2. Cyber Space
• Worldwide network of computers and the
equipment that connect them, which by its
very design is free and open to the public
• Electronic medium of computer networks, in
which online communication takes place
3. Cyber Crime
• Any crime that involves computers and the
network
• Uses the computer to perform the crime
• Computer is the target
4. Why do we need to learn about cyber
crime?
• Everybody is using computers
• Monetary transactions are moving on to the
internet
• Many conventional crimes are being
committed with the help of computers
We have become reliant on the internet from
passing emails to hypersensitive data
5. Types of Cyber Crimes
1. Hacking 11. Spoofing
2. Salami Attack 12. Spam
3. Malware dissemination 13. Denial of Service
4. Software Piracy 14. Threatening
5. Forgery 15. Net Extortion
6. Obscene or Offensive 16. Cyber Terrorism
Content 17. Drug Trafficking
7. Pornography 18. Cyber Warfare
8. Cyber Sex 19. Cyber Stalking
9. Fraud 20. Cyber Defamation
10. Phishing 21. IRC Crime
6. Hacking
• The act of gaining unauthorized access to a
computer system or network
• Unauthorized using of this access
• Illegal intrusion into the computer system
without the computer owner’s permission
7. Hacker
• person who finds out weaknesses in the
computer and exploits it
• profit, protest, or challenge
8. Classification of Hacker
• White hat
– perform penetration tests and vulnerability assessments within
a contractual agreement
• Black hat
– break into secure networks to destroy data or make the network
unusable for those who are authorized to use the network
• Grey hat
– hack into a computer system for the sole purpose of notifying
the administrator that their system has been hacked
• Blue hat
– someone outside computer security consulting firms who is
used to bug test a system prior to its launch
9. Social Status of Hacker
• Elite Hacker
• Script Kiddie
– non-expert who breaks into computer systems by
using pre-packaged automated tools written by
others
• Neophyte
• Hacktivist
– hacker who utilizes technology to announce a
social, ideological, religious, or political message
10. Salami Attack
• Penny Shaving. The idea is to make the change
small enough that any single transaction will go
undetected
• Criminals makes insignificant changes in such a
manner that such changes would go unnoticed
• Criminals makes small programs that deducts
small amounts like 1php per month from the
account of all customers of the bank deposit the
same in his account
11. Malware
• Malicious Software that attach itself to other
software
• Infectious Malware
– Virus - infecting files on a network file system or a
file system that is accessed by other computers
– Worms - uses a computer network to send copies
of itself to other nodes . It does not need to attach
itself to an existing program.
12. Malware
• Concealment Malware
– Trojan Horse - make copies of themselves, steal
information, or harm their host computer systems
– Rootkits - hide the existence of certain processes or
programs from normal methods of detection and
enables continued privileged access to a computer
– Backdoor - method of bypassing normal
authentication procedures
– Logic Bomb is a piece of code intentionally inserted
into a software system that will set off a malicious
function when specified conditions are met.
– Time Bomb
13. Malware
• Other Malwares
– Spyware - collects information about users
without their knowledge
– Keystroke logger
– Botnets
– Adware - automatically renders advertisements
14. Software Piracy
• Theft of software through illegal copying of
genuine programs
• End-user copying: Organizations installing or
using software on more computers than they
are licensed to support.
• Distribution: Selling or distributing illegally
copied software, including counterfeit products.
• Downloading: Making unauthorized copies from
the Internet.
15. Types of Software Piracy
• End User Piracy: This occurs when a company
employee or an individual reproduces copies of
software without authorization.
– Using one licensed copy to install a program on
multiple computers;
– Copying disks for installation and distribution;
– Taking advantage of upgrade offers without having a
legal copy of the version to be upgraded;
– Acquiring academic or other restricted or non-retail
software without a license for commercial use;
– Swapping disks in or outside the workplace.
16. • Client-Server Overuse: This type of piracy
occurs when too many employees on a
network are using a central copy of a program
at the same time. If you have a local-area
network and install programs on the server for
several people to use, you have to be sure
your license entitles you to do so. If you have
more users than allowed by the license, that’s
“overuse”.
17. • Internet Piracy: This occurs when software is
downloaded from the Internet. The same
purchasing rules should apply to online software
purchase as for those bought in traditional ways
– Pirate websites that make software available for free
download or in exchange for uploaded programs;
– Internet auction sites that offer counterfeit, out-of-
channel, infringing copyright software;
– Peer-to-Peer networks that enable unauthorized
transfer of copyrighted programs.
