INTODUCTION TO CYBERCIME

I. DIGITAL NATIVES VS. DIGITAL IMMIGRANTS

DIGITAL NATIVES - people that were brought into a world that was already digital, spend
large amounts of time in digital environments, and use technological resources in their day-to-
day lives.
DIGITAL IMMIGRANTS - those who were bord prior to the creation of the internet and
digital technologies.
COMPUTER CRIME/CYBERCRIME - any crime accomplished through special knowledge
of computer technology. any crime where computer is used as a tool or as a target or incidental to
the commission of a crime.
THE DEPARTMENT OF JUSTICE CATEGORIZES COMPUTER CRIME IN THREE
WAYS:
 The computer as a target - attacking the computers of others (spreading viruses is an
example).
 The computer as a weapon - using a computer to commit "traditional crime" that we see
in the physical world (such as fraud or illegal gambling).
 The computer as an accessory - using a computer as a "fancy filing cabinet" to store
illegal or stolen information.

II. THE COMPUTER

What does Computer mean?
A computer is a machine or device that performs processes, calculations and operations based
on instructions provided by a software or hardware program.
A computer has two primary categories:
 Hardware: Physical structure that houses a computer's processor, memory, storage,
communication ports and peripheral devices
 Software: Includes operating system (OS) and software applications

Basic Parts of Computer: (Internal)

 Motherboard –it houses all other components.
 CPU – brain of the computer
 GPU – Graphics Processing Unit – used to display high-quality images and graphics.
 RAM – Random Access Memory – keeps data ready for the CPU to process. It is a
volatile memory.
 ROM – READ ONLY Memory – Non-Volatile memory.
 Power supply – converts AC to DC.
 Input Devices - An input device is any hardware component that allows you the user to enter
data into the computer. There are many input devices.

Six of the most widely used input devices are:

1. Keyboard- You use the keyboard to type letters, numbers, and symbols into the
computer.
2. Mouse-The mouse is a pointing device that has a pointer that changes into different
shapes as you use the mouse. You click the mouse by pressing and releasing the button.
This action allows you to enter data when using a mouse.
3. Scanner- This input device copies from paper into your computer.
4. Microphone- The microphone is usually used for voice input into the computer.
5. Digital Camera- The digital camera allows you to take pictures that you can input into
your computer.
6. PC Video Camera- The PC video camera allows you take both video and still images
that you can input onto your computer.

Output Devices - An output device is any hardware component that gives information to the
user.
Three commonly used output devices are as follow:
1. Monitor- This output device displays your information on a screen,
2. Printer- This output device prints information on paper. This type of printed output is
called a hard copy.
3. Speaker- Sound is the type of output you will get from a speaker.
Computer Software - The computer will not work without software. Software also called
PROGRAMS. These are the instructions that tell the computer what to do and how o do it.

The two main categories of software:

 System software - also called the operating system (OS)actually runs the computer.
This software controls all the operations of the computer and its devices.
 Application software - is a program that allows users to a specific task on the
computer.
Four examples of common Application Software:
1. Word Processing Application: One word processing program is Microsoft Word.
This program allows you to type letters, assignments and do any other written activity
on the computer.
2. Spreadsheet Application: Microsoft Excel is an example of a spreadsheet program.
One can use this program to create charts and do calculations.
3. E-mail Application: Outlook Express is an e-mail program that allows you to receive
and send e-mails.
4. Internet Application: Internet Explorer is a program that allows you to get
connected to the Internet and look at Web sites like the one you are reading now.

Computers are usually categories into three general categories:

 1. Supercomputer- The fastest, largest, most powerful, and most expensive computer.
2. Mainframe Computer- This is a little smaller and less powerful than the supercomputer,
but, like the supercomputer, it is also expensive.
3. Personal Computer (PC)-This is the computer that most people use in their daily lives.
This computer is much smaller, less powerful and less expensive than the supercomputer and
the mainframe computer.

Types (Processor)
• Macintosh (Macs)
• PC compatibles (PC)

Types (Physical)
• Mobile Computer - most popular type of mobile computer(notebook/laptop)
• Handheld Computer - very small PC that you can hold in your hand.

III. INTERNET

The Internet - called simply “the Net,” is a worldwide system of computer networks-a
network of networks in which users at any one computer can, if they have permission, get
information from any other computer (and sometimes talk directly users at other computers).
Basically, the way the Internet works is by connecting billions of computers together in
things called networks. Networks (“Net” for short) are clusters of computers linked together
so that they can send data to each other.

Types of Internet:
1. 1.Dial-Up (Analog 56K) - Dial-up access is cheap but slow. A modem (internal or
external) connects to the Internet after the computer dials a phone number. This analog
signal is converted to digital via the modem and sent over a landline serviced by a public
telephone network.
2. DSL(Digital Subscriber Line) - It is an internet connection that is always “on”. This
uses 2 lines so your phone is not tied up when your computer is connected. There is also
no need to dial a phone number to connect. DSL uses a router to transport data and the
range of connection speed, depending on the service offered, is between 128K to 8 Mbps.
3. Cable - Cable provides an internet connection through a cable modem and operates over
cable TV lines.
4. Wireless - Wireless, or Wi-Fi, as the name suggests, does not use telephone lines or
cables to connect to the internet. Instead, it uses radio frequency. Wireless is also an
always on connection and it can be accessed from just about anywhere.
5. Satellite - Satellite accesses the internet via a satellite in Earth’s orbit. The enormous
distance that a signal travels from earth to satellite and back again provides a delayed
connection compared to cable and DSL.
6. Cellular - Cellular technology provides wireless Internet access through cell phones. The speeds
vary depending on the provider, but the most common are 3G and 4G speeds. 3G is a term that
 describes a 3rd generation cellular network obtaining mobile speeds of around 2.0 Mbps. 4G is
the fourth generation of cellular wireless standards. The goal of 4G is to achieve peak mobile
speeds of 100 Mbps but the reality is about 21 Mbps currently.

COMPUTER CRIME VS. NET-CRIME

Computer Crime - Criminal activity involving computers.
Net Crime - criminal use of the internet.
CYBERSPACE - refers to the virtual computer world, and more specifically, is an electronic
medium used to form a global computer network to facilitate online communication.

