CYBER CRIME

Computer crime, or cybercrime, refers to any crime that involves a computer and a network. The computer may have been used in the commission of a crime, or it may be the target. Netcrime refers to criminal exploitation of the Internet. Such crimes may threaten a nations security and financial health. Issues surrounding this type of crime have become high-profile, particularly those surrounding cracking, copyright infringement, child pornography, and child grooming. There are also problems of privacy when confidential information is lost or intercepted, lawfully or otherwise.
ONLINE FRAUD : The net is a boon for people to conduct business effectively, very quickly. It saves businesses a lot of time, money and resources. Unfortunately, the net is also an open invitation to scamsters and fraudsters and online frauds are becoming increasingly rampant. 1.Spoof websites and email security alerts Fraudsters create authentic looking websites that are actually nothing but a spoof. The purpose of these websites is to make the user enter personal information. This information is then used to access business and bank accounts. Fraudsters are increasingly turning to email to generate traffic to these websites. A lot of customers of financial institutions recently received such emails. Such emails usually contain a link to a spoof website and mislead users to enter User ids and passwords on the pretence that security details can be updated, or passwords changed. Getting an email containing an embedded link, and a request to enter secret details, treat it as suspicious. 2.Virus hoax emails It is a sad fact of life that there are those who enjoy exploiting the concerns of others. Many emailed warnings about viruses are hoaxes, designed purely to cause concern and disrupt businesses. 3.Lottery Frauds These are letters or emails, which inform the recipient that he/ she has won a prize in a lottery. To get the money, the recipient has to reply. After which another mail is received asking for bank details so that the money can be directly transferred. The email also asks for a processing fee/ handling fee. Of course, the money is never transferred in this case, the processing fee is swindled and the banking details are used for other frauds and scams. 4.Spoofing Spoofing means illegal intrusion, posing as a genuine user. A hacker logs-in to a computer illegally, using a different identity than his own. He is able to do this by having previously obtained actual password. He creates a new identity by fooling the computer into thinking he is the genuine system operator. The hacker then takes control of the system. He can commit innumerable number of frauds using this false identity. CHILD PORNOGRAPHY :

Child pornography is a very unfortunate reality of the Internet. The Internet is being highly used by its abusers to reach and abuse children sexually, worldwide. The Internet is very fast becoming a household commodity in India. Its explosion has made the children a viable victim to the cyber crime. As more homes have access to Internet, more children would be using the Internet and more are the chances of falling victim to the aggression of pedophiles. What is Child Pornography? Child pornography means any visual depiction, including 1. any photograph 2. film, video, picture, or 3. computer or computer-generated image or picture, of sexually explicit conduct, where the production of such visual depiction involves the use of a minor engaging in sexually explicit conduct.

SOFTWARE PIRACY : Theft of software through the illegal copying of genuine programs or the counterfeiting and distribution of products intended to pass for the original is termed as termed as software piracy. Examples of software piracy 1. End user copying - Friends loaning disks to each other, or organizations underreporting the number of software installations they have made. 2. Hard disk loading Hard disk vendors loads pirated software 3. Counterfeiting - large-scale duplication and distribution of illegally copied software. 4. Illegal downloads from the Internet - By intrusion, cracking serial numbers etc. A consumer of pirated software has a lot to lose

He gets untested software that may have been copied thousands of times over, potentially containing hard-drive-infecting viruses No technical support in case of software failure No warranty protection No legal right to use the product SPOOFING: Spoofing means a hacker logs-in to a computer illegally using a different identity than his own. He is able to do this by having previously obtained actual password. He creates a new identity by fooling the computer into thinking he is the genuine system operator. Hacker then takes control of the system.

USENET NEWSGROUP : Usenet is a popular means of sharing and distributing information on the web with respect to specific topic or subjects, includes

Possible Criminal Uses of Usenet Distribution/Sale of pornographic material.

Distribution/Sale of pirated softwares Distribution of Hacking Software Sale of Stolen credit card numbers Sale of Stolen Data/Stolen property.

