Ch-1 Introduction To Cyber Crime

Ch-1 Introduction to Cyber Crime
Cyber Crime and Information Security:

The crime that involves and uses computer devices and Internet, is known as cybercrime.
Cybercrime can be committed against an individual or a group; it can also be committed against
government and private organizations. It may be intended to harm someone’s reputation,
physical harm, or even mental harm.
Cybercrime can cause direct harm or indirect harm to whoever the victim is.
However, the largest threat of cybercrime is on the financial security of an individual as well as
the government.
Cybercrime causes loss of billions of USD every year.
Types of Cybercrime:
Let us now discuss the major types of cybercrime −
Hacking:
It is an illegal practice by which a hacker breaches the computer’s security system of someone
for personal interest.
Unwarranted mass-surveillance:
Mass surveillance means surveillance of a substantial fraction of a group of people by the

authority especially for the security purpose, but if someone does it for personal interest, it is
considered as cybercrime.
Child pornography:
It is one of the most heinous crimes that is brazenly practiced across the world. Children are
sexually abused and videos are being made and uploaded on the Internet.
Child grooming:
It is the practice of establishing an emotional connection with a child especially for the purpose
of child-trafficking and child prostitution.
Copyright infringement:
If someone infringes someone’s protected copyright without permission and publishes that
with his own name, is known as copyright infringement.
Money laundering:
Illegal possession of money by an individual or an organization is known as money laundering. It

typically involves transfers of money through foreign banks and/or legitimate business. In other
words, it is the practice of transforming illegitimately earned money into the legitimate
financial system.
Cyber-extortion:
When a hacker hacks someone’s email server, or computer system and demands money to
reinstate the system, it is known as cyber-extortion.
Cyber-terrorism:
Normally, when someone hacks government’s security system or intimidates government or

such a big organization to advance his political or social objectives by invading the security
system through computer networks, it is known as cyber-terrorism.
Cyber Security :
Cyber security is a potential activity by which information and other communication systems
are protected from and/or defended against the unauthorized use or modification or
exploitation or even theft.
Likewise, cyber security is a well-designed technique to protect computers, networks, different

programs, personal data, etc., from unauthorized access.
E-mail Spoofing:
Email spoofing is a technique used in spam and phishing attacks to trick users into thinking a
message came from a person or entity they either know or can trust. In spoofing attacks, the
sender forges email headers so that client software displays the fraudulent sender address,
which most users take at face value. Unless they inspect the header more closely, users see the
forged sender in a message. If it’s a name they recognize, they’re more likely to trust it. So
they’ll click malicious links, open malware attachments, send sensitive data and even wire
corporate funds.
Email spoofing is possible due to the way email systems are designed. Outgoing messages are
assigned a sender address by the client application; outgoing email servers have no way to tell
whether the sender address is legitimate or spoofed.
Recipient servers and antimalware software can help detect and filter spoofed messages.
Unfortunately, not every email service has security protocols in place. Still, users can review
email headers packaged with every message to determine whether the sender address is
forged.
The goal of spoofing is to trick users into believing the email is from someone they know or can
trust—in most cases, a colleague, vendor or brand. Exploiting that trust, the attacker asks the
recipient to divulge information or take some other action.
For example, an attacker might create an email that looks like it comes from PayPal. The
message tells the user that their account will be suspended if they don’t click a link,
authenticate into the site and change the account’s password. If the user is successfully tricked
and types in credentials, the attacker now has credentials to authenticate into the targeted
user’s PayPal account, potentially stealing money from the user.
More complex attacks target financial employees and use social enginerring and online
reconnaissance to trick a targeted user into sending millions to an attacker’s bank account.
To the user, a spoofed email message looks legitimate, and many attackers will take elements
from the official website to make the message more believable. Here’s an example PayPal
phishing attack with a spoofed email sender:
With a typical email client (such as Microsoft Outlook), the sender address is automatically
entered when a user sends a new email message. But an attacker can programmatically send
messages using basic scripts in any language that configures the sender address to an email
address of choice. Email API endpoints allow a sender to specify the sender address regardless
whether the address exists. And outgoing email servers can’t determine whether the sender
address is legitimate.
Outgoing email is retrieved and routed using the Simple Mail Transfer Protocol (SMTP). When a
user clicks “Send” in an email client, the message is first sent to the outgoing SMTP server
configured in the client software. The SMTP server identifies the recipient domain and routes it
to the domain’s email server. The recipient’s email server then routes the message to the right
user inbox.
For every “hop” an email message takes as it travels across the internet from server to server,
the IP address of each server is logged and included in the email headers. These headers
divulge the true route and sender, but many users do not check headers before interacting with
an email sender.
The three major components of an email are:
 The sender address

