Types of Cyber Crimes

Syed Shahid Hassan

Deputy Director
Cyber Crimes Circle
FIA Punjab Lahore
 Sequence

• Introduction
• About National Response Centre for Cyber
Crimes (NR3C), FIA
• Cyber Crime Laws in Pakistan
• Categories of Cyber Crimes
• Explanation of each category using definition
of Crime with Examples.
• How Law Enforcement Agencies track Cyber
Criminals 2
 About NR3C
 National Response Centre for Cyber Crimes (NR3C) is a Public
Sector Development Project (PSDP).
 National Response Centre for Cyber Crimes (NR3C) was
established in Year-2007 (August 2007).
 Responsible for enforcement of Electronic/Cyber Crime laws
in Pakistan.
 Currently there are five notified cyber crime police stations
located at Lahore, Karachi, Peshawar, Quetta and
Rawalpindi/Islamabad.
 Notified Digital Forensic Laboratories.
 Notified Special Public Prosecutors.

3
 Cyber Laws in Pakistan

 The Pakistan Telecommunication (Reorganization) Act,

1996 was the first law regulating internet in Pakistan and
addressing its criminal aspects.

 Electronic Transactions Ordinance-2002 (ETO-2002).

 Prevention of Electronic Crimes Ordinance (PECO-2007)

(Repealed in 2009).

 Prevention of Electronic Crimes Act 2016 (Bill Passed by National

Assembly & Pending with Senate).

4
 Current Status
of
Cyber Crime Legislation in Pakistan

 Prevention of Electronic Crimes Ordinance (PECO) is ineffective

since 7th Nov, 2009.

 Since PECO has become ineffective, NR3C FIA is currently

registering cases under Section 36 & 37 of ETO and Pakistan
Telecommunication (reorganization) Act, 1996

5
 Categories of Cyber Crimes

Cyber/Electronic Crimes in Pakistan can be broadly

divided into following categories:
• Cyber Stalking
• Electronic /Online Frauds
• Electronic /Computer Forgery
• Hacking
• System Damage
• Misuse of Electronic System
• Cyber Terrorism
6
Cyber Stalking

7
 Cyber Stalking

General Definition:

Cyberstalking is the use of the Internet or other electronic

means to ’stalk” or ‘harass’ an individual, a group of
individuals, or an organization. It may include false
accusations, monitoring, making threats, identity theft,
impersonation, damage to data or equipment, indecent
proposal, or gathering information in order to harass.

8
 Real Life Examples of Cyber Stalking

• Threatening Email messages, SMS Messages

• Threatening Calls
• Creating fake profile of someone on any social networking website,
pasting in humiliating information and personal information of the victim
like his/her real mobile number, home phone number, address, personal
pictures.
• In many cases, forged porn pictures of female victims were being
uploaded on the internet.
• Uploading stolen personal video of the victim on youtube.
• Sending porn pictures to female colleagues through anonymous email
address.
• Creating website or blog to make false allegation against the victim.
• Blackmailing someone by using any electronic communication system.

9
Social Networks

10
Electronic /Online Fraud

11
 Electronic / Online Fraud

Electronic / Online fraud refers to the use

of Telecommunication or Internet services to
present fraudulent solicitations to prospective
victims, to conduct fraudulent transactions, or
to transmit the proceeds of fraud to financial
institutions or to others connected with the
scheme.

12
 Electronic /Online Frauds
Electronic / Online Frauds can further be divided into
following sub-categories.
• Email / SMS Lottery Scams
• Employment Scams
• Phishing
• Goods never delivered Fraud
• Cultus Fraud (through Mobile Phone Calls)
• Prize Winner Scam (through Mobile Phone Calls)
• Fraudulent Balance Transfer (Mobile Phone)

13
 Email / SMS / BISP Lottery Scams

Payment is required to get your huge

unsolicited lottery winnings transferred into
your country/bank account. If you are told you
have won some random email lottery, or a
lottery that you don't remember entering, you
are probably being set up for a Lottery Scam.

14
Examples of Lottery Scam

15
Example of Lottery Scams

16
 Lottery Scams
The people who receive the scam emails and fall for them are
asked to make advance payments in the following heads one
after another.
• Legal Fees (for a Lawyer: as some kind of lawyer is always involved)
• Insurance Fee (Before transferring the actual amount to victim’s account)
• Shipping Charges (As they inform that the money will be sent through
parcel!!!)
• Wire Transfer Charges
• Drug Free Certificate Charges
• Anti-Money Laundering Certificate Charges
• Terrorist Free Certificate Charges
• Non-Inspection Fee at Airport
• Bribes
• Etc 17
 Employment / Job Scams
Employment scams, also known
as job scams, are a form
of advance fee fraud scamming
where certain unscrupulous
persons posing as
recruiters or employers offer
attractive employment opportuniti
es which require the job seeker to
pay them money in advance,
usually under the guise of work
visas, travel expenses, and out-of-
pocket expenses.

