Professional Documents
Culture Documents
Introduction to Cyber Crimes: Cyber Crime can be defined as unlawful acts committed by
using the computer as a tool or as a target or as both. Cyber crimes can involve criminal
activities that are traditional in nature, such as theft, fraud, forgery (copy), defamation (insult)
and mischief, all of which are subject to the Indian Penal Code. The abuse of computers has
also given birth to a gamut (range) of new age crimes that are addressed by the Information
Technology Act, 2000 (introduced on 17th Oct 2000)
Cyber crime can be categorized mainly in two ways:
• Using the Computer as a Target:-using a computer to attack other computers. e.g.
Hacking, Virus/Worm attacks, DOS attack etc.
• Using the computer as a weapon:-using a computer to commit real world crimes. e.g.
Cyber Terrorism, IPR violations, Credit card frauds, EFT frauds, Pornography etc.
Moreover we further categorized as follows:
1. Unauthorized Access:
Access means gaining entry into, instructing or communicating with the logical, arithmetical,
or memory function resources of a computer, computer system or computer network.
Unauthorized access would therefore mean any kind of access without the permission of either
the rightful owner or the person in charge of a computer, computer system or computer
network.
2. Hacking & Cracking:
Every act committed towards breaking into a computer and/or network is hacking. Hackers
write or use ready-made computer programs to attack the target computer. They possess the
desire to destruct and they get the kick out of such destruction. Some hackers hack for personal
monetary gains, such as to stealing the credit card information, transferring money from various
bank accounts to their own account followed by withdrawal of money. Crackers may steal or
modify data or insert viruses or worms which damage the system.
By hacking web server taking control on another person’s website called as web hijacking
3. Cyber Fraud/Online Fraud:
The net is a boon for people to conduct business effectively, very quickly. Net is also an open
invitation to fraudsters and online frauds are becoming increasingly out of control.
1. Spoof websites and email security alerts
Fraudsters create authentic looking websites that are actually nothing but a spoof. The purpose
of these websites is to make the user enter personal information. This information is then used
to access business and bank accounts. If you ever get an email containing an embedded link,
and a request for you to enter secret details, treat it as suspicious. Do not input any sensitive
information that might help provide access to your accounts, even if the page appears
legitimate. No reputable company ever sends emails of this type.
2. Virus hoax emails
It is a sad fact of life that there are those who enjoy exploiting the concerns of others. Many
emailed warnings about viruses are hoaxes, designed purely to cause concern and disrupt
businesses.
These warnings may be genuine, so don't take them lightly, but always check the story out by
visiting an anti-virus site such as McAfee, Sophos or Symantec before taking any action,
including forwarding them to friends and colleagues.
3. Lottery Frauds
These are letters or emails, which inform the recipient that he/ she has won a prize in a lottery.
To get the money, the recipient has to reply. After which another mail is received asking for
bank details so that the money can be directly transferred. The email also asks for a processing
fee/ handling fee. Of course, the money is never transferred in this case, the processing fee is
swindled and the banking details are used for other frauds and scams.
4. Spoofing
Spoofing means illegal intrusion, posing as a genuine user. A hacker logs-in to a computer
illegally, using a different identity than his own. He is able to do this by having previously
obtained actual password. He creates a new identity by fooling the computer into thinking he
is the genuine system operator. The hacker then takes control of the system. He can commit
innumerable number of frauds using this false identity.
In short spoofing refers to thing that appears to have been originated from one source when it
was actually sent from another source
5. Credit Card Fraud
Online Transaction has become a normal thing in day today life. Knowingly or unknowingly
passing credit card information over internet can land you in trouble. If electronic transactions
are not secured the credit card numbers can be stolen by the hackers who can misuse this card
by impersonating the credit card owner.
4. Cyber Theft:
Stealing of financial and/or personal information through the use of computers for making its
fraudulent or other illegal use.
Identity Theft:-
Identity theft occurs when someone appropriates another's personal information without their
knowledge to commit theft or fraud. Identity theft is a vehicle for perpetrating other types of
fraud schemes.