 The recipient address
 The body of the email
Another component often used in phishing is the Reply-To field. This field is also configurable
from the sender and can be used in a phishing attack. The Reply-To address tells the client
email software where to send a reply, which can be different from the sender’s address. Again,
email servers and the SMTP protocol do not validate whether this email is legitimate or forged.
It’s up to the user to realize that the reply is going to the wrong recipient.
Here’s an example forged email:
Notice that the email address in the From sender field is supposedly from Bill Gates
(b.gates@microsoft.com). There are two sections in these email headers to review. The
“Received” section shows that the email was originally handled by the email server
email.random-company.nl, which is the first clue that this email is forged. But the best field to
review is the Received-SPF section—notice that the section has a “Fail” status.
Sender Policy Framework (SPF) is a security protocol set as a standard in 2014. It works in
conjunction with DMARC (Domain-based Message Authentication, Reporting and
Conformance) to stop malware and phishing attacks.
SPF can detect spoofed email, and it’s become common with most email services to combat
phishing. But it’s the responsibility of the domain holder to use SPF. To use SPF, a domain
holder must configure a DNS TXT entry specifying all IP addresses authorized to send email on
behalf of the domain. With this DNS entry configured, recipient email servers lookup the IP
address when receiving a message to ensure that it matches the email domain’s authorized IP
addresses. If there is a match, the Received-SPF field displays a PASS status. If there is no
match, the field displays a FAIL status. Recipients should review this status when receiving an
email with links, attachments or written instructions.
Email spoofing happens when the cybercriminal uses a fake email address to commit a
cybercrime. Depending on the email spoofing tactic, the criminal may spoof the email address,
email sender name or both. Additionally, the cybercriminal can assume multiple identities, that
of the sender, the company, or both.
For example, the sender’s name is joan.smith@xyzwidgets.com but Joan Smith does not work
for XYZ Widgets. The recipient works at XYZ Widgets, a large multinational company and does
not know that Joan is not an actual person. The recipient trusts the email since it uses the
company logo and asks her to do legitimate work-related tasks.
Similar to phishing, the spoofed email uses urgent and convincing language to spur the
recipient into immediate action. This sense of urgency does a couple of things – it limits the
chance for hesitation and questioning and it convinces the recipient that they are helping and
doing the right thing.
How to Protect from Email Spoofing
Even with email security in place, some malicious email messages reach user inboxes. Whether
you’re an employee responsible for financial decisions or as someone who uses personal email
at work, there are several steps you can take to avoid becoming a victim of email fraud:
 Never click links to access a website where you’re asked to authenticate. Always type
the official domain in your browser and authenticate directly on the site.
 The steps to view email headers are different for each email client, so first look up how
to view email headers for your inbox software. Then, open email headers and look for
the Received-SPF section of the headers and look for a PASS or FAIL response.
 Copy and paste the content of an email message into a search engine. Chances are that
text used in a common phishing attack has already been reported and published on the
Internet.
 Be suspicious of email supposedly from an official source with bad spelling or grammar.
 Avoid opening attachments from suspicious or unknown senders.
 Emails promising riches—or anything else that’s too good to be true—is likely a scam.
 Beware of emails that create a sense of urgency or danger. Phishing and BEC attacks
often try to short-circuit recipients’ natural skepticism by suggesting that something bad
will happen if they don’t act quickly. Treat email links with extra caution if the message
warns of pending account closures, scheduled payment failures or suspicious activity on
one of your financial accounts. Visit the website directly through your browser, not the
link in the email.
Spamming:
Email bombing is characterised by an abuser sending huge volumes of email to a target address
resulting in victim’s email account or mail servers crashing. The message is meaningless and
excessively long in order to consume network resources. If multiple accounts of a mail server
are targeted, it may have a denial-of-service impact. Such mail arriving frequently in your inbox
can be easily detected by spam filters. Email bombing is commonly carried out using botnets
(private internet connected computers whose security has been compromised by malware and
under the attacker’s control) as a DDoS attack.
This type of attack is more difficult to control due to multiple source addresses and the bots
which are programmed to send different messages to defeat spam filters. “Spamming” is a
variant of email bombing. Here unsolicited bulk messages are sent to a large number of users,
indiscriminately. Opening links given in spam mails may lead you to phishing web sites hosting
malware. Spam mail may also have infected files as attachments. Email spamming worsens
when the recipient replies to the email causing all the original addressees to receive the reply.
Spammers collect email addresses from customer lists, newsgroups, chat-rooms, web sites and
viruses which harvest users’ address books, and sell them to other spammers as well. A large
amount of spam is sent to invalid email addresses.
Sending spam violates the acceptable use policy (AUP) of almost all internet service providers. If
your system suddenly becomes sluggish (email loads slowly or doesn’t appear to be sent or
received), the reason may be that your mailer is processing a large number of messages.
Unfortunately, at this time, there’s no way to completely prevent email bombing and spam
mails as it’s impossible to predict the origin of the next attack. However, what you can do is
identify the source of the spam mails and have your router configured to block any incoming
packets from that address.
Salami Attack:
A “salami slicing attack” or “salami fraud” is a technique by which cyber-criminals steal money
or resources a bit at a time so that there’s no noticeable difference in overall size. The
perpetrator gets away with these little pieces from a large number of resources and thus
accumulates a considerable amount over a period of time. The essence of this method is the
failure to detect the misappropriation. The most classic approach is “collect-the-roundoff”
technique. Most calculations are carried out in a particular currency are rounded off up to the
nearest number about half the time and down the rest of the time. If a programmer decides to
collect these excess fractions of rupees to a separate account, no net loss to the system seems
apparent. This is done by carefully transferring the funds into the perpetrator’s account.
Attackers insert a program into the system to automatically carry out the task. Logic bombs
may also be employed by unsatisfied greedy employees who exploit their know-how of the
network and/or privileged access to the system. In this technique, the criminal programs the
arithmetic calculators to automatically modify data, such as in interest calculations.
Stealing money electronically is the most common use of the salami slicing technique, but it’s
not restricted to money laundering. The salami technique can also be applied to gather little
bits of information over a period of time to deduce an overall picture of an organisation. This
act of distributed information gathering may be against an individual or an organisation. Data
can be collected from web sites, advertisements, documents collected from trash cans, and the
like, gradually building up a whole database of factual intelligence about the target.
Since the amount of misappropriation is just below the threshold of perception, we need to be
more vigilant. Careful examination of our assets, transactions and every other dealing including
sharing of confidential information with others might help reduce the chances of an attack by
this method.
Data Hacking:
In simple words, hacking is an act committed by an intruder by accessing your computer system
without your permission. Hackers (the people doing the ‘hacking’) are basically computer
programmers, who have an advanced understanding of computers and commonly misuse this
knowledge for devious reasons. They’re usually technology buffs who have expert-level skills in
one particular software program or language. As for motives, there could be several, but the
most common are pretty simple and can be explained by a human tendancy such as greed,
fame, power, etc. Some people do it purely to show-off their expertise – ranging from relatively
harmless activities such as modifying software (and even hardware) to carry out tasks that are
outside the creator’s intent, others just want to cause destruction.
Greed and sometimes voyeuristic tendancies may cause a hacker to break into systems to steal
personal banking information, a corporation’s financial data, etc. They also try and modify
systems so hat they can execute tasks at their whims. Hackers displaying such destructive
conduct are also called “Crackers” at times. they are also called “Black Hat” hackers On the
other hand, there are those who develop an interest in computer hacking just out of
intellectual curiosity. Some companies hire these computer enthusiasts to find flaws in their
security systems and help fix them. Referred to as “White Hat” hackers, these guys are against
the abuse of computer systems. They attempt to break into network systems purely to alert the
owners of flaws. It’s not always altruistic, though, because many do this for fame as well, in
order to land jobs with top companies, or just to be termed as security experts. “Grey Hat” is
another term used to refer to hacking activities that are a cross between black and white
hacking.
Some of the most famous computer geniuses were once hackers who went on to use their skills
for constructive technological development. Dennis Ritchie and Ken Thompson, the creators of
the UNIX operating system (Linux’s predecessor), were two of them. Shawn Fanning, the
developer of Napster, Mark Zuckerberg of Facebook fame, and many more are also examples.
The first step towards preventing hackers from gaining access to your systems is to learn how
hacking is done. Of course it is beyond the scope of this Fast Track to go into great details, but
we will cover the various techniques used by hackers to get to you via the internet.
a. SQL Injections: An SQL injection is a technique that allows hackers to play upon the security
vulnerabilities of the software that runs a web site. It can be used to attack any type of
unprotected or improperly protected SQL database. This process involves entering portions of
SQL code into a web form entry field – most commonly usernames and passwords – to give the
hacker further access to the site backend, or to a particular
user’s account. When you enter logon information into sign-in fields, this information is
typically converted to an SQL command. This command checks the data you’ve entered against
the relevant table in the database. If your input data matches the data in the table, you’re
granted access, if not, you get the kind of error you would have seen when you put in a wrong
password. An SQL injection is usually an additional command that when inserted into the web
form, tries to change the content of the database to reflect a successful login. It can also be
used to retrieve information such as credit card numbers or passwords from unprotected sites.
b. Theft of FTP Passwords: This is another very common way to tamper with web sites. FTP
password hacking takes advantage of the fact that many webmasters store their website login
information on their poorly protected PCs. The thief searches the victim’s system for FTP login
details, and then relays them to his own remote computer. He then logs into the web site via
the remote computer and modifies the web pages as he or she pleases.
c. Cross-site scripting:
Also known as XSS (formerly CSS, but renamed due to confusion with cascading style sheets), is
a very easy way of circumventing a security system. Cross-site scripting is a hard-to-find
loophole in a web site, making it vulnerable to attack. In a typical XSS attack, the hacker infects
a web page with a malicious client-side script or program. When you visit this web page, the
script is automatically downloaded to your browser and executed. Typically, attackers inject
HTML, JavaScript, VBScript, ActiveX or Flash into a vulnerable application to deceive you and
gather confidential information. If you want to protect your PC from malicious hackers,
investing in a good firewall should be first and foremost. Hacking is done through a network, so
it’s very important to stay safe while using the internet. You’ll read more about safety tips in
the last chapter of this book.
Web Jacking:
Web jacking derives its name from “hijacking”. Here, the hacker takes control of a web site
fraudulently. He may change the content of the original site or even redirect the user to
another fake similar looking page controlled by him. The owner of the web site has no more
control and the attacker may use the web site for his own selfish interests. Cases have been
reported where the attacker has asked for ransom, and even posted obscene material on the
site.
The web jacking method attack may be used to create a clone of the web site, and present the
victim with the new link saying that the site has moved. Unlike usual phishing methods, when
you hover your cursor over the link provided, the URL presented will be the original one, and
not the attacker’s site. But when you click on the new link, it opens and is quickly replaced with
the malicious web server. The name on the address bar will be slightly different from the
original website that can trick the user into thinking it’s a legitimate site. For example, “gmail”
may direct you to “gmai1”. Notice the one in place of ‘L’. It can be easily overlooked.
Obviously not gmail.com, but still enough people click

Web jacking can also be done by sending a counterfeit message to the registrar controlling the
domain name registration, under a false identity asking him to connect a domain name to the
webjacker’s IP address, thus sending unsuspecting consumers who enter that particular domain
name to a website controlled by the webjacker. The purpose of this attack is to try to harvest
the credentials, usernames, passwords and account numbers of users by using a fake web page
with a valid link which opens when the user is redirected to it after opening the legitimate site.
Identity Theft:
• Fraud that involves someone pretending to be someone else to steal money or get other
benefits.
• What type of Information can uniquely identify a person (Personally Identifiable
Information)
– Full Name
– National Identification Number (Aadhar Card)
– Telephone/ Mobile Phone No.
– Driving License Number
– Credit Card Number
– Face and Fingerprint
Classification of Information
• Non-classified information
– Public Information
– Personal Information (Only share with other for personal or business reason)
– Routine Business Information
– Private Information (eg. SSN, credit card number)
– Confidential Business Information (Tender price)
• Classified Information
– Confidential (Unauthorized disclosure could damage the national security)
– Secret (could seriously damage the national security)
– Top Secret (could severely damage national security)
Types of Identity Theft
• Financial Identity Theft

– Bank fraud, credit card fraud
• Criminal Identity Theft
– To use someone else’s identity to enter into a country to commit a crime
• Identity Cloning
– Attacker actually lives and works in place of victim
• Business Identity Theft
– Duplicate product with famous brand names.
• Medical Identity Theft
– Receiving medical help (mediclaim etc.) based on the report of somebody else.
• Synthetic Identity Theft
– Attacker combines the features of various victims and get a new identity which
affects all victims
• Child Identity Theft
– Parents might steal their children identity to create fake email accounts, credit
card accounts, loan accounts etc.
Techniques:
• Human-based methods
– Direct access
– Dumpster diving (from dustbeans)
– Theft of a purse/wallet
– Shoulder Surfing
– False ATMs (Recording information from ATMs)
– Dishonest or mistreated employees
– Fake telephone calls
• Computer-based methods
– Backup Theft (Analyze or backup the stolen equipments)
– Hacking
– Phishing
– Pharming
– Redirectors
– Hardware (Eg. Keyloggers)
Countermeasures:
• Monitor the personal belongings frequently and take care.