18
 Employment / Job Scams
• People usually look and apply for job overseas but they don’t
remember where they applied.
• Job Scammers search for there email addresses on such
websites and respond them by asking more information about
the victim and finally offering job of handsome amount.
• Job Scammers make use of fake websites and real looking
email addresses to put reality in their scams stories.
• Then they tell you to pay 50 $ as an application processing
fee. If the victim pays money, they ask for 120 $ more for visa
processing fee. If paid, they ask for more money on and on
under different heads.
• Their objective is squeeze the victims as much as they can.

19
 Phishing

• Phishing is a type of deception designed to steal your valuable

personal data, such as credit card numbers, passwords,
account data, or other information.

• Con artists might send millions of fraudulent e-mail messages

that appear to come from Web sites you trust, like your bank
or credit card company, and request that you provide personal
information.

20
Real Life Example of Phishing

21
Real Life Example of Phishing

22
 Real Life Example of Phishing

This one is
Easy!

This is not
eBay site
but a fake
One.

23
 Electronic /Computer Forgery
Examples:
• Creating forged Documents using computer
and other electronic equipment.
• Creating forged Credit Cards/Debit Cards

24
Hacking

25
 Hacking
Generic Definition:

Illegal access into another party's computer or

Internet site carried out for malevolent or
fraudulent purposes or to make unauthorised
amendments or just for fun (Computers);

26
 Hacking

Legal Definition:
• Section 36 & 37 of ETO 2002 Covers Hacking.
(The punishment for Hacking is imprisonment
up to 7 Years or Fine not exceeding 1 Million
rupees or both).

27
 Hacking
Section 36 of ETO 2002 defines Hacking under head
“Violation of Privacy of information:

Any person who gains or attempts to gain access to any information

system with or without intent to acquire the information contained
therein or to gain knowledge of such information, whether or not he is
aware of the nature or contents of such information, when he is not
authorised to gain access, as aforesaid, shall be guilty of an offence under
this Ordinance punishable with either description of a term not exceeding
seven years, or fine which may extend to one million rupees, or with both.

28
 Examples of Hacking
• Breaking in to University’s information system to
steal or alter information.
• Hacking Email Accounts
• Website Defacement
• Stealing or altering any information from any
information system by any means.
• Stealing information from information system also
includes looking over the shoulder when you are not
authorised.
• Breaking in to Bank’s information system to
add/change the amount in your Bank account.
29
 System Damage

Legal Definition (Section 6 of PECO 2009 and

Section 37 of ETO 2002):
6. System Damage: Whoever with intent to cause damage to the public or any person
interferes with or interrupts or obstructs the functioning, reliability or usefulness
of an electronic system or electronic device by inputting, transmitting, damaging,
deleting, altering, tempering, deteriorating or suppressing any data or services or
halting electronic system or choking the networks shall be punished with
imprisonment of either description for a term which may extend to three years, or
with fine, or with both.

30
 Examples of System Damage

• Distributed Denial of Service Attacks

• Physically Shutting down the power of any
computer running information system when
one is not authorized.
• Creating fake profile on social websites.
• E-mail hacking
• Cheating through websites.

31
 Examples of Misuse of Electronic System

• ATM Skimmer
Device

32
Another Picture of Skimmer Device

With and Without Skimmer device

33
 Examples of Misuse of Electronic System

• Magnetic Stripe
Read & Writer
(MSRW) Device

34
 Keyloggers
A keylogger can be either specialized
hardware fitted to a keyboard or keyboard
cable or a software program. Keyloggers are
used to record and log each and every
keystroke on a personal computer.

