victim had a prior relationship, and the cyber stalking begins when the victim attempts to break off the relationship. However, there also have been many instances of cyber stalking by strangers. Given the enormous amount of personal information available through the Internet, a cyber stalker can easily locate private information about a potential victim with a few mouse clicks or key strokes.

The fact that cyber stalking does not involve physical contact may create the misperception that it is more benign than physical stalking. This is not necessarily true. As the Internet becomes an ever more integral part of our personal and professional lives, stalkers can take advantage of the ease of communications as well as increased access to personal information. In addition, the ease of use and non-confrontational, impersonal, and sometimes anonymous nature of Internet communications may remove disincentives to cyber stalking. Put another way, whereas a potential stalker may be unwilling or unable to confront a victim in person or on the telephone, he or she may have little hesitation sending harassing or threatening electronic communications to a victim. Finally, as with physical stalking, online harassment and threats may be a prelude to more serious behaviour, including physical violence.

Denial of Service Attack

This is an act by the criminal, who floods the bandwidth of the victims network or fills his e-mail box with spam mail depriving him of the services he is entitled to access or provide

Short for denial-of-service attack, a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic. Many DoS attacks, such as the Ping of Death and Teardrop attacks, exploit limitations in the TCP/IP protocols. For all known DoS attacks, there are software fixes that system administrators can install to limit the damage caused by the attacks. But, like Virus, new DoS attacks are constantly being dreamed up by Hacker.

Virus Dissemination

Malicious software that attaches itself to other software. (Virus, worms, Trojan Horse, Time bomb, Logic Bomb, Rabbit and Bacterium are the malicious.

Software Piracy

Theft of software through the illegal copying of genuine programs or the counterfeiting and distribution of products intended to pass for the original.

IRC Crime

Internet Relay Chat (IRC) servers have chat rooms in which people from anywhere the world can come together and chat with each other.

Credit card Fraud

The unauthorized and illegal use of a credit card to purchase property.

Net Extortion

Copying the companies confidential data in order to extort said company for huge amount.

Phishing

The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the users information.. By spamming large groups of people, the phisher counted on the e-mail being read by a percentage of people who actually had listed credit card numbers with legitimately. Phishing, also referred to as brand spoofing or carding, is a variation on phishing, the idea being that bait is thrown out with the hopes that while most will ignore the bait, some will be tempted into biting.

Cyber Crime: Some Prevention Tips

  1. Act, don't just react. Before you need it, establish a reliable system for assigning access to company data resources. Make sure the system can disable such access immediately should a major layoff occur.
  2. Identify dormant IDs or orphaned accounts. Install or create a system for actively checking for and deleting out-of-date IDs/accounts and/or inactive users.
  3. Automate the lines of communication between your IT and HR departments. The IT department will need to have real-time notice of pending layoffs or restructuring in order to determine which accounts need to be disabled or suspended.
  4. Define the "need to know." Determine-based on job function, seniority and/or other predetermined department roles-who needs to have access to which resources and why.
  5. Don't forget the sharing factor. What happens when employees who have relationships with outside vendors are punished/fired? These now-former employees may have provided password IDs to exclusive department data, and IT probably does not have an easy means of tracking these IDs.
  6. Reset passwords regularly. Smart departments should have an automated system for resetting passwords on a regular basis.
  7. Make non-disclosure policies routine. Establish and enforce a non-disclosure contract signed on the date of employment. The contract should clearly explain to government/corporate employees the consequences of hacking and sharing departments’ resources and data.
  8. Suspend terminated IDs. Make sure that the accounts belonging to laid-off employees are not simply deleted, which could result in the loss of critical information. Instead, make sure that you incorporate a suspend feature in your provisioning process that prevents outside access but enables the IT department to search for key data in the account.
  9. Reconcile open IDs to reality. Make certain that your system can produce real-time reports that show all open IDs/accounts and reconcile them against your trusted identity source. You must be able to clean out your dormant and invalid accounts.
  10. Operate out of opportunity rather than fear. Remember that open doors (to information, resources, etc.) are vital to business success, but you must be able to shut that door quickly when an insider becomes an outsider.

List of few tips on credit card safety and usage are mentioned below. These tips are important and universal:

  1. Sign your card — as soon as you receive it! (Obviously, this is only as effective as the clerk who’s checking it.)
  2. When you use your card at an ATM, enter your PIN in such a way that no one can easily memorize your keystrokes.
  3. Don’t leave your receipt behind at the ATM.Your PIN and account number from a discarded receipt could make you vulnerable to credit-card fraud. Also, don’t throw out your credit-card statement, receipts or carbons without first shredding them!
  4. Never give your credit-card number over the telephone unless you initiated the call. Even when you place the call to a legitimate merchant (such as a travel company), never give your card number out over a cordless phone. Radio scanners that eavesdrop on these conversations are available, and your voice can be received by one from a far greater distance than the maximum useful range of your cordless phone. One common scam is when someone calls you “back” right after you place an order, claims to be from the merchant and tells you that there was a problem with your card number — would you mind giving it to them again? The best thing to do is ask for a contact name and call the merchant back at the number you used originally.
  5. Ignore any credit-card offer that requires you to spend money up-front or fails to disclose the identity of the card issuer.
  6. Make certain you get your card back after you make a purchase (one habit to observe is to leave your wallet open in your hand until you have the card back). Also, make sure that you personally rip up any voided or cancelled sales slips.
  7. Always keep a list of your credit cards, credit-card numbers and toll-free numbers in case your card is stolen or lost.
  8. Check your monthly statement to make certain all charges is your own, and immediately notify the card issuer of any errors or unauthorized charges.
Top ⇑