Professional Documents
Culture Documents
TRAINING
MANUAL
SOLUTIONS TO CYBERCRIME
What is Internet
The internet is the largest computer network in the world, connecting millions of computers. A
network is a group of two or more computer system connected together to share resources.
The World Wide Web (www) is a virtual network of websites connected by hyperlinks (or links).
Websites are stored on servers on the internet.
Search Engines
A search engine is just a website such as www.google.comthat stores searchable data about other
websites.
How to create email
To create an email address, you should follow these steps:
- Open your browser (opera, firefox, Crome)
- Type www.gmail.com
- Click sign up
- Fill in your details appropriately
- Enter the code sent to your phone number in its appropriate space and submit.
WHAT IS HACKING?
Hacking is the act of finding possible entry points that exists in a computer system and finally
entering into them.
Hacking is usually done to gain unauthorized access to a computer network, either to harm the
system or to steal sensitive information available on the computer.
There are four things a hacker normally targets;
1. Person
2. Emails
3. Website
4. Web Server
Types of hackers
White Hats: These are the ethical hackers, hired by a customer for the specific goal of testing
and improving security or for other defensive purposes. White hats are well respected and don‘t
use their knowledge and skills without prior consent. White hats are also known as security
analysts.
Black Hats: These are the crackers, illegally using their skills for either personal gain or
malicious intent. They seek to steal (copy) or destroy data and to deny access to resources and
systems. Black hats do not ask for permission or consent before intruding systems or network.
Gray Hats: The hardest group to categorize, these hackers are neither good nor bad. Generally
speaking, there are two subsets of gray hats—those who are simply curious about hacking tools
and techniques and those who feel like it‘s their duty, with or without customer permission, to
demonstrate security flaws in systems. In either case, hacking without a customer‘s explicit
permission and direction is usually a crime.
Foot printing is the process of well knowing the target, digging details, and gathering
information about the target
In this method of information gathering, information is gathered directly. e.g. by phone call
In this method, information is gathered using third party e.g. Search Engines.
1. www.proxysite.com
2. www.whois.com
3. www.netcraft.com
4. www.builtwith.com
5. www.yougetsignal.com
SCANNING
Scanning is the process of finding the vulnerabilities present in a computer network. It is an
advanced form of information gathering. Through scanning we can know the available open port
or services.
PACKET SNIFFERS
A sniffer is a software utility which can ―eavesdrop‖ on a network and capture traffic for
analysis. It does not modify the original packets. Instead it makes copies of the packets that it
MALWARES
Malware is any code that can be used to steal data, bypass access controls, or cause harm to, or
compromise a system. Below are a few common types of malware:
Spyware – This malware is design to track and spy on the user. Spyware often includes activity
trackers, keystroke collection, and data capture. In an attempt to overcome security measures,
spyware often modifies security settings. Spyware often bundles itself with legitimate software
or with Trojan horses.
Bot – From the word robot, a bot is malware designed to automatically perform action, usually
online. While most bots are harmless, one increasing use of malicious bots are botnets. Several
computers are infected with bots which are programmed to quietly wait for commands provided
by the attacker.
Scareware – This is a type of malware designed to persuade the user to take a specific action
based on fear. Scareware forges pop-up windows that resemble operating system dialogue
windows. These windows convey forged messages stating the system is at risk or needs the
execution of a specific program to return to normal operation. In reality, no problems were
assessed or detected and if the user agrees and clears the mentioned program to execute, his or
her system will be infected with malware.
Rootkit – This malware is designed to modify the operating system to create a backdoor.
Attackers then use the backdoor to access the computer remotely. Most rootkits take advantage
of software vulnerabilities to perform privilege escalation and modify system files. It is also
common for rootkits to modify system forensics and monitoring tools, making them very hard to
detect. Often, a computer infected by a rootkit must be wiped and reinstalled.
Trojan Horse-it‘s a kind of malicious program that hides itself inside a legitimate or useful
application. It is configured by the hacker to give unauthorized backdoor access to the victim
computer, via which a hacker can control the computer. Examples are netbus, subseven, beast,
Njrat etc .
