Course: E-commerce and Cyber Laws

Internal Assignment for December 2016 Examinations

Q1. With technology it is possible to shop for grocery by staying within the
confines of ones home. Online grocery is gaining foothold in India. Many online
grocery apps are available such as Bigbasket, Grofers, ZopNow, and AaramShop, to
name a few. A segment of Indian users are very comfortable with using this mode to
avail their daily supplies, whereas a few prefer the conventional style of shopping.
Highlight the reasons for the Indian consumers acceptance of online grocery shopping
and mention the reasons for the failure of the adoption of the same by a segment of
Indian users.
Ans. Online purchasing has become a new and innovative way for people to buy products;
more people are staying indoors and instead ordering the items they need online. In the last
couple of years the food and grocery industry has leapt onto the web with experts claiming it
has changed beyond recognition with more people choosing to order their groceries online
than to head to their local supermarkets.
Though online shopping is a growing trend. Its convenient and can be fitted around busy
lives. However when it comes to grocery shopping in particular, theres a nagging worry for
some people about the quality and freshness of the food that will be delivered.
It can be difficult deciding where to shop when buying products online; this can become even
harder when buying groceries. With the ever increasing list of competitors on the market each
one is looking for a better reason for you to shop with them; from next- minute deliveries
farm fresh quality produce to meals already prepared and ready to eat. It can be confusing
and daunting for someone who has never shopped online to decide which one of these
companies should deserve your money.
Before looking into the various companies trying to sell us their services we should look at
the advantages and disadvantages of shopping online and the things we should look out for
when choosing what website to purchase groceries from.
Lets face it- going to the grocery store is a major time drain. When you add it all up, a trip
to the store can easily take an hour or two out of your day. But we all need to eat, right?
The following are the reasons why there is growing acceptance of online grocery
shopping among Indian user are:

It saves time: if you are pressed for time, visiting a grocery store is not an ideal
choice. Going with a grocery delivery service means you never have to set foot in a
store, leaving you more time to work, enjoy your family, and even take a few minutes
for yourself.
Delivery to your front door: the main reason for shopping online! Sometime it isnt
easy to get to the nearest supermarket or being constantly on the go makes it difficult
to find time to buy groceries; delivery services will drop off your order to your front
door step at a time of your convenience.

No unwanted luxury purchases: its far too easy to do; youre walking around the
shop grabbing all the items you need and suddenly a chocolate cake, packet of
biscuits, and sausage rolls have somehow found their way into your trolley.
Find everything you need: search engines on websites make it much easier to find
items quickly; typing in the name or brand of a product will show you all relevant
products making it find exactly what you need.
Busy shops can be overwhelming: customers can sometimes make shopping feel
like an obstacle course. Shopping online saves all the hassle of navigating a busy
supermarket and waiting in line to pay; once you have found everything you need
youre ready to pay.
Price checking and shopping online can be cheaper: websites such as money
supermarket compared prices of items against all the big major supermarket helping
customers to find the best prices of items against all the big major supermarkets
helping customers to find the best place to shop; deals and other promotions are also
shown so you never miss you on the bargain!
Saves on transportation costs: when you are working away from home, you simply
scheduled your time to swing by the grocery store on the way home from work.
Sometimes while buying a grocery you forget some items and you have to make an
extra trip to supermarket. But online grocery has help to save extra trip, queuing and
parking hassles.
Stay organised: on grocery website you get a standardized grocery shopping list.
And can calculate how often we buy apples ad how many pounds of bananas you
purchase in a month. Most of online grocery shopping services keep track of your
orders. You can also schedule when your groceries get delivered so you can be there
when they arrive. Plus, its just easier to compare prices.
Save pain: while taking a baby out in hot and humid weather isnt actually painful, it
is rather unappealing. But there are people who do find grocery shopping painful.
Imagine navigating a parking lot, a cart through aisles, lifting heavy food items,
reaching up or bending down if youre in pain. Having the groceries delivered to your
door would be more luxury.
24/7 service: the big advantage of ordering groceries online is that you can browse
the virtual shopping aisles 24/7 without leaving the comfort of your sofa. Many sites
have an online assistant that is able to gibe automated answers to the most common
problems. The very best grocery websites also have online chat facilities that allow
you to interact with real person so that you can sort out any ordering problems
immediately.
In spite of all these advantages many users have failed to adopt online grocery
shopping for the following reasons:

Sometimes you cant get what you want: companies notify you if the product you
want is out of stock but stock may also run out after you have ordered, whilst this can
be annoying most companies try and substitute your desired items for something of
similar price and quality.