Theft of Internet Hours:-
Unauthorized use of Internet hours paid for by another person.
Theft of computer system (Hardware):-
This type of offence involves the theft of a computer, some part(s) of a computer or a peripheral
attached to the computer.
5. Cyber Terrorism:
Targeted attacks on military installations, power plants, air traffic control, banks, trail traffic
control, telecommunication networks are the most likely targets. Others like police, medical,
fire and rescue systems etc.
Cyber terrorism is an attractive option for modern terrorists for several reasons.
1. It is cheaper than traditional terrorist methods.
2. Cyberterrorism is more anonymous than traditional terrorist methods.
3. The variety and number of targets are enormous.
4. Cyberterrorism can be conducted remotely, a feature that isespecially appealing to terrorists.
5. Cyberterrorism has the potential to affect directly a larger number of people.
6. Flowing of Virus, Trojan horse, Worm & Logical Bombs:
The program that act like something useful but do the things that are quiet damping.
The programs of this kind are called as Trojans. Trojans come in two parts, a Client part and a
Server part. When the victim (unknowingly) runs the server on its machine, the attacker will
then use the Client to connect to the Server and start using the trojan.TCP/IP protocol is the
usual protocol type used for communications, but some functions of the trojans use the UDP
protocol as well.
A program that has capability to infect other programs and make copies of itself and spread
into other programs is called virus. Viruses can often spread without any readily visible
symptoms. A virus can start on event-driven effects (for example, triggered after a specific
number of executions), time- driven effects (triggered on a specific date, such as Friday the
13th) or can occur at random. Action of a virus can be display a message to prompt an action
which may set of the virus,Erase files,Scramble data on a hard disk,Cause erratic screen
behavior,Halt the PC…..etc Programs that multiply like viruses but spread from computer to
computer are called as worms.
For ex. Anna Kournikova worm(feb-2001)The first computer virus ever to be see was called
BRAIN and it appeared in 1986. Some famous viruse are… Jerusalem (1987), Dark Avenger
(1989), Michelangelo (1991), Concept (1995), Melissa , CIH(1999), The Love Letter (2000),
CodeRed, Nimda (2001), SirCam-Nimda…Etc.
Logical bombs are event dependent programs. This implies that these programs are created to
do something only when a certain event (known as a trigger event) occurs. E.g. even some
viruses may be termed logic bombs because they lie dormant all through the year and become
active only on a particular date (like the Chernobyl virus).
7. Cyber Pornography:
Pornography' is “describing or showing sexual acts in order to cause sexual excitement through
books, films, etc.” This includes pornographic websites; pornographic material produced using
computers and use of internet to download and transmit pornographic videos, pictures, photos,
writings etc. There are more than 420 million individual pornographic webpages today. Child
pornography is a very unfortunate reality of the Internet. The Internet is being highly used by
its abusers to reach and abuse children sexually, worldwide.
Pedophiles use a false identity to trap the children/teenagers
8. Defamation:
Defamation can be understood as the intentional infringement of another person's right to his
good name. Defamation can be understood as tarnishing the image, respect or dignity of any
person in front of right thinking members of the society.
Cyber Defamation occurs when defamation takes place with the help of computers and / or the
Internet. E.g. someone publishes defamatory matter about someone on a website or sends e-
mails containing defamatory information to all of that person's friends A matter defaming a
person is sent to the said person directly is not defamation however if the said mail is sent
through CC or BCC to third parties and if the contents tarnish (blemish/dull) the image of the
recipient it is defamation. Publication of defamatory articles and matter on a website are
defamation. Cyber defamation is also called as Cyber smearing.
