Shri S.V.

Patel college of CS & BM

Introduction to Cyber Crimes: Cyber Crime can be defined as unlawful acts committed by
using the computer as a tool or as a target or as both. Cyber crimes can involve criminal
activities that are traditional in nature, such as theft, fraud, forgery (copy), defamation (insult)
and mischief, all of which are subject to the Indian Penal Code. The abuse of computers has
also given birth to a gamut (range) of new age crimes that are addressed by the Information
Technology Act, 2000 (introduced on 17th Oct 2000)
Cyber crime can be categorized mainly in two ways:
• Using the Computer as a Target:-using a computer to attack other computers. e.g.
Hacking, Virus/Worm attacks, DOS attack etc.
• Using the computer as a weapon:-using a computer to commit real world crimes. e.g.
Cyber Terrorism, IPR violations, Credit card frauds, EFT frauds, Pornography etc.
Moreover we further categorized as follows:
1. Unauthorized Access:
Access means gaining entry into, instructing or communicating with the logical, arithmetical,
or memory function resources of a computer, computer system or computer network.
Unauthorized access would therefore mean any kind of access without the permission of either
the rightful owner or the person in charge of a computer, computer system or computer
network.
2. Hacking & Cracking:
Every act committed towards breaking into a computer and/or network is hacking. Hackers
write or use ready-made computer programs to attack the target computer. They possess the
desire to destruct and they get the kick out of such destruction. Some hackers hack for personal
monetary gains, such as to stealing the credit card information, transferring money from various
bank accounts to their own account followed by withdrawal of money. Crackers may steal or
modify data or insert viruses or worms which damage the system.
By hacking web server taking control on another person’s website called as web hijacking
3. Cyber Fraud/Online Fraud:
The net is a boon for people to conduct business effectively, very quickly. Net is also an open
invitation to fraudsters and online frauds are becoming increasingly out of control.
1. Spoof websites and email security alerts
Fraudsters create authentic looking websites that are actually nothing but a spoof. The purpose
of these websites is to make the user enter personal information. This information is then used
to access business and bank accounts. If you ever get an email containing an embedded link,
and a request for you to enter secret details, treat it as suspicious. Do not input any sensitive
information that might help provide access to your accounts, even if the page appears
legitimate. No reputable company ever sends emails of this type.
2. Virus hoax emails

Riddhi Joshi and Rosemol Thomas Page 1

 Shri S.V.Patel college of CS & BM

It is a sad fact of life that there are those who enjoy exploiting the concerns of others. Many
emailed warnings about viruses are hoaxes, designed purely to cause concern and disrupt
businesses.
These warnings may be genuine, so don't take them lightly, but always check the story out by
visiting an anti-virus site such as McAfee, Sophos or Symantec before taking any action,
including forwarding them to friends and colleagues.
3. Lottery Frauds
These are letters or emails, which inform the recipient that he/ she has won a prize in a lottery.
To get the money, the recipient has to reply. After which another mail is received asking for
bank details so that the money can be directly transferred. The email also asks for a processing
fee/ handling fee. Of course, the money is never transferred in this case, the processing fee is
swindled and the banking details are used for other frauds and scams.
4. Spoofing
Spoofing means illegal intrusion, posing as a genuine user. A hacker logs-in to a computer
illegally, using a different identity than his own. He is able to do this by having previously
obtained actual password. He creates a new identity by fooling the computer into thinking he
is the genuine system operator. The hacker then takes control of the system. He can commit
innumerable number of frauds using this false identity.
In short spoofing refers to thing that appears to have been originated from one source when it
was actually sent from another source
5. Credit Card Fraud
Online Transaction has become a normal thing in day today life. Knowingly or unknowingly
passing credit card information over internet can land you in trouble. If electronic transactions
are not secured the credit card numbers can be stolen by the hackers who can misuse this card
by impersonating the credit card owner.
4. Cyber Theft:
Stealing of financial and/or personal information through the use of computers for making its
fraudulent or other illegal use.
Identity Theft:-
Identity theft occurs when someone appropriates another's personal information without their
knowledge to commit theft or fraud. Identity theft is a vehicle for perpetrating other types of
fraud schemes.
Theft of Internet Hours:-
Unauthorized use of Internet hours paid for by another person.
Theft of computer system (Hardware):-
This type of offence involves the theft of a computer, some part(s) of a computer or a peripheral
attached to the computer.

Riddhi Joshi and Rosemol Thomas Page 2

 Shri S.V.Patel college of CS & BM

5. Cyber Terrorism:
Targeted attacks on military installations, power plants, air traffic control, banks, trail traffic
control, telecommunication networks are the most likely targets. Others like police, medical,
fire and rescue systems etc.
Cyber terrorism is an attractive option for modern terrorists for several reasons.
1. It is cheaper than traditional terrorist methods.
2. Cyberterrorism is more anonymous than traditional terrorist methods.
3. The variety and number of targets are enormous.
4. Cyberterrorism can be conducted remotely, a feature that isespecially appealing to terrorists.
5. Cyberterrorism has the potential to affect directly a larger number of people.
6. Flowing of Virus, Trojan horse, Worm & Logical Bombs:
The program that act like something useful but do the things that are quiet damping.
The programs of this kind are called as Trojans. Trojans come in two parts, a Client part and a
Server part. When the victim (unknowingly) runs the server on its machine, the attacker will
then use the Client to connect to the Server and start using the trojan.TCP/IP protocol is the
usual protocol type used for communications, but some functions of the trojans use the UDP
protocol as well.
A program that has capability to infect other programs and make copies of itself and spread
into other programs is called virus. Viruses can often spread without any readily visible
symptoms. A virus can start on event-driven effects (for example, triggered after a specific
number of executions), time- driven effects (triggered on a specific date, such as Friday the
13th) or can occur at random. Action of a virus can be display a message to prompt an action
which may set of the virus,Erase files,Scramble data on a hard disk,Cause erratic screen
behavior,Halt the PC…..etc Programs that multiply like viruses but spread from computer to
computer are called as worms.
For ex. Anna Kournikova worm(feb-2001)The first computer virus ever to be see was called
BRAIN and it appeared in 1986. Some famous viruse are… Jerusalem (1987), Dark Avenger
(1989), Michelangelo (1991), Concept (1995), Melissa , CIH(1999), The Love Letter (2000),
CodeRed, Nimda (2001), SirCam-Nimda…Etc.
Logical bombs are event dependent programs. This implies that these programs are created to
do something only when a certain event (known as a trigger event) occurs. E.g. even some
viruses may be termed logic bombs because they lie dormant all through the year and become
active only on a particular date (like the Chernobyl virus).
7. Cyber Pornography:
Pornography' is “describing or showing sexual acts in order to cause sexual excitement through
books, films, etc.” This includes pornographic websites; pornographic material produced using
computers and use of internet to download and transmit pornographic videos, pictures, photos,
writings etc. There are more than 420 million individual pornographic webpages today. Child

