Indian Penal Code (IPC) Section 420.

Cheating and dishonestly inducing delivery of property

Section 420 IPC does not define Cheating it only provides punishment for cheating. Section 415 IPC defines cheating as >>>> Whoever, by deceiving any person, fraudulently or dishonestly induces the person so deceived to deliver any property to any person, or to consent that any person shall retain any property, or intentionally induces the person so deceived to do or omit to do anything which he would not do omit if he were not so deceived, and which act or omission causes or is likely to cause damage or harm to that person in body, mind, reputation or property, is said to "cheat". Explanation. A dishonest concealment of facts is deception within the meaning of this section.

Illustrations

(a) A, by falsely pretending to be in the Civil Service, intentionally deceives Z, and thus dishonestly induces Z to let him have on credit goods for which he does not mean to pay. A cheats. (b) A, by putting a counterfeit make on an article, intentionally deceives Z into a belief that this article was made by a certain celebrated manufacturer, and thus dishonestly induces Z to buy and pay for the article. A cheats. (c) A, by exhibiting to Z a false sample of an article, intentionally deceives Z into believer that the article corresponds with the sample, and thereby, dishonestly induces Z to buy and pay for the article. A cheats. (d) A, by tendering in payment for an article a bill on a house with which A keeps on money, and by which A expects that the will be dishonoured, intentionally deceives Z, and thereby dishonestly induces Z to deliver the article, intending not to pay for it. A cheats. (e) A, by pledging as diamonds article which he knows are not diamonds, intentionally deceives Z, and thereby dishonestly induces Z to lend money. A cheats. (f) A intentionally deceives Z into a belief that A means to repay any money that Z may led to him and thereby dishonestly induces Z to lend him money. A not intending to repay it A cheats.

(g) A intentionally deceives Z into a belief that A means to deliver to Z a certain quantity of indigo plant which he does not intend to deliver and thereby dishonestly induces Z to advance money upon the faith of such deliver. A cheats; but if A, at the of obtaining the money, intends to deliver the indigo plant, and afterwards breaks his contract and does not deliver it, he does not cheat, but is liable only to a civil action for breach of contract. (h) A intentionally deceives Z into a belief that A has performed A's part of a contract made with Z, which he has not performed, and thereby dishonestly induces Z to pay money. A cheats. (i) A sells and coveys an estate to B.A, knowing that in consequence of such sale he has no right to the property, sells or mortgages the same to Z, without disclosing the fact of the previous sale and conveyance to B, and receives the purchase or mortgage money for Z. A cheats.

Section 420 IPC states punishment for cheating and dishonestly inducing delivery of property >>>>>

Whoever cheats and thereby dishonestly induces the person deceived any property to any person, or to make, alter or destroy the whole or any part of a valuable security, or anything which is signed or sealed, and which is capable of being converted into a valuable security, shall be punished with imprisonment of either description for a term which may extend to seven years, and shall also be liable to fine. Hope this will serve your purpose otherwise send me direct email with full details of your case.

Section 420 of the Indian Penal Code also used in Pakistan, Bangladesh and Afghanistan has become a slang reference for a confidence trickster. Such criminals are called 420 in popular culture in those countries. The section deals with the cases of cheating and awards punishment of fine and/or jail up to 7 years.[1]

A 420 is a person acting fraudulently to cheat somebody out of their belongings; a confidence trickster. Section 420 of the Penal Codes of both India and Pakistan cover such activity. The Penal Codes of both countries are inherited from the Indian Penal Code of 1860 instituted by the colonial government of the British India, which then included the present-day countries of India, Pakistan and Bangladesh. A popular 1955 Hindi film from India, Shri 420 (in English: Mr. 420) has a central character who, though innocent, is regarded by many as a con man, hence "Mr. 420". It is to be noted that the code was also in use in other neighboring countries such as Myanmar, where even today the term 420 means a con-artist. In the Nigerian Criminal Code, the same offense is covered by article 419, which has also given its name to the now ubiquitous advance fee fraud.

Case Study -01 Email password HackingOne day a lady come to cyber cell office and reported that she and her brothers e-mail IDS had been hacked by someone she suspected him to be her husband. The lady had already lodged a case against him for dowry and was pending for trial in Bhopal court . The suspect had hacked ladys and her brother e-mail ID account and copied all the information to his e-mail and produced selected e-mails to claim that . she was happy with him and case of dowry is a false one . To malign the image of her brother the suspect sent a copy of FIR lodged against him at police station Habibganj. This indicated that the husband of the lady was behind the whole affair but police had not any evidence against him. Cyber cell started enquiry by an order of IGP and obtained the login logs from rediff.com .The logs indicated that the email IDs password were changed and anonymous emails were sent from the house of ladys husband and sent from his . Cyber cell registered a case under section 66 IT act and submitted Challan has been filed against the suspect and trial is over. Court has hold the conviction against the suspect Sabrish Pillai but found that the matter came before the court as Sabrish was having family dispute with his wife and the, act of hacking was not against the society at large, Hence let him free after warning. ^ GoTo Top