9. Cyber Stalking:
Cyber Stalking can be defined as the repeated acts harassment or threatening behavior of the
cyber criminal towards the victim by using Internet services. (OR Cyber stalking involves
following a person’s movements across the Internet by posting messages (sometimes
threatening) on the bulletin boards frequented by the victim, entering the chat-rooms frequented
by the victim, constantly bombarding the victim with emails etc.) Stalking in General terms
can be referred to as the repeated acts of harassment targeting the victim such as…
1. Following the victim
2. Making harassing phone calls
3. Killing the victims pet
4. Vandalizing victims property
5. Leaving written messages or objects
Stalking may be followed by serious violent acts such as physical harm to the victim and the
same has to be treated and viewed seriously. It all depends on the course of conduct of the
stalker. Both kinds of stalkers – online and offline - have desire to control the victim’s life.
Cyber-stalking refers to the use of the Internet, e-mail, or other electronic communications
device to stalk another person. It is a relatively new form of harassment, unfortunately, rising
to alarming levels especially in big cities like Mumbai.
10.Email Spamming:
Spam is flooding the Internet with many copies of the same message, in an attempt to force the
message on people who would not otherwise choose to receive it. Most spam is commercial
advertising. For ex. get-rich-quick schemes.
There are two main types of spam, and they have different effects on Internet users.
1)Cancellable Usenet /Usenet spam & 2) Email-spam
Riddhi Joshi and Rosemol Thomas Page 4
Shri S.V.Patel college of CS & BM
Klez isn't as destructive as other worms, but it is widespread, hard to exterminate and still
active.
3. Melissa
The Melissa virus swamped corporate networks with a tidal wave of e-mail messages in March
1999. the virus was sent to the first 50 names in the user's address book. The e-mail fooled
many recipients because it bore the name of someone the recipient knew and referred to a
document they had allegedly requested.
4. Nimda
Nimda (also known as the Concept Virus) appeared in September 2001, attacking tens of
thousands of servers and hundreds of thousands of PCs. The worm modified Web documents
and executable files, then created numerous copies of itself. Nimda soon inspired a crowd of
imitators that followed the same pattern.
5. Anna Kournikova worm
The Anna Kournikova (or VBS.SST@mm) worm, appearing in February 2001, didn't cause
data loss, it did cause embarrassment and disruption for many personal and business users. The
worm showed up in Microsoft Outlook users' e-mail in-boxes with an attachment
Most worm creators have never been identified, but a 21-year-old Dutchman, Jan de Wit,
admitted to unleashing this worm. The admitted virus writer is appealing a 150-hour
community service sentence handed down in September 2001 by a judge in the Netherlands.
Email Spoofing:-
A spoofed email is one that appears to originate from one source but has actually emerged from
another source. Falsifying the name and / or email address of the originator of the email usually
does email spoofing. Usually to send an email the sender has to enter the following information:
• email address of the receiver of the email
• email address(es) of the person(s) who will receive a copy of the email (referred to as
CC for carbon copy)
• email address(es) of the person(s) who will receive a copy of the email (referred to as
CC for carbon copy, but whose identities will not be known to the other recipients of the e-
mail (known as BCC for blind carbon copy)
• Subject of the message (a short title / description of the message)
• Message
Certain web-based email services like www.SendFakeMail.com, offer a facility wherein in
addition to the above, a sender can also enter the email address of the purported sender of the
email. For ex: Consider Mr. Siddharth whose email address is siddharth@hotmail.com. His
friend Golu's email address is golu@yahoo.com. Using SendFakeMail.com, Siddharth can
send emails purporting to be sent from Golu's email account. All he has to do is enter
golu@yahoo.com in the space provided for sender's email address. Golu's friends would trust
such emails, as they would presume that they have come from Golu (whom they trust).
Siddharth can use this misplaced trust to send viruses, Trojans, worms etc. to Golu's friends,
who would unwittingly download them.
Email spoofing is often an attempt to trick the user into making a damaging statement or
releasing sensitive information (such as passwords).
Examples of spoofed email that could affect the security of your site include:
• email claiming to be from a system administrator requesting users to change their
passwords to a specified string and threatening to suspend their account if they do not do this
• email claiming to be from a person in authority requesting users to send them a copy of
a password file or other sensitive information
3. Ensure that your mail delivery daemon allows logging and is configured to provide
sufficient logging to assist you in tracking the origin of spoofed email.