35
 Types of Keyloggers

Generally, there are two types of Keyloggers:

1. Software Based Keyloggers

2. Hardware Based Keyloggers

National Response Centre for Cyber Crimes,

36
FIA
Hardware Based Keylogger

PS/2 Based Keylogger

National Response Centre for Cyber Crimes,

37
FIA
Hardware Based Keyloggers

USB Based Keylogger

National Response Centre for Cyber Crimes,

38
FIA
Hardware Based Keyloggers

USB Based
Keyloggers

National Response Centre for Cyber Crimes,

39
FIA
Hardware Based Keylogger

Before After

National Response Centre for Cyber Crimes,

40
FIA
Hardware Based Keylogger

National Response Centre for Cyber Crimes,

41
FIA
 Software Based Keylogger
Typical Features:
• Keystroke recording
• Screen Shots (e.g. on every mouse click, after
every 5 mins)
• Username & Password Monitoring
• Chat monitoring (MSN, Yahoo, ICQ, AOL, etc)
• Sending monitored data to remote FTP server
or email address.
National Response Centre for Cyber Crimes,
42
FIA
 Examples of Cyber Terrorism

Cyber terrorism takes many forms:

• Extort money by threatening/unleashing Denial of Service

(DOS) attacks.
• Terrorism can also come in the form of disinformation. (e.g.,
defacement of frequently visited websites and disinformation
about some terrorist threat)
• cyber-terrorism can be used for an assassination!!!! (e.g.
changing the medication record system)
• Disabling critical information infrastructure of the
government. (e.g., DDOS attacks on government websites,
hacking into NADRA’s information system or physical terrorist
acts etc.)
 Examples of Cyber Terrorism

• Cyber attack alters processing control system of cereal

manufacture, introducing lethal levels of iron

• Cyber attack on air traffic control system causes planes to

collide

• Cyber attack alters drug formulas of pharmaceutical

manufactures, resulting in unfathomable loss of life

• Cyber attack changes pressure in gas lines, causing valve

failure, and then explosions (similar attack against electrical
grid)
 Examples of Cyber Terrorism

• Cyber attack disrupts banks, international financial

transactions, and stock exchanges – results in lost confidence
in economic system
• Deployed bombs communicate through cyberspace – when
one stops transmitting, the rest explode
• Use of hacking techniques for fund raising by terrorist groups.
• Utilization of Internet for communication, recruitment and
trainings.
• Monitoring and gaining access to classified information for
further terrorist attacks.
 Other Categories
• Obscene calls
• Obscene SMS
• Threatening calls
• Threatening SMS
• Malicious code (Computer virus, Worm, Trojan
Horse, Root Kit, Botnet, Sypware, Malware)

46
 Malicious code
• Computer virus: program which can copy itself and surreptitiously infect
another computer, often via shared media such as a floppy disk, CD,
thumb drive, shared directory, etc. Viruses are always embedded within
another file or program.
• Worm: self-reproducing program which propagates via the network.
• Trojan horse: program which purports to do one thing, but secretly does
something else; example: free screen saver which installs a backdoor
• Root kit: set of programs designed to allow an adversary to surreptitiously
gain full control of a targeted system while avoiding detection and
resisting removal, with the emphasis being on evading detection and
removal
• Botnet: set of compromised computers ("bots" or "zombies") under the
unified command and control of a "botmaster;" commands are sent to
bots via a command and control channel (bot commands are often
transmitted via IRC, Internet Relay Chat).
• Spyware: assorted privacy-invading/browser-perverting programs
• Malware: an inclusive term for all of the above -- "malicious software"
47
 How do LEAs Track Cyber Criminals?
• Have you ever noticed, when you visit some
websites, you get advertisements from
Pakistani Company’s!!!!!

How Come they know that which country are

you from?
Because of your:
IP Address
(which can get LEAs to the criminal’s house )
48
 How do LEAs Track Cyber Criminals?
• Whenever criminals make access to any
system, some traces of their identification are
left behind.
• Forensic Investigators in LEAs identify those
traces and track back the identity of the
criminals step by step.
• Once suspect’s physical location is identified,
through search and seize warrants, the
computer system under his control can be
confiscated for further Forensic examination.
49
 How do LEAs Track Cyber Criminals?

• The Forensic analysis and examination can

reconstruct computer events even if the data
was deleted by criminals before arrival of LEA
official.
• Nothing gets deleted actually when you delete
a file. If you have managed to securely delete
the data somehow even than traces of
criminal activity can be found from so many
places on your hard disk about which you do
not know.
50
 How do LEAs Track Cyber Criminals?
• The computer systems which LEAs can not
directly examine due to jurisdiction and other
issues, they obtain records from the operators
of these systems through court orders /
subpeona. (e.g., Google Inc. Facebook,
Microsoft, Yahoo etc).
• These companies are bound by US laws to
keep track of access logs of their users for the
period of last 180 days.

51
Question & Answers

52