Due to the fast growth of Information technology, the computer and internet usage is also increasing simultaneously. Along with the popularity of Internet usage, threats are also increasing. IT related Risk is a relatively new term introduced to increase the awareness about information security. IT Risk or IT Related risk can be a product of threat and vulnerability induced by spammers and is one of the multitude threats related to the usage of computer and internet. Due to the increased use of computer and internet, there is chance of stealing personal information; confidential matters etc that are placed in the web by the users. The hackers crack these information for manipulations, fraudulent activities etc which may affect the users as well as the society. Hackers use multiple methods to invade the web to steal this information.
Cybercrime Includes traditional activities such as fraud, theft or forgery, whenever a telecommunication system is involved. India has got very strong IT Act to provide online safety to the Internet users. Cyber Cells have been established in all states of India to monitor the online activities.
Phishing is the high-tech form of Internet piracy in which the phisher steals the personal and confidential informations like bank account, passwords, credit card number, personal details etc related to bank transactions. This is an advanced form of high tech .Phishing is also known as Social Engineering which is the method of manipulating the people into performing action by taking them into confidence.
Pharming refers to the attack of a web hacker aimed to direct the traffic of website to a bogus web site. The hacker performs the Pharming by changing the host file of the computer or hacking the DNS server software. DNS server performs the function of resolving the internet names into the real address. Hackers use both Pharming and Phishing together for online identity theft. Antivirus programmes cannot do anything in Pharming so that a sophisticated antifarming software is necessary to fight against Phishing and Pharming. Phamers use malicious codes like worms, Trojans, spy ware etc to modify the host file in the computer and DNS cache poisoning.
This is the email activity in which the address and other details of the email are altered to make it fraudulent. The word Spoof means Innocent Parody. But to avoid confusion and to intimate the seriousness of the fraudulent activity, banks and other agencies use the terms Phishing or Fraudulent to such malicious activities. Spoofing is used to indicate Spam and Phishing emails that hide the details of its origin. Although the email has a sender address, it is coming from a different source which can be of malicious origin. Sometimes the Spammer gives his address in the Reply to field so by giving the reply, the spammer will track the details of the email.
It is the form of URL Hijacking when the user makes mistakes like typographical errors when giving a web address in the address bar. When the user makes the mistake in typing the web address, he may enter into a fake address owned by the cyber squatter.
It is the deliberate manipulation of the search engine index. Spamdexing is also known as Web spam, Search spam etc. The activity of Spamdexing involves methods like repeating unrelated phrases to manipulate the resources indexed. Many search engines have the ability to check the Spamdexing and remove the suspected web pages from the index. Search engines use Algorithms to index the contents based on ranking. This may be done by identifying the Meta key words, Tags, body text, URL etc. Spamdexing may be content spam and Link spam.
Mousetrapping is the method used by some websites to keep the browsers always in their websites by giving continuous pop ups or making the window permanent which cannot be closed. Occasionally the window remains static so that the browsers menu becomes inaccessible. These Mouse trappers also hijack and reset the home page to keep their page as default home page. To overcome the Mousetrapping, use the key board shortcut such as Alt+F4 to close the window instead of using the mouse to close the page. The advantage of this shortcut is that, all the popup windows can be closed quickly. Sometimes this trick will not act if there is a virus or Resident Programme works along with Mousetrapping. Mousetrapping is usually done by some Pornographic sites and Advertisement agencies.
This is a form of Web Hijacking in which the user is deliberately directed to a web page. Suppose we use a key word to search a topic or an article for purchase, sometimes the browser will show the result as page cannot be displayed. The page hijacker will create a webpage exactly similar to the genuine website with a redirection script to direct the browsers to his website. When the user uses the same key words, a page appears showing similar pages for clicking. When the user clicks on the link, he will be directed to the spammer’s website. This form of page Hijacking is used by some competitors in the marketing field.
Includes traditional activities such as fraud, theft or forgery, whenever a telecommunication system is involved.
Cyber-, derived from the Greek word Kubernetes meaning Steerman , is used in the terms Cybersex, Cybernetics, Cyberspace, Cyberpunk, cyber homes and cyber hate, but has been largely surpassed by e-.It is used in the computer or electronic context to the denote control of the thing represented by the word it precedes.
The various forms of Cyber crime are
1. Internet auction fraud– Making Fake auction through Internet
2. Internet service provider fraud– Fake websites
3. Fraudulent web designing – Designing Fake or Mocked websites
4. Multilevel marketing fraud– Fraudulent marketing of commercial items
5. Health care fraud-Fake advertisements about health care products
6. Mobile phone fraud– Use of mobile phones for fraudulent activities
Computer and Mobile network intrusion
Hackers use programmes to intrude into the internet or mobile programmes.
Various network intrusions are
1. Password Sniffer -Programmes that monitors and record the name and password of network users as they log in.
2. Spoofing– One computer is electronically’ looks like’ another computer to gain access.
3. Cyber fraud – Stock manipulation, fraudulent business opportunities, web auctions, credit card fraud.
4. Cyber stalking -Sending harassing or threatening e –mail or unwanted files and obscene messages or images. Cyber stalkers usually target women and children who are inexperience in online activities. Stalkers generally lose interest if they don’t get the reactions they seek.