Case Study -02 Mule Recruitment fraudA lady name seema came to cyber cell with a complaint As per the complaint she registered her self into naukari.com for job. After registration she received a call from a lady named Venus Michael who was supposed to be from reputed NGO of United Kingdom Action aid foundation, for the interviews. Seema was very happy to hear that. Her interview was taken over telephone and was offend job letter through email. Seema earlier worked with NGOs and hence was excited to work with reputed Action aid foundation. Another day the venus called seema to start an current account in AXIS bank or HDFC bank with current account limit upto Rs. 25,000/- . she agreed and did the same. After opening the account seema supplied the relevant details of account to the Venus, as she was told that the donor will deposit Rs. 1.90 lakh in her account and she will have to withdraw Rs.1.8 Lakh and will have to deposit the same in six different accounts and rest amount will be her earning. It happened the same way as told by the Venus. Seema saw her account showing credit of Rs.1.90 Lakh. Next day seema approached all bank to withdraw money and deposit the same in to six different account but due to some technical reasons see could not withdraw the money from her HDFC account having credit of Rs 1.90 lakh. Seema was in belief that she has already received the amount hence deposited her own money in six different account which were from uttrakhand, delhi and north east. Next day seema went again bank to withdraw money but see was shocked to hear that her account has been blocked by lucknow police and an FIR has already been lodged at lucknow against her and she was prime suspect in that. On receiving complaint Cyber cell started enquiry from the emails received by seema. The full header analysis revealed ip address and the same was sent to mobile operator which ended to a mobile no number. The name and address attached to the mobile number were found to be false which were supposed to be from Mumbai. Cyber cell collected the login logs of the internet banking account of Mr Manish and found that money was hacked and transferred from Nigerian IP. Subsequently Cyber cell registered a FIR under section 66 IT act , 420/34 IPC Name and address of the mobile used by lady venues Michael were in the name of Nigerian franklin mbonu. But address was not reachable as he shifted new address. After that cyber cell started analyzing the logs of venues and identified the numbers to whom calling was great and in odd hours . Then Cyber cell had five number to be analyzed. After months of analysis one suspect was traced. Cyber cell had the address of suspect the house was raided by cyber cell at delhi and seized the suspected 6 mobile, laptop but accused could not be caught. LOC has been issued

against suspect. During investigations the culprits were identified to be Onyekachi Adiba and her lady copartner. Adiba's house at delhi was raided and the mobiles and laptop involved in the fraud was recovered from his house but he was able to escape. After analysis of adiba's mobile cybercell found the person named EMMA to be suspect providing bank details to him. Documents seized also show his relation with him. Analysis of CDR revealed that EMMA is superior in hierachy of internet job fraud. Sate cybercell Bhopal has arrested EMMA and lalhamangaihi from their home at arjun nagar, delhi. Several bank details, ATM/DEBIT cards Fake company letters were recovered from him. At present EMMA is in BHOPAL CENTRAL JAIL is facing trial. Her wife lalhamangaihi coaccused in the crime has been given bail due to last stage of pregnancy. Court has issued permanent arrest warrants against the accused who are absconding. Cybercell is trying to identify the properties owned by the suspects so that proceeds of the frauds can be recovered from them. be nabbed. In a historic judgement the court has ordered EMMA and lalhamangaihi two years of imprisionment and fine of Rs two thousands each.

^ GoTo Top Case Study-03 -Fraud by SMS N CASH scheme of ICICI : ICICI had recently launched a scheme called SMS N Cash scheme as per scheme many a time we want to send the money to our dear ones who do not have any account or ATM card but has go to mobile. The customer had to register his own mobile number and at most two beneficiary mobile number under the scheme. The customer it wanted to transfer money from his account. He can do it from internet banking. During transfer six digit code was sent to beneficiary and four digit code to customer. The beneficiary could now contact the customer to receive four digit code and to gather with his code he could generate 10 digit code and could withdraw money from ICICI ATM. Banks fraud detection officer shri vijay gupta reported that an anonymous person had hacked customers account and transferred 7 lac to another dormant and subsequently withdrew Rs.3 Lac through SMS N CASH scheme.

Cyber cell registered a case under section 420/34 IPC and 66 IT act and started investigation. The suspect obtained three SIM having insufficient address and invalid names. The suspect pretending to be customer care from ICICI, called various traders having current account with high limits and asked them to provide personal details and password. Mistakenly the customers provided the same. As password was with the suspect he took control of internet banking account of trader and transferred the amount worth 7 lac to another account in which SMS N CASH scheme was operational. With help of three mobile having SIM with unknown address the suspect withdrew amount 3 lac from ICICI ATMs . The suspects took precaution to block all cameras. Cyber cell analyzed all the call details and the pattern of activity and finally got the actual identity of the fraudster. He was found out to be Sachin Khampariya Who has been arrested by State Cybercell team from Katni, a district of Madhya Pradesh. As per accused narration " I picked up a directory and identified the traders and the persons expected to have good balance. Then i called them pretending to be customer care representative of ICICI and collected important iformation like name,Parent's name, address, internet banking passwords, transection passwords etc. In this way i collected information from current account holder Mr Pokhanlal sahu and savings account holder Surekha Jain. As SMS N CASH scheme was available for saving account holder only I transferred the amount 7.00 lac from current account of Mr Pokhanlal sahu to savings account of Mrs surekha jain. Later on i added my three mobile numbers having fake addresses and withdrawn the amount from ATM after having received SMS on the mobile as per SMS N CASH scheme. amount through SMS N CASH scheme MP cyber police after preliminary enquiry registered the case and thorough investigation was made. During investigation it was apprehended that the suspect made may be two in numbers. As the money was being withdrawn form the location different from the tower location of mobile. The suspect took all precautions to ovet the pin hole of ATM camera or entered ATM after covering his face. The suspect never made calls to his known friends or the relatives from the mobile used for cheating. The CDR of the suspected person was analysed and every contact was interrogated to obtain the clue. During the same the name of the suspected person came out to Sachin Khampariya who was continously traced and finally got arrested in katani with all the three suspected mobile used for cheating through SMS N CASH scheme of the ICICI bank. MP cyber police also seized two diaries of the suspect which clearly stated the modus operandi of the crime. Sachin khamapariya is now behind the bars and trial is in progress.

