CYBER CRIME

ABSTRACT

“Cyber” refers to imaginary space, which is created when the electronic devices communicate,
like network of computers. Cyber crime refers to anything done in the cyber space with a
criminal intent. These could be either the criminal activities in the conventional sense or could be
activities, newly evolved with the growth of the new medium. Cyber crime includes acts such as
hacking, uploading obscene content on the Internet, sending obscene e-mails and hacking into a
person's e-banking account to withdraw money.Computer crime, or cybercrime, refers to any
crime that involves a computer and a network, where the computers played an instrumental part
in the commission of a crime. Cyber Crime has nowhere been defined in any statute /Act passed
or enacted by the Indian Parliament.

CHAPTER1

Department of Electronics and Communication ENGINEERING

PDA College of Engineering, Kalaburagi Page 1
 CYBER CRIME

INTRODUCTION

The internet in India is growing rapidly. It has given rise to new opportunities in every field we
can think of – be it entertainment, business, sports or education.
There are two sides to a coin. Internet also has its own disadvantages. One of the major
disadvantages is Cybercrime – illegal activitiy committed on the internet.
The internet, along with its advantages, has also exposed us to security risks that come with
connecting to a large network.
Computers today are being misused for illegal activities like e-mail espionage, credit card fraud,
spams, software piracy and so on, which invade our privacy and offend our senses.
Criminal activities in the cyberspace are on the rise. Here we publish an article by NandinI
Ramprasad in series for the benefit of our netizens. –Ed.
"The modern thief can steal more with a computer than with a gun. Tomorrow's terrorist may be
able to do more damage with a keyboard than with a bomb".
– National Research Council, "Computers at Risk", 1991
What is this Cyber crime? We read about it in newspapers very often. Let's look at the dictionary
definition of Cybercrime:
"It is a criminal activity committed on the internet This is a broad term that describes everything
from electronic cracking to denial of service attacks that cause electronic commerce sites to lose.

Department of Electronics and Communication ENGINEERING

PDA College of Engineering, Kalaburagi Page 2
 CYBER CRIME

HISTORY

• The first recorded cyber crime took place in the year 1820!

• In 1820, Joseph-Marie Jacquard, a textile manufacturer in France, produced the loom.

This device allowed the repetition of a series of steps in the weaving of special fabrics.

• This resulted in a fear amongst Jacquard‘s employees that their traditional employment
and livelihood were being threatened.

• They committed acts of sabotage to discourage Jacquard from further use of the new
technology. This is the first recorded cyber crime!

Department of Electronics and Communication ENGINEERING

PDA College of Engineering, Kalaburagi Page 3
 CYBER CRIME

CHAPTER 2

DEFINITION OF COMPUTER CRIMES:

Experts debated on what exactly constitutes computer crime or a computer related

crime. Even after several years there is no internationally recognized definition of
these terms.

A global definition of computer crime has not been achieved. Computer crime has
been defined as “any illegal unethical or unauthorized behavior involving
automatic processing or transmission of data”.

COMPUTER CRIME is any crime where –

• Computer is a target.

• Computer is a tool of crime

• Computer is incidental to crime

Threats come in two categories:

1.Passive threats.

2. Active threats.

Passive threats:

This involves monitoring the transmission data of an organization.

Here the goal of the assembler if to obtain information that is being transmitted.
Passive threats are difficult to detect because they do not involve alterations of
data. These are of two types:

a. Release of message content.

b. traffic analysis.

Department of Electronics and Communication ENGINEERING

PDA College of Engineering, Kalaburagi Page 4
 CYBER CRIME

Active threats:

These threats involve some modification of data stream or the creation of a false
stream. These are of three types:

a. Modification.

b. Denial of message service.

c. Masquerade.

Department of Electronics and Communication ENGINEERING

PDA College of Engineering, Kalaburagi Page 5
 CYBER CRIME

CHAPTER 3

REASONS FOR CYBER CRIME:

Capacity to store data in comparatively small space - The computer has unique
characteristics of storing data in a very small space. This affords to remove
information either through physical or virtual medium makes it much more easier.