4. Consider a single point of entry for email to your site. You can implement this by
configuring your firewall so that SMTP connections from outside your firewall must go
through a central mail hub. This will provide you with centralized logging, which may assist
in detecting the origin of mail spoofing attempts to your site.
5. Educate your users about your site's policies and procedures in order to prevent them
from being "social engineered," or tricked, into disclosing sensitive information (such as
passwords). Have your users report any such activities to the appropriate system
administrator(s) as soon as possible.
Email bombing:
Email bombing refers to sending a large amount of emails to the victim resulting in the victim's
email account (in case of an individual) or servers (in case of a company or an email service
provider) crashing. The simplest email bomb is an ordinary email account. All that one has to
do is compose a message, enter the email address of the victim multiple times in the "To" field,
and press the "Send" button many times. Writing the email address 25 times and pressing the
"Send" button just 50 times (it will take less than a minute) will send 1250 email messages to
the victim! If a group of 10 people do this for an hour, the result would be 750,000 emails!
There are several hacking tools available to automate the process of email bombing. These
tools send multiple emails from many different email servers, which makes it very difficult, for
the victim to protect himself.
Email bombing is characterized by abusers repeatedly sending an email message to a particular
address at a specific victim site. In many instances, the messages will be large and constructed
from meaningless data in an effort to consume additional system and network resources.
Multiple accounts at the target site may be abused, increasing the denial of service impact.
Email bombing may be combined with email spoofing (which alters the identity of the account
sending the email), making it more difficult to determine who actually sent the email.
(Note: detection, reaction and prevention is same for email spamming & email bombing)
What You Can Do (in detail):
A. Detection
If your system suddenly becomes sluggish (email is slow or doesn't appear to be sent or
received), the reason may be that your mailer is trying to process a large number of messages.
B. Reaction
1. Identify the source of the email bomb and configure your router (or have your Network
Service Provider configure the router) to prevent incoming packets from that address.
Review email headers to determine the true origin of the email. Review the information related
to the email bomb following relevant policies and procedures of your organization.
2. Ensure you are up to date with the most current version of your email delivery software
(send mail, for example) and increase logging capabilities as necessary to detect or alert you to
such activity.
C. Prevention
Unfortunately, at this time, there is no way to prevent email bombing (other than disconnecting
from the Internet), and it is impossible to predict the origin of the next attack. It is trivial to
obtain access to large mailing lists or information resources that contain large volumes of email
addresses that will provide destination email addresses for the spam.
1. Develop in-house tools to help you recognize and respond to the email bombing and so
minimize the impact of such activity. The tools should increase the logging capabilities as well
as check for and alert you to incoming/outgoing messages that originate from the same user or
same site in a very short span of time. Once you identify the activity, you can use other in-
house tools to discard the messages from the offending users or sites.
2. If your site uses a small number of email servers, you may want to configure your
firewall to ensure that SMTP connections from outside your firewall can be made only to your
central email hubs and to none of your other systems. Although this will not prevent an attack,
it minimizes the number of machines available to an intruder for an SMTP-based attack
(whether that attack is a email spam or an attempt to break into a host). It also means that should
you wish to control incoming SMTP in a particular way (through filtering or another means),
you have only a small number of systems--the main email hub and any backup email hubs--to
configure
3. Educate your users to call you about email bombing.
4. Do not propagate the problem by forwarding (or replying to) bombed email.
Denial of service attacks:
What is Denial of Service?
In Dos, the attacker attempts to prevent regular users from accessing the site or service. By
attacking your site the attacker might prevent you from accessing resources like email and even
disabling the loading of the site. In short you service is not able to take further request and
hence unavailable.
Why Denial of Service occur?
