Hacking Phishing Denial of Service Spam Email Spyware, Adware Malware (Trojan, Virus, Worms etc. ) ATM Skimming and Point of Scale Crimes Ransomware

1. Cyber Security

2. Contents
• Introduction
• Categories of Cyber Crime
• Types of Cyber Crime
• Advantages of Cyber Security
• Safety Tips to Cyber Crime
• Latest Cyber Attack

3. Introduction
• The Internet in India is growing rapidly. There are two sides
to a coin. Internet also has it’s own disadvantages is cyber
crime-illegal activity committed on the Internet.
• Crime committed using a computer and the internet to steal a
person’s identity or illegal imports or malicious programs.
Cyber crime is an activity done using computers and the
internet.
• Cyber security refers to the technologies and processes
designed to protect computers, networks and data from
unauthorized access and attacks delivered via the internet by
cyber criminals. Though, cyber security is important for the
network, data and application security.

4. Categories of Cyber Crime
We can categorize cyber crime in two ways:-
The computer as a target: Using a computer to attacks
other computer e.g. Hacking, Virus/Worms attacks, DoS
attack etc.
The computer as a weapon: Using a computer to
commit real world crime e.g. credit card fraud etc.

5. Types of Cyber Crime
• Hacking
• Phishing
• Denial of Service
• Spam Email
• Spyware, Adware
• Malware (Trojan, Virus, Worms etc. )
• ATM Skimming and Point of Scale
Crimes
• Ransomware

6. History of Hacking
• Hacking has been a part of computing for 40 years.
• The first computer hacker emerged at MIT.
• Hacking is began in the 1960s at MIT, origin of the term
“hacker”.
• The true hacker amongst our societies have thirst for the
knowledge.
• Boredom is never an object of challenge for hacker.

7. • While a hacker is really just a clever programmer who is adept
at manipulating or modifying a computer system or computing
network, a malicious hacker is someone who uses their
computer skills to gain unauthorized access to data such as
credit card info or personal pictures, either for fun, profit, to
cause harm or for other reasons.
• Computer hacking refers to manipulating the normal behavior
of a computer and its connected systems. This is usually done
using scripts or programs that manipulate the data passing
through a network connection in order to access information
from the system. Hacking techniques include using viruses,
worms, Trojan horses, ransomware, browser hijacks, rootkits
and denial of service attacks.
What is Hacking?

8. Types of Hacking
• Website Hacking
• Network Hacking
• Ethical Hacking
• Email Hacking
• Password Hacking
• Online Banking Hacking
• Computer Hacking

9. How to Remove Hacking
• Since hacking refers to a method of accessing your computer
system or network, the best way to remove hacks is to use
high-quality anti-hacking software, commonly referred to as
antivirus software, which will scan your computer for any
malicious software and remove it.
How to Prevent Hacking
• Don’t open any attachments sent from suspicious email
addresses
• Never send your banking logins or credit card numbers via
email
• Don’t download unknown software to your computer

10. Spam Email
• Email Spam is the electronic version of junk mail. It involves
sending unwanted messages, often unsolicited advertising, to a
large number of recipients. Spam is a serious security concern
as it can be used to deliver Trojan horses, viruses, worms,
spyware, and targeted phishing attacks.

11. Ways to Reduce Spam
• Delete junk e-mail messages without opening them.
• Don’t reply to spam.
• Don’t give personal information in an e-mail or instant
messages.
• Think twice before you open attachments or click links in
e-mail or instant messages.
• Don’t forward chain e-mail messages.

12. You Should:
• Report abusive, harassing, or threatening e-mail
messages to your internet service provider.
• Report phishing, scams and other fraudulent e-mail to
the company that has been misrepresented.

13. What is Phishing?
• Phishing is a fraudulent attempt, usually made
through email, to steal your personal information.
• Phishing is attempt to obtain sensitive information
such as username, password and credit card details
(and sometimes, indirectly, money), often for
malicious reasons through an electronic
communication (such as Email).