Easy to access- the problem encountered in guarding a computer system from

unauthorized access is that there is possibility of breach not due to human error but
due to the complex technology. By secretly implanted logic bomb, key loggers that
can steal access codes, advanced voice recoders; retina imagers etc. that can fool
biometric systems and bypass firewalls can be utilized to get past many a security
system.

Complex- the computers work on operating system & these operating systems in
turn are composed of millions of codes. Human mind is falliable &is not possible
that there might not be a lapse at any stage. The cyber criminals take advantage of
these lacunas and penetrate into the computer system.

Negligence-Negligence is very closely connected with human conduct. It is

therefore very probable that while protecting the computer system there might be
any negligence, which in turn provides a cyber criminal to gain access and control
over the computer system.

Loss of evidence-Loss of evidence is a very common & obvious problem as all the
data are routinely destroyed. Further collection of data outside the territorial extent
also paralyses this system of crime investigation.

Department of Electronics and Communication ENGINEERING

PDA College of Engineering, Kalaburagi Page 6
 CYBER CRIME

CHAPTER 4

TYPES OF CYBER CRIME:

BLOCK DIAGRAM:

CYBER
CRIMES

HACKING

SALAMI DENIAL OF CREDIT CARD

ATTACKS SERVICE FRAUD
EMAIL BOMBING
AND SPAMMING ATTACKS

COMPUTER
FROGERY

CYBER
STALKING
PHISHING

VIRUS WEB
DISSEMINATION JACKING

Department of Electronics and Communication ENGINEERING

PDA College of Engineering, Kalaburagi Page 7
 CYBER CRIME

HACKING:
In simple words, hacking is an act committed by an intruder by accessing your computer system
without your permission. Hackers (the people doing the ‘hacking’) are basically computer
programmers, who have an advanced understanding of computers and commonly misuse this
knowledge for devious reasons. They’re usually technology buffs who have expert-level skills in
one particular software program or language. As for motives, there could be several, but the most
common are pretty simple and can be explained by a human tendancy such as greed, fame,
power, etc. Some people do it purely to show-off their expertise – ranging from relatively
harmless activities such as modifying software (and even hardware) to carry out tasks that are
outside the creator’s intent, others just want to cause destruction.
Greed and sometimes voyeuristic tendancies may cause a hacker to break into systems to steal
personal banking information, a corporation’s financial data, etc. They also try and modify
systems so hat they can execute tasks at their whims. Hackers displaying such destructive
conduct are also called “Crackers” at times. they are also called “Black Hat” hackers On the
other hand, there are those who develop an interest in computer hacking just out of intellectual
curiosity. Some companies hire these computer enthusiasts to find flaws in their security systems
and help fix them. Referred to as “White Hat” hackers, these guys are against the abuse of
computer systems. They attempt to break into network systems purely to alert the owners of
flaws. It’s not always altruistic, though, because many do this for fame as well, in order to land
jobs with top companies, or just to be termed as security experts. “Grey Hat” is another term
used to refer to hacking activities that are a cross between black and white hacking.

DENIAL OF SERVICE ATTACK:

A Denial of Service (“DoS”) attack is a rather primitive technique that overwhelms the resources
of the target computer which results in the denial of server access to other computers. There are
several different techniques that hackers use to “bring down” a server. As the network
administrators learn how to limit the damage of one technique, hackers often create more
powerful and more sophisticated techniques that force system administrators to continually react

Department of Electronics and Communication ENGINEERING

PDA College of Engineering, Kalaburagi Page 8
 CYBER CRIME

against assaults. In order to understand how to apply the law to these attacks, a basic
understanding of the anatomy of the attacks is necessary This is an act by the criminal,, who
floods the bandwidth of the victim’s network or fills his e-mail box with spam mail depriving
him of the services he is entitled to access or provide.