Riddhi Joshi and Rosemol Thomas Page 3

 Shri S.V.Patel college of CS & BM

pornography is a very unfortunate reality of the Internet. The Internet is being highly used by
its abusers to reach and abuse children sexually, worldwide.
Pedophiles use a false identity to trap the children/teenagers
8. Defamation:
Defamation can be understood as the intentional infringement of another person's right to his
good name. Defamation can be understood as tarnishing the image, respect or dignity of any
person in front of right thinking members of the society.
Cyber Defamation occurs when defamation takes place with the help of computers and / or the
Internet. E.g. someone publishes defamatory matter about someone on a website or sends e-
mails containing defamatory information to all of that person's friends A matter defaming a
person is sent to the said person directly is not defamation however if the said mail is sent
through CC or BCC to third parties and if the contents tarnish (blemish/dull) the image of the
recipient it is defamation. Publication of defamatory articles and matter on a website are
defamation. Cyber defamation is also called as Cyber smearing.
9. Cyber Stalking:
Cyber Stalking can be defined as the repeated acts harassment or threatening behavior of the
cyber criminal towards the victim by using Internet services. (OR Cyber stalking involves
following a person’s movements across the Internet by posting messages (sometimes
threatening) on the bulletin boards frequented by the victim, entering the chat-rooms frequented
by the victim, constantly bombarding the victim with emails etc.) Stalking in General terms
can be referred to as the repeated acts of harassment targeting the victim such as…
1. Following the victim
2. Making harassing phone calls
3. Killing the victims pet
4. Vandalizing victims property
5. Leaving written messages or objects
Stalking may be followed by serious violent acts such as physical harm to the victim and the
same has to be treated and viewed seriously. It all depends on the course of conduct of the
stalker. Both kinds of stalkers – online and offline - have desire to control the victim’s life.
Cyber-stalking refers to the use of the Internet, e-mail, or other electronic communications
device to stalk another person. It is a relatively new form of harassment, unfortunately, rising
to alarming levels especially in big cities like Mumbai.
10.Email Spamming:
Spam is flooding the Internet with many copies of the same message, in an attempt to force the
message on people who would not otherwise choose to receive it. Most spam is commercial
advertising. For ex. get-rich-quick schemes.
There are two main types of spam, and they have different effects on Internet users.
1)Cancellable Usenet /Usenet spam & 2) Email-spam
Riddhi Joshi and Rosemol Thomas Page 4
 Shri S.V.Patel college of CS & BM

1. Cancellable Usenet spam is a single message sent to 20 or more Usenet newsgroups.

2. Email "spamming" refers to sending email to thousands and thousands of users - similar
to a chain letter. Email spam, also known as junk email or unsolicited bulk email (UBE), is a
subset of electronic spam . One subset of UBE is UCE (unsolicited commercial email).
Spammers collect email addresses from chatrooms, websites, customer lists, newsgroups, and
viruses which harvest users' address books, and are sold to other spammers.
Trojan, Virus and Worm Attacks:
Virus / worm attacks-Viruses are programs that attach themselves to a computer or a file and
then circulate themselves to other files and to other computers on a network. They usually
affect the data on a computer, either by altering or deleting it. Worms, unlike viruses do not
need the host to attach themselves to. They merely make functional copies of themselves and
do this repeatedly till they eat up all the available space on a computer's memory. E.g. love bug
virus, which affected at least 5 % of the computers of the globe.
The losses were accounted to be $ 10 million. The world's most famous worm was the Internet
worm let loose on the Internet by Robert Morris sometime in 1988. Almost brought
development of Internet to a complete halt.
Trojan attacks This term has its origin in the word ‘Trojan horse’. In software field this means
an unauthorized programme, which passively gains control over another’s system by
representing itself as an authorised programme. The most common form of installing a Trojan
is through e-mail. E.g. a Trojan was installed in the computer of a lady film director in the
U.S. while chatting. The cyber criminal through the web cam installed in the computer obtained
her nude photographs. He further harassed this lady.

How do viruses spread?

Viruses can often spread without any readily visible symptoms. A virus can start on event-
driven effects (for example, triggered after a specific number of executions), time-driven
effects (triggered on a specific date, such as Friday the 13th) or can occur at random.

Typical action of a virus

1. Display a message to prompt an action which may set of the virus
2. Erase files
3. Scramble data on a hard disk
4. Cause erratic screen behavior
5. Halt the PC
6. Just replicate itself!

Riddhi Joshi and Rosemol Thomas Page 5

 Shri S.V.Patel college of CS & BM

This is how a virus spreads through the Internet

This is how a virus spreads in standalone system

Spreading Virus – Local Networks

World’s Worst Attacks

1. Love Letter
LoveLetter is the virus everyone learned to hate in 2000. The infection affected millions of
computers and caused more damage than any other computer virus to date. The mail included
an executable file attachment with the e-mail subject line, "ILOVEYOU." The worm had the
ability to overwrite several types of files, including .gif and .jpg files. It modified the Internet
Explorer start page and changed Registry keys. It also moved other files and hid MP3 files on
affected systems.
2. Klez
The Klez worm, which blends different virus traits, was first detected in October 2001. Klez
distributes itself like a virus, but sometimes acts like a worm, other times like a Trojan horse.
Riddhi Joshi and Rosemol Thomas Page 6
 Shri S.V.Patel college of CS & BM