14. Phishing Motives
• Financial gain: Phishers can use stolen banking
credential to their Financial benefits.
• Identity hiding: Instead of using stolen identities
directly, phishers might sell the identities to others
whom might be criminals seeking ways to hide
their identities and activities (e.g. purchase of
goods).
• Frame and notoriety: phishers might attack
victims for the sake of peer recognition.

16. Types of Phishing Attacks
• Deceptive Phishing
The common method is deceptive phishing is E-mail.
Phishers sends a bulk of deceptive emails which
command the user to click on link provided.
• Malware-Based Phishing
Running malicious software on the other’s machine.
Key-Loggers & Screen-Loggers
Session Hijackers

17. • DNS-Based Phishing
It is used to Pollute the DNS Cache with Incorrect
Information which directs the user to the other
location.
 This type of phishing can be done directly when
the user has a misconfigured DNS cache.
• Content-Injection Phishing
In this attack, a malicious content is injected into a
legitimate site.
This malicious content can direct the user to some
other sites or it can install malwares on the
computers.

18. Anti-Phishing Tools
• NET Craft
It alert the user when connect to the phishing sites.
When a user connects to a phishing site it block the
user by showing a warning sign.
It traps suspicious URLs in which the character
have no common purpose other than to deceive the
user.

20. • Threat Fire
Threat Fire provides behavior based security
monitoring solution protecting unsafe system.
It continuously analyses the programs and
processes on the system and if it find any
suspicious actions.
It can be used with the normal antivirus programs
or firewall which adds an additional level of
security of the system.

22. Other Anti-Phishing Tools
• Spyware Doctor
• Phish Tank Site Checker
• Spoof-Guard
• Trust-Watch Toolbar
• Adware Inspector

24. How to Avoid Phishing Attack
• Don’t click on links, download files or open
attachments in emails from unknown senders.
• Never email personal or financial information, even if
you are close the recipient.
• Check your online accounts and bank statements
regularly.
• Do not divulge personal information over the phone
unless you initiate the call.
• Verify any person who contacts (phone or email) you.

25. Popular Examples of Phishing
Attack

27. Phishing Attack Email Example

28. What should I be Aware of When
Receiving a Suspicious Email?
• Look for the following clues:
Misspelled word, unprofessional tone, bad grammar
or other problems with content.
• Other things to look for:
They are asking you to verify your confidential
information, will hold you liable if you don’t respond,
telling you that the account will be closed if you don’t
respond, etc. All these are signs of a phishing
message.

29. Denial of Service
• This is an act by the criminals who floods the Bandwidth of the
victims network.
• In the DoS attack, a hacker uses a single internet connection to
either exploit a software vulnerability or flood a target with fake
request-usually in an attempt to exhaust server resources.
• On the other hand, DDoS attacks are launched from multiple
connected devices that are distributed across the internet.
• DoS = When a single host attacks.
• DDoS = when multiple hosts attack simultaneously and
continuously.

30. Types of DDoS Attack
• There are mainly two kinds of DDoS attack:
1) Typical DDoS attack
2) Distributed Reflector (DRDoS) DoS attack
• Typical DDoS Attacks:

31. • DRDoS Attacks:

33. Tools Which Used for DDoS
Attack
• LOIC (Low Orbit Ion Cannon)
• Silent-DDOSer
• PHP DOS
• JANIDOS

36. Common DoS Attacks
1) SYN flooding
2) PING flood
3) Ping of death
4) Teardrop attack
5) Smurf attack
6) Spoofing attack

37. Phases in the DDoS Attack
• Step 1:
Recruiting of slave/zombie machines
e.g.: using pirated software, unknown links, untrusted sites
etc.
When a computer has become a zombie it has the code to
infect other computers to which it is connected.
• Step 2:
Discovering the vulnerability of the target (using small scale
attacks before the actual attack).
This is done to check whether the target has taken any
precautionary measures or not.

38. • Step 3:
Sending the attack instructions to the slaves.
This usually done using IRC or Internet Relay Chats or
by other forms of communication between the attacker
i.e. maker of the botnet and the virus which is present
in a zombie computer.
• Step 4:
Attack
On getting the instruction to attack, all the zombie
computers start sending messages simultaneously and
continuously to the target server. The server tries to
reply to all requests but after sometimes server gets
overpowered and it crashes.