CYBER STALKING Cyber Stalking can be defined as the repeated acts harassment or threatening behavior of the cyber criminal towards the victim by using Internet services. Stalking in General terms can be referred to as the repeated acts of harassment targeting the victim such as 1. 2. 3. 4. 5. Following the victim Making harassing phone calls Killing the victims pet Vandalizing victims property Leaving written messages or objects

Stalking may be followed by serious violent acts such as physical harm to the victim and the same has to be treated and viewed seriously. It all depends on the course of conduct of the stalker. Cyber-stalking refers to the use of the Internet, e-mail, or other electronic communications device to stalk another person. It is a relatively new form of harassment, unfortunately, rising to alarming levels especially in big cities like Mumbai. OPERATIONS OF A CYBER STALKER: 1. A typical cyber stalker collects all personal information about the victim such as name, family background, telephone numbers of residence and work place, daily routine of the victim, address of residence and place of work, date of birth etc. If the stalker is the victims acquaintances, he/ she has easy access to this information. If the stalker is a stranger, he/ she collects the information from internet resources such as various profiles, the victim may have filled in while opening chat or e-mail accounts or while signing an account with some website. 2. The stalker may post this information on any website related services, posing as if the victim is posting this information and invite the people to call the victim on her telephone numbers. A stalker even uses very filthy and obscene language to invite the interested persons. 3. People of all kind from nook and corner of the World, who come across this information, start calling the victim at her residence and/or work place. 4. In extreme cases, the stalker becomes bold enough to contact victim via telephone to make calls to the victim to threaten, harass, or intimidate him/ her. Ultimately, the stalker is even known to track the victim to his/ her home. WHEN DOES CYBER STALKING HAPPEN? In many cases, the cyber stalker and the victim had a prior relationship, and the cyber stalking begins when the victim attempts to break off the relationship. However, there also have been many instances of cyber stalking by strangers. Given the enormous amount of personal information available through the Internet, a cyber stalker can easily locate private information about a potential victim with a few mouse clicks or keystrokes. The fact that cyber stalking does not involve physical contact may create the misperception that it is more benign than physical stalking. This is not necessarily true. As the Internet becomes an ever more integral part of our personal and professional lives, stalkers can take advantage of the ease of communications as well as increased access to personal

information. In addition, the ease of use and non-confrontational, impersonal, and sometimes anonymous nature of Internet communications may remove disincentives to cyber stalking. Put another way, whereas a potential stalker may be unwilling or unable to confront a victim in person or on the telephone, he or she may have little hesitation sending harassing or threatening electronic communications to a victim. Finally, as with physical stalking, online harassment and threats may be a prelude to more serious behavior, including physical violence. DENIAL OF SERVICE: This is an act by a criminal, who floods the bandwidth of the victims network or fills his email box with spam mail depriving him of the services he is entitled to access or provide. This act is committed by a technique called spoofing and buffer overflow. The criminal spoofs the IP address and flood the network of the victim with repeated requests. Since the IP address is fake, the victim machine keeps waiting for response from the criminals machine for each request. This consumes the bandwidth of the network which then fails to serve the legitimate requests and ultimately breaks down.

HACKING: Hacking in simple terms means illegal intrusion into a computer system without the permission of the computer owner/user. Purposes of hacking

Greed Power Publicity Revenge Adventure Desire to access forbidden information Destructive mindset

Every act committed towards breaking into a computer and/or network is hacking. Hackers write or use ready-made computer programs to attack the target computer. They possess the desire to destruct and they get the kick out of such destruction. Some hackers hack for personal monetary gains, such as to stealing the credit card information, transferring money from various bank accounts to their own account followed by withdrawal of money. They extort money from some corporate giant threatening him to publish the stolen information, which is critical in nature. Government websites are the hot targets of the hackers due to the press coverage they receive. About Hackers, Crackers and Phreaks The original meaning of the word "hack" was born at MIT, and originally meant an elegant, witty or inspired way of doing almost anything. Now the meaning has changed to become something associated with the breaking into or harming of any kind of computer or telecommunications system. There is a claim that those who break into computer systems should be properly called "crackers" and those targeting phones should be known as "phreaks". VIRUS DISSEMINATION :

What is a computer Virus? A computer virus is a program that can infect other legitimate programs by modifying them to include a possibly evolved copy of itself. Viruses can spread themselves, without the knowledge or permission of the users, to potentially large numbers of programs on many machines. A computer virus passes from computer to computer like a biological virus passes from person to person. Viruses can also contain instructions that cause damage or annoyance; the combination of possibly damaging code with the ability to spread is what makes viruses a considerable concern.