VIRUS DISSEMINATION:
This category of criminal activity involves either direct or search unauthorized access to
computer system by introducing new programs known as viruses, worms or logic bombs. The
unauthorized modification suppression or erasure of computer data or functions with the Internet
to hinder normal functioning of the system is clearly a criminal activity and is commonly
referred to as computer sabotage.
Malicious code is computer code that is written with the sole intent to cause damage to a
machine or to invade the machine to steal information. The most common forms of malicious
code are viruses, worms, and Trojan programs

VIRUS: (Vital information resources under seize).

Virus is a series of program codes with the ability to attach itself to legitimate programs and
propagate itself to other computer programs. Viruses are file viruses and bootsector viruses.
It attacks the fat so that there is no sequence of file content and it destroys the data content.

WORMS: (Write Once Read Many).They are just added to the files and they do not manipulate. It
differs from a virus in that it does not have the ability to replicate itself.

LOGIC BOMB:
As it involves the programming the destruction or modification of data is at a specific time in the
future.

Department of Electronics and Communication ENGINEERING

PDA College of Engineering, Kalaburagi Page 9
 CYBER CRIME

Why do people Create These Viruses?

 To distribute political message.

 To attack the products of specific companies.

 Some consider their creations to be works of art, and see as a creative hobby.

 Financial gain from identity theft

CREDIT CARD FRAUD:

Intangible assets represented in data format such as money on deposits or hours of work are the
most common targets related to fraud.
Modern business is quickly replacing cash with deposits transacted on computer system creating
computer fraud. Credit card information as well as personal and financial information on credit
card has been frequently targeted by organized criminal crimes. Assets represented in data
format often have a considerably higher value than traditionally economic assets resulting in
potentially greater economic class.

Department of Electronics and Communication ENGINEERING

PDA College of Engineering, Kalaburagi Page 10
 CYBER CRIME

COMPUTER FROGERY:
This happens when data is altered which is stored in documents that are in computerized form.
Computers however can also be used as instruments for committing forgery. A new generation
of fraudulent alteration or duplication emerged when computerized color laser copies became
available.
These copies are capable of high-resolution copying, modification of documents that are even
creating false documents without benefit of original. They produce documents with an equality
that is indistinguishable from original documents.
Experts can only distinguish this

The widespread of computer networks is the need for people with common and shared interest to
communicate with each other. Information can easily be represented and manipulated in
electronic form. To meet the needs of sharing and communicating information, the computers
need to be connected which is called data communication network.

PHISHING:
Phishing, the mass distribution of “spoofed” e-mail messages, which appear to come from banks,
insurance agencies, retailers or credit card companies and are designed to fool recipients into
divulging personal data such as account names, passwords, or credit card numbers.

This a technique of extracting confidential information such as credit card numbers and
username password combos by masquerading as a legitimate enterprise. Phishing is typically
carried out by email spoofing. You’ve probably received email containing links to legitimate
appearing websites. You probably found it suspicious and didn’t click the link. Smart move.

How phishing can net some really interesting catches

The malware would have installed itself on your computer and stolen private information. Cyber-
criminals use social engineering to trick you into downloading malware off the internet or make
you fill in your personal information under false pretenses. A phishing scam in an email message
can be evaded by keeping certain things in mind.

Department of Electronics and Communication ENGINEERING

PDA College of Engineering, Kalaburagi Page 11
 CYBER CRIME

 Look for spelling mistakes in the text. Cyber-criminals are not known for their grammar
and spelling.
 Hover your cursor over the hyperlinked URL but don’t click. Check if the address
matches with the one written in the message.
 Watch out for fake threats. Did you receive a message saying “Your email account will
be closed if you don’t reply to this email”? They might trick you by threatening that your
security has been compromised.
 Attackers use the names and logos of well-known web sites to deceive you. The graphics
and the web addresses used in the email are strikingly similar to the legitimate ones, but
they lead you to phony sites.