Routers, servers and network services are made to handle a finite amount of resources at any
given time depending on the hardware configuration and power of that machine. If the limit of
request surpasses it will start rejecting any further request. So an attacker can just overload the
server with such huge amount of request that server crashes or its not free to take any further
request. For an example, An attacker can spam you inbox with so many emails that you cross
your storage limits i.e your inbox is full and you don’t get any more emails.
o Once the Victim’s connection table is full, all new connections are ignored
o SYN floods rarely crash servers” –ISS
ICMP Flood Attacks: Internet Control Message Protocol (ICMP) the standard error and
control Message protocol for Internet systems. Defined in RFC 792.
o Attacker sends a huge amount of ICMP Echo Requests to victim
o Once network links become overloaded, all legitimate traffic will be slowed or stopped
o As detrimental to the attacker as to the victim unless the attacker has a MUCH faster
link than the victim
UDP Attacks: Two UDP (User Datagram Protocol) services: echo (which echos back
any character received) and chargen (which generates character) were used in the past for
network testing and are enabled by default on most Systems.
• These services can be used to launch a DOS by connecting the chargen to echo ports
on the same or another machine and generating large amounts of network traffic. Disable echo,
chargen and all other unused services whenever possible, such /etc/inetd. conf on Unix, and
“no udp Small services” on Cisco IOS.
• Filter UDP traffic at the firewall level.
Only allow legitimate traffic such as UDP port 53 (DNS) – Of course, NewTear, Newtear2,
Bonk, and Boink are tools that exploit the same weakness in the Microsoft Windows 9.x/NT
TCP/IP stack.
• The attacker sends the victim a pair of malformed IP fragments which get reassembled
into an invalid UDP datagram. Upon receiving the invalid datagram, the victim host “blue-
screens” and freezes or reboots (The pathologic offset attack)
Smurf Attacks: When Smurfs go bad!!
• A smurf attack consists of a host sending an ICMP echo request (ping) to a network
broadcast address.(usually network addresses with the host portion of the address having all
1s)
• Every host on the network receives the ICMP echo request and sends back an ICMP
echo response inundating the initiator with network traffic.
need to send back an ‘Ack’ response, for the victim server to close the connection. But they
don’t do that, resulting in many open connections (which cannot be used by other users) in the
server.
The handlers, are a small number of controlling computers which communicate with the
numerous zombie computers using command and control signals, which can be intercepted to
identify the handlers/ master computer. But sometimes, even those communications are
encrypted by attackers.
Some Steps for prevention/ mitigation of Distributed Denial of Service attacks (DDoS):
As such, the Distributed Denial of Service attacks are difficult to prevent / mitigate. But steps
can be taken (based on your environment) to prevent/ identify/ mitigate the DDoS attacks and
some of them are given below:
• Identification of statistical patterns of DDoS attacks and comparing the same with live
traffic, might help in identifying these attacks early. Its possible to identify and filter
illegitimate traffic while simultaneously allowing legitimate traffic. This requires appropriate
filtering systems, and can be automated or done manually.
• Having alternate network paths and applying load balancing for incoming traffic would
reduce the risk posed by DDoS attacks. Having over provisioned/ additional servers/ cloud
based resources even if it can be summoned only at the time of DDoS attacks also helps –
especially with small DDoS attacks, as more traffic can be handled.
• Rate-Limiting/ Throttling: The maximum incoming traffic (coming in to a server) can
be controlled, and any additional traffic could be throttled to prevent the server from going
down. Its beneficial if the source(s) of DDoS attacks could be identified so that the traffic from
there could be filtered out. Its possible to send ‘null-routes’ back to the attacking computers, to
confuse them in thinking there is no target server.
• Honeypots: Many organizations don’t use this, but its a very interesting technique
which involves the setting up of dummy servers with maximum vulnerabilities that are exposed
to hackers as legitimate servers. When the hackers attack these systems, its possible to study
the attack patterns, attack intentions and even find out attack sources.
• Aggressive Caching: Caching is a method by which the frequently accessed web pages
are stored as separate HTML files and when users request these pages, the HTML files are
presented to them instead of the Time/CPU resource consuming database quires. This enables
the servers to handle more requests/ per second and hence the smaller DDoS attacks can be
fended off.