39. Aftereffect
After a website’s server has been hit by a DDoS
attack all the other legitimate user who want to use
the website are denied access to it and they see a
timeout error as follows:

40. How do We Avoid the DDoS
Attack?
• Install & maintain anti virus.
• Install a firewall.
• Configure the firewall to restrict incoming &
outgoing traffic.
• Follow good security practices for distributing your
email address.
• Applying email filters may help you manage
unwanted traffic.

41. Spyware & Adware
• Both are independent programs that can be
automatically installed when you surf the
internet or when you install free software.
• Most adware is spyware in a different sense
than “advertising supported software”, for a
different reason: it displays advertisements
related to what it finds from spying on you.

42. What is Spyware?
• Spyware – is computer software which is installed
surreptitiously on a personal computer; it takes partial
control over the user’s computer, without the user’s
informed consent.
• Collect various types of personal information – such
as Internet surfing habits, visited sites, can also
interfere installing additional software and redirecting
Web browser activity.
• Spyware is known to change computer settings,
resulting in slow connection speeds, loss of Internet
or functionality of other programs.

43. Common Spyware Forms
• Browser session hijacking
• Browser helper objects
• Cookies and web bags
• False antispyware tools
• Autonomous spyware
• Bots

44. What is Adware?
• Adware or advertising – supported software is any
software package which automatically plays, displays
or downloads advertisements to a computer after the
software is installed on it or while the application is
being used.
• Comes in the forms of popups and unexplained
advertising programs on your computer.
• Advertising companies hope to generate money from
customers who receive the popups or unexplained
programs on their computers.

45. Well-Known Adware Programs
• 123 Messenger
• AOL Instant Messenger
• DivX
• Micro Antivirus
• RealPlayer
• Zango

46. How to Detect that your Computer
has Spyware or Adware
• Continuous popups.
• Persistent change in your homepage.
• Slower computer processing, takes the
computer longer to process or startup.

47. Extreme Symptoms of Spyware
or Adware
• The spyware program is rarely alone on a computer:
an affected machine usually has multiple infections.
• Internet browser does not start up.
• Parts of your computer you cannot access without
freezing.
• Major core data is lost or changed.

48. What Programs are there to Help
Get rid of Spyware/Adware?
• Spybot search and destroy
• Spy sweeper
• Symantee Antivirus
• Ad – aware 6.0

49. • Spyware is often bundled with other software or
downloads on file-sharing sites (e.g., sites where you
download free music or movies), or is installed when
you open an email attachment.
• Antivirus software can find and remove any spyware
on your computer, since these usually include anti-
spyware protection as well as spyware removal tools.
• Just like spyware, adware is most often built into free
software, but can also be installed on your browser or
operating system through a security hole.

50. How to Prevent Spyware
• Use antivirus and anti-spyware software.
• Ensure that your browser, operating system, and
software have the latest updates and security patches.
• Set your browser security and privacy levels higher.
• Use extreme caution if you frequent file-sharing sites.
• Don't click on pop-up ads.

51. How to Prevent Adware
• Use an antivirus with an adware cleaner.
• Ensure that your browser, operating system,
and software have the latest updates and
security patches.
• Turn on a firewall when using the Internet.

52. Recommendations
• Do not download unnecessary software from the
internet, especially free ones because they most likely
have adware or spyware inside them.
• If a download screen appears, asking you to confirm
your download, click no if you are not trying to
install anything.
• Avoid clicking advertised popups especially ones that
mention “free” stuff if possible.

53. • Some adware/spyware files like to hide in the
temporary internet folders.
• Disable saving of temporary files by going to
Program Files, Control Panel, Network and Internet
Connections, Internet Options, Temporary Internet
File Settings, Check Never under “Check for Never
Version of Stored Pages”.
• Constantly delete old temporary files and cookies by
going to Program Files, Control Panel, Network and
Internet Connections, Internet Options, Delete
Cookies and Delete Temporary Files.

54. • Remember though, adware and spyware can be tricky,
no matter how cautious you are, there are bound to be
adware or spyware programs that install into your
computer.
• Always constantly scan your computer for adware
and spyware and keep your Adware/Spyware killer
programs fully updated at all times.