You cant personally look the items: shopping online wont allow you to check the
quality of your product however companies always try to deliver products to a high
standard.
Delivery charges can be expensive: orders delivered at home can be expensive; most
supermarkets reduce their delivery charge once orders go over a certain prices, this
encourages customers to order a bigger hop online to avoid the higher delivery costs
and ensure you get the most out of your money. Websites that offer a same day
delivery scheme may also charge more for the service so its better to plan ahead.
No social interaction: grocery shopping via the web is virtually anonymous activity.
You have no human contact with store staff or other customers. Nor can you have any
accidental meetings with old friends or love- at- first- sight encounters over the
shopping trolley.
Quality and freshness of food: somebody else choosing your individual fresh items
for you such as fruits and vegetables will never seem as good as if you had personally
picked out the best in store yourself.
Ordering: you need to feel confident about navigating online. Some grocery store
websites are poorly designed and searching for a specific items is not always easy.
Having said that, the stores are responding to customer feedback and improvements
are being made to their websites all the time.

Q2. Data that can be used by hackers holds more value than any other kind of
precious jewels. Hackers have realised this, and thus are now targeting
individuals bank records. These reveal important information and personal
identities of the customers. What are the certain measures that can be taken to
avoid cybercrimes plaguing the digital landscape today?
Ans. Banks, financial institutions, vendors, merchants, and all organizations involved
in online merchandising are finding an increased need to ensure their transaction are
secure. It is equally important for their clients to secure their equipment themselves.
Hackers, like all other predators will attack the weakest prey.
In the todays hectic life we cant afford spending our time waiting in the long queue
at the bank. But getting hacked is an unfortunate on the internet today. The use of
credit or debit card, bank online or make any kind of electronic financial transaction
has made our life easier though some risk are attached to it. That is, personal
information or money could be stolen. Pretty much everyone is exposed to threat. The
data is breached by hackers, where many of financial misdeeds begin, have become
common. The cold hard truth is that if you want to stay 100% digitally secure, then
stay off the internet. But its not all doom and gloom- by using some simple, yet
effective security measures, you can make any hackers dream of getting into your
accounts, an absolute nightmare.
It is not sufficient to rely on the bank authentication procedures to secure online
transactions. Many exploits make use of a simple keystroke logger and remote access
to allow a direct connection to a computer that is already trusted on the bank
website. Others exploits allow users to piggyback onto a users secure connection and
remain connected after he or she log off. The need for increased security protocols
exists not only with the bank or the business; it lies at the consumer lever as well.

Here are some recommendations:

o Review bank statement for accuracy
o Never disclose a debit or credit card PIN in e-mail or on the phone
o Be suspicious of strangers who ask for personal information by e-mail or
phone
o If youre asked to provide your social security number or other confidential
information, make sure you know who wants the information and why.
o Be wary of e-mail attachments and free software
o Dont use part of your social security as a PIN.
o Think before you download apps, dont click on the links or reply to email
that might be harmful or fraudulent
o Keep your laptop or mobile devices operating system and internet browser up
to date
o Dont store passwords, your social security or other sensitive information on
your smartphone

o Be aware of your surroundings when you bank online and watch out for
shoulder surfers, people who hover nearby and observe your information
without your knowledge
o Keep up with patches and maintain the latest updates for your antivirus
software
o Install an inclusive firewall program that can pinpoint unauthorized programs
attempting to transmit data over the internet
o Check your business balance on a daily basis and use the bank by phone
option; it provides sufficient details and is more difficult to hack
o Change your online banking passwords several times throughout the year.
Make sure your login is a long mix of numbers and letters, capitals and lower
case.
o Use your smartphones passcode or fingerprint unlocking feature if available
o Set up bank account notifications that can alert you to fraudulent activity
o Dont post information to social media that could be used to guess your
passwords or answers to your security questions. Examples includes
birthdates, anniversary dates, your mothers maiden name your pets names
and the type of cars you drive.