• Install security software.
• Store sensitive data securely.
• Protect your PII.
• Be alert.
Internet time Theft:
It refers to the theft in a manner where the unauthorized person uses internet hours paid by
another person. The authorized person gets access to another person's ISP user ID and
password, either by hacking or by illegal means without that person's knowledge.
Theft of intellectual property
Intellectual property (IP) theft is defined as theft of material that is copyrighted, the theft of
trade secrets, and trademark violations etc. One of the most commonly and dangerously known
consequence of IP theft is counterfeit goods and piracy.
Laws governing identity thefts in India
The crime of identity theft consists of two steps:
 Wrongful collection of personal identity of an individual

 Wrongful use of such information with an intention of causing legal harm to that person
information
An identity theft involves both theft and fraud, therefore the provisions with regard to forgery
as provided under the Indian Penal Code, 1860 (IPC) is often invoked along with the Information
Technology Act, 2000. Some of the Sections of IPC such as forgery (Section 464), making false
documents (Section 465), forgery for purpose of cheating (Section 468), reputation (Section
469), using as genuine a forged document (Section 471) and possession of a document known
to be forged and intending to use it as genuine (Section 474) can be coupled with those in the IT
Act.
The Information Technology Act, 2000 (IT Act) is the main act which deals with the legislation in
India governing cybercrimes. Some of the Sections dealing with Cyber Theft are: -
 Section 43 If any person without permission of the owner damages to computer,

computer system, etc. he/she shall be liable to pay compensation to the person so
affected.
 Section 66 If any person, dishonestly or fraudulently, does any act referred to in section
43, he shall be punishable with imprisonment for a term which may extend to three
years or with fine which may extend to five lakh rupees or with both.
 Section 66B Punishment for dishonestly receiving stolen computer resource or
communication device is Imprisonment for a term which may extend to three years or
with fine which may extend to rupees one lakh or with both.
 Section 66C provides for punishment for Identity theft as: Whoever, fraudulently or
dishonestly make use of the electronic signature, password or any other unique
identification feature of any other person, shall be punished with imprisonment of
either description for a term which may extend to three years and shall also be liable to
fine with may extend to rupees one lakh.
 Section 66 D on the other hand was inserted to punish cheating by impersonation using
computer resources.
With the increase in the number of frauds and cyber related crime, the government is coming
up with refined regulations to protect the interest of the people and safeguard against any
mishappenning on the internet. Further, stronger laws have been formulated with respect to
protection of "sensitive personal data" in the hands of the intermediaries and service providers
(body corporate) thereby ensuring data protection and privacy.
Credit Card Fraud:
At its simplest, credit card fraud can involve stealing someone’s physical credit or debit
card and using it to make purchases. However, that type of credit card fraud is
becoming rarer by the day. In fact, after the introduction of Europay, Mastercard, and
Visa (EMV) chips, card present fraud at the point of sale significantly declined, while
card-not-present (CNP) fraud drastically increased.
Now, twice as many consumers deal with CNP fraud than with card present fraud, and
many of these fraud cases start online as a cyber crime. Keep reading to learn more
about the intersection of credit card fraud and cyber crimes.
What Is Credit Card Fraud?
Credit card fraud refers to using a credit card to obtain money or goods fraudulently.
Thieves may steal a credit card, copy the number off a credit card, or take over a
victim’s account and have the credit card mailed to their (the criminal’s) address. They
may also open a new credit card in the victim’s name or try a variety of other techniques
to steal money or buy assets.
What Are Cyber Crimes?
A cyber crime is any crime that starts online. One type of crime is a scam artist
befriending someone on a social platform and convincing them to send money over the
platform using their credit card. Or, thieves may steal a physical credit card or obtain its
numbers and use that information to make purchases online.
Alternatively, a thief may hack into a bank or business database to steal personal
details about customers and sell those details online. Then, the thief who buys that
information can use it to fraudulently open an account with the victim’s details.
How Do Credit Card Fraud and Cyber Crimes Overlap?
There are countless types of cyber crimes, and many of them involve credit cards. The
internet has changed how thieves target data and information. While some thieves
focus on hacking large files of information that they can sell online, others simply target
a single victim or steal a single card. To prevent credit card fraud, you need a fraud
detection and prevention plan that focuses on the threats of cyber crimes.
Consumers understand this risk instinctually, and their response to fears about crimes
highlights this fact. In one survey, respondents said they feared identity theft more than
having their home broken into — 47% said identity theft was their biggest fear, while
27% chose a home break-in.
These fears are based in reality. The Federal Trade Commission (FTC) reports
that credit card fraud is the most common form of identity theft. Annually, there are
over 133,000 cases of identity theft involving credit cards, and credit cards are used in
almost all (92%) of fraudulent transactions.
Credit Card Fraud Online
Once a scam artist has someone’s credit card details, they can make purchases online.
This is one of the most popular ways to use stolen credit card information. Between
2016 and 2017, online shopping fraud increased by nearly a third, and transactions
from foreign internet protocol (IP) addresses were about seven times more likely to
involve fraud than transactions from U.S. IP addresses.
Cyber Security and Credit Card Fraud

The cyber world doesn’t just increase the risk of fraud for credit and debit cardholders. It
can also play an instrumental role in protecting people, businesses, and financial
institutions from the risks of credit card fraud. If you run a financial institution, you
need cyber security tools in place to help reduce credit card fraud.
Generally, the three basic steps in dealing with credit card fraud include the following:
1. Stop the Losses
2. Recover the Money
3. Manage the Aftermath
When fraud occurs, these steps are essential, but for true protection, you need to adopt
a slightly modified, more proactive framework, such as the following:
1. Avoid the Losses
2. Protect the Money
3. Create a Disaster Response Plan
With a proactive approach, you use fraud protection software to avoid losses and
protect the money. The right programs identity patterns and flag potentially fraudulent
transactions before they become a problem. But, even when you’re taking every step
possible to prevent fraud, you still need to create a disaster response plan just in case.
Reputation management is critical for financial institutions, and after a breach or a
significant case of fraud, you need to manage the disaster very carefully. Your disaster
response plan needs to include steps to stop the loss and protect the money, but it
should also detail how you’re going to reach out to customers and maintain a
trustworthy reputation moving forward.
Protect Your Financial Institution from Cyber Threats
To reduce credit card fraud, you need to educate your customers about the biggest
threats and how to avoid them, but you also need to take steps internally. Ideally, you
should do the following:
 Insist on smart password practices — require employees to change passwords on a
regular basis and use passwords that cannot be easily guessed.
 Update antivirus software — to avoid external threats from hackers, your financial
institution’s computers need updated antivirus software.
 Set up bank apps and websites to use dual-factor authentication — to prevent
hackers from getting into your website or your customer’s accounts, require
customers to sign in using dual factor authentication.
 Be careful with email — A lot of scam artists may try to breach your computers
through emails sent to managers or executives in your bank. Make sure your team
knows how to avoid suspicious links, downloads, or requests.
 Work with a fraud specialist — To ensure your financial institution and your
customers are thoroughly protected from cyber threats and credit card fraud, work
with a fraud specialist to set up fraud protection and detection tools.
 Report scams — Report any scams or attempted scams that affect your financial
institution. Then, other bankers and anti-fraud professionals can learn from your
experiences.
Software Piracy:
Software Piracy – Definition
Software piracy is the act of stealing software that is legally protected. This stealing
includes copying, distributing, modifying or selling the software.
Copyright laws were originally put into place so that the people who develop software
(programmers, writers, graphic artists, etc.) would get the proper credit and
compensation for their work. When software piracy occurs, compensation is stolen from
these copyright holders.
Software Piracy Regulation

Computer piracy is illegal and constitutes a federal crime. The monetary penalties for
those who break this law can reach up to $150,000 per instance of copyright violation.
End-User License Agreement
The End-User License Agreement (EULA) is a license used for most software. It is a
contract between the manufacturer and/or author and the end user. This agreement
defines rules for software use and not every agreement is the same. One common rule
in most EULAs prohibits users from sharing the software with others.
Types of Software Piracy

There are five main types of software piracy. This variety of pirating techniques explains
how some individuals purposely pirate software while others may unknowingly be an
accomplice.
Softlifting
Softlifting is when someone purchases one version of the software and downloads it
onto multiple computers, even though the software license states it should only be
downloaded once. This often occurs in business or school environments and is usually
done to save money. Softlifting is the most common type of software piracy.
Client-server overuse
Client-server overuse is when too many people on a network use one main copy of the
program at the same time. This often happens when businesses are on a local area
network and download the software for all employees to use. This becomes a type of
software piracy if the license doesn’t entitle you to use it multiple times.
Hard disk loading
Hard disk loading is a type of commercial software piracy in which someone buys a
legal version of the software and then reproduces, copies or installs it onto computer
hard disks. The person then sells the product. This often happens at PC resale shops
and buyers aren’t always aware that the additional software they are buying is illegal.
Counterfeiting
Counterfeiting occurs when software programs are illegally duplicated and sold with the
appearance of authenticity. Counterfeit software is usually sold at a discounted price in
comparison to the legitimate software.
Online Piracy
Online piracy, also known as Internet piracy, is when illegal software is sold, shared or
acquired by means of the Internet. This is usually done through a peer-to-peer
(P2P) file-sharing system, which is usually found in the form of online auction sites and
blogs.
The Dangers of Software Piracy

Software piracy may have a cheaper price point, but there are many dangers that
software pirates should be aware of.
Consequences of software piracy are:
 Increased chances that the software will malfunction or fail

 Forfeited access to support for the program such as training, upgrades, customer
support and bug fixes
 No warranty and the software can’t be updated
 Increased risk of infecting your PC with malware, viruses or adware
 Slowed down PC
 Legal repercussions due to copyright infringement
Keep your PC secure by only purchasing software from authorized dealers. Be aware of
any software’s terms and conditions — make sure you agree and adhere to their
guidelines. Protect your device from any further threats with Panda Security’s Free
Antivirus for your Mac or Windows devices.
Forgery:
What is Forgery?
Forgery is making, using, altering, or possessing a false document with the intent to
commit fraud. Forgery can be the creation of a false document, or changing an authentic one.
Forgery is a crime that is classified as a felony in all fifty states and by the federal government.
There are several elements to the crime of forgery, and all must be proven before someone can
be found guilty:
 A person must make, alter, use, or possess a false document. Forgery can be creating a
false document from scratch, or altering an otherwise genuine document in a material
way. The alteration is material if it affects a legal right.
o For example, a document like a will may be otherwise valid according to state
law, but if someone other than the testator signs it, the will is a forgery. A forged
signature misrepresents the identity of the person whose will it is, and that has
significant legal consequences.
 The writing must have legal significance. Not just any false writing will be considered
criminal forgery. Common examples of documents with legal significance include
contracts, passports, drivers licenses, deeds, receipts, checks, wills, certifications,
professional licenses, prescriptions, historical papers, and art.
o Legally significant means that the document affects legal rights or obligations.
Signing someone else’s name on a friendly letter would not be forgery because it
is probably not legally significant.
o On the other hand, signing someone else’s name on a letter of recommendation
for a job may be forgery because it might affect employment and that is legally
significant.
 The writing must be false. The writing must have been created or changed in a way that
makes it appear that the document represents something that it is not. The
fundamental meaning of the document must have changed because of the forgery.
 Intent to defraud. The person committing the forgery must have done so with
the specific intent to defraud or trick another person or entity.
What Documents are Commonly Forged?