55. • Malware refers to any type of malicious software that tries to
infect a computer or mobile device. Hackers use malware for
any number of reasons such as, extracting personal
information or passwords, stealing money, or preventing
owners from accessing their device. You can protect yourself
against malware by using anti-malware software.
• Malware (short for “malicious software”) is considered an
annoying or harmful type of software intended to secretly
access a device without the user's knowledge. Types of
malware include viruses, trojan horses, worms, ransomware.
Malware

56. Where Malware Comes from
• Malware most commonly gets access to your device
through the Internet and via email, though it can also
get access through hacked websites, game demos,
music files, toolbars, software, free subscriptions, or
anything else you download from the web onto a
device which is not protected with anti-malware
software.

57. How to Recognize Malware
• A slow computer is often a sign that your device may
be infected with malware, as are pop-ups, spam, and
frequent crashes. You can use a malware scanner
(which is included in all malware removal tools) to
check if your device is infected.

58. • Most people have heard of computer viruses and know that
they can do significant damage to our computers. Not only
should you be aware of what viruses are, but you should also
know why it’s important to protect yourself with antivirus
software.
• A computer virus is a program or piece of code that is loaded
onto your computer without your knowledge or permission.
Some viruses are merely annoying, but most viruses are
destructive and designed to infect and gain control over
vulnerable systems. A virus can spread across computers and
networks by making copies of itself, just like a biological virus
passes from one person to another.

59. Where a PC Virus Comes from
• Computer viruses are usually hidden in a commonly
used program, such as a game or PDF viewer, or you
may receive an infected file attached to an email or
from another file you downloaded from the Internet.
As soon as you interact with the file (run the
program, click on an attachment or open the file), the
virus runs automatically. The code can then copy
itself to other files and make changes on your
computer.

60. How to Prevent Viruses
• Avoid programs from unknown sources.
• Don't open attachments from unsolicited email or
in Facebook.
• Only download apps from Google’s official
Android Market.
• Regularly scan your devices with a virus scanner,
and remove all detected viruses using virus
removal software.

61. • A Trojan Horse is a type of malware that pretends to be
something useful, helpful, or fun while actually causing harm
or stealing data. Trojans are often silently downloading other
malware (e.g. spyware, adware, ransomware) on an infected
device as well. One of the most dangerous Trojans is Zeus.
Where a Trojan Comes from
• Trojan viruses often are spread via an infected email
attachment or a download that hides in free games,
applications, movies or greeting cards.

62. Some Well Known Trojan
• Net Bus
• Beast
• Sub Seven
• BOXP

63. How to recognize a Trojan virus
• Your computer will often slow down because of the burden on
the processor. The best way to identify if you have been
infected is to use a Trojan scanner, found in any Trojan
removal software.
How to prevent Trojan viruses
• Avoid opening unknown files attached to email. These have
extensions such as .exe, .vbs, and .bat.
• Maintain up-to-date antivirus protection, preferably with a
firewall.

64. RATS- Remote Access Trojans
• This is a trojan that infects your computer the same way a
trojan horse does, but it lets a criminal view, change,
monitor, record or control your computer through your
internet connection.
They can:
• Expose you to scams by making your computer think that
a fraudulent website is actually a website your trust,
therefore gaining access to your password and other
information that will allow the criminal to steal your
money or identity.

65. • Find your files and view, copy, alter or delete them.
• Create pop-ups/capture video and audio and send to
criminal PC.
• Record your typing and send the information to another
computer.
• Run or end a program, process or connection on your
computer.
• Use your computer as part of a Zombie Army or BOT.

66. • Worms unlike viruses do not need the host to attach
themselves. They merely make functional copies of
themselves and do this repeatedly till they eat up all
the available space on the computer’s memory.
Where a Worm Comes from
• Common ways of transmitting worms include
attachments, file-sharing networks and links to
malicious websites.

67. How to Recognize a PC Worm
• Because worms consume a large amount of system
memory or network bandwidth, servers, network servers
and individual computers often stop responding.
How to Prevent Computer Worms
• Be careful with file-sharing networks and suspicious
attachments and/or links.
• Maintain up-to-date antivirus protection, preferably with a
firewall.