Not all phishing is done via email or web sites. Vishing (voice phishing) involves calls to victims
using fake identity fooling you into considering the call to be from a trusted organisation. They
may claim to be from a bank asking you to dial a number (provided by VoIP service and owned
by attacker) and enter your account details. Once you do that, your account security is
compromised. Treat all unsolicited phone calls with skepticism and never provide any personal
information. Many banks have issued preemptive warnings informing their users of phishing
scams and the do’s and don’ts regarding your account information. Those of you reading Digit
for long enough will remember that we successfully phished hundreds of our readers by
reporting a way to hack other people’s gmail accounts by sending an email to a made up account
with your own username and password… and we did that years ago in a story about , yes, you
guessed it, phishing

CYBER STALKING :
Cyber stalking is a new form of internet crime in our society when a person is pursued or
followed online. A cyber stalker doesn’t physically follow his victim; he does it virtually by
following his online activity to harvest information about the stalkee and harass him or her and
make threats using verbal intimidation. It’s an invasion of one’s online privacy.

Cyber stalking uses the internet or any other electronic means and is different from offline
stalking, but is usually accompanied by it. Most victims of this crime are women who are stalked

Department of Electronics and Communication ENGINEERING

PDA College of Engineering, Kalaburagi Page 12
 CYBER CRIME

by men and children who are stalked by adult predators and pedophiles. Cyber stalkers thrive on
inexperienced web users who are not well aware of netiquette and the rules of internet safety. A
cyber stalker may be a stranger, but could just as easily be someone you know.

Cyber stalkers harass their victims via email, chat rooms, web sites, discussion forums and open
publishing web sites (e.g. blogs). The availability of free email / web site space and the
anonymity provided by chat rooms and forums has contributed to the increase of cyber stalking
incidents. Everyone has an online presence nowadays, and it’s really easy to do a Google search
and get one’s name, alias, contact number and address, contributing to the menace that is cyber
stalking. As the internet is increasingly becoming an integral part of our personal and
professional lives, stalkers can take advantage of the ease of communications and the availability
of personal information only a few mouse clicks away. In addition, the anonymous and non-
confrontational nature of internet communications further tosses away any disincentives in the
way of cyber stalking. Cyber stalking is done in two primary ways:

 Internet Stalking: Here the stalker harasses the victim via the internet. Unsolicited email
is the most common way of threatening someone, and the stalker may even send obscene
content and viruses by email. However, viruses and unsolicited telemarketing email alone
do not constitute cyber stalking. But if email is sent repeatedly in an attempt to intimidate
the recipient, they may be considered as stalking. Internet stalking is not limited to email;
stalkers can more comprehensively use the internet to harass the victims. Any other
cyber-crime that we’ve already read about, if done with an intention to threaten, harass,
or slander the victim may amount to cyber stalking.

 Computer Stalking: The more technologically advanced stalkers apply their computer
skills to assist them with the crime. They gain unauthorised control of the victim’s
computer by exploiting the working of the internet and the Windows operating system.
Though this is usually done by proficient and computer savvy stalkers, instructions on
how to accomplish this are easily available on the internet.

Cyber stalking has now spread its wings to social networking. With the increased use of social
media such as Facebook, Twitter, Flickr and YouTube, your profile, photos, and status updates
are up for the world to see. Your online presence provides enough information for you to become
a potential victim of stalking without even being aware of the risk. With the “check-ins”, the
“life-events”, apps which access your personal information and the need to put up just about
everything that you’re doing and where you’re doing it, one doesn’t really leave anything for the
stalkers to figure out for themselves. Social networking technology provides a social and
collaborative platform for internet users to interact, express their thoughts and share almost
everything about their lives. Though it promotes socialisation amongst people, along the way it
contributes to the rise of internet violations.

Department of Electronics and Communication ENGINEERING

PDA College of Engineering, Kalaburagi Page 13
 CYBER CRIME

WEB JACKING:
Web jacking derives its name from “hijacking”. Here, the hacker takes control of a web site
fraudulently. He may change the content of the original site or even redirect the user to another
fake similar looking page controlled by him. The owner of the web site has no more control and
the attacker may use the web site for his own selfish interests. Cases have been reported where
the attacker has asked for ransom, and even posted obscene material on the site.