IV. THE DIFFERENT TYPES OF CYBERCRIME

CYBER CRIME AGAINST INDIVIDUAL:

 EMAIL SPOOFING - Email spoofing is a technique used in spam and phishing attacks to trick
users into thinking a message came from a person or entity they either know or can trust. In
spoofing attacks, the sender forges email headers so that client software displays the fraudulent
sender address, which most users take at face value.
SPAMMING - Spamming is the use of messaging systems to send multiple unsolicited
messages to large numbers of recipients for the purpose of commercial advertising, for the
purpose of non-commercial proselytizing, for any prohibited purpose, or simply sending the
same message over and over to the same user.
CYBER DEFAMATION - Cyber libel is defined as a public and malicious imputation of a
crime, or of a vice or defect, real or imaginary, or any act, omission, condition, status, or
circumstance tending to cause the dishonor, discredit, or contempt of a natural or juridical
person, or to blacken the memory of one who is dead, and committed through a computer
system or any other similar means which may be devised in the future.
HARASSMENT - Cyber Harassment is defined as a repeated, unsolicited, hostile behavior by a
person through cyberspace with a intent to terrify, intimidate, humiliate, threaten, harass or
stalk someone. Any harassment caused through electronic media is considered to have a similar
impact as traditional offence of harassment. It can be done through various means of ICT as
depicted.
CYBERSTALKING - Cyberstalking is the use of the Internet or other electronic means to stalk
or harass an individual, group, or organization. It may include false accusations, defamation,
slander and libel. It may also include monitoring, identity theft, threats, vandalism, solicitation
for sex, doxing, or blackmail.

Types of Stalkers:
 Rejected Stalker - This type of stalker becomes upset when the friendship or romantic
relationship has ended. The rejected stalker is not only self-centered and jealous but also over-
dependent and persistent.
 Resentful Stalker – The resentful stalker feels humiliated that the relationship has ended and
seeks revenge upon the victim. Resentful stalkers are often irrationally paranoid and are known
to verbally assault their victims.
 o Predatory Stalker - The predatory stalker seeks power and sexual gratification. They
will not make physical contact but will use surveillance to track the victim.
o Intimacy Seeker– The intimacy-seeking stalker seeks an intimate and romantic
relationship with the victim. When the stalker is rejected by the victim, he or she will
continually phone the victim, write the victim letters, and can become jealous and
violent if the victim enters a relationship with someone else.
o Incompetent Suitor- The incompetent suitor stalker usually has inadequate social
skills. They want a relationship with the victim but do not have the ability to realize he
or she is not meant to be with the victim.
o Erotomania and Morbidly Infatuated - This type of stalker feels that the victim loves
them even though they may not have had any contact with the victim. The stalker is
usually paranoid, prefers suitors in a higher social class, and will repeatedly approach
the victim.

THE DIFFERENT TYPES OF CYBERCRIME

CYBER CRIME AGAINST PROPERTY:

 CREDIT CARD FRAUD - Credit card fraud is the unauthorized use of a credit or debit
card, or similar payment tool (ACH, EFT, recurring charge, etc.), to fraudulently obtain
money or property. Credit and debit card numbers can be stolen from unsecured websites or
can be obtained in an identity theft scheme.
 INTELLECTUAL PROPERTY - The access, distribution, and/or use of intellectual
property without and/or beyond initial authorization and in violation of the rights of the
owner or owners of the intellectual property is considered as intellectual property crime
(a.k.a., intellectual property theft).
 INTERNET TIME THEFT - It refers to theft in a manner where the unauthorized person
uses internet hours paid by another person. The authorized person gets access to another
person's ISP user ID and password, either by hacking or by illegal means without that
person’s knowledge.
CYBER CRIME AGAINST ORGANIZATION:
 UNAUTHORIZED ACCESSING OF COMPUTER - "Unauthorized access" entails
approaching, trespassing within, communicating with, storing data in, retrieving data from,
or otherwise intercepting and changing computer resources without consent. These laws
relate to these and other actions that interfere with computers, systems, programs, or
networks.
 DENIAL OF SERVICE - A Denial-of-Service (DoS) attack is an attack meant to shut
down a machine or network, making it inaccessible to its intended users. DoS attacks
accomplish this by flooding the target with traffic or sending it information that triggers a
crash.
 VIRUS ATTACK - A malware attack is a common cyberattack where malware (normally
malicious software) executes unauthorized actions on the victim’s system. Malicious
software (a.k.a. virus) encompasses many specific types of attacks such as ransomware,
spyware, command and control, and more.
 TROJAN HORSE - In computing, a Trojan horse is any malware that misleads users of its
true intent. The term is derived from the Ancient Greek story of the deceptive Trojan Horse
that led to the fall of the city of Troy.
 LOGIC BOMB - A logic bomb virus is a computer virus that contains a logic bomb, which
is malicious code that triggers an attack when specific conditions are met. Positive
conditions refer to something happening, like a program opening, while negative conditions
refer to something not happening, like someone not logging in.
 EMAIL BOMBING - On Internet usage, an email bomb is a form of net abuse that sends
large volumes of email to an address to overflow the mailbox, overwhelm the server where
the email address is hosted in a denial-of-service attack (DoS attack) or as a smoke screen
to distract the attention from important email messages indicating a security breach.
 SALAMI ATTACK - Criminals are launching so-called “salami” attacks, in which they
siphon small amounts of money from thousands of bank accounts at once. Fraudsters are
also turning phishing initiatives into big-dollar wire transfer fraud.
 DATA DIDDLING - Data diddling is a type of cybercrime in which data is altered as it is
entered into a computer system, most often by a data entry clerk or a computer virus.
Computerized processing of the altered data results in a fraudulent benefit.

CYBER CRIME AGAINST SOCIETY:

 FORGERY - When a perpetrator alters documents stored in computerized form, the crime
committed may be forgery. In this instance, computer systems are the target of criminal
activity. Computers, however, can also be used as instruments with which to commit
forgery.
 CYBER TERRORISM - Cyberterrorism is the convergence of cyberspace and terrorism.
It refers to unlawful attacks and threats of attacks against computers, networks and the
information stored therein when done to intimidate or coerce a government or its people in
furtherance of political or social objectives.
 WEB JACKING - This method is used in social media where the attackers create a fake
website and when the website opens it will redirect it to another website and harm the users
system. This is done for fulfilling political objectives for money.

