Rani durgavati University,U.I.C.S.

A ,
, Jabalpur (MP)

BCA SECOND SEMESTER

Power point presentation on
SUBJECT :- Cyber security
Topic :- Unit 1(……..)
Submitted to. Submitted by.
Dipeesh sir Rishav kumar mishra
 Cyber crime

• Cyber Crime is a term used to broadly describe criminal activity in which

computers or computer networks are a tool, a target, or a place of criminal
activity and include everything from electronic cracking to denial of service
attacks. It is also used to include traditional crimes in which computers or
networks are used to enable the illicit activity. Computer crime mainly
consists of unauthorized access to computer systems data alteration, data
destruction, theft of intellectual property. Cyber crime in the context of
national security may involve hacking, traditional espionage, or information
warfare and related activities. Pornography, Threatening Email, Assuming
someones Identity, Sexual Harassment, Defamation, Spam and Phishing are
some examples where computers are used to commit crime, whereas
Viruses, Worms and Industrial Espionage, Software Piracy and Hacking are
examples where computers become target of crime.
Cybercrime is criminal activity that either targets or uses a computer, a computer
network or a networked device.
• Most, but not all, cybercrime is committed by cybercriminals or hackers who
want to make money. Cybercrime is carried out by individuals or organizations.
What is cyber security ?
Cybersecurity is the state or process of protecting and recovering
computer systems, networks, devices, and programs from 
any type of cyber attack. Cyber attacks are an increasingly
sophisticated and evolving danger to your sensitive data, as
attackers employ new methods powered by social engineering
and artificial intelligence to circumvent traditional security
controls. 
The fact of the matter is the world is increasingly reliant on
technology and this reliance will continue as we introduce the
next generation of smart Internet-enabled devices that have
access to our networks via Bluetooth and Wi-Fi. 
• Why we need cyber security :
categories of data from theft and damage. This includes sensitive
data, personally identifiable information (PII), protected health
information (PHI), personal information, intellectual property,
data, and governmental and industry information systems. 
Without a cybersecurity program, your organization cannot
defend itself against data breach campaigns, making it an
irresistible target for cybercriminals.
Prevention of Cyber Crime:
Below are some points by means of which we can prevent cyber crime:
• Use strong password:
Maintain different password and username combinations for each account and resist the
temptation to write them down. Weak passwords can be easily cracked using certain attacking
methods like Brute force attack, Rainbow table attack etc.
• Use trusted antivirus in devices:
Always use trustworthy and highly advanced antivirus software in mobile and personal
computers. This leads to the prevention of different virus attack on devices.
• Keep social media private:
Always keep your social media accounts data privacy only to your friends. Also make sure only
to make friend who are known to you.
• Keep your device software updated:
Whenever your get the updates of the system software update it at the same time because
sometimes the previous version can be easily attacked.
 Who is cyber criminals ?
Cybercriminals are individuals or teams of people who use
technology to commit malicious activities on digital
systems or networks with the intention of stealing
sensitive company information or personal data, and
generating profit.