Documents of legal significance that are commonly forged include:
 Identification documents like drivers licenses or passports

 Checks
 Wills
 Drug prescriptions
 Deeds
 Stock certificates
 Contracts
 Patents
 Military documents
 Historical documents
 Works of art and certificates of authentication
What are the Penalties for Forgery?

Forgery laws can differ from state to state. In all states forgery can be considered a
felony. Possible punishments include prison time, fines, probation, and restitution,
where the defendant compensates the victim for money or property that was lost
because of the forgery.
Some states punish forgery crimes based on the type of forgery that was committed.
New York classifies forgery in “degrees” based on the type of document that was
forged.
 First Degree Forgery: currency (also known as counterfeiting), stamps,

securities, stocks, or bonds. First degree forgery is a felony and could be
punishable by anywhere from 1-2 years to 15 years in prison.
 Second Degree Forgery: deeds, wills, contracts, government issued
documents, public records, tokens or certificates used in place of money for
goods or services (like subway tokens), or medical prescriptions. Second degree
forgery is also a felony. The punishment might be anywhere from 2-7 years in
prison.
 Third Degree Forgery: any other types of documents. Third degree forgery is a
misdemeanor. The punishment is a maximum of one year in prison or three
years probation. The defendant may also have to pay a fine of up to $1,000 or
twice what they gained from the crime.
Are There Any Defenses to Forgery?

Some potential defenses to forgery include:
 Lack of Intent: The defendant in a forgery case must have intended to defraud,
deceive, or trick the victim with the forged document. Intent is a key element to
proving forgery, so without it the defendant cannot be found guilty.
 Lack of Capacity or Knowledge: The defendant must have known that the
document was forged to be guilty of forgery. Knowledge is key to proving the
defendant had the required intent. If they did not know, or did not have the
mental capacity to know, they have a defense.
 Coercion: If the defendant was forced to commit the forgery because they or
someone they loved was threatened, they have a defense.
 Consent: a defendant has the defense of consent if they forged the document
with the consent or cooperation of the alleged victim.
Most defenses to forgery address the required element of the intent to defraud or
deceive. Proving that the defendant did not have specific intent is a complete defense
because it means the defendant did not have the required mental state to commit the
crime.
Do I Need an Attorney If I Am Facing Charges for Forgery?

Forgery cases can be complicated and the potential penalties for being found guilty are
serious. If you have been charged with forgery you should consult with a criminal
defense lawyer. An experienced attorney can review the facts of your case, help you
understand the law, and counsel you on your possible defenses. They can also
represent you in court.
Online Frauds:
Internet Fraud The term ‘internet fraud’ refers to any type of fraud scheme that uses email, web sites,
chat rooms or message boards to present fraudulent solicitations to prospective victims, to conduct
fraudulent transactions or to transmit the proceeds of fraud to financial institutions or to others
connected with the scheme. Internet fraud may include spam, scams, spyware, identity theft, phishing
or internet banking fraud.
Spam Spam is a generic term used to describe electronic ‘junk mail’ or unwanted messages sent to your
email account or mobile phone. These messages vary, but are essentially commercial and often
annoying in their sheer volume. They may try to persuade you to buy a product or service, or visit a
website where you can make purchases; or they may attempt to trick you into divulging your bank
account or credit card details. More information about spam is available from the Australian
Communications and Media Authority (ACMA) website
Scams The power of the internet and email communication has made it all too easy for email scams to
flourish. These schemes often arrive uninvited by email. Many are related to the well documented
Nigerian Scam or Lotto Scams and use similar tactics in one form or another.
Spyware Spyware is generally considered to be software that is secretly installed on a computer and
takes things from it without the permission or knowledge of the user. Spyware may take personal
information, business information, bandwidth or processing capacity and secretly gives it to someone
else. It is recognised as a growing problem.
Phishing Phishing is a technique used to gain personal information for the purpose of identity theft.
Phishing involves using a form of spam to fraudulently gain access to people’s online banking details. As
well as targeting online banking customers, phishing emails may target online auction sites or other
online payment facilities. Typically, a phishing email will ask an online banking customer to follow a link
in order to update personal bank account details. If the link is followed the victim downloads a program
which captures his or her banking login details and sends them to a third party
Identity theft A large part of online crime is now centred on identity theft which is part of identity fraud
and specifically refers to the theft and use of personal identifying information of an actual person, as
opposed to the use of a fictitious identity. This can include the theft and use of identifying personal
information of persons either living or dead
Internet banking fraud Internet banking fraud is a fraud or theft committed using online technology to
illegally remove money from a bank account and/or transfer money to an account in a different bank.
Internet banking fraud is a form of identity theft and is usually made possible through techniques such
as phishing
Suggestions to prevent loss from Online Fraud :
• Consideration of using a low-limit separate credit card for online purchases to minimise the potential
loss if things go wrong.
• Limiting the amount of personal information you allow to be ‘the public domain’ i.e.: social networking
sites that could be used to assist in identity theft.
• Keeping anti-virus and firewall software up to date.

Ch- 2 Information Security Concepts
• Computer Security- collection of tools design to protect and to

hackers
• Network Security- protect data during their transmission
• Internet Security- protect data during their transmission over a

collection of interne connected network.
• Information security- is not only about securing information from

unauthorized access.
Introduction to Information Security :
As of January 2008, the internet connected an estimated 541.7 million computers in more than
250 countries on every continent, even Antarctica (Source: Internet Software Consortium’s
Internet Domain Survey; www.isc.org/index.pl). The internet is not a single network, but a
worldwide collection of loosely connected networks that are accessible by individual computer
hosts, in a variety of ways, to anyone with a computer and a network connection. Thus,
individuals and organizations can reach any point on the internet without regard to national or
geographic boundaries or time of day. However, along with the convenience and easy access to
information come risks. Among them are the risks that valuable information will be lost, stolen,
changed, or misused. If information is recorded electronically and is available on networked
computers, it is more vulnerable than if the same information is printed on paper and locked in
a file cabinet. Intruders do not need to enter an office or home; they may not even be in the
same country. They can steal or tamper with information without touching a piece of paper or a
photocopier. They can also create new electronic files, run their own programs, and hide
evidence of their unauthorized activity.
Basic Security Concepts :

Three basic security concepts important to information on the internet are confidentiality,
integrity, and availability. Concepts relating to the people who use that information are
authentication, authorization, and nonrepudiation.
When information is read or copied by someone not authorized to do so, the result is known as
loss of confidentiality. For some types of information, confidentiality is a very important
attribute. Examples include research data, medical and insurance records, new product
specifications, and corporate investment strategies. In some locations, there may be a legal
obligation to protect the privacy of individuals. This is particularly true for banks and loan
companies; debt collectors; businesses that extend credit to their customers or issue credit
cards; hospitals, doctors’ offices, and medical testing laboratories; individuals or agencies that
offer services such as psychological counseling or drug treatment; and agencies that collect
taxes.
Information can be corrupted when it is available on an insecure network. When information is

modified in unexpected ways, the result is known as loss of integrity. This means that
unauthorized changes are made to information, whether by human error or intentional
tampering. Integrity is particularly important for critical safety and financial data used for
activities such as electronic funds transfers, air traffic control, and financial accounting.
Information can be erased or become inaccessible, resulting in loss of availability. This means
that people who are authorized to get information cannot get what they need. Availability is
often the most important attribute in service-oriented businesses that depend on information
(for example, airline schedules and online inventory systems).
Availability of the network itself is important to anyone whose business or education relies on
a network connection. When users cannot access the network or specific services provided on
the network, they experience a denial of service.
To make information available to those who need it and who can be trusted with it,
organizations use authentication and authorization. Authentication is proving that a user is the
person he or she claims to be. That proof may involve something the user knows (such as a
password), something the user has (such as a “smartcard”), or something about the user that
proves the person’s identity (such as a fingerprint). Authorization is the act of determining
whether a particular user (or computer system) has the right to carry out a certain activity, such
as reading a file or running a program.
Authentication and authorization go hand in hand. Users must be authenticated before carrying
out the activity they are authorized to perform. Security is strong when the means of
authentication cannot later be refuted—the user cannot later deny that he or she performed
the activity. This is known as nonrepudiation.
These concepts of information security also apply to the term information security; that is,
internet users want to be assured that,
• they can trust the information they use
• the information they are responsible for will be shared only in the manner that they expect
• the information will be available when they need it
• the systems they use will process information in a timely and trustworthy manner
In addition, information assurance extends to systems of all kinds, including large-scale

distributed systems, control systems, and embedded systems, and it encompasses systems with
hardware, software, and human components. The technologies of information assurance
address system intrusions and compromises to information.
Information security Goals:

The basic components of information security are most often summed up by the so-
called CIA triad: confidentiality, integrity, and availability.
 Confidentiality is perhaps the element of the triad that most immediately comes to mind
when you think of information security. Data is confidential when only those people who are
authorized to access it can do so; to ensure confidentiality, you need to be able to identify
who is trying to access data and block attempts by those without authorization. Passwords,
encryption, authentication, and defense against penetration attacks are all techniques
designed to ensure confidentiality.