^GoTo Top Case Study -04 --Source Code theft : One day a young Software engineer came to State Cyber police office and complained that his web portal has been copied and being used in the other brand name. Cyber police asked him to demonstrate the same. The engineer opened his portal and the suspected portal and changed one of the source code of his image in the portal. We could easily see that the images on the suspected portal also changed. After verifying several similarities Cyber police found the claims of the engineer from Bhopal to be true. After preliminary investigation a FIR has been lodged against the owner of the suspected portal for copying the source code of the portal and using the same after making some changes for his use. During investigation the details about the site owner were obtained from the domain registry sites and profile of the suspect has been built up. The suspect has been found to be Australian of indian origin.

^GoTo Top Case Study -05 --Internet Lottery Fraud : MP Cyber police has investigated several case of cheating through Internet lottery offer which is commonly known as Nigerian 419 scam. In this kind of cheating the culprits used to send bulk emails, bulk SMS to millions of users using software, stating that the receiver has won lottery worth thousands of pounds or dollars which comes out to be crores of Indian rupees, in a lucky draw. They used to create fake lottery winning certificate using logo and text from original website, which seems to be original at a glance. This kind of sending bulk emails or SMS is an act of commonly known as PHISHING attack. Those who are lured by such offer often tempted to contact them. The culprits then ask the target to fill a form and thus receives all the personal information of the target and asks him to deposit token money in various names to earn the lottery prize. The target who is hoping to earn huge amount of money finds these charges to be minimal. The culprit asks the target to deposit money in the name yellow tag, custom clerance UN anti terrorism certificate, RBI charges or any other name they feel it to suitable to convince the target. The culprits ask the target to deposit in various bank accounts and once the money is deposited by the target it is withdrawn same day by the suspect. After loosing lacs of amount people come to know that they are being cheated. In this kind of cheating the contact number are usually taken in the fake names or in the other indian guys name, account are being

opened in the fake names or acquired on the basis of commission by fooling the account holders. Mp cyber police has investigated the case of Internet lottery fraud and arrested Nigerian national Godspower from Meharauli Delhi with the suspected mobile used for communication, one laptop, printer and box used for black dollar scam. Mp cyber police has investigated the case of Internet lottery fraud Crime no 07/09 420,468,34 IPC and crime no 05/10 420,468,34 aIPC and arrested Nigerian national Idiogbe Joseph from Mumbai with the suspected mobile used for communication, laptop, fake Income tax certificate and seals. Apart from the above MPCP is investigating two more such cases in which suspects are being monitored and efforts are being made to arrest them.

I ^GoTo Top Case Study -06 --Internet Banking Fraud : Kotak mahindra bank and Poonam Gulati reported to IGP MP Cyber Police that an amount worth Rs 17 lacs has been illegally transferred to account in the name of Gourav shukla from account of Poonam Gulati through internet banking and susequently withdrawn from various ATMs. The matter came to light when Mrs poonam gulati read her bank account statement in the month of July that amount worth Rs 17 lac had been transferred through internet banking to some new account which she didn't know. She enquired at the bank and asked when she didn't asked for internet banking then how it can be activated and transfers could be made. On preliminary enquiry MP Cyber police found that it was an act of cheating forgery and fraud against the bank and not the customers as the customer never asked for the activation of Internet banking, Hence a FIR was lodged in the name of Kotak mahindra Bank. As per complaint a fake account was opened in the name Gourav Shukla. For the purpose of cheating the suspect approached the bank and submitted forged document to add mobile in the account of Poonam

Gulati. The bank official matched only PAN number but didn't match the photocopies with the original. After getting registered the mobile number in the account of Poonam Gulati the suspect requested to add Internet banking in the account of Poonam gulati. After getting Internet banking activated the suspect made request forgot password through Internet banking. He could obtain the same partial on internet window and partial on registered mobile. The suspect after getting the internet banking password transferred Rs 17 lacs , one lac each per day from the account of Poonam Gulati to account of Gourav Shukla. He withdrew money at the rate of One lac per day from the various ATMs of State Bank of India wearing helmet. MP State cyber police on receipt of complaint analysed the complaint to ascertain the point from where evidences can be found out. Cyber police got CDRs, IP Login logs and found that suspect entered Cyber cafe with fake Name and address. Cyber police analysed the location based on CDRs and tried to look through Fake ID cards and listed out the suspect list. After getting the profile of suspects built up Cyber police raided several places and arrested Rahul sharma, Reetesh Choukse, Shyam Yadav and Pramod Jaiswal. Out of these the master mind was the Ex Kotak employee Reetesh who conspired with Rahul to open a account in the name of Fake ID card in the name of Gourav Shukla. The account was opened with photo of Shyam yadav. The fake id was created by the cyber cafe owner Pramod Jaiswal and Rahul withdrew the money from ATMs wearing Helmet. Cyber police cracked the case within seven days and seized around Rs 15 lacs which were deposited in several accounts. The suspects are IN JUDICIAL REMAND and challan is in process of being filed. Time Cycle of the CYBER Theft