• If its a website, it might be better to host it on cloud infrastructure/ content delivery
networks/ managed service providers etc, who have dedicated network security professionals
and devices (if companies don’t have them in-house) to manage DDoS attacks. But the cost of
such hosting / DDoS mitigation needs to be considered.
• It helps if the zombie computers are protected in the first place to ensure that they cannot
get infected by attackers and do not participate in the DDoS attacks.
IPR Violations (Intellectual Property Rights) : software piracy, copyright infringement,
trademarks violations,theft of computer source code, patent violations
Riddhi Joshi and Rosemol Thomas Page 15
Shri S.V.Patel college of CS & BM
IPR violation:
The major legal and ethical problems that arise in terms of the Internet and
electronic media deal with intellectual property issues. There are well developed
laws that govern physical property. Physical property, also known as tangible
property, is property that we can touch and feel. Intellectual property, on the
other hand, deals with the ownership of ideas or the expression of ideas. Since
ideas cannot be touched or felt, butthey do belong to the person who developed
(or authored) them, they are known as intangible property.
There are several forms of legal protection available for intellectual property.
These are:
trade secret protection
copyright protection
trademark protection
patents.
store owners, and ultimately to all software users. Furthermore, the illegal
duplication and distribution of software has a significant impact on the
economy.
c) What is a Trademark?
A trademark protects words, names, symbols, sounds, phrase, logo, or colors
that distinguish goods and services from those manufactured or sold by others
and indicate the source of the goods. Trademarks, unlikepatents, can be renewed
forever as long as they are being used in commerce.
Trade Secret Protection: This method of protecting ownership of an idea
is to ensure that the idea is kept a secret. Generally, a trade secret can include
a formula, pattern, compilation, program, device, method, technique or
Riddhi Joshi and Rosemol Thomas Page 17
Shri S.V.Patel college of CS & BM
process that is used in one's business, and has independent economic value
that provides an advantage over competitors who are not aware of it or use it.
Under most circumstances, a trade secret is lost once it is independently
discovered.
Example of trade secret is the formula used in preparing Coca Cola syrup. Very
few employees know the formula, and those who do are required to sign
nondisclosure agreements in order to have accessto it. The formula is safe as
long as no employee divulges the secret. The company could take them to court
if they did so.
Another example of a trade secret may be a company’s business plan or strategy.
Trade secrets can only exist if the basis for the idea can be kept a secret.
This may not be possible in the world of computer technology and
programming.
d) What is a Patent?
A patent is a right of ownership given to a new idea for a machine,
manufacture, composition of matter, or method, or for an improvement on
an existing one of any of these. The right of ownership is given for17
years. In order to get this right, the applicant must state the details of the idea
clearly in writing and submit it to the U.S. Patent and Trademark Office for
their assessment of its uniqueness. Patents can be licensed or sold to others.
What is a Patent Violation? Patent Violation is the commission of a
prohibited act with respectto a patented invention without permission from the
patent holder. Permission may typically be granted in the form of a license.
The definition of patent violation may vary by jurisdiction(field), but it
typically includes using or selling the patented invention. In many countries,
a use is required to be commercial (or to have a commercial purpose) to
constitute a patent violation.
Patent law of India has the following most main features, which
decide whether a patent will begranted or not:-
2. Inventive Step: The fundamental principle of Patent law is granted only for an
invention.
Cyber Squatting:
Cyber squatting (also known as domain squatting), cyber squatting is registering, trafficking
in, or using a domain name with bad-faith
OR
Cyber squatting refers to the bad faith registration of a domain name containing another
person’s brand or trademark
The term derives from squatting, the practice of inhabiting someone else's property without
their permission. In one variation of cyber squatting, called typo squatting.
Cyber squatters sometimes register variants of popular trademarked names, a practice known
as typo squatting.
Typo squatters rely on the fact that Internet users will make typographical errors when entering
domain names into their web browsers. Once a cyber squatter has registered such a domain
name, the cyber squatter can place advertisements on a website linked to that domain name,
and collect income any time an Internet user clicks on one of those advertisements.