Virus-A virus is a popular malware which is well known and one of the most widely discussed
topic in the field of computer security. A virus is a destructive computer program that is designed
to take control of the infected computers and harm the operating system‘s files, user data files or
degrade computer performance. Some well-known virus construction toolkits are JPS virus
maker, terabit virus maker, necro virus maker, poison virus maker, prorat virus maker tool etc.
Keyloggers-is a malicious code used to monitor a computer system remotely to steal vital
information like password and key strokes. One of the most popular tools for keyloggers is KGB
Employee Monitor. It is applications which monitor employees or remote computers in real time
with a centralized, computer-based surveillance system.
PHISHING
Phishing is when a malicious party sends a fraudulent email disguised as being from a legitimate,
trusted source. The message intent is to trick the recipient into installing malware on their device,
or into sharing personal or financial information. An example of phishing is an email forged to
look like it was sent by a retail store asking the user to click a link to claim a prize. The link may
go to a fake site asking for personal information, or it may install a virus.
RANSOMWARE
This malware is designed to hold a computer system or the data it contains captive until a
payment is made. Ransomware usually works by encrypting data in the computer with a key
unknown to the user. Some other versions of ransomware can take advantage of specific system
vulnerabilities to lock down the system. Ransomware is spread by a downloaded file or some
software vulnerability.
• Gmail: In Gmail, the last account activity feature enables you to get when, how and from
where your account was accessed in the last few sessions.
Scroll to the bottom when you login to your Gmail account and click on the details link below
where it says last account activity. You can also do a lookup on the IP addresses given to you,
using www.whatismyipaddress.com
• Facebook: Facebook allows you to view a history of all logged-in sessions to your account
by clicking on settings-Account setting-security-Active sessions. If you notice any active
sessions that you did not start, you click on the End activity link to remotely log out from it.
It is also recommended that you enable login Notifications on your Facebook account, so that
you receive email and an SMS text message each time someone logs in to your account from a
device that you have not used before. To enable login notification on your account, simply go to
settings> Account settings>security> Login Notifications and enable them.
If you have ever access internet, if you ever been to cafe for browsing, if you ever open links on
internet, chances are that, some malicious attackers might have tried to hack into your Gmail
account at some point in time.
Two factors is a way of adding another extra layer of security on your online accounts apart from
your usernames and passwords.
A good example of two-factor authentication is the withdrawing of money from an ATM; only
the correct combination of a bank card (something the user possesses) and a PIN (something the
user knows) allows the transaction to be carried out.
If you want to make it almost impossible for attackers to hack into your account, then you need
to enable "2-Step verification" on it. This will provide two security layers protecting your Gmail.
The first step will ask you to provide your username & password, the second layer or step will
request for a verification code. To enable 2-step verification on your Gmail account, login to
your Gmail account and then click on your name on the top right corner of the screen, and then
on the account link, to reveal the Accounts setting page for your account. Click on the security
option in the left column of your account settings page. This will open up the security settings
page for your account, which will allow you to manage various setting options related to your
Gmail account. Follow the steps in-there to receive your code. Enter the code on the space
provided and verify your phone number. Other things you can still do on your Gmail are:
•
You probably have more than one online account, and each account should have a unique
password. That is a lot of passwords to remember. However, the consequence of not using strong
and unique passwords leaves you and your data vulnerable to cyber criminals. Using the same
password for all your online accounts is like using the same key for all your locked doors, if an
attacker was to get your key, he would have the ability to access everything you own. If
criminals get your password through phishing for example, they will try to get into your other
online accounts. If you only use one password for all accounts, they can get into all your
accounts, steal or erase all your data, or decide to impersonate you.
The BVN gives each Bank customer a unique identity across the Nigerian Banking industry that
can be used for easy identification and verification at Point of Banking operations.
By diverting your incoming SMS messages, scammers can easily complete the text-based two-
factor authentication checks that protect your most sensitive accounts in financial services, social
networks, webmail services and instant messengers.