OTHER TYPES OF CYBERCRIME:

 BOTNETS - Botnets are networks from compromised computers that are controlled
externally by remote hackers. The remote hackers then send spam or attack other computers
through these botnets. Botnets can also be used to act as malware and perform malicious
tasks.
 SOCIAL ENGINEERING - - Social engineering involves criminals making direct contact
with you usually by phone or email. They want to gain your confidence and usually pose
as a customer service agent, so you’ll give the necessary information needed. This is
typically a password, the company you work for, or bank information. Cybercriminals will
find out what they can about you on the internet and then attempt to add you as a friend on
social accounts. Once they gain access to an account, they can sell your information or
secure accounts in your name.
  PUPS - PUPS or Potentially Unwanted Programs are less threatening than other
cybercrimes but are a type of malware. They uninstall necessary software in your system
including search engines and pre-downloaded apps. They can include spyware or adware,
so it’s a good idea to install an antivirus software to avoid the malicious download.
 PHISHING - This type of attack involves hackers sending malicious email attachments or
URLs to users to gain access to their accounts or computer. -Cybercriminals are becoming
more established and many of these emails are not flagged as spam. Users are tricked into
emails claiming they need to change their password or update their billing information,
giving criminals access.
Categories of PHISHING:
 Spoofing - pretending to be legitimate business.
 Pharming – advance form of phishing, which redirects the connection between IP
address and its target server.
 Redirectors – malicious programs which redirect user’s network traffic to
undesired sites.
 Floating windows – phishers may place floating windows over the address bars in
Web browsers.
 Advance-fee Fraud or 419 Fraud – accomplished when an e mail message is
distributed to a victim which asks the recipient for his claiming “found” money.
 PROHIBITED/ILLEGAL CONTENT - This cybercrime involves criminals sharing and
distributing inappropriate content that can be considered highly distressing and offensive.
Offensive content can include, but is not limited to, sexual activity between adults, videos
with intense violent and videos of criminal activity. Illegal content- includes materials
advocating terrorism related acts and child exploitation material. This type of content exists
both on the everyday internet and on the dark web, an anonymous network.
 ONLINE SCAMS - These are usually in the form of ads or spam emails that include
promises of rewards or offers of unrealistic amounts of money. - Online scams include
enticing offers that are “too good to be true” and when clicked on can cause malware to
interfere and compromise information.
 Exploit kits - Exploit kits need a vulnerability (bug in the code of a software) to gain control
of a user’s computer. - They are readymade tools criminals can buy online and use against
anyone with a computer. - The exploit kits are upgraded regularly like normal software and
are available on dark web hacking forums.
 Hacking - is the act of illegally accessing the computer system/network of an individual,
group or business enterprise without the consent or approval of the owner of the system.
 Cracking - is a higher form of hacking in which the unauthorized access culminates with the
process of defeating the security system for the purpose of acquiring money or information
and/or availing of free services.

V. TYPES OF HACKERS
Hackers or crackers are those who target data which is valuable on its face (e.g.,
trade secrets and proprietary data) or directed at data (e.g., credit card data)
which may be used to further other criminal activity.
  White – hats - have the knowledge and skills that would enable them to function in the same
way as black-hats, but they decided to be on the right side of the law.
 Black hats- are hackers who commit illegal acts, and their main purpose is to harm
information systems, steal information, etc.
 Gray-hat hacker - A group of hackers that falls between black- and whitehat hackers who
have shifting or changing ethics depending on the specific situation.
Hacking techniques
 Bait and switch - Using bait and switch hacking technique, an attacker can buy advertising
spaces on the websites. Later, when a user clicks on the ad, he might get directed to a page
that’s infected with malware. This way, they can further install malware or adware on your
computer. The ads and download links shown in this technique are very attractive and users
are expected to end up clicking on the same.
 Cookie theft -The cookies of a browser keep our personal data such as browsing history,
username, and passwords for different sites that we access. Once the hacker gets the access to
your cookie, he can even authenticate himself as you on a browser. A popular method to carry
out this attack is to encourage a user’s IP packets to pass through attacker’s machine. Also
known as Side Jacking or Session Hijacking, this attack is easy to carry out if the user is not
using SSL (https) for the complete session. On the websites where you enter your password
and banking details, it’s of utmost importance for them to make their connections encrypted.
 Click Jacking Attacks - Click Jacking is also known by a different name, Ul Redress. In this
attack, the hacker hides the actual Ul where the victim is supposed to click. This behavior is
very common in app download, movie streaming, and torrent websites. While they mostly
employ this technique to earn advertising dollars, others can use it to steal your personal
information. In another word, in this type of hacking, the attacker hijacks the clicks of the
victim that aren’t meant for the exact page, but for a page where the hacker wants you to be. It
works by fooling an internet user into performing an undesired action by clicking on hidden
link.
 Virus, Trojan etc. - Virus or trojans are malicious software programs which get installed into
the victim’s system and keeps sending the victims data to the hacker. They can also lock your
files, serve fraud advertisement, divert traffic, sniff your data, or spread on all the computer
connected to your network.
 Eavesdropping (Passive Attacks) - Unlike other attacks which are active in nature, using a
passive attack, a hacker just monitors the computer systems and networks to gain some
unwanted information. - The motive behind eavesdropping is not to harm the system but to
get some information without being identified. These types of hackers can target email,
instant messaging services, phone calls, web browsing, and other methods of communication.
-Those who indulge in such activities are generally black hat hackers, government agencies,
etc
 Fake WAP - Even just for fun, a hacker can use software to fake a wireless access point. This
WAP connects to the official public place WAP. Once you get connected the fake WAP, a
hacker can access your data, just like in the above case. It’s one of the easier hacks to
accomplish and one just needs a simple software and wireless network. Anyone can name
 their WAP as some legit name like “Heathrow Airport WiFi” or “Starbucks WiFi” and start
spying on you. One of the best ways to protect yourself from such attacks is using a quality
VPN service.
 Waterhole attacks - To poison a place, in this case, the hacker hits the most accessible
physical point of the victim.
 Denial of Service (DoS\DDoS) - A Denial of Service attack is a hacking technique to take
down a site or server by flooding that site or server with a lot of traffic that the server is
unable to process all the requests in the real time and finally crashes down. This popular
technique, the attacker floods the targeted machine with tons of requests to overwhelm the
resources, which, in turn, restrict the actual requests from being fulfilled.
 DDoS(Distributed Denial of Service) attacks, hackers often deploy botnets or zombie
computers which have got the only work to flood your system with request packets. With each
passing year, as the malware and types of hackers keep getting advanced, the size of DDoS
attacks keeps getting increasing.
 Keylogger - Keylogger is a simple software that records the key sequence and strokes of your
keyboard into a log file on your machine.