The web jacking method attack may be used to create a clone of the web site, and present the
victim with the new link saying that the site has moved. Unlike usual phishing methods, when
you hover your cursor over the link provided, the URL presented will be the original one, and
not the attacker’s site. But when you click on the new link, it opens and is quickly replaced with
the malicious web server. The name on the address bar will be slightly different from the original
website that can trick the user into thinking it’s a legitimate site. For example, “gmail” may
direct you to “gmai1”. Notice the one in place of ‘L’. It can be easily overlooked.

Obviously not gmail.com, but still enough people click

Web jacking can also be done by sending a counterfeit message to the registrar controlling the
domain name registration, under a false identity asking him to connect a domain name to the
webjacker’s IP address, thus sending unsuspecting consumers who enter that particular domain
name to a website controlled by the webjacker. The purpose of this attack is to try to harvest the
credentials, usernames, passwords and account numbers of users by using a fake web page with a
valid link which opens when the user is redirected to it after opening the legitimate site.

Department of Electronics and Communication ENGINEERING

PDA College of Engineering, Kalaburagi Page 14
 CYBER CRIME

EMAIL BOMBING AND SPAMMING:

Email bombing is characterised by an abuser sending huge volumes of email to a target address
resulting in victim’s email account or mail servers crashing. The message is meaningless and
excessively long in order to consume network resources. If multiple accounts of a mail server are
targeted, it may have a denial-of-service impact. Such mail arriving frequently in your inbox can
be easily detected by spam filters. Email bombing is commonly carried out using botnets (private
internet connected computers whose security has been compromised by malware and under the
attacker’s control) as a DDoS attack.

This type of attack is more difficult to control due to multiple source addresses and the bots
which are programmed to send different messages to defeat spam filters. “Spamming” is a
variant of email bombing. Here unsolicited bulk messages are sent to a large number of users,
indiscriminately. Opening links given in spam mails may lead you to phishing web sites hosting
malware. Spam mail may also have infected files as attachments. Email spamming worsens
when the recipient replies to the email causing all the original addressees to receive the reply.
Spammers collect email addresses from customer lists, newsgroups, chat-rooms, web sites and
viruses which harvest users’ address books, and sell them to other spammers as well. A large
amount of spam is sent to invalid email addresses.

Email filters cleaning out spam mail

Department of Electronics and Communication ENGINEERING

PDA College of Engineering, Kalaburagi Page 15
 CYBER CRIME

Sending spam violates the acceptable use policy (AUP) of almost all internet service providers.
If your system suddenly becomes sluggish (email loads slowly or doesn’t appear to be sent or
received), the reason may be that your mailer is processing a large number of messages.
Unfortunately, at this time, there’s no way to completely prevent email bombing and spam mails
as it’s impossible to predict the origin of the next attack. However, what you can do is identify
the source of the spam mails and have your router configured to block any incoming packets
from that address.

SALAMI ATTACK:-
In such crime criminal makes insignificant changes in such a manner that such changes would go
unnoticed. Criminal makes such program that deducts small amount like Rs. 2.50 per month
from the account of all the customer of the Bank and deposit the same in his account. In this case
no account holder will approach the bank for such small amount but criminal gains huge amount.

It seems like in the modern age of technology, hackers are taking over our systems and no one is
safe. The average dwell-time, or time it takes a company to detect a cyber breach, is more than
200 days. Most internet users are not dwelling on the fact that they may get hacked and many
rarely change their credentials or update passwords. This leaves many people susceptible to
cybercrime and it’s important to become informed. Educate yourself and others on the preventive
measures you can take in order to protect yourself as an individual or as a business.

Department of Electronics and Communication ENGINEERING

PDA College of Engineering, Kalaburagi Page 16
 CYBER CRIME

CHAPTER 5

PRECAUTIONS TO PREVENT CYBER CRIME:

It seems like in the modern age of technology, hackers are taking over our systems and no one is
safe. The average dwell-time, or time it takes a company to detect a cyber breach, is more than
200 days. Most internet users are not dwelling on the fact that they may get hacked and many
rarely change their credentials or update passwords. This leaves many people susceptible to
cybercrime and it’s important to become informed. Educate yourself and others on the preventive
measures you can take in order to protect yourself as an individual or as a business.

