CYBER CRIME INVESTIGATIONS AND DIGITAL FORENSICS

UNIT – I
Introduction:

Introduction and Overview of Cyber Crime:

Cybercrime refers to criminal activities that are committed using the internet or other digital
technologies, and it has become a major threat to individuals, organizations, and governments
worldwide. Cybercrime includes a wide range of criminal activities such as hacking, identity theft,
phishing, cyber stalking, online fraud, ransom-ware, and many others.

To combat cybercrime, law enforcement agencies, governments, and other organizations have
established various measures and initiatives, such as cybercrime laws, cyber security frameworks,
and awareness campaigns. However, cybercrime remains a persistent threat, and it requires ongoing
efforts and collaboration from all stakeholders to ensure the safety and security of the digital world.

Nature and Scope of Cyber Crime:

The nature and scope of cybercrime are vast and varied. Cybercrime is a form of criminal
activity that is committed using digital technologies, such as computers, smartphones, and the
internet. The scope of cybercrime is constantly expanding, as criminals continue to develop new
techniques and methods to exploit vulnerabilities in digital systems and networks.

The scope of cybercrime is not limited to individuals or organizations, as it can also impact national
security and public safety. For example, cybercriminals can target critical infrastructure, such as
power grids or transportation systems, to disrupt or disable essential services.

The nature and scope of cybercrime are constantly evolving, as criminals develop new techniques
and methods to exploit digital vulnerabilities. It is essential for individuals, organizations, and
governments to stay vigilant and take proactive measures to protect themselves against cyber
threats.

Types of Cyber Crime:

There are various types of cybercrime that can be classified based on the nature of the offense. Here
are some of the most common types of cybercrime:

1. Hacking: Hacking refers to the unauthorized access to computer systems or networks.

Hackers can steal sensitive information, install malware, or cause damage to computer
systems or networks.

2. Malware: Malware is malicious software that can harm or control a computer or network.
Malware can take many forms, such as viruses, worms, or Trojans, and can be used for
various purposes, such as stealing information, controlling computers, or launching attacks.

3. Phishing: Phishing is a form of online fraud in which criminals attempt to obtain sensitive
information, such as passwords, credit card details, or bank account information, by posing
as a legitimate entity.

4. Identity theft: Identity theft is the unauthorized use of someone's personal information to
commit fraud. Cybercriminals can steal personal information such as Social Security
numbers, addresses, and birthdates, and use them for fraudulent purposes.
 5. Online fraud: Online fraud includes various schemes that are carried out online, such as fake
online stores, investment scams, or work-from-home scams. These schemes can trick victims
into giving away money or personal information.

6. Cyber stalking: Cyber stalking refers to harassment or threatening behaviour carried out
online. Cyber stalking can involve sending unwanted messages, monitoring someone's online
activity, or sharing personal information without consent.

7. Ransomware: Ransomware is malware that encrypts a victim's files or data and demands
payment in exchange for access to the data.

8. Distributed Denial of Service (DDoS) attacks: DDoS attacks involve overloading a website or
network with traffic, making it inaccessible to legitimate users.

These are just a few examples of the many types of cybercrime. As technology continues to evolve,
cybercriminals will continue to develop new techniques and methods to exploit digital
vulnerabilities. It is important for individuals and organizations to stay informed and take proactive
measures to protect themselves against cyber threats.

Types of Cyber Crime: Social Engineering

Social engineering is a type of cybercrime that involves manipulating people into divulging
confidential information, providing access to computer systems or networks, or performing certain
actions that can be used to carry out cyberattacks. Social engineering attacks are often carried out
through the use of deception, manipulation, or impersonation. Here are some of the most common
types of social engineering attacks:

1. Phishing: Phishing is a type of social engineering attack in which criminals send emails or text
messages that appear to be from a legitimate source, such as a bank, social media site, or
government agency. The message often includes a link that leads to a fake website where
victims are prompted to enter sensitive information, such as passwords, credit card details,
or social security numbers.