Real world cyber crime cases This document is an extract from the book Cyber Crime & Digital Evidence Indian Perspective authored by Rohas Nagpal. This book is available as courseware for the Diploma in Cyber Law and PG Program in Cyber Law conducted by Asian School of Cyber Laws www.asianlaws.org Cyber Crime & Digital Evidence Indian Perspective - 130 2008 Rohas Nagpal. All rights reserved.

23. Real World Cases This chapter serves as a ready reference guide. First the various scenarios are covered. A detailed discussion on the various cyber crimes, is covered in the ASCL publication titled Understanding Hackers and Cyber Criminals . This is provided as official courseware for the ASCL Certified Cyber Crime Investigator course. Then the applicable law and legal liabilities are covered. Then the modus operandi usually followed by the criminals is discussed. The investigation guidelines for cyber crime investigators are not discussed in this book as they are part of the syllabus of the ASCL Certified Cyber Crime Investigator course only. For real world case studies on investigation of cyber crimes, please refer to the ASCL publication titled Case Studies on Cyber Crime Investigation . This is provided as official courseware for the ASCL Certified Cyber Crime Investigator course. Cyber Crime & Digital Evidence Indian Perspective 2008 Rohas Nagpal. All rights reserved. 23.1 Orkut Fake Profile cases - 131 -

Orkut.com is a very popular online community and social networking website. Orkut users can search for and interact with people who share the same hobbies and interests. They can create and join a wide variety of online communities. The profiles of Orkut members are publicly viewable. The scenarios 1. A fake profile of a woman is created on Orkut. The profile displays her correct name and contact information (such as address, residential phone number, cell phone number etc). Sometimes it even has her photograph. The problem is that the profile describes her as a prostitute or a woman of loose character who wants to have sexual relations with anyone. Other Orkut members see this profile and start calling her at all hours of the day asking for sexual favours. This leads to a lot of harassment for the victim and also defames her in society. 2. An online hate community is created. This community displays objectionable information against a particular country, religious or ethnic group or even against national leaders and historical figures. 3. A fake profile of a man is created on Orkut. The profile contains defamatory information

abut the victim (such as his alleged sexual weakness, alleged immoral character etc) The law Scenario 1: Section 67 of Information Technology Act and section 509 of the Indian Penal Code. Scenario 2: Section 153A and 153B of Indian Penal Code. Scenario 3: Section 500 of Indian Penal Code. Who is liable? Scenario 1: Directors of Orkut as well as all those who create and update the fake profile. Scenario 2: Same as Scenario 1. Scenario 3: Same as Scenario 1. Cyber Crime & Digital Evidence Indian Perspective - 132 The motive Scenario 1: Jealousy or revenge (e.g. the victim may have rejected the advances made by the suspect). Scenario 2: Desire to cause racial hatred (e.g. Pakistani citizens creating an anti-India online community). Scenario 3: Hatred (e.g. a school student who has failed may victimize his teachers). Modus Operandi 1. The suspect would create a free Gmail account using a fictitious name. 2008 Rohas Nagpal. All rights reserved.

2. The email ID chosen by him would be unrelated to his real identity. 3. The suspect would then login to Orkut.com and create the offensive profile. Cyber Crime & Digital Evidence Indian Perspective 2008 Rohas Nagpal. All rights reserved. 23.2 Email Account Hacking Emails are increasingly being used for social interaction, business communication and online transactions. Most email account holders do not take basic precautions to protect their email account passwords. Cases of theft of email passwords and subsequent misuse of email accounts are becoming very common. The scenarios 1. The victim s email account password is stolen and the account is then misused for sending out malicious code (virus, worm, Trojan etc) to people in the victim s address book. The recipients of these viruses believe that the email is coming from a known person and run the attachments. This infects their computers with the malicious code. 2. The victim s email account password is stolen and the hacker tries to extort money from the victim. The victim is threatened that if he does not pay the money, the information contained in the emails will be - 133 -

misused. 3. The victim s email account password is stolen and obscene emails are sent to people in the victim s address book. The law Scenario 1: Sections 43 and 66 of Information Technology Act. Scenario 2: Sections 43 and 66 of Information Technology Act and section 384 of Indian Penal Code. Scenario 3: Sections 43, 66 and 67 of Information Technology Act and section 509 of the Indian Penal Code. Who is liable? Scenario 1: Persons who have stolen the email account password and who are misusing the email account. Scenario 2: Persons who have stolen the email account password and who are threatening to misuse it. Cyber Crime & Digital Evidence Indian Perspective - 134 2008 Rohas Nagpal. All rights reserved.