68. How to Prevent Malware
• Use powerful antivirus and anti-malware software.
• Don't open email attachments from unknown or unexpected
sources.
Use Anti-Malware to Protect Yourself
• There is no better way to recognize, remove and prevent
malware than to use an antivirus & anti-malware tool.

69. ATM Skimming and Point of Scale
Crimes
• It is a technique of compromising the ATM machine by
installing a skimming device a top the machine keypad to
appear as a genuine keypad or a device made to be affixed
to the card reader to look like a part of the machine.
• Additionally, malware that steals credit card data directly
can also be installed on these devices. Successful
implementation of skimmers cause in ATM machine to
collect card numbers and personal identification number
codes that are later replicated to carry out fraudulent
transaction.

71. Methods of card skimming
1) Hidden Card Reader
2) Petrol Station pumps where cards are accepted
3) Point of sale machines
4) Contactless Smart card readers

72. What is Ransomware?
• Ransomware is a type of malware that attempts to extort
money from a computer user by infecting and talking
control of the victim’s machine, all the files or documents
stored on it.
• Typically, the ransomware will either ‘lock’ the computer
to prevent normal usage, or encrypt the documents and
files on it to prevent access to the saved data.

73. How do Criminals Install
Ransomware?
• Ransomware generates a pop-up window, webpage, or
email warning from what looks like an official authority.
• Ransomware is usually installed when you open
 A malicious email attachment
 Click malicious link
 an email message
 an instant message
 on social networking site
• Ransomware can even be installed when you visit a
malicious website.

74. Types of Ransomware
• Encryption Ransomware
• Lock Screen Ransomware
• Master Boot Record Ransomware

77. As shown above that is the opening image of the Wannacry
ransomware when your system has been infected by that particular
ransomware.

78. As shown above in the image when your system has been infected by
Petya variant you can probably see how they ask for bitcoins to decrypt
your data .

80. When is Ransomware Successful?
• To be considered successful, an attack must:
1. Take control of a system or device.
2. Prevent access to the device and its data to some
degree.
3. Inform the user that the device is being held for
ransom along with a price and a method of
payment.
4. Accept payment from the user.
5. Return full access to the device once payment is
received.

81. How to prevent ransomware?
• Keep all of the software on your computer up to date.
• Make sure automatic updating is turned on to get all the latest
Microsoft security updates and browser-related components
(Java, Adobe and the like).
• Keep your firewall turned on.
• Don’t open spam email messages or click links on suspicious
websites. (CryptoLocker spreads via .zip files sent as email
attachments, for example. )

82. • Download Microsoft Security Essentials, which is free, or
use another reputable antivirus and anti-malware
program.
• If you run Windows 8 or Windows RT, you don’t need
Microsoft Security Essentials.
• Scan your computer with the Microsoft Safety Scanner.
• Keep your browser clean.
• Always have a good backup system in place, just in case
your PC does become infected and you can’t recover your
files.

83. Identify the Ransomware
Most commonly, ransomware is saved to one of the
following locations:
• C:Programdata(random alpha numerics).exe
• C:Users(username)0.(random numerics).exe
• C:UsersUsernameAppData(random alpha
numerics).exe

84. Removal-Microsoft Procedure
The following Microsoft products can detects can
detect and remove this threat:
• Windows Defender (built into Windows 8)
• Microsoft Security Essentials
• Microsoft Safety Scanner
• Windows Defender Offline

85. Advantages of Cyber Security
• It will defend us from hacks and virus. It helps us to browse
the safe website.
• Internet Security process all the incoming and outgoing data
on our computer.
• The cyber security will defend us from critical attacks.
• The application of cyber security used in our PC needs
update every week.
• The security developers will update their database every
week once. Hence the new virus also detected.

86. Safety Tips to Cyber Crime
• Use Antivirus Software.
• Insert Firewalls.
• Uninstall unnecessary software.
• Maintain backup.
• Check security settings.
• Never give your full name or address
to strangers.
• Learn more about the internet privacy.