Republic Act No. 10175,

Otherwise Known as the
“Cybercrime Prevention Act of
2012”
Definition of Terms
 Access - refers to the instruction, communication with, storing data in, retrieving data from, or
otherwise making use of any resources of a computer system or communication network.
 Alteration - refers to the modification or change, in form or substance, of an existing
computer data or program.
 Communication - refers to the transmission of information of information through ICT
media, including voice, video, and other forms of data.
 Computer - refers to an electronic, magnetic, optical, electrochemical, or other data
processing or communication device, or grouping of such devices, capable of performing
logical, arithmetic, routing, or storage functions and which includes any storage facility or
equipment, or communications facility or equipment directly related to or operating in
conjunction with such device.
 Computer data - refers to any representation of facts, information, or concepts in a form
suitable for processing in a computer system including a program suitable to cause a computer
system to perform a function and includes electronic documents and/or electronic data
messages whether stored in local computer systems or online.
Types of Computer Data
 Subscriber’s Data - Refers to the name, address, telephone number, and any other
information identifying a subscriber of a communications service provider.
 Traffic data - refers to any computer data other than the content of the
communication, including, but not limited to, the communication’s origin, destination,
route, time, date, size, duration, or type of underlying service.
  content data - Refers to the content of the communication, the meaning or purported
meaning of the communication, or the message or the information being conveyed by
the communication, other than traffic data.
Service Provider refers to:
(1) Any public or private entity that provides to users of its service the ability to communicate
by means of a computer system; and
(2) Any other entity that processes or stores computer data on behalf of such communication
service or users of such service.

PUNISHABLE ACTS
(Cybercrime Offenses (Philippine setting)
1. OFFENSES AGAINST THE CONFIDENTIALITY, INTEGRITY AND AVAILABILITY
(CIA) OF COMPUTER DATA AND SYSTEMS:
1) lllegal Access. – The access to the whole or any part of a computer system without
right.
2) lllegal Interception. – The interception made by technical means without right of any
non-public transmission of computer data to, from, or within a computer system
including electromagnetic emissions from a computer system carrying such computer
data.
3) Data Interference. - The intentional or reckless alteration, damaging, deletion or
deterioration of computer data, electronic document, or electronic data message, without
right, including the introduction or transmission of viruses.
4) System Interference. - The intentional alteration or reckless hindering or interference
with the functioning of a computer or computer network by inputting, transmitting,
damaging, deleting, deteriorating, altering or suppressing computer data or program,
electronic document, or electronic data message, without right or authority, including the
introduction or transmission of viruses.
5) Misuse of Devices
a) The use, production, sale, procurement, importation, distribution, or otherwise
making available, without right, of:
• i. A device, including a computer program, designed or adapted primarily for the
purpose of committing any of the offenses under this Act; or
• ii. A computer password, access code, or similar data by which the whole or any
part of a computer system is capable of being accessed with intent that it be used
for the purpose of committing any of the offenses under this Act.
b) The possession of an item referred to in paragraphs 5(a) or (b) above with intent
to use said devices for the purpose of committing any of the offenses under this
section.
6) Cyber-squatting. - The acquisition of a domain name over the internet in bad faith to
profit, mislead, destroy reputation, and deprive others from registering the same, if such a
domain name is:
a) Similar, identical, or confusingly like an existing trademark registered with the
appropriate government agency at the time of the domain name registration:
 b) Identical or in any way similar with the name of a person other than the registrant,
in case of a personal name; and c. Acquired without right or with intellectual
property interests in it.

2. COMPUTER-RELATED OFFENSES:
1) Computer-related Forgery.
a) The input, alteration, or deletion of any computer data without right resulting in
inauthentic data with the intent that it be considered or acted upon for legal
purposes as if it were authentic, regardless of whether or not the data is directly
readable and intelligible; or
b) The act of knowingly using computer data which is the product of computer-
related forgery as defined herein, for the purpose of perpetuating a fraudulent or
dishonest design.
2) Computer-related Fraud. -The unauthorized input, alteration, or deletion of
computer data or program or interference in the functioning of a computer system,
causing damage thereby with fraudulent intent: Provided, That if no damage has yet been
caused, the penalty imposable shall be one (1) degree lower.
3) Computer-related Identity Theft. - The intentional acquisition, use, misuse, transfer,
possession, alteration or deletion of identifying information belonging to another,
whether natural or juridical, without right: Provided, that if no damage has yet been
caused, the penalty imposable shall be one (1) degree lower.

3.CONTENT-RELATED OFFENSES:
1)Cybersex. - The willful engagement, maintenance, control, or operation, directly or
indirectly, of any lascivious exhibition of sexual organs or sexual activity, with the aid of
a computer system, for favor or consideration.
2)Child Pornography. - The unlawful or prohibited acts defined and punishable by
Republic Act No. 9775 or the Anti-Child Pornography Act of 2009, committed through a
computer system. 3)Libel. The unlawful or prohibited acts of libel as defined in Article
355 of the Revised Penal Code, as amended, committed through a computer system or
any other similar means which may be devised in the future.
4) OTHER OFFENSES
The following acts shall also constitute an offense:
• Aiding or Abetting in the Commission of Cybercrime -Any person who willfully abets
or aids in the commission of any of the offenses enumerated in this Act shall be held
liable.
• Attempt in the Commission of Cybercrime -Any person who willfully attempts to
commit any of the offenses enumerated in this Act shall be held liable.
Who has Jurisdiction over Cybercrime Cases?
 The Regional Trial Court shall have jurisdiction over any violation of the provisions of the
Act, including any violation committed by a Filipino national regardless of the place of
commission.
 Note: Criminal action for violation of the Act may be filed with the RTC of the province or
city where the cybercrime or any of its elements is committed, or where any part of the
computer system used is situated, or where any of the damage caused to a natural or
juridical person took place

ENFORCEMENT AND IMPLEMENTATION

Law Enforcement Authorities

The National Bureau of Investigation(NBI) and the Philippine National Police (PNP)
shall be responsible for the efficient and effective law enforcement of the provisions of this Act.
The NBI and the PNP shall organize a cybercrime unit or center manned by special investigators
to exclusively handle cases involving violations of this Act.

Duties of Law Enforcement Authorities

• To ensure that the technical nature of cybercrime and its prevention is given focus and
considering the procedures involved for international cooperation, law enforcement authorities
specifically the computer or technology crime divisions or units responsible for the investigation
of cybercrimes are required to submit timely and regular reports including pre-operation, post-
operation and investigation results and such other documents as may be required to the
Department of Justice (DOJ) for review and monitoring.

Competent Authorities:
Department of Justice(DOJ) - created an Office of Cybercrime(OOC) within the DOJ
designated as the central authority in all matters related to international mutual assistance and
extradition.
Cybercrime Investigation and Coordinating Center(CICC) - An inter-agency body to be
known as the Cybercrime Investigation and Coordinating Center (CICC), under the
administrative supervision of the Office of the President, for policy coordination among
concerned agencies and for the formulation and enforcement of the national cybersecurity plan.