Scenario 3: Persons who have stolen the email account password and who are misusing the email account. The motive Scenario 1: Corporate Espionage, perverse

pleasure in being able to destroy valuable information belonging to strangers etc. Scenario 2: Illegal financial gain. Scenario 3: Revenge, jealousy, hatred. Modus Operandi 1. The suspect would install keyloggers in public computers (such as cyber cafes, airport lounges etc) or the computers of the victim. 2. Unsuspecting victims would login to their email accounts using these infected computers. 3. The passwords of the victim s email accounts would be emailed to the suspect. Cyber Crime & Digital Evidence Indian Perspective 2008 Rohas Nagpal. All rights reserved. 23.3 Credit Card Fraud Credit cards are commonly being used for online booking of airline and railway tickets and for other ecommerce transactions. Although most of ecommerce websites have implemented strong security measures (such as SSL, secure web servers etc), instances of credit card frauds are increasing. The scenario The victim s credit card information is stolen and misused for making online purchases (e.g. airline tickets, software, subscription to pornographic websites etc). The law Sections 43 and 66 of Information Technology Act - 135 -

and section 420 of Indian Penal Code. Who is liable? All persons who have stolen the credit card information as well as those who have misused it. The motive Illegal financial gain. Modus Operandi Scenario 1: The suspect would install keyloggers in public computers (such as cyber cafes, airport lounges etc) or the computers of the victim. Unsuspecting victims would use these infected computers to make online transactions. The credit card information of the victim would be emailed to the suspect. Scenario 2: Petrol pump attendants, workers at retail outlets, hotel waiters etc note down information of the credit cards used for making payment at these establishments. This information is sold to criminal gangs that misuse it for online frauds. Cyber Crime & Digital Evidence Indian Perspective - 136 23.4 Online Share Trading Fraud With the advent of dematerialization of shares in India, it has become mandatory for investors to have demat accounts. In most cases an online banking account is linked with the share trading account. This has led to a high number of online share trading frauds. 2008 Rohas Nagpal. All rights reserved.

The scenario Scenario 1: The victim s account passwords are stolen and his accounts are misused for making fraudulent bank transfers. Scenario 2: The victim s account passwords are stolen and his share trading accounts are misused for making unauthorised transactions that result in the victim making losses. The law Scenario 1: Sections 43 and 66 of Information Technology Act and section 420 of Indian Penal Code. Scenario 2: Sections 43 and 66 of Information Technology Act and section 426 of Indian Penal Code. Who is liable? Scenario 1: All persons who have stolen the account information as well as those who have misused it. Scenario 2: All persons who have stolen the account information as well as those who have misused it. The motive Scenario 1: Illegal financial gain Scenario 2: Revenge, jealousy, hatred Modus Operandi

Scenario 1: The suspect would install keyloggers in public computers (such as cyber cafes, airport lounges etc) or the computers of the victim. Unsuspecting victims would use these infected computers to login to their online banking and share trading accounts. The passwords and other information of the victim would be emailed to the suspect. Scenario 2: Same as scenario 1. Cyber Crime & Digital Evidence Indian Perspective 2008 Rohas Nagpal. All rights reserved. 23.5 Tax Evasion and Money Laundering Many unscrupulous businessmen and money launderers (havala operators) are using virtual as well as physical storage media for hiding information and records of their illicit business. The scenario Scenario 1: The suspect uses physical storage media for hiding the information e.g. hard drives, floppies, USB drives, mobile phone memory cards, digital camera memory cards, CD ROMs, DVD ROMs, iPods etc. Scenario 2: The suspect uses virtual storage media for hiding the information e.g. email accounts, online briefcases, FTP sites, Gspace etc. The law Scenario 1: Depending upon the case, provisions - 137 -

of the Income Tax Act and Prevention of Money Laundering Act will apply. Scenario 2: Depending upon the case, provisions of the Income Tax Act and Prevention of Money Laundering Act will apply. Who is liable? Scenario 1: The person who hides the information. Scenario 2: The person who hides the information. If the operators of the virtual storage facility do not cooperate in the investigation, then they also become liable. The motive Scenario 1: Illegal financial gain Scenario 2: Illegal financial gain Modus Operandi Scenario 1: The suspect would purchase small storage devices with large data storage capacities. Scenario 2: The suspect would open free or paid accounts with online storage providers. Cyber Crime & Digital Evidence Indian Perspective - 138 23.6 Source Code Theft Computer source code is the most important asset of software companies. Simply put, source code is the programming instructions that are compiled into the executable files that are sold by software development companies. 2008 Rohas Nagpal. All rights reserved.