18. • Hard-Disk Loading: This occurs when a
business who sells new computers loads illegal
copies of software onto the hard disks to
make the purchase of the machines more
attractive
• Software Counterfeiting: This type of piracy is
the illegal duplication and sale of copyrighted
material with the intent of directly imitating
the copyrighted product
19. Source of Software Piracy
• P2P networks
• Search engines
• IRC cracking channels
• Street CDs
• Friends
20. Software Piracy Motives
• Pricing – unwillingness or inability to pay the
price requested by the legitimate sellers
• Unavailability – no legitimate sellers providing
the product in the country of the end-user
• Usefulness – the legitimate product comes
with various means of restricting legitimate
use
21. Effects of Software Piracy
• Reduces profits for the software developer
– Loss of jobs
– Increased prices for software
• reduces development money for future
products
• individual who uses pirated software cannot
receive technical support
• Risks to malware
• Risks to file corruption
22. Forgery
• Counterfeiting legal documents using
computers, printers and scanners
– Currency notes
– Postage
– Revenue stamps
– Mark sheets
– Checks
23. Obscene or offensive content
• Most common to websites that violates
limitations on certain speech, being
racist, blasphemous, politically
subversive, libellous or
slanderous, seditious, or inflammatory
material that tends to incite hate crimes
24. Pornography & Cybersex
• Publishing, transmitting any material in
electronic form which is lascivious in content
• Explicit portrayal of sexual subject matter for
the purposes of sexual arousal and erotic
satisfaction
25. Use of Internet Pornography and
Cybersex
• To get information
• To observe and contact victims
• To develop fantasies and get aroused
• To overcome own inhibitions
• To seduce victims and make them sexually
aroused
• To produce pornographic material with their
victims
• To exchange this material with and sell it to
others
• To contact other offenders
26. Characteristics of Internet
Pornography and Cyber Sex
• Easy access: at home, every time, cheap, anonymous
• Variability of the pornographic material:
photos, films, texts, message-systems, chats (with two
or more persons), audio-visual communication
(microphone, webcam)
• Unlimited market: continuously new material
• More deviant, violent pornography (magazines <
videos < internet)
• World wide spectators and auditorium
• Low risk of detection and prosecution of illegal
activities
27. • Interactive communication with reciprocal
influence on fantasies and ‘real’ behaviour -
immediate or delayed
• Space to experiment between fantasy and „real
life“-behaviour
• Virtual identities
• Facilitates addictive
consumption, habituation, desensitization
• Easy, unlimited networking (esp. for
minorities), anonymous contacts between
‘perpetrator’ and ‘victim’ and between different
‘perpetrators’
28. Effects of Pornography
• Family
– Married men who are involved in pornography feel less
satisfied with their conjugal relations and less emotionally
attached to their wives. Wives notice and are upset by the
difference.
– Pornography use is a pathway to infidelity and divorce, and
is frequently a major factor in these family disasters.
– Among couples affected by one spouse's addiction, two-
thirds experience a loss of interest in sexual intercourse.
– Both spouses perceive pornography viewing as
tantamount to infidelity.
– Pornography viewing leads to a loss of interest in good
family relations.
29. • Individual
– Pornography is addictive
– Users tend to become desensitized to the type of pornography
they use and seek for more perverse forms of pornography.
– Men who view pornography regularly have a higher tolerance
for abnormal sexuality, including rape, and sexual aggression.
– Prolonged consumption of pornography by men produces
stronger notions of women as commodities or as "sex objects."
– Pornography engenders greater sexual permissiveness, which in
turn leads to a greater risk of out-of-wedlock births and STDs.
30. – Child-sex offenders are more likely to view
pornography regularly or to be involved in its
distribution.
– Many adolescents who view pornography initially feel
shame, diminished self-confidence, and sexual
uncertainty, but these feelings quickly shift to
unadulterated enjoyment with regular viewing.
• Society
– The presence of sexually oriented businesses
significantly harms the surrounding
community, leading to increases in crime and
decreases in property values.
31. Preventive Measures against Internet
Pornography
• Sexual education starting before adolescence and puberty
• Active support of youth in exploring the Internet
• Teaching youth not to disclose their identity (e-mail
address, telephone-no. etc.)
• Teaching youth not to respond to hostile, soliciting,
inadequate, or unwanted contacts
• No Internet access in the youth private rooms
• Limiting time youth spend in the Internet
• Installation of filtering/blocking/tracking software
• Caregivers should know online friends of their children
• Keeping children out of chat-rooms or control their
communication
• Counselling and therapy for those with problematic
internet pornography behaviour
32. Fraud
• Any dishonest representation of fact intended
to let another to do or refrain from doing
something which causes loss
• Done by fraudster
33. Some Types of Fraud
• Credit Card Fraud
– Theft and fraud using a credit card or any similar
payment mechanisms a fraudulent source of funds
and transactions
• False Advertising
– use of false or misleading statements in advertising
– Example: Hidden Charges
• Identity Theft
– form of stealing another person's identity in which
someone pretends to be someone else by assuming
that person's identity
34. Internet Fraud
• Purchase fraud
– occurs when a criminal approaches a merchant and
proposes a business transaction, and then uses fraudulent
means to pay for it
– Example: Online auction and retail schemes
• Work-at-home schemes
– A job is offered to work at home, with the fraudster
claiming to represent a real corporation. They must
purchase a software to work there and a money must be
paid via western union. Of course the fraudster keeps the
money, and there is no real job. Victims have called the
company afterwards, but the fraudster never actually
worked for or represented the company.
35. • Dating Fraud
– the con artist develops a relationship with their victim
and convinces them to send money to the fraudster
• Internet marketing and retail fraud
– The victim is tricked, by a legitimate-looking site and
effective marketing, into giving their credit card
information or sending funds by other means in
exchange for what they believe to be goods or
services. The goods never arrive, turn out to be
fake, or are products worth less than those
advertised.