Some common examples of cyber squatting include:
• The omission of the “dot” in the domain name: wwwexample.com;
• A common misspelling of the intended site: exemple.com
• A differently phrased domain name: examples.com
• A different top-level domain: example.org
Another strategy is as follows: Internet domain name registrations are for a fixed period of
time. If the owner of a domain name doesn't re-register the name with an internet registrar prior
to the domain's expiration date, then the domain name can be purchased by anybody else after
it expires.At this point the registration is considered lapsed. A cybersquatter may use automated
software tools to register the lapsed name the instant it is lapsed. This strategy is one of a family
of identity theft schemes including renewal snatching, extension exaggeration and alert
angling.
The first four would count against a determination of bad faith while the remainder would
weigh in favor of a bad faith determination.
1. If registrant has any trademark or other intellectual property rights in the name.
2. If this is the legal or nickname of the registrant.
3. The registrant's prior use of the domain name in connection with the good faith offering
of goods and services.
4. Lawful noncommercial or fair use of the mark in a web site under the domain name.
5. Intent to divert to a site that could harm the trademark owner's goodwill - either for
commercial gain or with intent to tarnish by creating likelihood of confusion as to source,
sponsorship or affiliation, or endorsement of the site.
6. Offer to sell the domain name without having used, or having an intent to use, it in the
bona fide offering of goods or services, or a prior pattern of such conduct.
7. Intentional provision of misleading contact information in the domain name registration
application or the history of such conduct.
8. Warehousing of multiple domain names known to be identical or confusingly similar
to distinctive marks or dilutive of famous marks, without regard to the goods or services of the
parties.
9. The extent to which a mark is distinctive or famous.
Defamation (Cyber Smearing):
It takes place with the help of computer and or internet. The information published in
the website or emailsent to defame targeting an individual or an organization.
“Defamation can be understood as the intentional infringement of another
person's right to his goodname. Defamation can be understood as tarnishing the image,
respect or dignity of any person in front of right thinking members of the society.”
“Cyber Defamation occurs when defamation takes place with the help of
computers and / or the Internet. E.g. someone publishes defamatory matter about
someone on a website or sends e-mails containing defamatory information to all of that
person's friends A matter defaming a person is sent to thesaid person directly is not
defamation however if the said mail is sent through CC or BCC to third parties and if
the contents tarnish (blemish/dull) the image of the recipient it is defamation.
Publication of defamatory articles and matter on a website are defamation. Cyber
defamation is also called as Cyber smearing.”
Defamatory emails:
Cyber-defamation or even cyber-slander as it is called can prove to be
very harmful and even fatal to the people who have been made its victims. OR
Defamation is defined as communication to third parties of false
statements about a person that injure the reputation of or deter others from
associating with that person.
Defamation can take one of two forms: slander or libel. Slander covers oral
defamatory statements while libel addresses the written version. Defamation is an
abusive attack on a person'scharacter or good name. If a person is harmed in any way
by your statement(s), you can be held accountable in a court of law for your actions.
Defamation requires "publication." When you send a defamatory statement
about another person to others than the one you are defaming, that constitutes
publication. Any every time an email is sent, it is considered a new publication.
Everyone who has a role in the publication of that email may be liable.
8. In extreme cases, the stalker becomes bold enough to contact victim via
telephone to make calls tothe victim to threaten, harass, or intimidate him/
her. Ultimately, the stalker is even known to track the victim to his/ her home.
In many cases, the cyber stalker and the victim had a prior relationship, and the cyber
stalking begins whenthe victim attempts to break off the relationship. However, there
also have been many instances of cyber stalking by strangers. Given the enormous
amount of personal information available through the Internet, a cyber stalker can
easily locate private information about a potential victim with a few mouse clicks or
keystrokes.
The fact that cyber stalking does not involve physical contact may create the
misperception that it ismore benign than physical stalking. This is not necessarily true.