2. Baiting: Baiting is a type of social engineering attack in which criminals lure victims with an
enticing offer, such as a free download or a prize. The offer is often used as a bait to get
victims to click on a link or download a file that contains malware.

3. Pretexting: Pretexting is a type of social engineering attack in which criminals impersonate

someone else, such as a company executive or a law enforcement officer, to gain access to
confidential information. The criminal will often use a pretext or a fabricated story to
convince the victim to provide the information.

4. Spear phishing: Spear phishing is a type of social engineering attack that targets specific
individuals or organizations. The attacker will research the victim and create a customized
message that is more convincing and more likely to get the victim to take the desired action.

5. Watering hole attacks: Watering hole attacks are a type of social engineering attack in which
the attacker infects a legitimate website that is likely to be visited by the victim. When the
victim visits the website, malware is downloaded onto their computer or mobile device.

Social engineering attacks can be difficult to detect, as they often rely on human psychology rather
than technical vulnerabilities. It is important for individuals and organizations to be aware of the
different types of social engineering attacks and to take proactive measures to prevent them, such as
employee training, multi-factor authentication, and implementing robust security protocols.

Why Do Cyber Criminals Use Social Engineering?

Cyber criminals will use social engineering techniques for a variety of reasons.
One of the most common reasons cyber criminals use social engineering is to try and gain access to
sensitive information. They may pose as a legitimate company or individual to trick someone into
giving them login credentials, financial information, or other types of data they can use for their
purposes.
Another reason why cyber criminals turn to social engineering is to spread malware. They may send
out phishing emails containing links or attachments infected with malware. Suppose someone clicks
on the link or opens the attachment. In that case, they may unknowingly install the malware on their
computer, which can give the cyber criminal access to their system and any sensitive information
stored on it.
Social engineering can be a very effective way for cyber criminals to achieve their goals. That's why
it's essential for everyone to be aware of the techniques that they may use and to be cautious when
sharing information or clicking on links.
Why Is Social Engineering So Dangerous?

Social engineering is so dangerous because people make mistakes. Although victims know they need
to be suspicious of emails that promise refunds or phone calls that tell them they'll be arrested
immediately if they don't provide their tax information, people get caught off-guard.

Further, social engineering poses the following risks:

Lack of security knowledge

One of the most prominent challenges organizations face regarding social engineering is that many
employees lack the knowledge to identify and defend against these types of attacks.

This lack of security awareness can have disastrous consequences, as social engineering attacks are
designed to exploit human weaknesses. By tricking people into revealing sensitive information or
downloading malicious software, attackers can gain access to critical systems and data.

Oversharing on Social Media

Most people know the dangers of oversharing on social media, but many still do it. Why? Because
it's fun and easy to share information about our lives with friends and family. But many people don't
realize that oversharing can also make us and our loved ones vulnerable to social engineering
attacks.

Social engineers use deception and manipulation to get us to disclose sensitive information or
perform actions that we wouldn't normally do. They may pose as friends or family members or
pretend to be from a trusted organization like a bank or government agency. And they often target
people who are more likely to share personal information on social media.

Being Over-Curious

If you're the type of person who always asks questions and tries to learn more about everything
around you, you may be at risk for social engineering. Social engineers use manipulation and
deception to get others to do what they want. They often target curious people because they easily
trick them into giving up information or doing something they shouldn't.
If you're always asking questions and trying to learn more, be sure to do so safely and securely.
Don't give out personal information or click on links from strangers. Curiosity is an excellent quality,
but it's important to be aware of the risks that come with it.

It's much easier for cyber criminals to hack a human than a company network. For this exact reason,
it's crucial that you focus on people-centric cyber security awareness training. Putting your people
first gives them the education, resources, and tools to stay aware of social engineering.