As is expected, most source code thefts take place in software companies. Some cases are also reported in banks, manufacturing companies and other organisations who get original software developed for their use. The scenario Scenario 1: The suspect (usually an employee of the victim) steals the source code and sells it to a business rival of the victim. Scenario 2: The suspect (usually an employee of the victim) steals the source code and uses it as a base to make and sell his own version of the software. The law Scenario 1: Sections 43, 65 and 66 of the Information Technology Act, section 63 of the Copyright Act. Scenario 2: Sections 43, 65 and 66 of the Information Technology Act, section 63 of the Copyright Act. Who is liable? Scenario 1: The persons who steal the source code as well as the persons who purchase the stolen source code. Scenario 2: The persons who steal the source code. The motive

Scenario 1: Illegal financial gain. Scenario 2: Illegal financial gain. Modus Operandi Scenario 1: If the suspect is an employee of the victim, he would usually have direct or indirect access to the source code. He would steal a copy of the source code and hide it using a virtual or physical storage device. Cyber Crime & Digital Evidence Indian Perspective 2008 Rohas Nagpal. All rights reserved. If the suspect is not an employee of the victim, he would hack into the victim s servers to steal the source code. Or he would use social engineering to get unauthorised access to the code. He would then contact potential buyers to make the sale. Scenario 2: If the suspect is an employee of the victim, he would usually have direct or indirect access to the source code. He would steal a copy of the source code and hide it using a virtual or physical storage device. If the suspect is not an employee of the victim, he would hack into the victim s servers to steal the source code. Or he would use social engineering to get unauthorised access to the code. He would then modify the source code (either himself or in association with other programmers) - 139 -

and launch his own software. Cyber Crime & Digital Evidence Indian Perspective - 140 23.7 Theft of Confidential Information Most business organisations store their sensitive information in computer systems. This information is targeted by rivals, criminals and sometimes disgruntled employees. The scenario Scenario 1: A business rival obtains the information (e.g. tender quotations, business plans etc) using hacking or social engineering. He then uses the information for the benefit of his own business (e.g. quoting lower rates for the tender). Scenario 2: A criminal obtains the information by hacking or social engineering and threatens to make the information public unless the victim pays him some money. Scenario 3: A disgruntled employee steals the information and mass mails it to the victim s rivals and also posts it to numerous websites and newsgroups. The law Scenario 1: Sections 43 and 66 of the Information Technology Act, section 426 of Indian Penal Code. Scenario 2: Sections 43 and 66 of the Information Technology Act, section 384 of Indian Penal Code. Scenario 3: Sections 43 and 66 of the Information 2008 Rohas Nagpal. All rights reserved.

Technology Act, section 426 of Indian Penal Code. Who is liable? Scenario 1: The persons who steal the information as well as the persons who misuse the stolen information. Scenario 2: The persons who steal the information as well as the persons who threaten the victim and extort money. Scenario 3: The disgruntled employee as well as the persons who help him in stealing and distributing the information. The motive Scenario 1: Illegal financial gain. Scenario 2: Illegal financial gain. Scenario3: Revenge. Cyber Crime & Digital Evidence Indian Perspective 2008 Rohas Nagpal. All rights reserved. Modus Operandi Scenario 1: The suspect could hire a skilled hacker to break into the victim systems. The hacker could also use social engineering techniques. Illustration: A very good looking woman went to meet the system administrator (sysadmin) of a large company. She interviewed the sysadmin for a - 141 -

magazine article . During the interview she flirted a lot with the sysadmin and while leaving she accidentally left her pen drive at the sysadmin s room. The sysadmin accessed the pen drive and saw that it contained many photographs of the lady. He did not realize that the photographs were Trojanized! Once the Trojan was in place, a lot of sensitive information was stolen very easily. Illustration: The sysadmin of a large manufacturing company received a beautifully packed CD ROM containing security updates from the company that developed the operating system that ran his company s servers. He installed the updates which in reality were Trojanized software. For 3 years after that a lot of confidential information was stolen from the company s systems!

Scenario 2: Same as scenario 1. Scenario 3: The disgruntled employee would usually have direct or indirect access to the information. He can use his personal computer or a cyber caf to spread the information. Cyber Crime & Digital Evidence Indian Perspective - 142 23.8 Software Piracy Many people do not consider software piracy to be theft. They would never steal a rupee from someone but would not think twice before using pirated software. There is a common perception amongst normal computer users to not consider software as property . This has led to software piracy becoming a flourishing business. The scenario Scenario 1: The software pirate sells the pirated software in physical media (usually CD ROMs) through a close network of dealers. Scenario 2: The software pirate sells the pirated software through electronic downloads through websites, bulletin boards, newsgroups, spam emails etc. The law Scenario 1: Sections 43 and 66 of the Information Technology Act, section 63 of Copyright Act. Scenario 2: Sections 43 and 66 of the Information Technology Act, section 63 of Copyright Act. Who is liable? 2008 Rohas Nagpal. All rights reserved.