Beware of public Wi-Fi: there are simple ways to prevent data loss via public Wi-Fi.
Check its legitimate. Its easy for hackers to set up a fake Wi-Fi network that looks
like an official one. Before signing up to any Wi-Fi, the best way to check if the
network name is legitimate is by asking an employee of the place youre in.
Forget the network: once you have finished browsing on a Wi-Fi, log off all services
you were using and then ask the device to forget the network so it doesnt
automatically join next time youre in range.
Turn off your Wi-Fi: make sure you disable WI-FI when youre not using it. This
prevents your device joining any rough networks automatically without you noticing.
Look after your passwords: its good practice to change all passwords regularly and
not use the same passwords across many different services. There are password
managers available online that help manage them all. There are also services that
support two- factor authentication, allowing you to add two levels of password
protection on services such as Gmail, twitter and Facebook.
Check the lock: if the website is secure it displays the green lock sign by it. This is
otherwise known as HTTPS, and it encrypts the data that passes from your device to
the internet server, meaning any hackers cant decipher your private information.
Apps can be dodgy: download the app from the banks website, not from an app
store. Some apps stores may have been infiltrated by hackers who can upload fake
apps that look nearly identical to the real ones. Also always check permissions on the
apps before installing and make sure they arent accessing unnecessary information.
For example, a drawing app should not have access to your contacts list or your
network info.
Smart passwords: banks online system requires a username and password. Its
essential for security reasons that you create a unique passwords and update it often.

Use something thats not easy to guess and that contains maybe some capital letters,
some numbers and a special symbol to make it even harder.
Use a separate email address for password recovery: most websites have a forget
password link on their login page, so that you can reset your password in the event of
losing it. They usually do this by emailing you a unique link that you can use to reset
your password.
But what if hackers somehow get into your main email account, then try to send
themselves password recovery emails, so that they can get into all if your others
account? Your strong, unique passwords are pretty useless now.
But all is not lost, you can set up a second email account and use that for password
recovery. So even if a hacker does get into your main email account, they wont be
able to access anything else.

Q3. A) Cyber loafing is term which means that employees indulge in multifarious
non-work related activities during work hours such as indulging in online
messengers, online shopping, checking non- work related emails during work
hours, to name a few. Whilst these acts may seem very innocuous, they expose
the organisations IT infrastructure to a plethora of risks. As the Chief
Information Security Officer (CISO), identify the risks that these activities can
bring and suggest how will you ensure that these risks are alleviated?
Ans. Theres no question the internet has been a boon to many companies, making
them
more efficient and organised. Emails have replaced memos, and employees separated
by oceans can strike up a conversation in seconds. But all that easy online access
comes with a downside: cyber loafing, or employees goofing off on the internet
during work hours, searching for apple pie recipes, updating their Facebook status, or
sending personal emails, etc. this uniquely modern form of workplace slacking is both
costly and difficult to spot, because employees can appear to be hard at work when
theyre actually wasting time. It was found that employees often spend up to 56% of
their time online doing non-work related activities like shopping, online gambling,
and social networking. Only 48% of companies use website blocking/ employer
productivity programs. Cyber loafing costs $4500 per year, per employee. The
companies are suffering from significant financial and productivity losses due to
employees inappropriately using their internet access during working hours. It is also
found that companies found themselves in the middle of a costly and embarrassing
lawsuit because an employee posted something inappropriate online or downloaded a
virus.
Self-regulatory approach focuses on an individuals inherent desires to follow the rules.
Coercive strategies, on the other hand, are linked to extrinsic motivational models of
employee behaviour, in which employee act rationally by weighing the benefits and costs of a
decision.

Educating and informing: no methods can be effective unless they are adequately
managed and translated into the improvement of awareness or perception of their
values. Awareness of the negative consequences of the behaviour diminishes habit
strength. That is, some degree of self- control can be restored simply by making
individuals aware of the extent of their involvement with a habitual activity and
linking its performance to potential negative outcomes, such as missed deadlines and
negative employee evaluations
Computer use policies: to reduce the negative effect of cyber loafing as well as
maintaining the positive ones, managers should develop and implement clear policies
related to the use of the internet at work. A clearly articulated internet policy
notifying employees about the potential risk may reduce their intention to abuse
internet.
Monitoring: electronic monitoring systems may be used to combat cyber loafing
behaviours of employees in the workplace. It is found that monitoring mechanisms
that either track or deny access to sites along with monitoring emails reduced cyber
loafing.
Influencing individual ethical perceptions: an open dialogue and increased
employee training, presenting both the employee and employer side of the issues, will
increase awareness and help employees personally define the legal and ethical line