Klez isn't as destructive as other worms, but it is widespread, hard to exterminate and still
active.
3. Melissa
The Melissa virus swamped corporate networks with a tidal wave of e-mail messages in March
1999. the virus was sent to the first 50 names in the user's address book. The e-mail fooled
many recipients because it bore the name of someone the recipient knew and referred to a
document they had allegedly requested.
4. Nimda
Nimda (also known as the Concept Virus) appeared in September 2001, attacking tens of
thousands of servers and hundreds of thousands of PCs. The worm modified Web documents
and executable files, then created numerous copies of itself. Nimda soon inspired a crowd of
imitators that followed the same pattern.
5. Anna Kournikova worm
The Anna Kournikova (or VBS.SST@mm) worm, appearing in February 2001, didn't cause
data loss, it did cause embarrassment and disruption for many personal and business users. The
worm showed up in Microsoft Outlook users' e-mail in-boxes with an attachment
Most worm creators have never been identified, but a 21-year-old Dutchman, Jan de Wit,
admitted to unleashing this worm. The admitted virus writer is appealing a 150-hour
community service sentence handed down in September 2001 by a judge in the Netherlands.
Email Spoofing:-
A spoofed email is one that appears to originate from one source but has actually emerged from
another source. Falsifying the name and / or email address of the originator of the email usually
does email spoofing. Usually to send an email the sender has to enter the following information:
• email address of the receiver of the email
• email address(es) of the person(s) who will receive a copy of the email (referred to as
CC for carbon copy)
• email address(es) of the person(s) who will receive a copy of the email (referred to as
CC for carbon copy, but whose identities will not be known to the other recipients of the e-
mail (known as BCC for blind carbon copy)
• Subject of the message (a short title / description of the message)
• Message
Certain web-based email services like www.SendFakeMail.com, offer a facility wherein in
addition to the above, a sender can also enter the email address of the purported sender of the
email. For ex: Consider Mr. Siddharth whose email address is siddharth@hotmail.com. His
friend Golu's email address is golu@yahoo.com. Using SendFakeMail.com, Siddharth can
send emails purporting to be sent from Golu's email account. All he has to do is enter
golu@yahoo.com in the space provided for sender's email address. Golu's friends would trust
such emails, as they would presume that they have come from Golu (whom they trust).
Siddharth can use this misplaced trust to send viruses, Trojans, worms etc. to Golu's friends,
who would unwittingly download them.

Riddhi Joshi and Rosemol Thomas Page 7

 Shri S.V.Patel college of CS & BM

Email spoofing is often an attempt to trick the user into making a damaging statement or
releasing sensitive information (such as passwords).
Examples of spoofed email that could affect the security of your site include:
• email claiming to be from a system administrator requesting users to change their
passwords to a specified string and threatening to suspend their account if they do not do this
• email claiming to be from a person in authority requesting users to send them a copy of
a password file or other sensitive information

What You Can Do:

A. Reaction
1. You may be alerted to spoofed email attempts by reports from your users or by
investigating bounced email error messages.
2. Following relevant policies and procedures of your organization, review all information
(such as mail headers and system log files) related to the spoofed email.Examine tcp_wrapper,
ident, and send mail logs to obtain information on the origin of the spoofed email.The header
of the email message often contains a complete history of the "hops" the message has taken to
reach its destination. Information in the headers (such as the "Received:" and "Message-ID"
information), in conjunction with your mail delivery logs, should help you to determine how
the email reached your system.If your mail reader does not allow you to review these headers,
check the ASCII file that contains the original message.
NOTE: Some of the header information may be spoofed; and if the abuser connected directly
to the SMTP port on your system, it may not be possible for you to identify the source of the
activity.
3. Follow up with other sites involved in this activity, if you can identify the sites. Contact
them to alert them to the activity and help them determine the source of the original email.
4. To provide as much information as possible to help trace this type of activity, you can
increase the level of logging for your mailer delivery daemon.
5. Realize that in some cases, you may not be able to identify the origin of the spoofed
email.
B. Prevention (Deterrence)
1. Use cryptographic signatures (e.g., PGP "Pretty Good Privacy" or other encryption
technologies) to exchange authenticated email messages. Authenticated email provides a
mechanism for ensuring that messages are from whom they appear to be, as well as ensuring
that the message has not been altered in transit. Similarly, sites may wish to consider enabling
SSL/TLS in their mail transfer software. Using certificates in this manner increases the amount
of authentication performed when sending mail.
2. Configure your mail delivery daemon to prevent someone from directly connecting to
your SMTP port to send spoofed email to other sites.

Riddhi Joshi and Rosemol Thomas Page 8

 Shri S.V.Patel college of CS & BM

3. Ensure that your mail delivery daemon allows logging and is configured to provide
sufficient logging to assist you in tracking the origin of spoofed email.
4. Consider a single point of entry for email to your site. You can implement this by
configuring your firewall so that SMTP connections from outside your firewall must go
through a central mail hub. This will provide you with centralized logging, which may assist
in detecting the origin of mail spoofing attempts to your site.
5. Educate your users about your site's policies and procedures in order to prevent them
from being "social engineered," or tricked, into disclosing sensitive information (such as
passwords). Have your users report any such activities to the appropriate system
administrator(s) as soon as possible.
Email bombing:
Email bombing refers to sending a large amount of emails to the victim resulting in the victim's
email account (in case of an individual) or servers (in case of a company or an email service
provider) crashing. The simplest email bomb is an ordinary email account. All that one has to
do is compose a message, enter the email address of the victim multiple times in the "To" field,
and press the "Send" button many times. Writing the email address 25 times and pressing the
"Send" button just 50 times (it will take less than a minute) will send 1250 email messages to
the victim! If a group of 10 people do this for an hour, the result would be 750,000 emails!
There are several hacking tools available to automate the process of email bombing. These
tools send multiple emails from many different email servers, which makes it very difficult, for
the victim to protect himself.
Email bombing is characterized by abusers repeatedly sending an email message to a particular
address at a specific victim site. In many instances, the messages will be large and constructed
from meaningless data in an effort to consume additional system and network resources.
Multiple accounts at the target site may be abused, increasing the denial of service impact.
Email bombing may be combined with email spoofing (which alters the identity of the account
sending the email), making it more difficult to determine who actually sent the email.
(Note: detection, reaction and prevention is same for email spamming & email bombing)
What You Can Do (in detail):
A. Detection
If your system suddenly becomes sluggish (email is slow or doesn't appear to be sent or
received), the reason may be that your mailer is trying to process a large number of messages.
B. Reaction
1. Identify the source of the email bomb and configure your router (or have your Network
Service Provider configure the router) to prevent incoming packets from that address.
Review email headers to determine the true origin of the email. Review the information related
to the email bomb following relevant policies and procedures of your organization.