CICC Composition:
1. Executive Director of the Information and Communications Technology Office under
the Department of Science and Technology (ICTO-DOST) as Chairperson
2. Director of the NBI as Vice Chairperson.
Members
1. the Chief of the PNP;
2. Head of the DOJ Office of Cybercrime; and
3. one (1) representative from the private sector and academe The CICC shall be manned
by a secretariat of selected existing personnel and representatives from the different
participating agencies.
Preservation and Retention of Computer Data:
 The integrity of TRAFFIC DATA AND SUBSCRIBER INFORMATION shall be kept,
retained, and preserved by a service provider for a minimum period of SIX (6)
MONTHS FROM THE DATE OF THE TRANSACTION.
 CONTENT DATA shall be similarly preserved for SIX (6) MONTHS FROM THE
DATE OF RECEIPT OF THE ORDER from law enforcement authorities requiring its
preservation.
 Law enforcement authorities may order a ONE-TIME EXTENSION FOR ANOTHER
SIX (6) MONTHS: Provided, That once computer data that is preserved, transmitted or
stored by a service provider is used as evidence in a case, the mere act of furnishing such
service provider with a copy of the transmittal document to the Office of the Prosecutor shall
be deemed a notification to preserve the computer data until the final termination of the case
and/or as ordered by the Court.
 FOR OSAEC and CSAEM - That in the case of CONTENT DATA, the same shall be
PRESERVED WITHIN ONE (1) YEAR, and upon notice by the competent authority, the
preservation shall be EXTENDIBLE FOR ANOTHER SIX (6) MONTHS.

TYPES OF WARRANT:
1. Warrant to Disclose Computer Data (WDCD) DISCLOSURE OF COMPUTER
DATA.
A WDCD requires any person or service provider to disclose subscriber’s
information, traffic data, or relevant data in his/her or its possession or control
within 72 hours from receipt of the order. A request for WDCD may only be filed if
there is a complaint officially docketed and assigned for investigation and the disclosure
is necessary and relevant for the investigation.
A WDCD is an order in writing issued in the name of the People of the
Philippines, signed by a judge, upon application of law enforcement authorities,
authorizing the latter to issue an order to disclose and accordingly, require any person or
service provider to disclose or submit subscriber’s information, traffic data, or relevant
data in his/her or its possession or control.
Contents of WDCD:
a. The probable offense involved.
b. Relevance and necessity of the computer data or subscriber’s information sought
to be disclosed for the purpose of the investigation.
c. Names of the individuals or entities whose computer data or subscriber’s
information are sought to be disclosed, including the names of the individuals or
entities who have control, possession, or access thereto, if available
d. Particular description of the computer data or subscriber’s information sought to
be disclosed.
e. Place where the disclosure of computer data or subscriber’s information is to be
enforced, if available.
f. Manner or method by which the disclosure of the computer data or subscriber’s
information is to be carried out, if available
 g. Other relevant information that will persuade the court that there is a probable
cause to issue a WDCD.
2. Warrant to Intercept Computer Data (WICD)
Interception of Computer Data. Interception, as defined under Section 3
(m), Chapter I of RA 10175, may be carried out only by virtue of a court issued
warrant, duly applied for by law enforcement authorities.
Warrant to Intercept Computer Data (WICD). – A WICD is an order in
writing issued in the name of the People of the Philippines, signed by a judge,
upon application of law enforcement authorities, authorizing the latter to carry out
any or all of the following activities:
a) listening to;
b) recording;
c) monitoring;
d) surveillance of the content of communications, including procuring of
the content of computer data, either directly, through access and use of a
computer system or indirectly, through the use of electronic eavesdropping
or tapping devices, at the same time that the communication is occurring.
3. Warrant to Search, Seizure and Examination of Computer data.
Warrant to Search, Seize and Examine Computer Data (WSSECD). -
A Warrant to Search, Seize and Examine Computer Data (WSSECD) is an order
in writing issued in the name of the People of the Philippines, signed by a judge,
upon application of law enforcement authorities, authorizing the latter to search
the particular place for items to be seized and/or examined.
Contents of Application for a WSSECD. – A WSSECD is like a search
warrant, except the subject matter of a WSSECD is computer data.
Upon the conduct of the seizure, law enforcement must file a return stating
the:
(a) devices that were subject of the WSSECD and
(b) the hash value of the computer data and/or the seized computer device
or computer system containing such data
Issuance and Form of WSSECD. - If the judge is satisfied that there is
probable cause to believe that the facts upon which the application for WSSECD
exists, he shall issue the WSSECD.

OFF-SITE AND ON-SITE PRINCIPLE; Return of Items Seized Off-site.

ON-SITE SEARCH OFF-SITE SEARCH

Refers to the process whereby LEAs, by virtue of a
warrant to search, seize, and examine, obtains the
computer data subject thereof for forensic examination,
without the need of bringing related computer device/s
and/or parts of the computer system outside the place
to be searched.
Refers to the process whereby LEAs, by virtue of a
warrant to search, seize, and examine, are allowed to
bring the computer device/s and/or part/s of the
computer system outside the place to be searched in
order to conduct the forensic examination of the
computer data subject of the warrant.
 - Law enforcement authorities shall, if the circumstances so allow, endeavor to FIRST MAKE A
FORENSIC IMAGE OF THE COMPUTER DATA ON-SITE AS WELL AS LIMIT THEIR
SEARCH TO THE PLACE SPECIFIED IN THE WARRANT. OTHERWISE, AN OFF-SITE
SEARCH MAY BE CONDUCTED, provided that a forensic image is, nevertheless, made, and
that the reasons for the said search are stated in the initial return. A person whose computer
devices or computer system have been searched and seized off-site may, upon motion, seek the
return of the said items from the court issuing the WSSECD: Provided, that a forensic image of
the computer data subject of the WSSECD has already been made. The court may grant the
motion upon its determination that no lawful ground exists to otherwise withhold the return of
such items to him.

4. Warrant to Examine Computer Data (WECD)

Warrant to Examine Computer Data. A WECD is a warrant issued
when a computer device or system is previously seized by another lawful
method, such as a warrantless arrest. Before searching any device seized, law
enforcement must apply for a WECD. The request for a WECD must also state
the relevance and necessity of the data sought and describe particularly the
information sought to be disclosed. Also, the request must state the likely offense
involved.
Upon the conduct of the seizure, law enforcement must file a return stating
the (a) devices that were subject of the WECD and (b) the hash value of the
computer data and/or the seized computer device or computer system containing
such data.