between use and abuse of the internet. Establishing written policies and offering
employee training on those polies will help to raise ethical awareness of employee
and employer issues related to internet acceptable use policies.
Punishment: control systems are ineffective in deterring cyber loafing unless being
followed up by punitive consequences. It is found that the individuals that were
aware of others receiving punishment for cyber loafing had a lower propensity to
cyber loaf. However, punishment alone is not effective either. It becomes effective
only when control systems detecting evidence of cyber loafing are highly present.

B) In todays wold, every individual leaves behind a digital footprint. This could be
while browsing the internet, using social networking sites, checking emails etc. how
do you think dis information is used by the hacker to his advantage? Mention any
three such examples to support your answer.
Ans. Cyber-crime is an evil having its origin in the growing dependence on computers in
modern life. In a day and age when everything from microwave ovens and refrigerators
to nuclear power plants is being run on computers, cybercrime has assumed rather
sinister implications. Major Cybercrimes in recent past include the Citibank rip off. US $
10 million were fraudulently transferred out if the bank and into a bank account of
Switzerland. A Russian hacker group led by Vladimir Kevin, a renowned hacker,
perpetrated the attack. The group compromised the banks security system. Vladimir was
allegedly using his office computer at AO Saturn, a computer firm in St. Petersburg,
Russia, to break into Citibank computers. He was finally arrested on Heathrow airport on
his way to Switzerland.
The acts wherein computer is a tool for an unlawful act. This kind of activity
usually involves a modification of a conventional crime by using computers are:

Financial crimes: this would include cheating, credit cards frauds, money
laundering, etc. to cite a recent case, a website offered to sell Alphonso mangoes
at a throwaway price. Distrusting such a transaction, very few people responded
to or supplied the website with their credit card numbers. These people were
actually send the Alphonso mangoes. The word about this website now spread
like wildfire. Thousands of people from all over the country responded and
ordered mangoes by providing their credit card numbers. The owners of what
was later proven to be a bogus website then fled taking numerous credit card
numbers and proceeded to spend huge amounts of money much to the chagrin of
the card owners.
Cyber pornography: this would include pornographic websites; pornographic
magazines produced using computers (to publish and print the material) and the
internet (to download and transmit pornographic pictures, photo, writings, etc.).
Recent Indian incidents revolving around cyber pornography include the Air
force Balbharati school case. A student of the Air Force Balbharati School,
Delhi, was teased by all his classmates for having a pockmarked face. Tired of
the cruel jokes, he decided to get back at his tormentors. He scanned
photographs of his classmates and teachers, morphed them with nude
photographs and put them up on website that he uploaded on to a free web
hosting service. It was only after the father of one of the class girls featured on
the website objected and lodged a complaint with the police that any action was
taken.

In another incident, in Mumbai a Swiss couple would gather slum children and then
would force them to appear for obscene photographs. They would then upload these
photographs to websites specially designed for paedophiles. The Mumbai police
arrested the couples for pornography.

Sale of illegal articles: this would include sale of narcotics, weapons and
wildlife etc., by posting information on websites, auction websites, and
bulletin boards or 167 simply by using email communication. E.g. many of
the auction sites even in India are believed to be selling cocaine in the name
of honey.
Online gambling: there are millions of websites; all hosted on the server
abroad, that offer online gambling. In fact, it is believed that many of these
websites are actually fronts for money laundering.
Intellectual property crimes: these include software piracy, copyright
infringement, trademarks violations, theft or computer source code etc.
Email spoofing: a spoofed email is one that appears to originate from one
source but actually has been sent from another source. E.g. Pooja has an
email address pooja@asianlaws.org. Her enemy, Sameer spoofs her e-mail
and sends obscene messages to all her acquaintances. Since the e-mails
appear to have originated from Pooja, her friends could take offence and
relationships could be spoiled for life.

In spite of these, there are Forgery, cyber defamation, cyber stalking email
bombing, data diddling, salami attacks, virus/ worm attacks, logic bombs,
Trojan attacks, and internet time theft, web jacking etc. done by hackers.