Riddhi Joshi and Rosemol Thomas Page 9

 Shri S.V.Patel college of CS & BM

2. Ensure you are up to date with the most current version of your email delivery software
(send mail, for example) and increase logging capabilities as necessary to detect or alert you to
such activity.
C. Prevention
Unfortunately, at this time, there is no way to prevent email bombing (other than disconnecting
from the Internet), and it is impossible to predict the origin of the next attack. It is trivial to
obtain access to large mailing lists or information resources that contain large volumes of email
addresses that will provide destination email addresses for the spam.
1. Develop in-house tools to help you recognize and respond to the email bombing and so
minimize the impact of such activity. The tools should increase the logging capabilities as well
as check for and alert you to incoming/outgoing messages that originate from the same user or
same site in a very short span of time. Once you identify the activity, you can use other in-
house tools to discard the messages from the offending users or sites.
2. If your site uses a small number of email servers, you may want to configure your
firewall to ensure that SMTP connections from outside your firewall can be made only to your
central email hubs and to none of your other systems. Although this will not prevent an attack,
it minimizes the number of machines available to an intruder for an SMTP-based attack
(whether that attack is a email spam or an attempt to break into a host). It also means that should
you wish to control incoming SMTP in a particular way (through filtering or another means),
you have only a small number of systems--the main email hub and any backup email hubs--to
configure
3. Educate your users to call you about email bombing.
4. Do not propagate the problem by forwarding (or replying to) bombed email.
Denial of service attacks:
What is Denial of Service?
In Dos, the attacker attempts to prevent regular users from accessing the site or service. By
attacking your site the attacker might prevent you from accessing resources like email and even
disabling the loading of the site. In short you service is not able to take further request and
hence unavailable.
Why Denial of Service occur?
Routers, servers and network services are made to handle a finite amount of resources at any
given time depending on the hardware configuration and power of that machine. If the limit of
request surpasses it will start rejecting any further request. So an attacker can just overload the
server with such huge amount of request that server crashes or its not free to take any further
request. For an example, An attacker can spam you inbox with so many emails that you cross
your storage limits i.e your inbox is full and you don’t get any more emails.

Riddhi Joshi and Rosemol Thomas Page 10

 Shri S.V.Patel college of CS & BM

Features of Dos Attacks:

 Disrupting service to a specific system or person.
 Disrupting connections between two machines.
 Flooding of network hence rejecting any further request.
Types or Levels of Dos Attacks:
a. Consumption of scarce, limited, or non-renewable resources like NW bandwidth,
RAM, CPU time. Even power, cool air, or water can affect.
b. Destruction or Alteration of Configuration Information
c. Physical Destruction or Alteration of Network Components
Furthermore categorized into followings:
Bandwidth Attacks: If you load any site, it takes certain time to “load”. Loading means
it appears on your screen with the images and texts. This “loading” consumes some amount of
memory. Every site is given with a particular amount of bandwidth by its hosting, say for
example 100Gb. Now if i get more visitors who consumes all my 100GB bandwidth, the
hosting of the site can ban your site. So now if the attacker does the same. He can open 100
pages of a site and keep on refreshing and consume all the bandwidth and its out of service.
Logic Attacks: These kinds of attack can exploit vulnerabilities in network software
such as web server or the underlying TCP/IP stack
Protocol Attacks: Exploiting a specific feature or implementation bug of some protocol
installed at the victim in order to consume excess amounts of its resources.
Protocols here are rules, that is to be followed to send data over network. Protocol Attacks take
advantage of protocol inherent design (ex., SMURF and DNS)
Software Vulnerability Attacks: attempt to to exploit a software program design flaw
(i.e., Land attack, Ping of Death, and Fragmentation)
TCP SYN Flood Attacks:
o Exploit the TCP-Three Way Handshake
Riddhi Joshi and Rosemol Thomas Page 11
 Shri S.V.Patel college of CS & BM

o Once the Victim’s connection table is full, all new connections are ignored
o SYN floods rarely crash servers” –ISS

ICMP Flood Attacks: Internet Control Message Protocol (ICMP) the standard error and
control Message protocol for Internet systems. Defined in RFC 792.
o Attacker sends a huge amount of ICMP Echo Requests to victim
o Once network links become overloaded, all legitimate traffic will be slowed or stopped
o As detrimental to the attacker as to the victim unless the attacker has a MUCH faster
link than the victim

UDP Attacks: Two UDP (User Datagram Protocol) services: echo (which echos back
any character received) and chargen (which generates character) were used in the past for
network testing and are enabled by default on most Systems.

Fig: UDP Attack

• These services can be used to launch a DOS by connecting the chargen to echo ports
on the same or another machine and generating large amounts of network traffic. Disable echo,
chargen and all other unused services whenever possible, such /etc/inetd. conf on Unix, and
“no udp Small services” on Cisco IOS.
• Filter UDP traffic at the firewall level.
Only allow legitimate traffic such as UDP port 53 (DNS) – Of course, NewTear, Newtear2,
Bonk, and Boink are tools that exploit the same weakness in the Microsoft Windows 9.x/NT
TCP/IP stack.
• The attacker sends the victim a pair of malformed IP fragments which get reassembled
into an invalid UDP datagram. Upon receiving the invalid datagram, the victim host “blue-
screens” and freezes or reboots (The pathologic offset attack)
Smurf Attacks: When Smurfs go bad!!

Riddhi Joshi and Rosemol Thomas Page 12

 Shri S.V.Patel college of CS & BM

• A smurf attack consists of a host sending an ICMP echo request (ping) to a network
broadcast address.(usually network addresses with the host portion of the address having all
1s)
• Every host on the network receives the ICMP echo request and sends back an ICMP
echo response inundating the initiator with network traffic.

Fig: Smurf Attack

Smurf Attack Example:

1. Attacker sends ICMP (Internet Control Message Protocol) packet with spoofed source IP
Victimà10.1.2.255
2. Attacker sends ICMP packet with spoofed source IPVictimà192.168.1.255
3. Victim is flooded with ICMP echo responses
4. Victim hangs?
How to prevent Dos Attacks?
Honestly speaking there is no full proof method, as these attacks take advantage of bugs and
exploits present in the system. So the best method is to keep yourself updated with latest
security patches, allowing only necessary traffic or at least monitoring where your traffic is
coming from if there is a sudden rise in traffic and block the particular IP.
A Distributed Denial of Service (DoS) Attacks:

Riddhi Joshi and Rosemol Thomas Page 13

 Shri S.V.Patel college of CS & BM

Introduction to DDos ( Distributed Denial of Service )

One step ahead, DDos does is capable of doing more harm. With this attacker can use the
victims system to infect other connected systems or send a spam. Attacker can find a weakness
in the system and can inject a malware or a software which can be remotely used. Using this
now attacker can make the server “a slave” and send spams or get access to files using its
permission. Thousands of system can be targeted from a single point ( Imagine if Google server
can be hacked to send spams to all Gmail Inboxes !!!! Scary right!!) . When used for this one
purpose you can see an propagating effect which multiplies. This one machine can infect other
thousands of machine thus turning several megabytes of traffic to several gigabytes. This
sudden increasing flow can crash down any server.
Types or Levels of DDos Attacks
There are two types of DDoS attacks – Attacks that target the Network (Internet bandwidth)
and choke the Internet bandwidth used by the victim server, so that it cannot accept legitimate
requests coming from genuine users through the Internet gateway & Attacks that target the
vulnerabilities in applications in order to cripple server resources like CPU, RAM, Buffer
memory, etc and make the servers unavailable for handling any legitimate requests.
For example, DNS attack targets the network. In this, many zombie computers query DNS
servers simultaneously (with the spoofed IP address of the victim server). Now, the DNS
servers need to respond back to the queries, to the source IP address. Since all the source IP
addresses are of the victim server, all the responses are sent there – thereby chocking the
bandwidth available with the victim server. Likewise, a Syn Flood attack targets applications
– It opens multiple connections (using multiple zombie computers) to the victim server using
‘Syn’ requests. The server responds with ‘Syn-Ack’ acknowledgement. The zombie computers