LIVE FORENSIC AND DEAD – BOX FORENSIC:

The analysis of the drive can be achieved on two ways:
1. Live – box Forensics - live forensic or live data acquisition involves collecting data
from a running system. This can include memory, mounted files such as Windows
registry hives, unencrypted volumes or file systems, security files, or open processes.
Live data acquisition has become common in cases where a suspect is believed to have
used full disk encryption – which means shutting down the system will remove the
decryption key from memory and render the device unreadable without the correct
password or key.
2. Dead – box Forensics – In performing dead- box forensics, the proper forensic
method for duplicating evidence from a computer hard drive or other media storage
device requires the use of write- blocking of the original storage device. Write-blocking
can be accomplished either by using a physical hardware device that is connected
between the original (source) and the copy (target) hard drive or by using a special boot
media that can start a computer in a forensically sound manner. The best option for
making a forensic copy of a hard drive is to remove the hard drive from the computer,
connect it to a physical write-blocker, and then use a forensic workstation and forensic
software to make the copy.
DIGITAL DEVICE TO BE ANALYZED
o Desktops and laptops. Desktops and laptops are physical computers that are used
for day-to-day business. They are typically located at a user’s desk or work area.
The system usually contains one or more hard drives that contain the operating
system, applications, and associated data. Data may also be stored on an external
storage solution or media that is physically connected or accessed through a
computer network. Moreover, today, desktops can also be virtualized.
o Servers. Server systems typically provide core business or infrastructure services.
They are usually found in data centers, server rooms, or communication closets.
Server systems may physically look like a user desktop or laptop but are more
commonly rack mount devices. Servers will normally have at least one hard drive
for the operating system but may or may not contain any additional drives for
applications or data.
o Mobile devices. Mobile devices are typically small, handheld, networked
computers. They include cell phones, personal digital assistants (PDAs), tablets,
and wearable computers. Nearly all mobile devices have a relatively small amount
of built-in storage, typically some form of nonvolatile (flash) memory. 4. Cloud
services. In this context, a cloud service is an off-site third-party service that
provides hosted applications or data storage for an organization. Common
business services are hosted e-mail, timesheets, payroll, and human resources.
o Flash Drives and Novelty Flash drives. Another category of device which can
pose problems is that of portable storage. Typically, these are lumped together
under the catch-all terms “thumb drives” or “USB sticks” because the earliest and
most common versions of these USB devices were about the same size and shape
as a thumb drive.
o Secondary storage. There are various storage devices, for example, hard disks,
USB drives, SD cards, solid state Drives (SSD), floppy disks, tapes, CD-ROM,
DVD, and hard disk is the most commonly used one. Some are for the short term,
to temporarily hold the data that the computer is using at the moment. The other is
for more permanent, long-term keeping. The data stored in this disk are important
in digital forensic analysis as this will provide the “smoking gun” in order to
prove the commission of cybercrime.

 OTHER LAWS RELATED TO CYBERCRIME

o REPUBLIC ACT NO. 8792 - ELECTRONIC COMMERCE ACT OF 2000
o REPUBLIC ACT NO. 11930 - ANTI-OSAEC AND ANTI-CSAEM ACT
o AM 01-7-01-SC - RULES ON ELECTRONIC EVIDENCE
o A.M. NO. 17-11-03-SC - RULES ON CYBERCRIME WARRANTS
 DEFINITION OF TERMS
 ACCESS refers to the instruction,
communication with, storing data in,
retrieving data from, or otherwise making
use of any resources of a computer system
or communication network.
 ALTERATION refers to the modification or
change, in form or substance, of an existing
computer data or program.
 COMMUNICATION refers to the
transmission of information through ICT
media, including voice, video and other
forms of data.
 COMPUTER refers to an electronic,
magnetic, optical, electrochemical, or other
data processing or communications device,
or grouping of such devices, capable of
performing logical, arithmetic, routing, or
storage functions and which includes any
storage facility or equipment or
communications facility or equipment
directly related to or operating in
conjunction with such device. It covers any
type of computer device including devices
with data processing capabilities like mobile
phones, smart phones, computer networks
and other devices connected to the internet.
 COMPUTER DATA refers to any
representation of facts, information, or
concepts in a form suitable for processing in
a computer system including a program
suitable to cause a computer system to
perform a function and includes electronic
documents and/or electronic data messages
whether stored in local computer systems or
online.
 COMPUTER PROGRAM refers to a set
of instructions executed by the computer to
achieve intended results.
 COMPUTER SYSTEM refers to any
device or group of interconnected or related
devices, one or more of which, pursuant to a
program, performs automated processing of
data. It covers any type of device with data
processing capabilities including, but not
limited to, computers and mobile phones.
The device consisting of hardware and
software may include input, output and
storage components which may stand alone
or be connected in a network or other similar
devices. It also includes computer data
storage devices or media.
 WITHOUT RIGHT refers to either: (i)
conduct undertaken without or in excess of
authority; or (ii) conduct not covered by
established legal defenses, excuses, court
orders, justifications, or relevant principles
under the law.
 CYBER refers to a computer or a computer
network, the electronic medium in which
online communication takes place.
 CRITICAL INFRASTRUCTURE refers
to the computer systems, and/or networks,
whether physical or virtual, and/or the
computer programs, computer data and/or
traffic data so vital to this country that the
incapacity or destruction of or interference
with such system and assets would have a
debilitating impact on security, national or
economic security, national public health
and safety, or any combination of those
matters.
 CYBERSECURITY refers to the collection
of tools, policies, risk management
approaches, actions, training, best practices,
assurance and technologies that can be used
to protect the cyber environment and
organization and user’s assets.
 DATABASE refers to a representation of
information, knowledge, facts, concepts, or
instructions which are being prepared,
processed or stored or have been prepared,
processed or stored in a formalized manner
and which are intended for use in a
computer system.
 INTERCEPTION refers to listening to,
recording, monitoring or surveillance of the
 content of communications, including
procuring of the content of data, either
directly, through access and use of a
computer system or indirectly, through the
use of electronic eavesdropping or tapping
devices, at the same time that the
communication is occurring.
 SERVICE PROVIDER refers to:
o Any public or private entity that
provides to users of its service the
ability to communicate by means of
a computer system; and
o Any other entity that processes or
stores computer data on behalf of
such communication service or
users of such service.
 SUBSCRIBER’S INFORMATION refers
to any information contained in the form of
computer data or any other form that is held
by a service provider, relating to subscribers
of its services other than traffic or content
data and by which identity can be
established:
o The type of communication service
used, the technical provisions taken
thereto and the period of service;
o The subscriber’s identity, postal or
geographic address, telephone and
other access numbers, any assigned
network address, billing and
payment information, available on
the basis of the service agreement
or arrangement; and
o Any other available information on
the site about the installation of
communication equipment,
available on the basis of the service
agreement or arrangement.
 TRAFFIC DATA OR NON-CONTENT
DATA refers to any computer data other
than the content of the communication
including, but not limited to, the
communication’s origin, destination, route,
time, date, size, duration, or type of
underlying service.
1. What type of spyware records every keystroke of the user and reports this information back to
its source?
a. sniffer c. spyware
b. keyloggers d. spoofer
2. This fraud is accomplished when an e-mail message is distributed to a victim which asks the
recipient for his claiming “found” money.
a. Advance fee fraud c. Love scam
b. computer fraud d. Phishing
3. This cybercrime is committed by using one’s name to open any bank account, phone plans,
claim benefits or insurances.
a. Identity Theft b. Cyberstalking
c. Social Engineering d. Phishing
4. These are networks from compromised computers that are controlled externally by remote
hackers.
a. DDoS b. Virus
c. Worm d. Botnets
5. What is a repeated, unsolicited, hostile behavior by a person through cyberspace with a intent
to terrify, intimidate, humiliate, threaten, harass or stalk someone?