 Integrity means maintaining data in its correct state and preventing it from being improperly
modified, either by accident or maliciously. Many of the techniques that ensure confidentiality
will also protect data integrity—after all, a hacker can't change data they can't access—but
there are other tools that help provide a defense of integrity in depth: checksums can help
you verify data integrity, for instance, and version control software and frequent backups can
help you restore data to a correct state if need be. Integrity also covers the concept of non-
repudiation: you must be able to prove that you've maintained the integrity of your data,
especially in legal contexts.

 Availability is the mirror image of confidentiality: while you need to make sure that your data
can't be accessed by unauthorized users, you also need to ensure that it can be accessed by
those who have the proper permissions. Ensuring data availability means matching network
and computing resources to the volume of data access you expect and implementing a good
backup policy for disaster recovery purposes.
In an ideal world, your data should always be kept confidential, in its correct state,
and available; in practice, of course, you often need to make choices about which
information security principles to emphasize, and that requires assessing your data. If
you're storing sensitive medical information, for instance, you'll focus on
confidentiality, whereas a financial institution might emphasize data integrity to
ensure that nobody's bank account is credited or debited incorrectly.
2nd answer:
The objective of Cybersecurity is to protect information from being stolen,

compromised or attacked. Cybersecurity can be measured by at least one of three
goals-
1. Protect the confidentiality of data.
2. Preserve the integrity of data.
3. Promote the availability of data for authorized users.
These goals form the confidentiality, integrity, availability (CIA) triad, the basis of all
security programs. The CIA triad is a security model that is designed to guide policies
for information security within the premises of an organization or company. This
model is also referred to as the AIC (Availability, Integrity, and
Confidentiality) triad to avoid the confusion with the Central Intelligence Agency.
The elements of the triad are considered the three most crucial components of
security.
The CIA criteria are one that most of the organizations and companies use when they
have installed a new application, creates a database or when guaranteeing access to
some data. For data to be completely secure, all of these security goals must come
into effect. These are security policies that all work together, and therefore it can be
wrong to overlook one policy.
1. Confidentiality
Confidentiality is roughly equivalent to privacy and avoids the unauthorized disclosure

of information. It involves the protection of data, providing access for those who are
allowed to see it while disallowing others from learning anything about its content. It
prevents essential information from reaching the wrong people while making sure that
the right people can get it. Data encryption is a good example to ensure
confidentiality.
Tools for Confidentiality

Encryption
Encryption is a method of transforming information to make it unreadable for

unauthorized users by using an algorithm. The transformation of data uses a secret
key (an encryption key) so that the transformed data can only be read by using
another secret key (decryption key). It protects sensitive data such as credit card
numbers by encoding and transforming data into unreadable cipher text. This
encrypted data can only be read by decrypting it. Asymmetric-key and symmetric-key
are the two primary types of encryption.
Access control
Access control defines rules and policies for limiting access to a system or to physical
or virtual resources. It is a process by which users are granted access and certain
privileges to systems, resources or information. In access control systems, users
need to present credentials before they can be granted access such as a person's
name or a computer's serial number. In physical systems, these credentials may
come in many forms, but credentials that can't be transferred provide the most
security.
Authentication
An authentication is a process that ensures and confirms a user's identity or role that
someone has. It can be done in a number of different ways, but it is usually based on
a combination of-
o something the person has (like a smart card or a radio key for storing secret
keys),
o something the person knows (like a password),
o something the person is (like a human with a fingerprint).

Authentication is the necessity of every organizations because it enables
organizations to keep their networks secure by permitting only authenticated users to
access its protected resources. These resources may include computer systems,
networks, databases, websites and other network-based applications or services.
Authorization
Authorization is a security mechanism which gives permission to do or have

something. It is used to determine a person or system is allowed access to resources,
based on an access control policy, including computer programs, files, services, data
and application features. It is normally preceded by authentication for user identity
verification. System administrators are typically assigned permission levels covering
all system and user resources. During authorization, a system verifies an
authenticated user's access rules and either grants or refuses resource access.
Physical Security
Physical security describes measures designed to deny the unauthorized access of IT

assets like facilities, equipment, personnel, resources and other properties from
damage. It protects these assets from physical threats including theft, vandalism, fire
and natural disasters.
2. Integrity
Integrity refers to the methods for ensuring that data is real, accurate and
safeguarded from unauthorized user modification. It is the property that information
has not be altered in an unauthorized way, and that source of the information is
genuine.
Tools for Integrity

Backups
Backup is the periodic archiving of data. It is a process of making copies of data or

data files to use in the event when the original data or data files are lost or destroyed.
It is also used to make copies for historical purposes, such as for longitudinal studies,
statistics or for historical records or to meet the requirements of a data retention
policy. Many applications especially in a Windows environment, produce backup files
using the .BAK file extension.
Checksums
A checksum is a numerical value used to verify the integrity of a file or a data

transfer. In other words, it is the computation of a function that maps the contents of a
file to a numerical value. They are typically used to compare two sets of data to make
sure that they are the same. A checksum function depends on the entire contents of a
file. It is designed in a way that even a small change to the input file (such as flipping
a single bit) likely to results in different output value.
Data Correcting Codes
It is a method for storing data in such a way that small changes can be easily
detected and automatically corrected.
3. Availability
Availability is the property in which information is accessible and modifiable in a

timely fashion by those authorized to do so. It is the guarantee of reliable and
constant access to our sensitive data by authorized people.
Tools for Availability
o Physical Protections
o Computational Redundancies
Physical Protections
Physical safeguard means to keep information available even in the event of physical
challenges. It ensure sensitive information and critical information technology are
housed in secure areas.
Computational redundancies
It is applied as fault tolerant against accidental faults. It protects computers and
storage devices that serve as fallbacks in the case of failures.
E-commerce security:
Security is an essential part of any transaction that takes place over the internet.
Customers will lose his/her faith in e-business if its security is compromised. Following
are the essential requirements for safe e-payments/transactions −
 Confidentiality − Information should not be accessible to an unauthorized
person. It should not be intercepted during the transmission.
 Integrity − Information should not be altered during its transmission over the
network.
 Availability − Information should be available wherever and whenever required
within a time limit specified.
 Authenticity − There should be a mechanism to authenticate a user before
giving him/her an access to the required information.
 Non-Repudiability − It is the protection against the denial of order or denial of
payment. Once a sender sends a message, the sender should not be able to
deny sending the message. Similarly, the recipient of message should not be
able to deny the receipt.
 Encryption − Information should be encrypted and decrypted only by an
authorized user.
 Auditability − Data should be recorded in such a way that it can be audited for
integrity requirements.
Measures to ensure Security
Major security measures are following −
 Encryption − It is a very effective and practical way to safeguard the data being
transmitted over the network. Sender of the information encrypts the data using
a secret code and only the specified receiver can decrypt the data using the
same or a different secret code.
 Digital Signature − Digital signature ensures the authenticity of the information.
A digital signature is an e-signature authenticated through encryption and
password.
 Security Certificates − Security certificate is a unique digital id used to verify
the identity of an individual website or user.
Security Protocols in Internet
We will discuss here some of the popular protocols used over the internet to ensure
secured online transactions.
Secure Socket Layer (SSL)
It is the most commonly used protocol and is widely used across the industry. It meets
following security requirements −
 Authentication
 Encryption
 Integrity
 Non-reputability
"https://" is to be used for HTTP urls with SSL, where as "http:/" is to be used for HTTP
urls without SSL.
Secure Hypertext Transfer Protocol (SHTTP)
SHTTP extends the HTTP internet protocol with public key encryption, authentication,
and digital signature over the internet. Secure HTTP supports multiple security
mechanism, providing security to the end-users. SHTTP works by negotiating
encryption scheme types used between the client and the server.
Secure Electronic Transaction
It is a secure protocol developed by MasterCard and Visa in collaboration.

Theoretically, it is the best security protocol. It has the following components −
 Card Holder's Digital Wallet Software − Digital Wallet allows the card holder to
make secure purchases online via point and click interface.
 Merchant Software − This software helps merchants to communicate with
potential customers and financial institutions in a secure manner.
 Payment Gateway Server Software − Payment gateway provides automatic
and standard payment process. It supports the process for merchant's certificate
request.
 Certificate Authority Software − This software is used by financial institutions
to issue digital certificates to card holders and merchants, and to enable them to
register their account agreements for secure electronic commerce.
Computer Forensics:
Forensics is the process of using scientific knowledge for collecting, analyzing, and
presenting evidence to the courts. Forensics deals primarily with the recovery and
analysis of latent evidence. Latent evidence can take many forms, from fingerprints left
on a window to DNA evidence recovered from blood stains to the files on a hard drive.
computer forensics as the discipline that combines elements of law and computer
science to collect and analyze data from computer systems, networks, wireless
communications, and storage devices.
• Why is Computer Forensics Important?

• computer forensics will help you ensure the overall integrity and survivability of
your network infrastructure. You can help your organization if you consider
computer forensics as a new basic element in what is known as a “defense-in-
depth”. To understanding the legal and technical aspects of computer forensics
will help you capture vital information if your network is compromised and will
help you prosecute the case if the intruder is caught.
• Two basic types of data are collected in computer forensics.