Riddhi Joshi and Rosemol Thomas Page 14

 Shri S.V.Patel college of CS & BM

need to send back an ‘Ack’ response, for the victim server to close the connection. But they
don’t do that, resulting in many open connections (which cannot be used by other users) in the
server.
The handlers, are a small number of controlling computers which communicate with the
numerous zombie computers using command and control signals, which can be intercepted to
identify the handlers/ master computer. But sometimes, even those communications are
encrypted by attackers.
Some Steps for prevention/ mitigation of Distributed Denial of Service attacks (DDoS):
As such, the Distributed Denial of Service attacks are difficult to prevent / mitigate. But steps
can be taken (based on your environment) to prevent/ identify/ mitigate the DDoS attacks and
some of them are given below:
• Identification of statistical patterns of DDoS attacks and comparing the same with live
traffic, might help in identifying these attacks early. Its possible to identify and filter
illegitimate traffic while simultaneously allowing legitimate traffic. This requires appropriate
filtering systems, and can be automated or done manually.
• Having alternate network paths and applying load balancing for incoming traffic would
reduce the risk posed by DDoS attacks. Having over provisioned/ additional servers/ cloud
based resources even if it can be summoned only at the time of DDoS attacks also helps –
especially with small DDoS attacks, as more traffic can be handled.
• Rate-Limiting/ Throttling: The maximum incoming traffic (coming in to a server) can
be controlled, and any additional traffic could be throttled to prevent the server from going
down. Its beneficial if the source(s) of DDoS attacks could be identified so that the traffic from
there could be filtered out. Its possible to send ‘null-routes’ back to the attacking computers, to
confuse them in thinking there is no target server.
• Honeypots: Many organizations don’t use this, but its a very interesting technique
which involves the setting up of dummy servers with maximum vulnerabilities that are exposed
to hackers as legitimate servers. When the hackers attack these systems, its possible to study
the attack patterns, attack intentions and even find out attack sources.
• Aggressive Caching: Caching is a method by which the frequently accessed web pages
are stored as separate HTML files and when users request these pages, the HTML files are
presented to them instead of the Time/CPU resource consuming database quires. This enables
the servers to handle more requests/ per second and hence the smaller DDoS attacks can be
fended off.
• If its a website, it might be better to host it on cloud infrastructure/ content delivery
networks/ managed service providers etc, who have dedicated network security professionals
and devices (if companies don’t have them in-house) to manage DDoS attacks. But the cost of
such hosting / DDoS mitigation needs to be considered.
• It helps if the zombie computers are protected in the first place to ensure that they cannot
get infected by attackers and do not participate in the DDoS attacks.
IPR Violations (Intellectual Property Rights) : software piracy, copyright infringement,
trademarks violations,theft of computer source code, patent violations
Riddhi Joshi and Rosemol Thomas Page 15
 Shri S.V.Patel college of CS & BM

IPR violation:
The major legal and ethical problems that arise in terms of the Internet and
electronic media deal with intellectual property issues. There are well developed
laws that govern physical property. Physical property, also known as tangible
property, is property that we can touch and feel. Intellectual property, on the
other hand, deals with the ownership of ideas or the expression of ideas. Since
ideas cannot be touched or felt, butthey do belong to the person who developed
(or authored) them, they are known as intangible property.
There are several forms of legal protection available for intellectual property.
These are:
 trade secret protection
 copyright protection
 trademark protection
 patents.

IPR violation is a wide spread social disease and needs to be eradicated

from its roots. This can only be achieved with a very high level of
competence and experience.
The problem of piracy — unauthorized storage, copying, or
dissemination of copyrighted material such as computer software, music,
movies and books — burgeoned along with the growth of the Internet. Existing
federal copyright law makes it a crime to duplicate, store, or disseminate
copyrighted materials forprofit.
India has a huge potential for such fraudulent activities, and we
have set up a team of dedicated professionals to restrain such ongoing
activities.
In India, the Intellectual Property Rights (IPR) of computer software is covered
under the
Copyright Law. Accordingly, the copyright of computer software is protected
under the provisions of IndianCopyright Act 1957. Major changes to Indian
Copyright Law were introduced in 1994 and came into effectfrom 10 May 1995.
Since most software is easy to duplicate, and the copy is usually as good as
original, the Copyright Act wasneeded. Some of the key aspects of the law are
According to section 14 of this Act, it is illegal to make or distribute copies of
copyrighted softwarewithout proper or specific authorization.
Section 63 B stipulates a minimum jail term of 7 days, which can be extended up to
3 years.

a) What is software piracy?

Theft of software through the illegal copying of genuine programs or the
counterfeiting and distribution of products intended to pass for the original is
termed as termed as software piracy.
Software piracy is the mislicensing, unauthorized reproduction and illegal
distribution of software, whetherfor business or personal use. Protect yourself
from the risks of software piracy with helpful tips how to identify counterfeit or
other misuse of software.
Pirated software hurts everyone—from software developers to retail
Riddhi Joshi and Rosemol Thomas Page 16
 Shri S.V.Patel college of CS & BM

store owners, and ultimately to all software users. Furthermore, the illegal
duplication and distribution of software has a significant impact on the
economy.

Examples of software piracy

1. End user copying - Friends loaning disks to each other, or organizations
underreporting the numberof software installations they have made.
2. Hard disk loading – Hard disk vendors loads pirated software
3. Counterfeiting - large-scale duplication and distribution of illegally copied software.
4. Illegal downloads from the Internet - By intrusion,
cracking serial numbers etc.5.
A consumer of pirated software has a lot to lose…
He gets untested software that may have been copied thousands of
times over, potentiallycontaining hard-drive-infecting viruses
No technical support in case of software failure
No warranty protection
No legal right to use the product

b) What is a Copyright infringement?