As the Internet becomes an ever more integral part of our personal and professional
lives, stalkers cantake advantage of the ease of communications as well as increased
access to personal information. In addition, the ease of use and non-confrontational,
impersonal, and sometimes anonymous nature of Internet communications may
remove disincentives to cyber stalking.
Put another way, whereas a potential stalker may be unwilling or unable to confront a victim
in person or on the telephone, he or she may have little hesitation sending harassing or
threatening electronic communications to a victim. Finally, as with physical stalking, online
harassment and threats may be a prelude to more serious behavior, including physical violence.
In the corporate world, Internet hackers are continually looking for opportunities
to compromise a company’s security in order to gain access to confidential
banking and financial information.
Use of stolen card information or fake credit/debit cards are common.
Bank employee can grab money using programs to deduce small amount
of money from all customeraccounts and adding it to own account also called as
salami.
credit card fraud. Read onto learn about some of the different types of bank
and banking related frauds and learn ways to protect your personal
information and prevent yourself from becoming the next target of bank and
banking related fraud.
Cheque Fraud: is responsible for the loss of about $815 million yearly,
which is nearly 12 times the amount robbed from banks each year. Many
types of cheque scams exist, including:
Forged Signatures – involves forging a signature on legitimate blank check
Forged Endorsement – includes endorsing and cashing or depositing a stolen check
Counterfeit Checks – is on the rise with the advancement in color copying and desktop
publishing
Altered Checks – where a person changes the name of the payee or dollar amount on
a legitimate check
Check Kiting – where a person deposits a non-sufficient fund check into an
account, then writesanother check against that amount for another account.
Credit Card Fraud: is a common type of fraud that affects millions each year.
Statistics show that credit card causes $500 million in damages to card companies
and credit card holders. So, it’s wise to learn how to keep your credit card and bank
documents safe to prevent credit fraud from happening to you. And, if you suspect
that you’re a target of credit fraud contact your bank or credit card company
immediately to check for fraud.
Falsification of Loan Applications: also known as Loan Fraud. It occurs when a
person produces falseinformation to qualify for a loan, such as a mortgage for their
house. Sometimes, loan officers may be in on the fraud.
The best way to protect yourself from bank and banking related fraud
is by being informed of thesetypes of fraud. Here are some useful tips
you can use to help keep your money safe:
Keep an eye on your credit cards, bank documents, and cards at all times
Treat your cards and check book like it’s cash
Monitor your accounts and keep receipts of your purchases to check against your
monthly statements
Report any suspicious or bogus activity or charges made to your accounts
Write down all your card numbers and keep it in a safe place, incase you need to report
a lost or stolen card
Educate yourself about the risks of online banking fraud.
Riddhi Joshi and Rosemol Thomas Page 24
Shri S.V.Patel college of CS & BM
Credit card fraud is a wide-ranging term for theft and fraud committed using a
credit card or any similar payment mechanism as a fraudulent source of funds in a
transaction. The purpose may be to obtain goods without paying, or to obtain
unauthorized funds from an account. Credit card fraud is alsoan adjunct to identity
theft. According to the Federal Trade Commission, while identity theft had been
holding steadyfor the last few years, it saw a 21 % increase in 2008.
Credit/debit card fraud is committed when one person 1) fraudulently obtains,
takes, signs, uses, sells, buys, or forges someone else's credit or debit card or card
information; 2) uses his or her own card with the knowledge that it is revoked or expired
or that the account lacks enough money to pay for the items charged; and 3) sells goods
or services to someone else with knowledge that the credit or debit card being used was
illegally obtained or is being used without authorization.4) A thief could also open new
accounts in the victim’s name, incurring more charges on the victim’s line of credit.
These actions could inturn affect not only the victim’s immediate pocketbook, but future
credit as well.
If you are hit by credit fraud, be sure you know how to handle it. Learn what's involved
in reporting will help you take the best and most efficient steps possible towards
regaining control of your information.
Make sure the transaction is secure when you electronically send your credit card
number.
Keep a list of all your credit cards and account information along with
the card issuer’s contact information. If anything looks suspicious or
you lose your credit card(s), contact thecard issuer immediately.