Scenario 1: The software pirate as well as the persons who buy the pirated software from him. Scenario 2: The software pirate as well as the persons who buy the pirated software from him. The motive Scenario 1: Illegal financial gain. Scenario 2: Illegal financial gain. Modus Operandi Scenario 1: The suspect uses high speed CD duplication equipment to create multiple copies of the pirated software. This software is sold through a network of computer hardware and software vendors. Scenario 2: The suspect registers a domain name using a fictitious name and then hosts his website using a service provider that is based in a country that does not have cyber laws. Such service providers do not divulge client information to law enforcement officials of other countries. Cyber Crime & Digital Evidence Indian Perspective 2008 Rohas Nagpal. All rights reserved. 23.9 Music Piracy Many people do not consider music piracy to be theft. They would never steal a rupee from someone but would not think twice before buying or using pirated music. There is a common perception amongst people users to not consider music as property . There is a huge business in - 143 -

music piracy. Thousands of unscrupulous businessmen sell pirated music at throw away prices. The scenario Scenario 1: The music pirate sells the pirated music in physical media (usually CD ROMs) through a close network of dealers. Scenario 2: The music pirate sells the pirated music through electronic downloads through websites, bulletin boards, newsgroups, spam emails etc. The law Scenario 1: Sections 43 and 66 of the Information Technology Act, section 63 of Copyright Act. Scenario 2: Sections 43 and 66 of the Information Technology Act, section 63 of Copyright Act. Who is liable? Scenario 1: The music pirate as well as the persons who buy the pirated software from him. Scenario 2: The music pirate as well as the persons who buy the pirated software from him. The motive Scenario 1: Illegal financial gain. Scenario 2: Illegal financial gain. Modus Operandi Scenario 1: The suspect uses high speed CD duplication equipment to create multiple copies of

the pirated music. This music is sold through a network of dealers. Scenario 2: The suspect registers a domain name using a fictitious name and then hosts his website using a service provider that is based in a country that does not have cyber laws. Such service providers do not divulge client information to law enforcement officials of other countries. Cyber Crime & Digital Evidence Indian Perspective - 144 23.10 Email Scams Emails are fast emerging as one of the most common methods of communication in the modern world. As can be expected, criminals are also using emails extensively for their illicit activities. The scenario In the first step, the suspect convinces the victim that the victim is going to get a lot of money (by way of winning a lottery or from a corrupt African bureaucrat who wants to transfer his ill gotten gains out of his home country). In order to convince the victim, the suspect sends emails (some having official looking documents as attachments). Once the victim believes this story, the suspect asks for a small fee to cover legal expenses or courier charges. If the victim pays up the money, 2008 Rohas Nagpal. All rights reserved.

the suspect stops all contact. The law Section 420 of Indian Penal Code Who is liable? The sender of the email. The motive Illegal financial gain. Modus Operandi The suspect creates email accounts in fictitious names and sends out millions of fraudulent emails using powerful spam software. Cyber Crime & Digital Evidence Indian Perspective 2008 Rohas Nagpal. All rights reserved. 23.11 Phishing With the tremendous increase in the use of online banking, online share trading and ecommerce, there has been a corresponding growth in the incidents of phishing being used to carry out financial frauds. Phishing involves fraudulently acquiring sensitive information (e.g. passwords, credit card details etc) by masquerading as a trusted entity. The scenario Scenario 1: The victim receives an email that appears to have been sent from his bank. The email urges the victim to click on the link in the email. When the victim does so, he is taken to a secure page on the bank s website . The victim believes the web page to be authentic and he enters his username, password and other - 145 -

information. In reality, the website is a fake and the victim s information is stolen and misused. The law Sections 43 and 66 of Information Technology Act and sections 419, 420 and 468 of Indian Penal Code. Who is liable? All persons involved in creating and sending the fraudulent emails and creating and maintaining the fake website. The persons who misuse the stolen or phished information are also liable. The motive Illegal financial gain. Modus Operandi The suspect registers a domain name using fictitious details. The domain name is usually such that can be misused for spoofing e.g. Noodle Bank has its website at www.noodle.com The suspects can target Noodle customers using a domain name like www.noodle-bank-customerlogin.com The suspect then sends spoofed emails to the victims. e.g. the emails may appear to come from info@noodle.com The fake website is designed to look exactly like the original website. Cyber Crime & Digital Evidence Indian Perspective - 146 2008 Rohas Nagpal. All rights reserved.

23.12 Cyber Pornography Cyber pornography is believed to be one of the largest businesses on the Internet today. The millions of pornographic websites that flourish on the Internet are testimony to this. While pornography per se is not illegal in many countries, child pornography is strictly illegal in most nations today. Cyber pornography includes pornographic websites, pornographic magazines produced using computers (to publish and print the material) and the Internet (to download and transmit pornographic pictures, photos, writings etc). The scenario The suspect accepts online payments and allows paying customers to view / download pornographic pictures, videos etc from his website. The law Section 67 of Information Technology Act. Who is liable? The persons who create and maintain the pornographic websites are liable. In some cases cyber caf owners and managers may also be liable in case they knowingly allow their customers to access the pornographic websites. The motive Illegal financial gain. Modus Operandi The suspect registers a domain name using fictitious details and hosts a website on a server

located in a country where cyber pornography is not illegal. The suspect accepts online payments and allows paying customers to view / download pornographic pictures, videos etc from his website. Cyber Crime & Digital Evidence Indian Perspective 2008 Rohas Nagpal. All rights reserved. 23.13 Online Sale of Illegal Articles It is becoming increasingly common to find cases where sale of narcotics drugs, weapons, wildlife etc. is being facilitated by the Internet. Information about the availability of the products for sale is being posted on auction websites, bulletin boards etc. The scenario The suspect posts information about the illegal sale that he seeks to make. Potential customers can contact the seller using the email IDs provided. If the buyer and seller trust each other after their email and / or telephonic conversation, the actual transaction can be concluded. In most such cases the buyer and seller will meet face to face at the time of the final transaction. Illustration: In March 2007, the Pune rural police cracked down on an illegal rave party and arrested hundreds of illegal drug users. The social networking site, Orkut.com, is - 147 -