Copyright infringements and piracy are not victimless crimes as many people
think; the true victimsare the creators, designers, the authors, composers, songwriters,
film makers and investors. Copyright Infringement is the unauthorized or
prohibited use of works / copyrighted material in a manner that violates one of the
copyright owner's exclusive rights, such as the right to reproduce or perform the
copyrighted work, or to make derivative works that build upon it. There are many
different ways copyright owners may find their copyright has been infringed.
In the new interpretation online piracy is seen as copyright infringement
and those who violate the law will be prosecuted accordingly. The interpretation
also set sentence criteria on CD, VCD and software piracies. Now a person who
copies literature, music, movie, TV programs and software in more than 5,000
CDs or VCDs without the permission from the copyright owners will be sentenced
in prison for three to sevenyears.

(What is the difference between piracy and counterfeiting?

The term "counterfeit" describes fake goods. The term "piracy" describes the act of
reproducing movies, music, books or other copyrighted works without permission
from the copyright owner.)

c) What is a Trademark?
A trademark protects words, names, symbols, sounds, phrase, logo, or colors
that distinguish goods and services from those manufactured or sold by others
and indicate the source of the goods. Trademarks, unlikepatents, can be renewed
forever as long as they are being used in commerce.
Trade Secret Protection: This method of protecting ownership of an idea
is to ensure that the idea is kept a secret. Generally, a trade secret can include
a formula, pattern, compilation, program, device, method, technique or
Riddhi Joshi and Rosemol Thomas Page 17
 Shri S.V.Patel college of CS & BM

process that is used in one's business, and has independent economic value
that provides an advantage over competitors who are not aware of it or use it.
Under most circumstances, a trade secret is lost once it is independently
discovered.
Example of trade secret is the formula used in preparing Coca Cola syrup. Very
few employees know the formula, and those who do are required to sign
nondisclosure agreements in order to have accessto it. The formula is safe as
long as no employee divulges the secret. The company could take them to court
if they did so.
Another example of a trade secret may be a company’s business plan or strategy.

Trade secrets can only exist if the basis for the idea can be kept a secret.
This may not be possible in the world of computer technology and
programming.

d) What is a Patent?
A patent is a right of ownership given to a new idea for a machine,
manufacture, composition of matter, or method, or for an improvement on
an existing one of any of these. The right of ownership is given for17
years. In order to get this right, the applicant must state the details of the idea
clearly in writing and submit it to the U.S. Patent and Trademark Office for
their assessment of its uniqueness. Patents can be licensed or sold to others.
What is a Patent Violation? Patent Violation is the commission of a
prohibited act with respectto a patented invention without permission from the
patent holder. Permission may typically be granted in the form of a license.
The definition of patent violation may vary by jurisdiction(field), but it
typically includes using or selling the patented invention. In many countries,
a use is required to be commercial (or to have a commercial purpose) to
constitute a patent violation.
Patent law of India has the following most main features, which
decide whether a patent will begranted or not:-

1. The Object: The object of patent law in India is to encourage scientific

research, new technology,and industrial progress.

2. Inventive Step: The fundamental principle of Patent law is granted only for an
invention.

e) What is Source Code Theft?

Computer source code is the most important asset of software companies.
Simply put, source code is the programming instructions that are compiled
into the executable files that are sold by software development companies. As
is expected, most source code thefts take place in software companies. Some
cases are also reported in banks, manufacturing companies and other
organizations that get original software developed for their use.
Scenario 1:
The suspect (usually an employee of the victim) steals the source code and
Riddhi Joshi and Rosemol Thomas Page 18
 Shri S.V.Patel college of CS & BM

sells it to a business rival ofthe victim.

Scenario 2:
The suspect (usually an employee of the victim) steals the source code and
uses it as a base to make andsell his own version of the software.

Cyber Squatting:
Cyber squatting (also known as domain squatting), cyber squatting is registering, trafficking
in, or using a domain name with bad-faith
OR
Cyber squatting refers to the bad faith registration of a domain name containing another
person’s brand or trademark
The term derives from squatting, the practice of inhabiting someone else's property without
their permission. In one variation of cyber squatting, called typo squatting.
Cyber squatters sometimes register variants of popular trademarked names, a practice known
as typo squatting.
Typo squatters rely on the fact that Internet users will make typographical errors when entering
domain names into their web browsers. Once a cyber squatter has registered such a domain
name, the cyber squatter can place advertisements on a website linked to that domain name,
and collect income any time an Internet user clicks on one of those advertisements.
Some common examples of cyber squatting include:
• The omission of the “dot” in the domain name: wwwexample.com;
• A common misspelling of the intended site: exemple.com
• A differently phrased domain name: examples.com
• A different top-level domain: example.org
Another strategy is as follows: Internet domain name registrations are for a fixed period of
time. If the owner of a domain name doesn't re-register the name with an internet registrar prior
to the domain's expiration date, then the domain name can be purchased by anybody else after
it expires.At this point the registration is considered lapsed. A cybersquatter may use automated
software tools to register the lapsed name the instant it is lapsed. This strategy is one of a family
of identity theft schemes including renewal snatching, extension exaggeration and alert
angling.
The first four would count against a determination of bad faith while the remainder would
weigh in favor of a bad faith determination.
1. If registrant has any trademark or other intellectual property rights in the name.
2. If this is the legal or nickname of the registrant.
3. The registrant's prior use of the domain name in connection with the good faith offering
of goods and services.
4. Lawful noncommercial or fair use of the mark in a web site under the domain name.

Riddhi Joshi and Rosemol Thomas Page 19

 Shri S.V.Patel college of CS & BM

5. Intent to divert to a site that could harm the trademark owner's goodwill - either for
commercial gain or with intent to tarnish by creating likelihood of confusion as to source,
sponsorship or affiliation, or endorsement of the site.
6. Offer to sell the domain name without having used, or having an intent to use, it in the
bona fide offering of goods or services, or a prior pattern of such conduct.
7. Intentional provision of misleading contact information in the domain name registration
application or the history of such conduct.
8. Warehousing of multiple domain names known to be identical or confusingly similar
to distinctive marks or dilutive of famous marks, without regard to the goods or services of the
parties.
9. The extent to which a mark is distinctive or famous.
Defamation (Cyber Smearing):

It takes place with the help of computer and or internet. The information published in
the website or emailsent to defame targeting an individual or an organization.
“Defamation can be understood as the intentional infringement of another
person's right to his goodname. Defamation can be understood as tarnishing the image,
respect or dignity of any person in front of right thinking members of the society.”
“Cyber Defamation occurs when defamation takes place with the help of
computers and / or the Internet. E.g. someone publishes defamatory matter about
someone on a website or sends e-mails containing defamatory information to all of that
person's friends A matter defaming a person is sent to thesaid person directly is not
defamation however if the said mail is sent through CC or BCC to third parties and if
the contents tarnish (blemish/dull) the image of the recipient it is defamation.
Publication of defamatory articles and matter on a website are defamation. Cyber
defamation is also called as Cyber smearing.”
Defamatory emails:
Cyber-defamation or even cyber-slander as it is called can prove to be
very harmful and even fatal to the people who have been made its victims. OR
Defamation is defined as communication to third parties of false
statements about a person that injure the reputation of or deter others from
associating with that person.
Defamation can take one of two forms: slander or libel. Slander covers oral
defamatory statements while libel addresses the written version. Defamation is an
abusive attack on a person'scharacter or good name. If a person is harmed in any way
by your statement(s), you can be held accountable in a court of law for your actions.
Defamation requires "publication." When you send a defamatory statement
about another person to others than the one you are defaming, that constitutes
publication. Any every time an email is sent, it is considered a new publication.
Everyone who has a role in the publication of that email may be liable.