a. Defamation c. Spamming
b. Cyber Harassment d. Cyberstalking
6. Jolina’s ex-boyfriend opened her laptop and deleted their picture together without any
permission is liable of ___________.
a. Illegal Interception b. Illegal Alteration
c. Illegal Access d. Illegal Infrastructure
(Questions 7-8 are related)
7. Mr. Kampanya has been threatened by his rival, Mr. Kunying, that if he runs for the position
of Brgy. Chairman, his “video scandal” with his secretary will become public. In desperation,
Mr. Kampanya hired a hacker with the codename "Mr. ice-ice-baby" with the promise of 100,000
pesos to access Mr. Kunying's computer and delete every file related to his scandal. What kind of
hacker is he if he agreed to such a proposal?
a. White b. Pink
c. Black d. Gray
8. In the same scenario, what if, after the hacker deleted every file, including Mr. Kunying's
Company's confidential files, Mr. Kunying went to the PNP Cybercrime and reported the hacking
incident? Mr. Kunying, in collaboration with the PNP Cybercrime Unit, has offered a $100,000
reward to anyone who can provide information about the perpetrator. When Mr. "ice-ice-baby"
discovered this, he went to the police and assisted them in solving the case. What kind of hacker
is he in this case?
a. White b. Pink
c. Black d. Gray
9. These are people who did not grew up into a world that was already digital.
a. millennials b. Gen X
 c. digital immigrants d. Digital Natives
10. Kardo Aringkingking, a criminology student, was browsing his computer for his cybercrime
assignment when he came across a software called "CYBERCRIMEQandA" Thinking it was a
legitimate program, he downloaded and installed it right away. After how many days he noticed
that his files had been deleted, as well as unexpected and unusual computer activity. What
exactly is this type of malware?
a. Backdoor b. Virus
c. Trojan Horse d. Worm
11. University of the Visayas is preparing for its online classes. They hired an IT expert to set up
its website and learning management system. However, when they registered www.uv.edu.ph on
the internet someone had registered it. Further investigation revealed that a former professor of
the school has registered the domain and asked for 100,000 for the release of the domain name.
Is the professor criminally liable?

a. yes, with ransomware

b. yes, with cyber fraud
c. yes, with cybersquatting
d. yes, with cyber libel

12. Henry, who is a gamer, downloaded a certain gaming program, without him knowing this
program monitored his activity, collected his usernames and passwords and other personal
information. This is an example of ___________.
a. Pharming b. Sniffer
c. Spoofing d. Keylogger
13. It is a type of malware that is used to get unauthorized access to a website by cybercriminals.
a. Trojan Horse b. Backdoor
c. 419 Fraud d. Unauthorized Access
14. The willful engagement, maintenance, control, or operation, directly or indirectly, of any
lascivious exhibition of sexual organs or sexual activity, with the aid of a computer system, for
favor or consideration.
a. Cybercrime b. Cybersex
c. Cyber Pornography d. Online Sexual Activity
15. It is considered the first cybercrime law.
a. RA 10175 b. RA 10627
C. RA 8792 d. RA 9995
16. This is any information contained in the form of computer data or any other form that is held
by a service provider.

a. Non-content data c. Identifying information

b. Content data d. Subscribers Information
17. A person who financially benefits from cybercriminal acts is punishable under what category
of RA 10175?
a. Content Related Offenses c. Other Offenses
b. Offenses against CIA d. Computer related Offenses
18. Which among the following categories of cybercrime involves “without authority or right”
to do the action as basic element in the commission of crime?

a. Content Related Offenses c. Other Offenses

b. Offenses against CIA d. Computer related Offenses
19. Which of the following instances would volatile data still be present in a computer?
a. A turned off computer with an unplugged power cord.
b. A full charged turned off laptop.
c. A laptop in sleep mode.
d. None of the above.
20.What data is presented in the picture?
a. Non-content data
b. Content data
c. Identifying information
d. Subscribers Information
21. It is the intentional or reckless alteration, damaging, deletion or deterioration of computer
data, electronic document, or electronic data message, without right, including the introduction
or transmission of viruses

a. System Interference c. Computer Related Forgery

b. Data Interference d. Illegal Interception
22. What is any representation of facts, information, or concepts in a form suitable for
processing in a computer system including a program suitable to cause a computer system to
perform a function?

a. Computer data c. Computer program

b. Computer system d. Computer hardware
23. It is the idea of listening to, recording, monitoring or surveillance of the content of
communication with the aid of a computer.

a. Surveillance c. Interception
b. Interference d. Illegal Access
24. Albert, aged 30, is a self-proclaimed NGSB (No Girlfriend Since Birth) who, in his quest for
genuine affection, became a member of the "PinayTRULab" Facebook page. This is where his
path crossed with Joanna. Engaging in Facebook conversations for half a year, Albert developed
profound feelings for Joanna, even going so far as to provide her with financial support.
Believing this connection to be everlasting, Albert and Joanna arranged a long-awaited encounter
at MG's Dinugoan Resto. Despite waiting patiently for three hours, Joanna failed to appear.
Subsequently, Albert's attempts to reach Joanna became futile. It was later unveiled that the
pictures of the Facebook account was someone named Kristine Dimacatae, and the individual
with whom Albert had been conversing turned out to be Berto. Albert is a victim of
_____________.

a. Identity Theft c. Love Bombing

b. Computer Related Fraud d. Phishing
25. In the scenario above, Kristine Dimacatae is a victim of _______________.
a. Identity Theft b. Computer Related Fraud
c. Online Scam d. Online Harassment
26. What crime is commited in selling of hacking program like low orbit ion cannon (loic)?