Cybercriminals are known to access the cybercriminal

underground markets found in the deep web to trade
malicious goods and services, such as hacking tools and
stolen data
Cybercriminal underground markets are known to
specialize in certain products or services.
Laws related to cybercrime continue to evolve across
various countries worldwide. Law enforcement
agencies are also continually challenged when it
comes to finding, arresting, charging, and proving
cybercrimes.
• Classification of Cyber Crimes :-
• Cyber crimes are classified based on the subject of the crime, the
person or organization against whom the crime is committed, and the
temporal nature of the crimes committed online.
• Based on the subject of the crime, cybercrimes are
classified into three broad groups:
• 1.Crimes against individuals – These are committed against
individuals or their properties. Some examples are:
• Email harassment
• Cyber-stalking
• Spreading obscene material
• Unauthorized access or control over the computer system
• Indecent exposure
• Spoofing via email
• Fraud and also cheating
• Further, crimes against individual property like computer
vandalism and transmitting a virus. Also, trespassing online and
intellectual property-related crimes. Further, internet time
thefts are also included.
2.Crimes against organizations – Some examples of
cyber crimes against organizations are:
Possessing unauthorized information
Cyber terrorism against a government organization
• Distributing pirated software
3.Crimes against society – Some examples of crimes
against society are:
Polluting the youth through indecent exposure
Trafficking
Financial crimes
Selling illegal articles
Online Gambling
Forgery
• Apart from the ones listed above, crimes like hacking, denial of
service attacks, e-mail bombing, etc. are also present in
cyberspace.
•Some definition of related to cyber crime :-
• Cyberspace :- Cyberspace refers to the virtual
computer world, and more specifically, an electronic
medium that is used to facilitate online communication.
Cyberspace typically involves a large computer network
made up of many worldwide computer subnetworks
that employ TCP/IP protocol to aid in communication
and data exchange activities.
• Cyber squatting :- Cybersquatting is a term used to describe an individual or
company who intentionally purchases a domain and holds it for resale at a
premium price. Cybersquatting is sometimes referred to as domain squatting and
typo squatting.
• Cyber punk :- Cyberpunk is a sensibility or belief that a few
outsiders, armed with their own individuality and technological
capability, can fend off the tendencies of traditional institutions
to use technology to control society.hacker, who represent the
best kind of cyberpunk.
• Cyber warfare :-Cyberwarfare is computer- or network-
based conflict involving politically motivated attacks by a
nation-state on another nation-state. In these types of attacks,
nation-state actors attempt to disrupt the activities of
organizations or nation-states, especially for strategic or
military purposes and cyberespionage.
• Cyber terrorism :- The term cyberterrorism refers to the use of
the Internet in order to perform violent actions that either threaten or
result in serious bodily harm or even loss of life. Cyberterrorism acts
often aim to achieve political or ideological advantages by means of
intimidation, fear and threat.Sometimes,expands to cover the terrorist
activities like intentional disruption of computer networks through
using various tools like worms, viruses, phishing activities and various
other malicious software and programming scripts.
Email Spoofing :- Email spoofing is a technique used in
spam and phishing attacks to trick users into thinking a
message came from a person or entity they either know or
can trust. In spoofing attacks, the sender forges email
headers so that client software displays the fraudulent
sender address, which most users take at face value.
Unless they inspect the header more closely, users see the
forged sender in a message. If it’s a name they recognize,
they’re more likely to trust it. So they’ll click malicious
links, open malware attachments, send sensitive data and
even wire corporate funds.
Email spoofing is possible due to the way email systems are designed. Outgoing
messages are assigned a sender address by the client application; outgoing email
servers have no way to tell whether the sender address is legitimate or spoofed.
• Recipient servers and antimalware software can help detect and filter spoofed
messages. Unfortunately, not every email service has security protocols in place.
Still, users can review email headers packaged with every message to determine
whether the sender address is forged.
Spamming :- Spamming is the use of electronic
messaging systems like e-mails and other digital delivery
systems and broadcast media to send unwanted bulk
messages indiscriminately. The term spamming is also
applied to other media like in internet forums, instant
messaging, and mobile text messaging, social
networking spam, junk fax transmissions, television
advertising and sharing network spam.
Cyber defamation :-
The medium of defaming the individual’s identity is through the help of
computers via internet. If any individual posts or publishes some false
statement about the other individual through internet or emails the
individual having the defamatory statement with the intention to defame
the other about whom the statement has been made would amount to
cyber defamation. The defamation made to the individual through
internet is widespread and its irreplaceable as the information are in
public, to which everyone can access. Cyber defamation affects the
welfare of the community as whole. Cyber defamation is amonsgt one of
the most committed crime. Cyber crimes are neither bound by time nor
by the boundaries which means person sitting in one corner can cause
damage at any time to the person sitting in another corner of the world.
Internet time theft :- Internet time theft is a crime where the
internet connection of one person (the victim) is used by an
unauthorised person (the criminal).
This is usually done by getting access to the user’s internet account
details, such as user name and password, provided by the service
provider. This access can be given voluntarily by the user for a stipulated
time period, or it can be gained fraudulently.
what are the risk ?
The major problem encountered when one becomes a victim of
bandwidth theft is financial loss. It is also difficult for the victim to prove
his innocence in case any illegal activities are conducted by a malicious
user of the victim’s internet.
Salami attack :- One type of computer crime that gets
mentioned in introductory courses or in conversations among
security experts is the salami fraud. In the salami technique,
criminals steal money or resources a bit at a time. Two different
etymologies are circulating about the origins of this term.
 How it’s done ?
• The classic story about a salami attack is the old “collect- the-round
off” trick. In this scam, a programmer modifies the arithmetic routines
such as interest computations. Typically, the calculations are carried out
to several decimal places beyond the customary 2 or 3 kept for financial
records.
• For example, when currency is in Rupee, the round off goes up
to the nearest paisa about half the time and down the rest of the time.
If the programmer arranges to collect these fractions of paisa in a
separate account, a sizable fund can grow with no warning to the
financial institution. •
The Difference • Remember 1.01365 =37.78…
• While 0.99365 =0.02…
 Trying to Avoid the SALAMI Attack
• The main resolution for this attack is educating the user. Only through
user awareness, we can avoid this.
• Users should report back to the bank or the concerned authority if
they notice any deductions without their knowledge even if it is a small
amount.
• Don’t store any personal bank information like credit card, debit card
number in any of the online websites, these days we are getting an
option of saving our card details in different websites.
• Another important thing is to track your money, most people don’t
know their remaining balance in the account.
Data diddling :- data diddling attack involves altering raw data
just before it is processed by a computer and then changing it
back after the processing is completed.
Forgery :- When a perpetrator alters documents stored in
computerized form, the crime committed may be forgery. In this
instance, computer systems are the target of criminal activity.
Computers, however, can also be used as instruments with
which to commit forgery.
• Fake currency notes, postage and revenue stamps, marksheets
can be forged using sophisticated computers, printers and
scanners.
Web jacking :- Illegally seeking control of a website by taking over a
domain is know as Web Jacking. In web jacking attack method hackers
compromises with the domain name system (DNS) that resolves website 
URL to IP address but the actual website is never touched.
Web jacking attack method is another type of social engineering
phishing attack where an attacker create a fake web page of victim
website and send it to the victim and when a victim click on that link, a
message display on the browser “the site abc.com has move on another
address, click here to go to the new location” and if a victim does click
on the link, he/she will redirect on the fake website page where an
attacker can ask for any sensitive data such as credit card number,
username, password etc. Web jacking attack method is one kind of trap
which is spread by the attacker to steal the sensitive data of any people,
and those people got trapped who are not aware about cyber security.
Web Jacking Attack Method:

The first step of web jacking attack method is to create a fake page of
victim website for example www.anywebsite.com/login.php.
The second step is to host it either on your local computer or shared
hosting.
The third step is to send the link of a fake page to the victim.
The fourth step victim will open the link and enter their details and
submit.
• Last step, you will get all the details submitted by victim.
Online frauds :- There are many genuine websites who
offers online auction over internet. Taking the advantage of the
reputation of these websites, some of the cyber criminals lure
the customers to online auction fraud schemes which often lead
to either overpayment of the product or the item is never
delivered once the payment is made.
Pornography offence :- It is an act of possessing image
or video of a minor (under 18), engaged in sexual
conduct. The internet is being highly used by its abusers
to reach and abuse children sexually, worldwide.
Software piracy :- This the “The Biggest” challenge area.
Software piracy is “theft of software through the illegal copying
of genuine programs or the fake program and distribution of
products intended to pass for the original”.
Disadvantage of software piracy
The software, if pirated, may potentially contain hard-drive
infection virus.
 There is no technical support in the case of software failure.
 There is no warranty protection
 There is no legal right to use the product
According to the fourth annual BSA (Business Software Alliance )
and IDC global Software Piracy study, in Asia pacific 55% of
software installed are illegal.
• Email bombs :- An email bomb or "mail bomb" is a
malicious act in which a large number of email
 messages are sent to a single email address in a short
period of time. The purpose of an email bomb is
typically to overflow a user's inbox. In some cases, it will
also make the mail server unresponsive.
• Email bombing is often done from a single system in
which one user sends hundreds or thousands of
messages to another user. In order to send the
messages quickly, the email bomber may use a script to
automate the process. By sending emails with a script,
it is possible to send several thousand messages per
minute.
If performed successfully, an email bomb will leave the recipient with a
pile of email messages in his or her inbox. It may also max out the
recipient’s email quota, preventing the user from receiving new email
messages. The result is a frustrating situation where the user has to
manually delete the messages. If the recipient’s email client or webmail
system does not allow the user to select all the unwanted messages at
once, this process can take a long time to complete.