Categories of Cyber Crime:

Cybercrime refers to criminal activities that are carried out using electronic communication networks
and the internet. The following are some of the categories of cybercrime:

1. Hacking: This involves unauthorized access to a computer system or network, often for the
purpose of stealing sensitive information or causing damage.

2. Malware: Malware refers to malicious software designed to disrupt, damage or gain

unauthorized access to a computer system or network. This includes viruses, worms, and
Trojan horses.

3. Phishing: This involves the use of fraudulent emails or websites to trick individuals into
revealing sensitive information, such as passwords and financial details.

4. Cyberstalking: Cyberstalking refers to the use of the internet or other electronic means to
harass, intimidate, or threaten an individual.

5. Identity theft: This involves stealing someone's personal information, such as their name,
address, social security number, and credit card details, for financial gain or other malicious
purposes.

6. Cyberbullying: Cyberbullying involves using electronic communication to harass or intimidate

someone, often through social media or messaging apps.

7. Denial of service (DoS) attacks: This involves overwhelming a computer system or network
with traffic in order to disrupt or disable it.

8. Online fraud: This includes various forms of fraud committed online, such as fake websites,
online auctions, and investment scams.

9. Intellectual property theft: This involves stealing copyrighted material, such as music,
movies, and software, for financial gain or other purposes.

10. Ransomware: This involves encrypting a victim's data and demanding payment in exchange
for the decryption key.0

Classifications of Cybercrimes
Cybercrimes in general can be classified into four categories:
1. Individual Cyber Crimes:
This type is targeting individuals. It includes phishing, spoofing, spam, cyberstalking, and more.
2. Organisation Cyber Crimes:
The main target here is organizations. Usually, this type of crime is done by teams of criminals
including malware attacks and denial of service attacks.
3. Property Cybercrimes:
This type targets property like credit cards or even intellectual property rights.
4. Society Cybercrimes:
This is the most dangerous form of cybercrime as it includes cyber-terrorism.

Property Cybercrimes:
Property cybercrimes refer to crimes that involve unauthorized access, damage, or
destruction of property through cyberspace. These crimes include DDOS attacks, hacking,
virus transmission, copyright infringement, Intellectual property theft and IPR violations.
Intellectual property (IP) theft refers to the illegal infringement of someone else's
intellectual property rights. IP theft can take many forms, but some of the most common
types include:
1. Copyright infringement: This occurs when someone uses copyrighted material, such
as music, videos, or written works, without permission from the copyright owner.
2. Trademark infringement: This involves the unauthorized use of a trademark, such as
a company's logo, to promote or sell products or services.
3. Patent infringement: This occurs when someone makes, uses, or sells a patented
invention without the permission of the patent owner.
4. Trade secret theft: This involves the theft of confidential or proprietary information,
such as customer lists, manufacturing processes, or business plans that gives a
company a competitive advantage.
5. Counterfeiting: This involves the production of fake or imitation goods, such as
clothing, electronics, or luxury goods that infringe on the trademark or copyright of
the genuine product.
6. Piracy: This involves the illegal reproduction, distribution, or sale of copyrighted
material, such as movies, music, or software.
7. Cybersquatting: This involves the registration of a domain name that is similar to a
well-known trademark or company name, with the intention of profiting from the
confusion of internet users.

How to Prevent Cybercrimes?

There are many tips and guidelines to protect yourself and your environment from the risk
of cybercrimes such as:
1. Be sure that you are using up-to-date security software like antivirus and firewalls.
2. Implement the best possible security settings and implementations for your environment.
 3. Don't browse untrusted websites and be careful when downloading unknown files, and
also be careful when viewing Email attachments.
 4. Use strong authentication methods and keep your passwords as strong as possible.
 5. Don’t share sensitive information online or on your social media accounts.
 6. Educate children about the risks of internet usage.
 7. Always be ready to make an immediate reaction when falling victim to cybercrimes by
referring to the police.