What is Internet Defamation?

Riddhi Joshi and Rosemol Thomas Page 20

 Shri S.V.Patel college of CS & BM

Internet Defamation is a negative false statement of material fact published on

the Internet. With theInternet, defamatory statements can be published online to a
worldwide audience, making Internet Defamation potentially disastrous to your
reputation and to your business. It takes the expertise and experience of an Internet
Defamation Lawyer to assist you in protecting your good name.

Internet defamation laws may vary by jurisdiction. An Internet defamation lawyer

with experience in cyber libel, cyber slander, Internet defamation law, and in-depth
knowledge of the technical aspects of theInternet can effectively assist you to defend
your name from cyber defamation. Internet Defamation Lawyers can assist you no
matter where the Internet Defamation lies Lawyer from Internet Defamation
Law Firm can assist you to protect your online reputation

What if the defamatory statements are published by third parties in an Internet

forum, Online Blog/internet? Counting with the experience of an Internet defamation
law lawyer, in the absence of an expensive Internet defamation lawsuit, you may only
be able to obtain the name of the poster of the Internet libel by securing the cooperation
of the Internet Service Provider (ISP) or the owner of the websitewhere the Internet
defamation statements were posted.

Internet business competition is unforgiving. Your competitors may attempt to engage

in Internet businessdefamation, Internet libel, or online libel by posting defamatory posts
to gain a competitive advantage. Defamatory forum posts, blog posts, or online articles
could ruin your business. Once the Internet defamation is circulated on the Internet,
recovering from Internet defamation may be difficult andtime consuming. Your business
may not be able to recover its lost customers and the business opportunities lost as a
result of Internet defamation. An Internet defamation lawyer is an expert in removing
defamatory posts on the Internet and in prosecuting legal action against those who
defame yourbusiness online, even cyber- gripers.
As an individual, a defamatory post may keep you from obtaining your dream
job or from growing your own business. As a professional, Internet defamation
may cause you to lose your clients and be questionedby your peers. Internet
defamation attorneys (lawyers) can assist you to protect your good name.
Cyber stalking:

It refers to use of the internet, email, or other electronics communications

devices to stalk another person. Stalking involves harassing, or threatening
behavior that an individual is engaged in repeatedly. Stalking laws requires
that the perpetrator make a credible threat of violence against the victim; other
includes threat against the victim’s immediate family.
Cyber Stalking can be defined as the repeated acts harassment or threatening
behavior of the cyber criminaltowards the victim by using Internet services.
Stalking in General terms can be referred to as the repeated acts of harassment
targeting the victim such as…

Riddhi Joshi and Rosemol Thomas Page 21

 Shri S.V.Patel college of CS & BM

1. Following the victim

2. Making harassing phone calls
3. Killing the victims pet
4. Vandalizing victims property
5. Leaving written messages or objects

Stalking may be followed by serious violent acts such as physical harm to

the victim and the same has to be treated and viewed seriously. It all
depends on the course of conduct of the stalker.
Cyber-stalking refers to the use of the Internet, e-mail, or other electronic
communications device to stalkanother person. It is a relatively new form of
harassment, unfortunately, rising to alarming levels especially in big cities
like Mumbai.

Who is a cyber stalker?

A cyber stalker sends harassing or threatening electronic communication to
thevictim. Both kinds of stalkers – online and offline - have desire to control
the victim’s life.

How does a cyber stalker operate?

1. A typical cyber stalker collects all personal information about the victim such
as name, family background, telephone numbers of residence and work place,
daily routine of the victim, address of residence and place of work, date of
birth etc. If the stalker is the victim’s acquaintances, he/ she has easy access
to this information. If the stalker is a stranger, he/ she collects the information
from internet resources such as various profiles, the victim may have filled
in while opening chat or e-mail accounts or while signing an account with
some website.
2. The stalker may post this information on any website related to sex-services
or dating services, posing as if the victim is posting this information and
invite the people to call the victim on her telephone numbers to have sexual
services. A stalker even uses very filthy and obscene languageto invite the
interested persons.
3. People of all kind from nook and corner of the World, who come across this
information, start calling the victim at her residence and/or work place,
asking for sexual services or relationships.
4. Some stalkers subscribe the e-mail account of the victim to innumerable
pornographic and sexsites, because of which victim starts receiving such
kind of unsolicited e-mails.
5. Some stalkers keep on sending repeated e-mails asking for various kinds
of favors or threatenthe victim.
6. The stalkers follow their victim from message board to message board. They
"hangout" on thesame boards as their victim, many times posting notes to the
victim, making sure the victim is aware that he/she is being followed. Many
times they will "flame" their victim (becomingargumentative, insulting) to get
their attention.
7. Stalkers will almost always make contact with their victims through email. The
letters may be loving, threatening, or sexually explicit. They will many times
use multiple names when contactingthe victim.
Riddhi Joshi and Rosemol Thomas Page 22
 Shri S.V.Patel college of CS & BM

8. In extreme cases, the stalker becomes bold enough to contact victim via
telephone to make calls tothe victim to threaten, harass, or intimidate him/
her. Ultimately, the stalker is even known to track the victim to his/ her home.

When does cyber stalking happen?

In many cases, the cyber stalker and the victim had a prior relationship, and the cyber
stalking begins whenthe victim attempts to break off the relationship. However, there
also have been many instances of cyber stalking by strangers. Given the enormous
amount of personal information available through the Internet, a cyber stalker can
easily locate private information about a potential victim with a few mouse clicks or
keystrokes.
The fact that cyber stalking does not involve physical contact may create the
misperception that it ismore benign than physical stalking. This is not necessarily true.
As the Internet becomes an ever more integral part of our personal and professional
lives, stalkers cantake advantage of the ease of communications as well as increased
access to personal information. In addition, the ease of use and non-confrontational,
impersonal, and sometimes anonymous nature of Internet communications may
remove disincentives to cyber stalking.
Put another way, whereas a potential stalker may be unwilling or unable to confront a victim
in person or on the telephone, he or she may have little hesitation sending harassing or
threatening electronic communications to a victim. Finally, as with physical stalking, online
harassment and threats may be a prelude to more serious behavior, including physical violence.