How do viruses spread? Viruses can often spread without any readily visible symptoms. A virus can start on eventdriven effects (for example, triggered after a specific number of executions), time-driven effects (triggered on a specific date, such as Friday the 13th) or can occur at random. Typical action of a virus 1. 2. 3. 4. 5. 6. Display a message to prompt an action which may set of the virus Erase files Scramble data on a hard disk Cause erratic screen behavior Halt the PC Just replicate itself!

5 WORLDS WORST VIRUS ATTACKS: 1. Love Letter LoveLetter is the virus everyone learned to hate in 2000. The infection affected millions of computers and caused more damage than any other computer virus to date. Users were infected via email, through Internet chat systems, and through other file sharing systems. The worm sent copies of itself via Microsoft Outlook's address book entries. The mail included an executable file attachment with the e-mail subject line, "ILOVEYOU." The worm had the ability to overwrite several types of files, including .gif and .jpg files. It modified the Internet Explorer start page and changed Registry keys. It also moved other files and hid MP3 files on affected systems. 2.Klez The Klez worm, which blends different virus traits, was first detected in October 2001. Klez distributes itself like a virus, but sometimes acts like a worm, other times like a Trojan horse. Klez isn't as destructive as other worms, but it is widespread, hard to exterminate--and still active. In fact, so far, no other virus has stayed in circulation quite like Klez. It spreads via open networks and e-mail-regardless of the e-mail program you use. Klez sometimes masquerades as a worm-removal tool! It may corrupt files and disable anti-virus products. It steals data from a victim's e-mail address book, mixing and matching new senders and recipients for a new round of infection. 3.Melissa The Melissa virus swamped corporate networks with a tidal wave of e-mail messages in March 1999. Through Microsoft Outlook, when a user opened an e-mail message containing an infected Word attachment, the virus was sent to the first 50 names in the user's address book. The email fooled many recipients because it bore the name of someone the recipient knew and referred to a document they had allegedly requested. So much e-mail traffic was generated so quickly that companies like Intel and Microsoft

had to turn off their e-mail servers. The Melissa virus was the first virus capable of hopping from one machine to another on its own. And it's another good example of a virus with multiple variants. 4.Nimda Nimda (also known as the Concept Virus) appeared in September 2001, attacking tens of thousands of servers and hundreds of thousands of PCs. The worm modified Web documents and executable files, then created numerous copies of itself. The worm spread as an embedded attachment in an HTML e-mail message that would execute as soon as the recipient opened the message (unlike the typical attached virus that requires manual launching of the attachment). It also moved via serverto-server Web traffic, infected shared hard drives on networks, and downloaded itself to users browsing Web pages hosted on infected servers. Nimda soon inspired a crowd of imitators that followed the same pattern. 5. Anna Kournikova worm The Anna Kournikova (or VBS.SST@mm) worm, appearing in February 2001, didn't cause data loss, although in the process of boosting the profile of its namesake, the Russian tennis player, it did cause embarrassment and disruption for many personal and business users. The worm showed up in Microsoft Outlook users' e-mail in-boxes with an attachment (supposedly a picture of Kournikova). The attachment proved hard to resist. The result? Clicking the bogus attachment sent copies of the worm via e-mail to all addresses found in the victim's Outlook address book. Kournikova also brought about a number of copycat variants. Most worm creators have never been identified, but a 21-year-old Dutchman, Jan de Wit, admitted to unleashing this worm. The admitted virus writer is appealing a 150-hour community service sentence handed down in September 2001 by a judge in the Netherlands.

LEGAL ASPECTS OF COMPUTING:

Cyberlaw is a term that encapsulates the legal issues related to use of communicative, transactional, and distributive aspects of networked information devices and technologies. It is less a distinct field of law than property or contract law, as it is a domain covering many areas of law and regulation. Some leading topics include intellectual property, privacy, freedom of expression, and jurisdiction. Information Technology Law(or IT Law) is a set of recent legal enactments, currently in existence in several countries, which governs the process and dissemination of information digitally. These legal enactments cover a broad gamut of different aspects relating to computer software, protection of computer software, access and control of digital information, privacy, security, internet access and usage, and electronic commerce. These laws have been described as "paper laws" for a "paperless environment".