36. • Internet ticket fraud
– A variation of Internet marketing fraud offers
tickets to sought-after events such as
concerts, shows, and sports events. The tickets are
fake, or are never delivered.
• Pharming
– is a hacker's attack aiming to redirect a website's
traffic to another, bogus site.
37. Phishing
• Fraudulent process of attempting to acquire
sensitive information such as username and
passwords and credit card details, by
masquerading as a trustworthy entity in an
electronic communication
39. Spoofing
• The process of deception by which an individual
or system alters its identity or creates additional
entities, thereby causing another person or
system to act incorrectly
• Getting one computer on a network to pretend to
have the identity of another computer, usually
one with special access privileges, so as to obtain
access to other computers on a network
• Example:
– Upload a song over a site, advertise it to be
downloaded, but once download it is non listenable
40. Preventive Measures against Internet
Fraud
• Shipping
– Use postal insurance
– Use package tracking services
– Use a trusted courier that requires the recipient's signature on
delivery
– Suspend the delivery if you become suspicious of fraud
– Don't ship an order until additional identity and payment checking is
complete
• Orders
– Validate all the details of each order
– Keep records of order statistics so you can build up a picture of typical
orders
– If you've identified patterns of fraud, make sure alerts are triggered
when an order fits the pattern
41. • Customers
– Make sure the customer genuinely exists
– Keep records on customers with good purchase
histories and on those you've had trouble with
– Use a means such as AVS (Address Verification
System) to make sure the customer's physical address
is valid
– Make sure both the billing and shipping addresses are
valid, especially if they are different
– Keep records of all contact you have with customers
42. – Use a means such as online phone books to check that
a supplied phone number is valid
– Ensure any email or web addresses are valid and
reputable
– Ring the customer to verify their order
– Make it clear to all customers that orders and
payments will be authenticated before shipping
– Warn customers that their transaction details and
their IP number (Internet address) will be recorded
– Keep records of customer purchases to establish their
typical buying patterns
43. • Credit cards
– If in doubt, ask for an independent copy of the customer's
signature
– Ask the customer to fax the front of their credit card
– Keep a record of credit card numbers you've had problems
with or suspicions about in the past
– Find out the card's issuing bank and country of origin and
make sure they match the information you've been given
by the customer
– Use a means such as CVV2, SecureCode or CID (depending
on the credit card vendor) to help make sure the card
information hasn't been stolen
– Call the issuing bank and verify the customer's details
44. Spam
• Unsolicited sending of bulk emails for
commercial purposes, is unlawful to varying
degrees
• Done using zombie computers
– zombie is a computer connected to the Internet
that has been compromised by a
cracker, computer virus or Trojan horse and can be
used to perform malicious tasks of one sort or
another under remote direction.
45. • It happens in different media:
– Email
– Instant messaging
– Newsgroup
– Forums
– Mobile Phone
– Online game messaging
– Spam targeting search engines
– Blogs
– Guestbook
– Spam targeting video sharing sites
– SPIT (Spam over internet telephony) or VOIP spam
46. Denial of Service
• Act of flooding the bandwidth of the victims
network depriving him the services he is
entitled to access or provide
• Involves flooding of computer resources with
more requests than it can handle causing the
resource to crash thereby denying the
authorized users the service offered by the
resources
47. Threatening / Cyber Bullying
• The criminals sends threatening email or
comes in contact in chat rooms with victim
48. Net Extortion
• the victim is threatened to hand over goods or
property, or else damage to their reputation
or other harm or violence against them may
occur
• Copying the company’s confidential data in
order to extort said company for huge amount
49. Cyber Stalking
• Repeated acts of harassment or threatening
behaviour of the cyber criminal towards the
victim by using internet services
• Harassment
– Following the victim
– Making harassment phone calls
– Vandalizing the property
– Leaving written messages or objects
50. Cyber defamation
• The criminals sends emails containing
defamatory matters on a website
• Defamatory
– Statements that makes a claim, expressly stated or
implied to be factual, that may give anyone a
negative image
51. Cyber Terrorism
• An act of terrorism committed through the
cyberspace
• Example
– Scattering news that there will be a bomb attack
in a location on this date
– Collecting information for ruining peoples live
52. Drug Trafficking
• Drug Traffickers are increasingly taking
advantages of the internet to sell their illegal
substances through encrypted e-mail and
other Internet Technology
• Drug traffickers arrange deals at internet
cafes, and use courier web sites to track their
deals
53. Cyber Warfare
• form of information warfare
• Actions by a nation or state to penetrate
another nation’s computer to cause damage
or disruption
54. IRC Crimes
• Inter Relay Chat servers have chat rooms in
which people from anywhere the world can
come together and chat with each other
• Criminals use it for meeting co-conspirators
• Hackers use it for exploiting
• Paedophiles use it for luring children
55. The modern thief can steal more with a
computer than with a gun. Tomorrow's terrorist
may be able to do more damage with a
keyboard than with a bomb