• Persistent data is the data that is stored on a local hard drive and is preserved
when the computer is turned off.
• Volatile data is any data that is stored in memory, or exists in transit, that will
be lost when the computer loses power or is turned off. Volatile data resides in
registries, cache, and random access memory (RAM). Since volatile data is
ephemeral, it is essential an investigator knows reliable ways to capture it
Digital Forensics life cycle:
Digital Forensics in Information Security
Digital Forensics is a branch of forensic science which includes the identification,

collection, analysis and reporting any valuable digital information in the digital devices
related to the computer crimes, as a part of the investigation.
In simple words, Digital Forensics is the process of identifying, preserving, analyzing

and presenting digital evidences. The first computer crimes were recognized in the
1978 Florida computers act and after this, the field of digital forensics grew pretty fast
in the late 1980-90’s. It includes the area of analysis like storage media, hardware,
operating system, network and applications.
It consists of 5 steps at high level:

1. Identification of evidence:
It includes of identifying evidences related to the digital crime in storage media,
hardware, operating system, network and/or applications. It is the most important
and basic step.
2. Collection:
It includes preserving the digital evidences identified in the first step so that they
doesn’t degrade to vanish with time. Preserving the digital evidences is very
important and crucial.
3. Analysis:
It includes analyzing the collected digital evidences of the committed computer
crime in order to trace the criminal and possible path used to breach into the
system.
4. Documentation:
It includes the proper documentation of the whole digital investigation, digital
evidences, loop holes of the attacked system etc. so that the case can be
studied and analysed in future also and can be presented in the court in a proper
format.
5. Presentation:
It includes the presentation of all the digital evidences and documentation in the
court in order to prove the digital crime committed and identify the criminal.
Branches of Digital Forensics:
 Media forensics:
It is the branch of digital forensics which includes identification, collection,
analysis and presentation of audio, video and image evidences during the
investigation process.
 Cyber forensics:
analysis and presentation of digital evidences during the investigation of a cyber
crime.
 Mobile forensics:
analysis and presentation of digital evidences during the investigation of a crime
committed through a mobile device like mobile phones, GPS device, tablet,
laptop.
 Sofware forensics:
analysis and presentation of digital evidences during the investigation of a crime
related to softwares only.
Ch – 3 Phishing and Identity Theft
• Phishing is a type of social engineering attack often used to steal

user data, including login credentials and credit card numbers.
• It occurs when an attacker, masquerading as a trusted entity,

dupes a victim into opening an email, instant message, or text
message. In addition to stealing personal and financial data
• It can also infect systems with viruses.
Methodology of Phishers:
• Planning
• Identify the victim
• Setup
• Decide the method/medium(Most probably email)
• Attack
• Make the phishing attack (For example : send the fake
email)
• Collection
• Collect the data arrived from phishing attack
• Identity Theft and Fraud
• Use the collected information for the illegal activity
Emails : a popular medium for phishing
• Free
• Easy to get the victim’s email id(s).
• No trace back
• Types of email attacks :
• Spam Emails
• Hoax Emails (Example: an email hoax may be a bogus
warning about a non-existent security threat or virus.)
Most frequent methods used by Phishers:

Dragnet
Use of Spam emails bearing falsified corporate identification
Don’t identify the victims in advance
False information in email to trigger an immediate response by victims.
 Road-and-reel
Identify victims in advance
Convey false information to victims to prompt their disclosure of personal and
financial data.
For example, advertising an item with big discount that the victim is searching for.
 Lobsterpot
Use of spoofed websites.
Website name is similar to a legitimate corporate one.
Also known as content injection phishing
 Gillnet
Phishers introduce malicious code into emails or websites.
This malicious code helps attacker to theft user’s personal and financial
information.
For example, the malicious code may change hosts.txt file in user’s system to
redirect him to a fake website
Phishing techniques:
• URL manipulation: use of

url spoofing (for example G00GLE.com, SBl.com)
• Filter evasion : It uses graphics instead of text to bypass the anti-Phishing
filters.
• Website Forgery : The attacker tricks to alter the website address
entered by the netizens in the address bar and redirect them to his own
designed fake website.
• Flash Phishing : Use of flash, because it is not detected by anti-phishing
tools.
• Social Phishing : Use of Social engineering. For example, a spoofed email
such as it has been asked by the bank to reset the credentials, or a message
by dear one to ask for password or a fake call to ask for OTP.
• Phone Phishing : Create a fake caller ID such as it appears from a legitimate
organization and then collect the data from user.
Spear phishing:
• Sending a Phishing message to a particular organization to gain
organizational information for more targeted social engineering.
• Example sending emails to employees from Reliance industry, gain the
information and use this information to make social phishing attacks on the
customers of Reliance.
• Whaling : Special form of Spear Phishing;
• Targets executives from top management.
• Attempts to retrieve confidential information
Not all phishing scams embrace “spray and pray” techniques. Some ruses rely more on
a personal touch. They do so because they wouldn’t be successful otherwise.
Enter spear phishing schemes.
In this type of ploy, fraudsters customize their attack emails with the target’s name,
position, company, work phone number and other information in an attempt to trick the
recipient into believing that they have a connection with the sender. Yet the goal is the
same as deceptive phishing: trick the victim into clicking on a malicious URL or email
attachment so that they’ll hand over their personal data. Given the amount of
information needed to craft a convincing attack attempt, it’s no surprise that spear-
phishing is commonplace on social media sites like LinkedIn where attackers can use
multiple data sources to craft a targeted attack email.
Techniques Used in Spear Phishing
Provided below are some of the most common techniques used in spear phishing
attacks:
 Housing malicious documents on cloud services: CSO Online reported that

digital attackers are increasingly housing their malicious documents on Dropbox,
Box, Google Drive and other cloud services. By default, IT is not likely to block
these services, which means the organization’s email filters won’t flag the
weaponized docs.
 Compromise tokens: The security news platform also noted that digital
criminals are attempting to compromise API tokens or session tokens. Success
in this regard would enable them to steal access to an email account, SharePoint
site or other resource.
 Gather out-of-office notifications: Attackers need lots of intelligence in order
send a convincing spear-phishing campaign. Per Trend Micro, one way they can
do that is by emailing employees en masse and gathering out-of-office
notifications to learn the format of the email addresses used by internal
employees.
 Explore social media: Malicious actors need to learn who’s working at a
targeted company. They can do this by using social media to investigate the
organization’s structure and decide whom they’d like to single out for their
targeted attacks.
Examples of Spear Phishing Attacks

In the beginning of September 2020, Proofpoint revealed that it had detected two spear-
phishing attack campaigns involving China-based APT group TA413. The first took
place in March and targeted European government entities, non-profit research
organizations and global companies associated with economic affairs by tempting
recipients to open the WHO’s “Critical preparedness, readiness and response actions
for COVID-19, Interim guidance” document. The second targeted Tibetan dissidents
with a PowerPoint presentation entitled “TIBETANS BEING HIT BY DEADLY VIRUS
THAT CARRIES A GUN AND SPEAKS CHINESE.ppsx.” Both delivered payloads of a
new infostealer family called Sepulcher.
Less than a week later, Armorblox explained that it had come across a phishing attack
attempt against one of the top 50 innovative companies in the world in 2019. The attack
email used spoofing techniques to trick the recipient that it contained an internal
financial report. The campaign’s attachment subsequently redirected recipients to a fake
Office 365 login page that showed their username pre-entered on the page, thereby
further creating the disguise that the portal was an internal company resource.
How to Defend Against Spear Phishing
To protect against this type of scam, organizations should conduct ongoing employee
security awareness training that, among other things, discourages users from publishing
sensitive personal or corporate information on social media. Companies should also
invest in solutions that analyze inbound emails for known malicious links/email
attachments. This solution should be capable of picking up on indicators for both known
malware and zero-day threats.
Types of phishing scams:
• Deceptive Phishing: Broadcasting emails to reveal the confidential

information such as financial credentials.
• Malware-based Phishing : running malicious codes on netizen’s system.
• Keyloggers : Installing keyloggers on victim’s system.
• Session hijacking : Hijacks the confidential session initiated by the user with
his credentials and make the illegal activities, such as transferring funds
into attacker’s account.
• In-session Phishing : A session (launched by Phisher) detects the presence

of another session going on the same browser (such as banking
transaction), and launches a pop-up window which appears to be a part of
the legitimate session and asks for the credentials.
• Web Trojans : Invisible pop-ups that stills user’s information and transmits
them to the phisher.
• Pharming : Goal to steal online identity of the netizens.
• Host file Poisoning : “Poison” the host file to redirect the netizen’s to
fake website.
• DNS-based phishing : tampering with DNS. Also known as DNS
hijacking.
• Several other scams are there which are made possible using phishing
Distributed Phishing Attacks:
• A large number of fraud web hosts make the phshing attack on a target
victim, and collects only a small amount of information.
• Minimizes the possibility of detection of attacker.
• Phishers launch attacks through thousands of servers using collections of
compromised systems.
Phishing Toolkits and Spy Phishing:

A Phishing toolkit is a set of scripts/programs that allows a phisher to
automatically set up Phishing websites that spoof the legitimate websites
of different brands including the graphics (i.e., images and logos) displayed
on these websites. Phishing toolkits are developed by groups or individuals
and are sold in the underground economy. These sophisticated kits are
typically difficult to obtain, are quite expensive, and are more likely to be
purchased and used by well-organized groups of phishers, rather than
average users.
Phishers use hypertext preprocessor (PHP) to develop the Phishing kits.
PHP is a general purpose scripting language that was originally designed for
web development of dynamic webpages. PHP code is embedded into the
HTML source script and interpreted by a web server with the help of a PHP
processor module.
Most of the Phishing kits are advertised and distributed at no charge and
usually these Phisking kits- also called DIY (Do It Yourself) Phishing kits- may
hide backdoors through which the phished information is sent to recipients
(may be to the authors of Phishing kits) other than the intended users.
Following are few examples of such toolkits:
1. Rock Phish: It is a Phishing toolkit popular in the hacking community

since 2005.2005. It allows non-techies to launch Phishing attacks. The
kit allows a single website with multiple DNS names to host a variety
of phished webpages, covering numerous organizations and
institutes.
2. Xrenoder Trojan Spyware: It resets the homepage and/or the search

settings to point to other websites usually for commercial purposes or porn
traffic.
3. Cpanel Google: It is a Trojan Spyware that modifies the DNS entry in the
host's file to point to its own website. If Google gets redirected to its
website, a netizen may end up having a version of a website prepared by
the phisher.
Phishing Countermeasure:
The Internet is full of articles for how to tell if an email is phishing but there seems to
be a lack of concise checklists how to prepare an organization against phishing
attacks, so here you go.
Because phishing attacks humans and systems alike, the defense should also cover
both aspects. None of the following steps is bullet proof, so layering your defenses is
important – and having an incident response plan in case someone does get through.
Here are my recommendations on how to defend against phishing attacks:
1. Filter emails for phishing threats
It's important that you filter your emails for malicious URLs and attachments to
prevent phishing emails making it to your users in the first place. Sandboxing can
detect a lot of the malware in emails, but make sure that you have a follow up plan in
place if you're deploying this technology in detection rather than blocking mode –
otherwise the malware is still live on your systems. Use security analytics to filter out
malicious URLs. Rapid7 UserInsight uses threat feeds to detect known malicious
URLs and security analytics to alert on unknown ones. It also integrates with
sandboxing solutions, such as FireEye NX Series and PaloAlto WildFire, to enable
quick and easy incident investigation of malware alerts.
2. Update client-side operating systems, software, and plug-ins
Some phishing emails include URLs to exploit vulnerabilities in the browsers and its
plug-ins, such as Flash and Java; others send file attachments that try to exploit
applications like Adobe Acrobat or Microsoft Office. That's why it's important to patch
vulnerabilities on your endpoints as well. Many organizations already have a
vulnerability management program in place but only scan servers. Make sure you
extend coverage to your endpoints and patch operating systems, software, and plug-
ins. This not only protects you from phishing emails but also drive-by attacks. Rapid7
Nexpose can help you manage vulnerabilities on your endpoints, and much more.
3. Harden Your Clients

Lock down your clients as much as possible. This includes things like not making
your users local administrators and deploying mitigation tools like Microsoft EMET
(check out this Whiteboard Wednesday on EMET on how to deploy this free
tool). Rapid7 Nexpose Ultimate includes Controls Effectiveness Testing, which helps
you scan your clients and guides you through the steps to harden them against
phishing and other attacks.
4. Block Internet-bound SMB and Kerberos traffic
One of our penetration testing team's favorites is to use an SMB authentication

attack. In this scenario, the attacker sets up an SMB service on the Internet and
sends a phishing email with a URL or Word document that references an image
through file:// rather than http://. This tricks the computer to authenticate with the
domain credentials to the SMB service, providing the attacker with a user name and
password hash. The hash can then be cracked or used in pass the hash attacks. To
defend against SMB and Kerberos attacks, you should block TCP ports 88, 135, 139,
445 and UDP ports 88, 137, 138 for non-RFC 1918 IP addresses, both on the
perimeter and the host-based firewalls. You'll want to have a process in place to
detect compromised credentials, for example Rapid7 UserInsight, which leads us to
the next item on our checklist.
5. Detect malware on endpoints
Many phishing attacks involve malware that steal your data or passwords. You should
have technology in place to detect malware on the endpoint. Regular anti-virus is
great for catching commodity malware, which is likely the bulk of what you will see
used against you. There are also many new endpoint detection vendors out there that
have great alternative technologies. Rapid7 UserInsight uses its agentless endpoint
monitor to collect process hashes from all machines on your network to highlight
known malicious processes based on the output of 57 anti-virus scanners; it also
looks for rare/unique unsigned processes that may indicate malware.
6. Detect compromised credentials and lateral movement
Even with all of these protections in place, your users may still fall prey to credential
harvesting attacks. A common phishing attack is leading users to a fake Outlook Web
Access page and asking them to enter their domain credentials to log on, but there
are many variations. Once the attackers have the passwords, they can impersonate
users. Rapid7 UserInsight can detect compromised credentials, both on your network
and in cloud services, such as Office 365, Salesforce.com and Box.com. It detects
lateral movement to other users, assets, or to the cloud, so you'll be able to trace
intruders even if they break out of the context of the originally compromised user.
7. Implement 2-factor authentication
Add 2-factor authentication (2FA) to any externally-facing system to stop attackers

from using stolen passwords. While Rapid7 doesn't offer a solution in this space,
check out our partners Okta and Duo Security. All systems protected with Okta
(Rapid7/Okto Integration Brief) or Duo Security can be monitored with Rapid7
UserInsight to help detect any attempts to use compromised credentials.
8. Enable SPF and DKIM
There are two standards that help determine if an email actually came from the
sender domain it claims to detect email spoofing. The first one is the Sender Policy
Framework (SPF), which adds an list to your DNS records that includes all servers
that are authorized to send mail on your behalf. The second standard is DomainKeys
Identified Mail (DKIM), which is a way for an email server to digitally sign all outgoin g
mail, proving that an email came from a specific domain and was not altered during
transportation. Together, they raise the confidence in the authenticity of the sender
and email content by the recipient. To help improve security hygiene, check that your
systems have both SPF and DKIM enabled on your outgoing email. For incoming
email, you should check if a the sender domain has SPF set up and the email came
from an authorized server, and that DKIM signed emails have not been tampered
with. While these protections are not bullet proof against targeted attacks that register
look-alike domains, they can help filter out a lot of mass phishing.
9. Train your employees on security awareness
While even educated users won't catch everything, they are worth investing in. Train
your users about how to detect phishing emails and send them simulated phishing
campaigns to test their knowledge. Use the carrot, not the stick: Offer prizes for those
that detect phishing emails to create a positive security-aware culture – and extend
the bounty from simulated to real phishing emails. Whenever you see new phishing
emails targeting your company, alert your employees about them using sample
screenshots of the emails with phishy features highlighted. Encourage your users to
use secure browsers – I put Google Chrome (64-bit version) on the top of my list for
security and usability. Here at Rapid7, we offer Security Awareness Trainings; you
can also send phishing simulations with Rapid7 Metasploit Pro that track click-
throughs so you can report on user awareness.
10. Have an incident response plan
Even if you put all of these protections in place, some phishing emails will get
through, especially if they are targeted against your organization and tailored to the
individual. It's not whether these emails will get through but how well you are
prepared to respond to intruders on the network. Rapid7 UserInsight enables you to
detect compromised users and investigate intruders that entered the network through
a phishing attack. This helps you shorten your time-to-detection and time-to-contain,
reducing the impact of a phishing attack on your organization. In addition, Rapid7
offers incident response services and can help you develop an incident response
program.
While these areas cover the most important counter-phishing measures, I'd love to
hear if you've implemented anything else that you found to be effective - just post
your experience in the comments section.
Identity Theft:
Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces
of personally identifiable information (PII), such as Social Security or driver's license numbers,
to impersonate someone else.
The taken information can be used to run up debt purchasing credit, goods and services in the
name of the victim or to provide the thief with false credentials. In rare cases, an imposter
might provide false identification to police, creating a criminal record or leaving outstanding
arrest warrants for the person whose identity has been stolen.
Types of identity theft
Identity theft is categorized in two ways: true name and account takeover. True-name identity
theft means the thief uses personal information to open new accounts. The thief might open a
new credit card account, establish cellular phone service or open a new checking account to
obtain blank checks.
Account-takeover identity theft is when the imposter uses personal information to gain access
to the person's existing accounts. Typically, the thief will change the mailing address on an
account and run up a huge bill before the victim realizes there is a problem. The internet has
made it easier for identity thieves to use the information they've stolen since transactions can
be made without any personal interaction.
There are many different examples of identity theft, including:
 Financial identity theft. This is the most common type of identity theft. Financial identity
theft seeks economic benefits by using a stolen identity.
 Tax-related identity theft. In this type of exploit, the criminal files a false tax return with the
Internal Revenue Service (IRS). Done by using a stolen Social Security number.
 Medical identity theft. Where, the thief steals information like health insurance member
numbers, to receive medical services. The victim's health insurance provider may get the
fraudulent bills. This will be reflected in the victim's account as services they received.
 Criminal identity theft. In this example, a person under arrest gives stolen identity
information to the police. Criminals sometimes back this up with a containing stolen
credentials. If this type of exploit is successful, the victim is charged instead of the thief.
 Child identity theft. In this exploit, a child's Social Security number is misused to apply for
government benefits, opening bank accounts and other services. Children's information is
often sought after by criminals because the damage may go unnoticed for a long time.
 Senior identity theft. This type of exploit targets people over the age of 60. Because senior
citizens are often identified as theft targets, it is especially important for this seniors to stay
on top of the evolving methods thieves use to steal information.
 Identity cloning for concealment. In this type of exploit, a thief impersonates someone else
in order to hide from law enforcement or creditors. Because this type isn't explicitly
financially motivated, it's harder to track, and there often isn't a paper trail for law
enforcement to follow.
 Synthetic identity theft. In this type of exploit, a thief partially or completely fabricates an
identity by combining different pieces of PII from different sources. For example, the thief
may combine one stolen Social Security number with an unrelated birthdate. Usually, this
type of theft is difficult to track because the activities of the thief are recorded files that do
not belong to a real person.
Identity theft techniques
Although an identity thief might hack into a database to obtain personal information, experts
say it's more likely the thief will obtain information by using social engineering techniques.
These techniques includes the following:
 Mail theft. This is stealing credit card bills and junk mail directly from a victim's mailbox or
from public mailboxes on the street.
 Dumpster diving. Retrieving personal paperwork and discarded mail from trash dumpsters is
an easy way for an identity thief to get information. Recipients of preapproved credit card
applications often discard them without shredding them first, which greatly increases the
risk of credit card theft.
 Shoulder surfing. This happens when the thief gleans information as the victim fills out
personal information on a form, enter a passcode on a keypad or provide a credit card
number over the telephone.
 Phishing. This involves using email to trick people into offering up their personal
information. Phishing emails may contain attachments bearing malware designed to steal
personal data or links to fraudulent websites where people are prompted to enter their
information.
Ch – 4 Security Threats and Vulnerabilities
Threats:
• The people eager, willing and qualified to take an advantage of each
security vulnerability, and continually search for new exploits and
weaknesses.
• Threats can be many like software attacks, theft of intellectual property,
identity theft, theft of information and information extortion.
• Software attacks means attack by Viruses, Worms, Trojan Horses etc.
• Malware means malicious software that is program code or a malicious
operations on system.
• Four main classes of threats:
• Structured Threats: technical person who is trying to access to your
network
• Unstructured Threats non-technical person trying to access to your
network
• Internal Threats form inside your network
• External Threats from outside your network
• Malware can be divided in 2 categories:
• Infection Methods:
• Virus replicate by hooking them to the program on the host
computer. e.g. File Virus, Macro Virus, Boot sector Virus.
• Worms are self replicating but it don’t hook to the program on
host computer. e.g. slowing down the computer.
• Trojan their purpose is executed their task of either stealing
information or steal your valuable data without your
knowledge and permission. e.g. FTP Trojans, Proxy Trojans etc.
• Bots they are automated processes that are designed to
interact over the internet without the need of human
interaction.
• Malware Actions:
• Adware they display ads on computer’s or inside individual
programs. They monitor your interests and display relevant
ads. An attacker can embed malicious code inside the software
and adware can monitor user’s system activities.
• Spyware is a program or software that monitors user’s
activities on computer. e.g. Keylogger
• Ransomware is encrypt user’s file or will lock your computer.
e.g. ransom in exchange.
• Scareware a tool or software is executed it will infect your
system or completely destroy.
• Theft of intellectual property means copyrights, patents etc.
• Identity theft like accessing the computer or social media account of
a person by login into the account. e.g. login credentials.
• Some of these are new generation threats
• Technology with weak security like very few devices are fully
secured and follows information security principles.
• Social media attacks it identify that to steal persons information's.
• Mobile Malware e.g. user to download a game or any unknown
application from internet then unintentionally user will install
malware or virus in the device.
• Outdated security software updation in security software.
• Social engineering
• Cyber crime – Mobile security Threats