believed to be one of the modes of communication for gathering people for the illegal drug party. The law Depending upon the illegal items being transacted in, provisions of the Narcotic Drugs and Psychotropic Substances Act, Arms Act, Indian Penal Code, Wildlife related laws etc may apply. Who is liable? The persons who buy and sell these items. The motive Illegal financial gain. Modus Operandi The suspect creates an email ID using fictitious details. He then posts messages, about the illegal products, in various chat rooms, bulletin boards, newsgroups etc. Potential customers can contact the seller using the email IDs provided. If the buyer and seller trust each other after their email and / or telephonic conversation, the actual transaction can be concluded. In most such cases the buyer and seller will meet face to face at the time of the final transaction. Cyber Crime & Digital Evidence Indian Perspective - 148 2008 Rohas Nagpal. All rights reserved.

23.14 Use of Internet and Computers by Terrorists Many terrorists are using virtual as well as physical storage media for

hiding information and records of their illicit business. They also use emails and chat rooms to communicate with their counterparts around the globe. The scenario The suspects carry laptops wherein information relating to their activities is stored in encrypted and password protected form. They also create email accounts using fictitious details. In many cases, one email account is shared by many people. E.g. one terrorist composes an email and saves it in the draft folder. Another terrorist logs into the same account from another city / country and reads the saved email. He then composes his reply and saves it in the draft folder. The emails are not actually sent. This makes email tracking and tracing almost impossible. Terrorists also use physical storage media for hiding the information e.g. hard drives, floppies, USB drives, mobile phone memory cards, digital camera memory cards, CD ROMs, DVD ROMs, iPods etc. They also use virtual storage media for hiding the information e.g. email accounts, online briefcases, FTP sites, Gspace etc. The law Terrorists are covered by conventional laws such as Indian Penal Code and special legislation

relating to terrorism. Who is liable? Terrorists as well as those who help them to protect their information are liable. If email service providers do not assist the law enforcement personnel in the investigation then they are also legally liable. The motive Keeping terrorism related information confidential. Secure communication amongst terrorist group members. Modus Operandi The terrorists purchase small storage devices with large data storage capacities. They also purchase and use encryption software. The terrorists may also use free or paid accounts with online storage providers. Cyber Crime & Digital Evidence Indian Perspective 2008 Rohas Nagpal. All rights reserved. 23.15 Virus Attacks Computer viruses are malicious programs that destroy electronic information. As the world is increasingly becoming networked, the threat and damage caused by viruses is growing by leaps and bounds. The scenario Scenario 1: The virus is a general in the wild virus. This means that it is spreading all over the world and is not targeted at any specific - 149 -

organisation. Scenario 2: The virus targets a particular organisation. This type of a virus is not known to anti-virus companies as it is a new virus created specifically to target a particular organisation. The law Scenario 1: Sections 43 and 66 of Information Technology Act and section 426 of Indian Penal Code. Scenario 2: Sections 43 and 66 of Information Technology Act and section 426 of Indian Penal Code. Who is liable? Scenario 1: The creator of the virus. Scenario 2: The creator of the virus as well as the buyer who purchases the virus (usually to target his business rivals). The motive Scenario 1: Thrill and a perverse pleasure in destroying data belonging to strangers. Scenario 2: Illegal financial gain, revenge, business rivalry. Modus Operandi Scenario 1: A highly skilled programmer creates a new type or strain of virus and releases it on the Internet so that it can spread all over the world.

Being a new virus, it goes undetected by many anti-virus software and hence is able to spread all over the world and cause a lot of damage. Anti-virus companies are usually able to find a solution within 8 to 48 hours. Cyber Crime & Digital Evidence Indian Perspective

Scenario 2: A highly skilled programmer creates a new type or strain of virus. He does not release it on the Internet. Instead he sells it for a huge amount of money. The buyer uses the virus to target his rival company. Being a new virus, it may be undetected by the victim company s anti-virus software and hence would be able to cause a lot of damage. Anti-virus companies may never get to know about the existence of the virus. Cyber Crime & Digital Evidence Indian Perspective 2008 Rohas Nagpal. All rights reserved. 23.16 Web Defacement Website defacement is usually the substitution of the original home page of a website with another page (usually pornographic or defamatory in nature) by a hacker. Religious and government sites are regularly targeted by hackers in order to display political or religious beliefs. Disturbing images and offensive phrases might be displayed in the process, as well as a signature of sorts, to show who was responsible for the defacement. Websites are not only defaced for political reasons, many defacers do it

just for the thrill. The scenario The homepage of a website is replaced with a pornographic or defamatory page. In case of Government websites, this is most commonly done on symbolic days (e.g. the Independence day of the country). The law Sections 43 and 66 of Information Technology Act [In some cases section 67 and 70 may also apply]. Who is liable? The person who defaces the website. The motive Thrill or a perverse pleasure in inciting communal disharmony. Modus Operandi The defacer may exploit the vulnerabilities of the operating system or applications used to host the website. This will allow him to hack into the web server and change the home page and other pages.