While payment methods through mobiles offer a convenience that is hard to debate, Kaspersky
Lab research showed that mobile payments and the banking system are suffering a wave of
attacks – mostly powered by SIM swap fraud – and people are losing their money as a result.
This type of attack is used to not only steal credentials and capture one-time passwords (OTPs)
sent via an SMS, but also to cause financial damage to victims, resetting the accounts on
financial services, allowing the fraudsters access to currency accounts not only in banks but also
in fintechs and credit unions. Fraudsters are also using it as way to steal money using WhatsApp,
loading the messages in a new phone, contacting the victim‘s contacts asking for money,
simulating an emergency situation.
According to the National Fraud Intelligence Bureau, the SIM splitter‘s first step is to access
your personal information. This can be achieved through bank statements, as well as increasingly
through scouring social media profiles.
The hacker then obtains a blank SIM card and rings your mobile phone operator. With your
personal information in hand, they pass the security checks and report your phone stolen.
At this point your SIM is blocked and the hacker activates the ‗new‘ one.
While the victim is left with no service, the hacker is able to access all texts and calls,
including the unique code that the bank sends to access their online system. The
perpetrator has free reign over your account and can transfer your funds wherever they
wish
ATM MANIPULATION
ATM hacking or manipulation is becoming rampant. Gone are the days where a hacker will
approach an ATM machine and stuck down one of the keys with a pin like object, broom or
Encrypting File System (EFS) is a Windows feature that can encrypt data. EFS is directly linked
to a specific user account. Only the user that encrypted the data will be able to access it after it
has been encrypted using EFS. To encrypt data using EFS in all Windows versions, follow these
steps:
Hackers are always trying to take advantage of vulnerabilities in your operating systems and
your web browsers. To protect your computer and your data, set the security settings on your
computer and browser at medium or higher. Update your computer‘s operating system including
your web browsers and regularly download and install the latest software patches and security
updates from the vendors.
1. Your computing devices, whether they are PCs, laptops, tablets, or smart phones, should be
password protected to prevent unauthorized access. The stored information should be
encrypted, especially for sensitive or confidential data. Enable a strong screen lock password
by going to Settings – Location – Screen Lock
2. For mobile devices, only store necessary information, in case these devices are stolen or lost
when you are away from your home. If any one of your devices is compromised, the
criminals may have access to all your data through your cloud-storage service provider, such
as iCloud or Google drive.
3. It is advisable that you never install an app on your android device that has not been
downloaded from the official Android market. You can disable the installation of non-market
apps by going to Settings – Applications Settings – unselect the unknown sources option.
5. On certain android versions you can encrypt all the contents of your phone and SD card so
that none of the data stored on it can be accessed without entering an access password. To
enable this encryption feature, simply press Settings – Security – Encrypt Device
2. Does It Have the Padlock with HTTPS? Did You View the Certificate Details?
HTTPS merely means that the communication channel between you and the server is encrypted
and secure (i.e., an attacker listening in on the network will get garbled encrypted information
that won‘t make sense). HTTPS does not assure that the server you are communicating with will
not steal your data. If the server is itself malicious, the S in ―HTTPS‖ will do very little to ensure
security.
Look at it this way: While it‘s a no brainer that if your browser flags a website as ―not secure,‖
no sensitive information should be entered on the page. But even if the site uses HTTPS, it
doesn‘t automatically guarantee safety. This is why SSL/TLS certificates offer different
validation levels.
To view the digital certificate issued to the website, click on the padlock in the web address bar
and select Certificate if using Google‘s Chrome browser. For Firefox, click on the padlock and
then on the arrow to show connection details. Click on more information and then view
certificate.
If PayPal was writing to you, they would know your name and use proper grammar. They‘re not
going to refer to you as ―member‖ or ―customer.‖ Furthermore, not in a million years would they
threaten to suspend your account forever with a poorly written email, use urgent or threatening
language, or ask you to provide personal or account informatio n.