 Types of mobile security Threats:
 Web-Based Threats happen when people visit sites
 Phishing through links are sent through messages,
emails, or any social media platforms.
 Forced Downloads drive-by downloads
 Physical Threats physically tries to access your device
 No Password Protection
 Encryption
 Network-Based Threats cybercriminal can steal unencrypted
data while people use public WiFi network
 Public WiFi in public provided with public open WiFi
 Network Exploits weakness in the OS in user’s mobile
device
 Types of mobile security Threats:
 Application-Based Threats designed to carry malicious
activities.
 Malware unwanted messages to recipients
 Spyware software used to collect specific information
• Steps to prevent from Mobile Security Threats
 Application it should be encrypt data transfer
 Update your device software regularly
 Unique passwords
 Do not allow forced downloads from brower
 Stop sharing of network
 Do not add or upload your data to public servers
Attacks:
• Hackers
• Crackers
• Phreakers
Palnning of attack:
Reconnaissance:
• Reconnaissance (Information Gathering)
• Scanning and Scrutinizing the Gathered Information
• Launching an attack
• Passive
– Googling
– Network Sniffing
– Several other tools (eMailTrackerPro, Traceroute, VisualRoute Trace)
• Active
– Arphound (Gives IP-MAC pair lists, and other network event
information)
– Dsniff (Network auditing tool to capture username, password and
authentication information on a local subnet)
Scanning and Scrutinizing the gathered Information:
• Port Scanning
• Network Scanning
• Vulnerability Scanning
Attacks- 5 steps:
• Crack the password
• Exploit the privileges
• Execute the malicious commands/applications
• Hide the files (if required)
• Cover the tracks
Social Engineering:
• Technique to influence and persuasion to deceive people to obtain the
information or perform some action.
• Human-based Social Engineering
• Computer-based Social Engineering
– Fake emails
– Email attachements
– Pop-up Windows
Attack Vector:
• Path or means by which an attacker can gain access to a computer or to a
network server to deliver a payload or malicious outcome.
• Viruses, worms, Trojan Horse, botnet etc.
Hacking Techniques:
A commonly used hacking definition is the act of compromising digital devices and
networks through unauthorized access to an account or computer system. Hacking is
not always a malicious act, but it is most commonly associated with illegal activity and
data theft by cyber criminals.
Hacking refers to the misuse of devices like computers, smartphones, tablets, and
networks to cause damage to or corrupt systems, gather information on users, steal
data and documents, or disrupt data-related activity.
A traditional view of hackers is a lone rogue programmer who is highly skilled in coding
and modifying computer software and hardware systems. But this narrow view does not
cover the true technical nature of hacking. Hackers are increasingly growing in
sophistication, using stealthy attack methods designed to go completely unnoticed by
cybersecurity software and IT teams. They are also highly skilled in creating attack
vectors that trick users into opening malicious attachments or links and freely giving up
their sensitive personal data.
As a result, modern-day hacking involves far more than just an angry kid in their
bedroom. It is a multibillion-dollar industry with extremely sophisticated and successful
techniques.
• Types of Hackers
 White Hat: Hackers who is authorized or the certified hackers who
work for the government and organizations .
 Black Hat: Hackers who is trying to unauthorized access of your
system or data
 Gray Hat: Hackers are not legally authorized hackers, they work for
both good and bad intentions
• Some common Hacking Techniques

 Bait and Switch through advertisement on website’s page, after
clicking it redirected to malicious web-page.
 Virus, Trojan and other Spyware malicious code that installs it on the
victim’s computer
 Cookie Theft different websites store cookies in your browser, that
includes our search history, some account passwords.
 Denial of Service flooding the network with huge amount of data
packets to system down.
 Keylogger these log files can contain some useful data that may be
account information and different passoword.
Insecure Network connection:

Insecure Network Connections
 An unsecure network most often refers to a free Wi-Fi network, like at a
coffeehouse or retail store. It means there's no special login or screening
process to get on the network, which means you and anyone else can use it
means the Wi-Fi is open to anyone.
How to Secure Network Connections
 Monitor Firewall performance
 Update passwords
 Anti-Virus Software
 Through VPN
Ch-5 Privacy Control Concept

Ch-1 Introduction To Cyber Crime

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Ch-1 Introduction To Cyber Crime

Uploaded by

Copyright:

Available Formats

Ch-1 Introduction to Cyber Crime

Cyber Crime and Information Security:

Cybercrime causes loss of billions of USD every year.

Let us now discuss the major types of cybercrime −

Mass surveillance means surveillance of a substantial fraction of a group of people by the

Illegal possession of money by an individual or an organization is known as money laundering. It

Normally, when someone hacks government’s security system or intimidates government or

Likewise, cyber security is a well-designed technique to protect computers, networks, different

The three major components of an email are:

 The sender address

Here’s an example forged email:

How to Protect from Email Spoofing

Obviously not gmail.com, but still enough people click

Types of Identity Theft

• Financial Identity Theft

• Monitor the personal belongings frequently and take care.

Internet time Theft:

Theft of intellectual property

The crime of identity theft consists of two steps:

 Wrongful collection of personal identity of an individual

 Section 43 If any person without permission of the owner damages to computer,

Cyber Security and Credit Card Fraud

Software Piracy Regulation

End-User License Agreement

Types of Software Piracy

Hard disk loading

The Dangers of Software Piracy

Consequences of software piracy are:

 Increased chances that the software will malfunction or fail

What Documents are Commonly Forged?

 Identification documents like drivers licenses or passports

What are the Penalties for Forgery?

 First Degree Forgery: currency (also known as counterfeiting), stamps,

Are There Any Defenses to Forgery?

Do I Need an Attorney If I Am Facing Charges for Forgery?

Suggestions to prevent loss from Online Fraud :

• Keeping anti-virus and firewall software up to date.

• Computer Security- collection of tools design to protect and to

• Network Security- protect data during their transmission

• Internet Security- protect data during their transmission over a

• Information security- is not only about securing information from

Basic Security Concepts :

Information can be corrupted when it is available on an insecure network. When information is

• the information will be available when they need it

In addition, information assurance extends to systems of all kinds, including large-scale

Information security Goals:

The objective of Cybersecurity is to protect information from being stolen,

1. Protect the confidentiality of data.

2. Preserve the integrity of data.

3. Promote the availability of data for authorized users.

Confidentiality is roughly equivalent to privacy and avoids the unauthorized disclosure

Tools for Confidentiality

Encryption is a method of transforming information to make it unreadable for

o something the person knows (like a password),

o something the person is (like a human with a fingerprint).

Authorization is a security mechanism which gives permission to do or have

Physical security describes measures designed to deny the unauthorized access of IT

Tools for Integrity

Backup is the periodic archiving of data. It is a process of making copies of data or

A checksum is a numerical value used to verify the integrity of a file or a data

Data Correcting Codes

Availability is the property in which information is accessible and modifiable in a

Tools for Availability