Banking/Credit card Related crimes:-

In the corporate world, Internet hackers are continually looking for opportunities
to compromise a company’s security in order to gain access to confidential
banking and financial information.
Use of stolen card information or fake credit/debit cards are common.
Bank employee can grab money using programs to deduce small amount
of money from all customeraccounts and adding it to own account also called as
salami.

What is Bank fraud?

Bank fraud is the use of fraudulent means to obtain money, assets, or other
property owned or held by a financial institution, or to obtain money from
depositors by fraudulently representing to be a bank or financial institution. In
many instances, bank fraud is a criminal offense. While the specific elements
of a particular banking fraud law vary between jurisdictions, the term bank
fraud applies to actions that employa scheme or artifice, as opposed to bank
robbery or theft. For this reason, bank fraud is sometimes considered a white-
collar crime.

Are You a Target of Bank Fraud?

Bank and banking related fraud can occur in many ways from cheque fraud to
Riddhi Joshi and Rosemol Thomas Page 23
 Shri S.V.Patel college of CS & BM

credit card fraud. Read onto learn about some of the different types of bank
and banking related frauds and learn ways to protect your personal
information and prevent yourself from becoming the next target of bank and
banking related fraud.

Types of Bank and Banking Related Frauds:

 Cheque Fraud: is responsible for the loss of about $815 million yearly,
which is nearly 12 times the amount robbed from banks each year. Many
types of cheque scams exist, including:
 Forged Signatures – involves forging a signature on legitimate blank check
 Forged Endorsement – includes endorsing and cashing or depositing a stolen check
 Counterfeit Checks – is on the rise with the advancement in color copying and desktop
publishing
 Altered Checks – where a person changes the name of the payee or dollar amount on
a legitimate check
 Check Kiting – where a person deposits a non-sufficient fund check into an
account, then writesanother check against that amount for another account.

 Uninsured Deposits: occurs when illegitimate companies persuade customers

with high rates of interest or offshore secrecy to avoid paying taxes. These
companies are not monitored or authorized by any federal bank or financial
institution, meaning depositors do not receive protection or insurance on their
investments from any state or federal institution.

 Credit Card Fraud: is a common type of fraud that affects millions each year.
Statistics show that credit card causes $500 million in damages to card companies
and credit card holders. So, it’s wise to learn how to keep your credit card and bank
documents safe to prevent credit fraud from happening to you. And, if you suspect
that you’re a target of credit fraud contact your bank or credit card company
immediately to check for fraud.
 Falsification of Loan Applications: also known as Loan Fraud. It occurs when a
person produces falseinformation to qualify for a loan, such as a mortgage for their
house. Sometimes, loan officers may be in on the fraud.

Ways To Protect Yourself from bank and banking related fraud:

The best way to protect yourself from bank and banking related fraud
is by being informed of thesetypes of fraud. Here are some useful tips
you can use to help keep your money safe:
 Keep an eye on your credit cards, bank documents, and cards at all times
 Treat your cards and check book like it’s cash
 Monitor your accounts and keep receipts of your purchases to check against your
monthly statements
 Report any suspicious or bogus activity or charges made to your accounts
 Write down all your card numbers and keep it in a safe place, incase you need to report
a lost or stolen card
 Educate yourself about the risks of online banking fraud.
Riddhi Joshi and Rosemol Thomas Page 24
 Shri S.V.Patel college of CS & BM

What is Credit card fraud?

Credit card fraud is a wide-ranging term for theft and fraud committed using a
credit card or any similar payment mechanism as a fraudulent source of funds in a
transaction. The purpose may be to obtain goods without paying, or to obtain
unauthorized funds from an account. Credit card fraud is alsoan adjunct to identity
theft. According to the Federal Trade Commission, while identity theft had been
holding steadyfor the last few years, it saw a 21 % increase in 2008.
Credit/debit card fraud is committed when one person 1) fraudulently obtains,
takes, signs, uses, sells, buys, or forges someone else's credit or debit card or card
information; 2) uses his or her own card with the knowledge that it is revoked or expired
or that the account lacks enough money to pay for the items charged; and 3) sells goods
or services to someone else with knowledge that the credit or debit card being used was
illegally obtained or is being used without authorization.4) A thief could also open new
accounts in the victim’s name, incurring more charges on the victim’s line of credit.
These actions could inturn affect not only the victim’s immediate pocketbook, but future
credit as well.
If you are hit by credit fraud, be sure you know how to handle it. Learn what's involved
in reporting will help you take the best and most efficient steps possible towards
regaining control of your information.

Tips for Avoiding Credit Card Fraud:

 Don't give out your credit card number online unless the site is a secure and
reputable. Sometimes atiny icon of a padlock appears to symbolize a higher
level of security to transmit data. This icon is not a guarantee of a secure site,
but provides some assurance.
 Don't trust a site just because it claims to be secure.
 Before using the site, check out the security/encryption software it uses.
 Make sure you are purchasing merchandise from a reputable source.
 Do your homework on the individual or company to ensure that they are legitimate.
 Obtain a physical address rather than simply a post office box and a telephone
number, and call the seller to see if the telephone number is correct and
working.
 Send an e-mail to the seller to make sure the e-mail address is active, and
be wary of those thatutilize free e-mail services where a credit card wasn't
required to open the account.
 Consider not purchasing from sellers who won't provide you with this type of
information.
 Check with the Better Business Bureau from the seller’s area.
 Check out other websites regarding this person/company.
 Don’t judge a person or company by their website. Flashy websites can be set up
quickly.
 Be cautious when responding to special investment offers, especially through
unsolicited e-mail.
 Be cautious when dealing with individuals/companies from outside your own country.
 If possible, purchase items online using your credit card, because you
can often dispute thecharges if something goes wrong.
Riddhi Joshi and Rosemol Thomas Page 25
 Shri S.V.Patel college of CS & BM

 Make sure the transaction is secure when you electronically send your credit card
number.
 Keep a list of all your credit cards and account information along with
the card issuer’s contact information. If anything looks suspicious or
you lose your credit card(s), contact thecard issuer immediately.

Riddhi Joshi and Rosemol Thomas Page 26