By just hovering the mouse over the login button, you should be able to see the actual link where
you would get redirected. Remember that once you hit login, it might take you to a site that looks
eerily similar to the original PayPal website. But the moment you enter your credentials, there‘s
a very good chance that your account will get compromised or your account details will be sold.
If the website looks like it was designed by some seven-year-old who is learning to draw, or if it
has glaring grammar issues, chances are that it‘s a malicious website and you should avoid it at
all costs.
Apart from the privacy policy, if you‘re on an e-commerce platform, be sure to read their
shipping and return policies. This is always a great method of telling website a website is legit or
URLs can be manipulated using alphabets that appear similar from other foreign languages such
as the Cyrillic alphabet. The URL can be designed to look a certain way using subdomains, but if
inspected closely, the name of the actual domain is appears right before the TLD. A simple way
to identify whether a URL is a homograph phishing attack is to copy and paste the URL in
another tab. When pasted on the address bar the URL appears as ―https://www.xn--
80ak6aa92e.com/‖ before you hit enter and load the site.
If there are specific websites that you want to block, you can access a specific file called ―hosts‖
in your windows computer. To open the host file on your computer, make sure you are logged in
as Admin, launch the notepad app, click on File-Open and open the following location:
C:\Windows\System32\drives\etc\hosts.
Go to a new line at the bottom of the file and enter the following text:
127.0.0.1 www.websitetoblock.com
127.0.0.1 www.blockme.com
127.0.0.1 www.faceboook.com
A tool that you can use to save you all this difficulty and time consuming task is ―Net Nanny‖ (
www.netnanny.com)
---On your Android phone or tablet, open the google drive app,
---Tap Add (+)
---Tap Upload
---Find and tap the files you want to upload
---View uploaded files in My Drive until you move them
To view all the backup files:
---At the top right, click Menu (the three horizontal lines),
---Click on backups
Data recovery is the process of restoring data that has been lost, accidentally deleted, corrupted
or made inaccessible. In enterprise IT, data recovery refers to the restoration of data to a desktop,
laptop, server or external storage system from a backup.
Below are the best free recovery software available for free: Recuva pro, MiniTool Power Data
Recovery free, Disk Drill, EaseUS Data Recovery Wizard Free, UnDeleteMyFiles Pro
Phishing is a technique used by cybercriminals who try to steal your confidential information by
pretending to be someone you trust. Typically, phishing attacks can be in the following forms:
1. Account upgrade, system maintenance, software crash.
2. SMS text message that seems as if your bank, relatives or friends are trying to get in touch
with you
3. Instant message asking you for confidential details about some online account
1. Your bank or credit company will never ask you your password
2. Before opening a link, move your mouse over it to get some information about it
3. Read the complete URL of a site before opening it. There is difference between
www.gtbaiik.com and www.gtbank.com@nigeria.com Also check the spelling, www. gtbank.
comis not the same with www. gtbenk. com
4. If a link is sent to you and you feel it is a legitimate link, you should avoid using it to login to
any of your accounts. Whenever you want to login to an online account, always open the browser
in a new window, type the website address and then type the username and password to login.
5. Before entering confidential details on a website always check for https instead of http.
6. A simple way to differentiate between a real email and phishing email is to carefully look for
your full name mentioned somewhere in the email. A cybercriminal will hardly know your full
name, so they will use generic salutation to address you (like Sir, Ma, or your email address)
7. Gmail and some other popular site maintains a good database of phishing website, they will
warn you whenever you are attempting to open any of it. You can also check
www.phishtank.com to see the list of phishing websites
8. When you start receiving email or offer from a bank or telecom provider which you did not
open account with, be suspicious and careful with them.
9. Ensure you have anti-phishing software tools available in your computer or phone. McAfee's
"SiteAdvisorLive" is a product that allows you to identify and protect yourself from risky
websites.
10. When buying anti virus ensure you go to the official websites, some free Anti-Virus you
download are actually Virus.
For special and comprehensive training both online and classroom session contact us via
09098477993 / 07064411689 or www.advancedcisconetworks.com.ng