Cyber terrorism – Use of computers or mobile phones or programmes in attack against others. It is a form of ‘Info war’
Computer sabotage – Use of internet to hinder the normal functioning of a computer through the introduction of worms, viruses logic bombs etc.
Mail Bombs – Software that will instruct a computer to do almost anything so that it will send mails for the tracker.
Credit card fraud – Hacking of credit card pin number to withdraw money.
Identity theft – Theft of one’s identity for criminal use.
Phishing – Introduction of Malicious codes into links .E.g. Spoofed Bank web sites.
Pharming – Programme that direct the user to another Mocked link.
Vishing – Vishing is a combination of Voice and Phishing that uses Voice over Internet Protocol (VoIP) technology wherein fraudsters feigning to represent real companies such as banks attempt to trick unsuspecting customers into providing their personal and financial details over the phone.
Skimming- Skimming is a method used by fraudsters to capture your personal or account information from your credit card. Your card is swiped through the skimmer and the information contained in the magnetic strip on the card is then read into and stored on the skimmer or an attached computer.
Money Mule – Once the fraudster has captured personal information using anyone of the ways mentioned above, they need an account to which they can transfer funds from the compromised account. This is where a “Money Mule” comes into picture. A Money Mule is an unwitting participant in the frauds who is recruited by fraudsters to launder stolen money across the globe.
Image theft is the unauthorized copying and use of Images and Photographs from documents including the electronic media. Some people are ignoring this matter and simply downloading, modifying and using the image in their websites or blogs without seeking the permission of the author. But most of the people are aware about the copy right rules and they do not use the image if there is a copy right symbol. Now the use of internet activity is very high and there are websites especially electronics websites uploading the original images painfully made by designers as their own. Some are interested in comparing circuit designs with their own circuits and trying to attract people to their websites. If you use the photo of a scenery or gadget, it will not harm much but it is serious if you use an artistic work, circuit design or rare image without permission. How to solve these problems? Here are some tips to protect your images even though it will not give sufficient protection since a tricky thief can do many things.
IT Act 2008- India
- Computer Related Offences
- If any person, dishonestly, or fraudulently, does any act referred to in section 43, he shall be punishable with imprisonment for a term which may extend to two three years or with fine which may extend to five lakh rupees or with both.
IT Act Section 66 A- India
- Punishment for sending offensive messages through communication services such as internet and mobile phones. Any electronic mail or electronic mail message for the purpose of causing annoyance or inconvenience or to deceive or to mislead the addressee or recipient about the origin of such messages.
IT Act Section 66 E- India
Punishment for violation of privacy.
- Whoever, intentionally or knowingly captures, publishes or transmits the image of a private area of any person without his or her consent, under circumstances violating the privacy of that person, shall be punished with imprisonment which may extend to three years or with fine not exceeding two lakh rupees, or with both.
IT Act Section 67- India
Punishment for publishing or transmitting obscene material in electronic form
Whoever publishes or transmits or causes to be published in the electronic form, any material which is lascivious or appeals to the prurient interest or if its effect is such as to tend to deprave and corrupt persons.
How to escape from these frauds
1. Stay anonymous– choose a genderless user name.
2. Never give name or full address to strangers
3. Don’t respond to harassing or negative messages in Blogs and Emails. The intention of the person is to provoke you to get a threatening message or to sniff your IP or password.
4. Avoid uncomfortable situation quickly
5. Watch what you say- don’t flirt online
6. Learn more about internet privacy
7. Don’t give email ID to strangers
8. Frequently change your password and answer to the ‘secret question’ of email created.
9. Don’t disclose your password to any one, not even to your friends
10. Don’t hesitate in filing a complaint with the police if there is any cyber fraud
- Do not allow others to click photos without your permission
- Do not reply to sms(short messaging service) and mms(multimedia messaging service)from strangers
- Do not send obscene text or images though mms
- Do not give your numbers to strangers while chatting online
- Do not keep the Bluetooth open to all
- Do not give mobile to unauthorized service centre to avoid ‘Cloning”. They may multiply the images or video.
- Use security pin code of mobile phone to avoid misuse
- Do not share your photos to strangers to avoid misuse such as Morphing
- Take extreme care during online chatting and browsing blogs and web pages . Hackers are waiting for you.
- Do not reply to anonymous messages and do not give mail ID or full address in such web pages
- Use a genderless login name
- Frequently change passwords
- Do not go to links if you feel it is fake
- Don’t reply to money offers through mails. They will hack your details.
- Online Safety (dmohankumar.wordpress.com)
- Charting the Evolution of Phishing (blogs.rsa.com)
- Phishing, Fraudulent and Malicious Websites (socyberty.com)
- Phishing site hacked … to warn about phishing (msnbc.msn.com)
- Avoiding Identity Theft from Phishing Scams (turbotax.intuit.com)