1. Firewalls:
These are the gatekeepers to a network from the outside. Firewall should be installed at every
point where the computer system comes in contact with other networks, including the Internet a
separate local area network at customer’s site or telephone company switch.

2. Password protection:
At minimum, each item they logon, all PC users should be required to type-in password that only
they and network administrator know. PC users should avoid picking words, phrases or numbers
that anyone can guess easily, such as birth dates, a child’s name or initials. Instead they should
use cryptic phrases or numbers that combine uppercase and lowercase.
Letters such as the “Akash66”. In addition the system should require all users to change
passwords every month or so and should lockout prospective users if they fail to enter the correct
password three times in a row.

3. Viruses:
Viruses generally infect local area networks through workstations. So anti-virus software that
works only on the server isn’t enough to prevent infection.
You cannot get a virus or any system-damaging software by reading e-mail. Viruses and other
system-destroying bugs can only exist in files, and e-mail is not a system file. Viruses cannot
exist there. Viruses are almost always specific of the operating system involved. Meaning,
viruses created to infect DOS application can do no damage to MAC systems, and vice versa.
The only exception to this is the Microsoft Word “macro virus” which infects documents instead
of the program.

4. Encryption:
Even if intruders manage to break through a firewall, the data on a network can be made safe if it
is encrypted. Many software packages and network programs – Microsoft Windows NT, Novel
NetWare, and lotus notes among others- offer and – on encryption schemes that encode all the
data sent on the network. In addition, companies can buy stand alone encryption packages to

Department of Electronics and Communication ENGINEERING

PDA College of Engineering, Kalaburagi Page 17
 CYBER CRIME

work with individual applications. Almost every encryption package is based on an approach
known as public-private key. Scrambled data is encoded using a secret key unique to that
transmission. Receiver’s use a combination of the sender’s public key and their own private
encryption key to unlock the secret code for that message decipher it.

5. Never send your credit card number to any site which is not secured.

6. Uninstall unnecessary software.

7.Become vigilant when browsing websites.

8.Flag and report suspicious emails.

9.Never click on unfamiliar links or ads.

10.Use a VPN whenever possible..

11.Ensure websites are safe before entering credentials.

12.Keep antivirus/application systems up to date.

13.Use strong passwords with 14+ characters.

ADVANTAGES:
 It helps automate various tasks that can’t be done manually.
 It helps organize data and information in a better way.
 It has much more computing and calculating power than human.
 It may be the storage of important data and files.

DISADVANTAGES:
 It may damage your study and social life.
 The way it distracts can deviate our thoughts and activities towards unproductive
activities.
 It could cause violation of privacy.

Department of Electronics and Communication ENGINEERING

PDA College of Engineering, Kalaburagi Page 18
 CYBER CRIME

CONCLUSION
The issue of network and Internet security has become increasingly more important as more and
more business and people go on-line. To avoid the information from hackers we use the passwords
secretly and we change the passwords regularly. We cannot use our names, initials as passwords that
are easily traced. We should not download any executable files from unknown sources, information
from any sources without checking for virus. We have to use licensed anti-virus software.

Department of Electronics and Communication ENGINEERING

PDA College of Engineering, Kalaburagi Page 19
 CYBER CRIME

REFERENCES:

1.Gordon, Sarah (July 25, 2006). "On the definition and classification of cybercrime" (PDF).
Retrieved January 14, 2018.

2.Ammar Yassir, S. N. (2012). "Cybercrime: A threat to Network Security." International

Journal of Computer Science and Network Security

3.Árpád, I. (2013). "A Greater Involvement of Education in Fight Against Cybercrime."

Procedia - Social and Behavioral Sciences

4."Distributed Denial of Service Attack". csa.gov.sg. Archived from the original on 6 August 2016.
Retrieved 12 November 2014.

5."Identifying Phishing Attempts". Case. Archived from the original on 13 September 2015.

Department of Electronics and Communication ENGINEERING

PDA College of Engineering, Kalaburagi Page 20