• Fortunately, most mail servers are capable of detecting email bombs

before a large number of messages are sent. For example, if the server
detects that more than ten messages are received from the same email
address within one minute, it may block the sender’s email address or
IP address. This simple action will stop the email bomb by rejecting
additional emails from the sender.
Password Siniffing :- Password sniffers are program that monitor and
record the name and password of network users as they login.
• Whoever installs the sniffer can then impersonate an authorized users and login to
access restricted documents.
• Password Sniffing is a Reconnaissance attack.
• Reconnaissance refers to the overall act of the learning information about a target
network by using readily available information and applications.
To prevent Password Sniffing Attack:
• Not to do anything on a public WIFI network.
• Not expose yourself and private inform
• Encrypt your data with a VPN
 CREDIT CARD FRAUD
• Credit card fraud is a wide- ranging term for theft and fraud
committed using a credit card or any similar payment
mechanism as a fraudulent source of funds in a transaction.
• The purpose may be to obtain goods without paying, or to
obtain unauthorized funds from an account.
 Types of fraud
1. Counterfeit credit card Makes up for 37% of all funds lost
through credit card frauds. To make fake cards criminals use
the newest technology to “skim” information contained on
magnetic stripes of cards and to pass security features such
as holograms
2. Lost or Stolen Cards Cards stolen from their cardholders or
lost by them account for 23% of all card frauds. Often, cards
are stolen from the workplace, gym, and unattended vehicles
3. No-Card Fraud Comprises 10% of all the losses and is
completed without the physical card in hand. This can happen by
giving your credit card information on the phone to shady
telemarketers and deceptive Internet sites that are promoting the
sales of their non-existent goods and services.

4.Non-Receipt Fraud Is responsible for 7% of all losses. It

occurs when new or replaced cards mailed by your card
company are stolen during the process of being mailed.
• 5.Identity Theft Fraud Accounts for 4% of all losses, and
occurs when criminals apply for a card using someone
else’ identity and information
 Identity theft
Identity theft happens when someone uses your personally
identifying information, like your name, social security
number, or credit card number, without your permission,
to commit fraud or other crimes.
 What Can Thieves Do With Your Identity
Credit Card Fraud: Open a CC in your name and or change
the billing address for your cards.

Bank/Financial: Create “fake” checks in your name or

account number, write bad checks in your name, make a “fake”
ATM card to impersonate yours, and or take a loan out in your
name.
• Phone and Utilities: Open a new accounts in your name or
“run up” charges on your existing accounts.

Government: Use your DL information to get a DL with your

name and their picture, use your SSN to get benefits, file
fraudulent tax returns with your information.