a. Illegal Access c. Illegal Trading

b. Cyber Squatting d. Misuse of Devices
27. Who is considered the creator of the 1st ramsonware called the “AIDS Trojan”in 1989?

a. Kevin Mitnick c. Joseph Popp

b. David Smith d. Kevin Poulsen
(Questions 28-30 are related)
28. Mr. X's company is going bankrupt due to a new product manufactured by Mr. Y, his
competitor. Because he was envious, he asked his cousin Mark, a hacker, to assist him. Mark
used his computer to flood Mr. Y's company's server with authentication requests, causing the
online service to go down. This is an example of _________________

a. Denial of Server Attack

b. Distributed Denial of Server Attack
c. Denial of Service Attack
d. Distributed Denial of Service Attack

29. Assume that Mr. Y's server recovered from the malware attack, causing Mark to do the
unthinkable. He distributed malware to various computers and took control of them. Mark used
his computer, along with the computer he took control of, to flood Mr. Y's company's server with
authentication requests. This is an illustration of __________.
a. Denial of Server Attack
b. Distributed Denial of Server Attack
c. Denial of Service Attack
d. Distributed Denial of Service Attack

30. In the preceding scenario, the computers that Mark used and took control of were referred to
as ____________
a. Hacked Computer b. Infected Computer
c. Zombie d. Malware Host
(Questions 31-32 are related)
31. Layla de Layla received an email from UM-BANK requesting that she update her account
information. Her personal information was clearly requested in the email. When Layla contacted
UM-BANK, they denied having sent such an email. This is an example of ______________
 a. Illegal Solicitation b. Pharming
c. Phishing d. Spoofing
32. Assume that the email Layla received contained a link with the caption "Click Here," and she
clicked the link out of curiosity, and she was redirected to a mirror site. What type of Phishing is
this?
a. Illegal Solicitation b. Pharming
c. Phishing d. Spoofing
33. What do you call the smallest piece of data?
a. Byte b. Code
c. Bit d. Program
34. Bryan and Jessa are online lovers. When face-to-face classes began, Bryan became
increasingly jealous of Jessa's numerous suitors; unable to bear it any longer, Jessa ended her
relationship with Bryan. Bryan, unable to live with his broken heart and hatred for Jessa, he
decided to use packet sniffing software to monitor Jessa's network traffic. Under RA 10175, what
crime was committed?
a. Identity Theft b. Illegal Access
c. Illegal interception d. System Interference
35. Nicole, a criminology student, had feelings for one of her senior classmates. She immediately
stalked his crush's social media account and followed him. During class, she followed him
around without his knowledge, until he saw her crush kissing someone in the Apex Café.
Nonetheless, since she has no way of showing her true feelings, she posted “Ouch krusht kaayo
taka. Jujujuju bawi ko nextlayf” in her Facebook, she was contented in loving him from afar. Can
this be considered as Cyberstalking?
a. No, since she is following him around without his knowledge
b. No, since there was no online stalking done
c. No, since she is already obsessed with him
d. No, since there was no online harassment done
36. This type of attack involves hackers sending malicious email attachments or URLs to users to
gain access to their accounts or computer.
a. Online scam b. Scam
c. Phishing d. Social Engineering
(Questions 37-39 are related)
37. Mark is a CRI 327L-272 student who has a crush on his seatmate, named Nika. Mark,
desperate for romantic relationships, befriended Nika's best friend, Judy, in the hopes that she
would assist him in confessing his feelings for Nika, not realizing that Judy has feelings for him.
Judy, who was heartbroken because the love of her life was in love with her best friend did the
unthinkable. She created a Facebook account using Rika's personal information, including
photos, and used it to post naked pictures, sex scandals, and tagged Nika's friend with each post.
Mark believing it to be Nika's legitimate Facebook Account, was then turned off.
Judy committed what kind of cybercrime?
a. Online scam b. Identity Theft
c. Phishing d. Cyberstalking
38. In the same scenario, what is the criminal liability of Mark?
 a. Cyberstalking b. Illegal Content
c. Identity Theft Accomplice d. None
39. Assume that Mark successfully confessed his feelings for Nika but was turned down because
he is not her type. Mark, who can't stand rejection, texted Nika several times on her social media
accounts and via SMS, saying, "Akoa lang ka!! "Bantayan taka permi, di ka maadto sa uban."
This is an illustration of __________.
a. Online Harassment b. Cyberstalking
c. Identity Theft d. Victims of Love
40. These are cybercriminals who uses Deepthroat to compromise computer systems.

a. VSD
b. Hackers
c. Crackers
d. Hacktivists

41. Jolina’s ex-boyfriend opened her laptop and deleted their picture together without any
permission is liable of ___________.
a. Illegal Interception b. Illegal Alteration
c. Illegal Access d. Illegal Infrastructure
42. It refers to a computer or a computer network, the electronic medium in which online
communication takes place.
a. Cyber c. Cybercrime
b. Cyber-attack d. Cyber terrorism
43. Computer is essentially an element of Cyber Criminality, and it is either a tool or target of
Cyber Crimes. The statement is?
a. Correct c. Sometimes correct
b. Incorrect d. Sometimes incorrect
44. It refers to the computer crime, the use of a computer as an instrument to further illegal ends,
such as committing fraud, trafficking in child pornography and intellectual property, stealing
identities, or violating privacy.
a. Cybercrime c. Cyber
b. Cyber terrorism d. Cyberspace
45. A type of cybercriminals wherein law enforcement authorities often use it as a category
which includes vandalism, destructive programs (e.g., viruses and worms), and general mischief
for no economic.
a. Cyberpunks b. Hacker
c. Victor Skill Deficiency d. Cracker
46. What is a malicious program which redirect users’ network traffic to undesired sites?

a. Phishing
b. Spyware
c. Floating windows
d. Redirectors
47. The following are the reasons for vulnerability of computers to cyber criminality except one.

a. Huge data storage capacity

b. Wider access to information
c. availability of evidence
d. Complexity of computer systems

48. Man in the middle attack is liable under RA 10175 as ___________.

a. Illegal Access c. Data Interference
b. Illegal Interception d. System Interference
49. Uploading malware like ransomware is an example of __________.
a. Illegal Access c. Data Interference
b. Illegal Interception d. System Interference
50. Sending of an email to targets with a website link for users to click on, which might either
download malware onto the users’ digital devices is an example of ______________.

a. Illegal Interception
b. Computer Related Fraud
c. Computer Related Forgery
d. Data Alteration