Forms of Cyber crimes and

frauds – Part 2
Cyber bullying

2
 Cyber bullying
• Cyber bullying can be defined as any communication posted or sent by a
minor online, by instant messenger, e-mail, Social Networking Site, website,
diary site, online profile, interactive game, handheld device, cell phone or
other interactive device that is intended to frighten, embarrass, harass or
otherwise target another minor.
• Although most cyber bullying cases go unreported, police departments take
action in trying to prevent it.
• Because many people are afraid to come to the police about an online
problem, the police go to great lengths to find the problems themselves online.
• A large number of youth and their parents think that cyber bullying is not a
big enough deal to cause problems.
• However, it has been proven that a victim of this type of bullying can be lead
to serious disorders for the future including suicide. When one becomes a
victim of cyber bullying, they are a victim for life.
• Though the bullying itself may go away, the fear, the hurt, and the memories
scar the victim forever.
3
 Cracking
• A cracker (also known as a black hat hacker) is an individual with extensive computer
knowledge whose purpose is to breach or bypass internet security or gain access to
software without paying royalties.
• The general view is that, while hackers build things, crackers break things. Cracker is
the name given to hackers who break into computers for criminal gain; whereas,
hackers can also be internet security experts hired to find vulnerabilities in systems.
• These hackers are also known as white hat hackers.
• Crackers’ motivations can range from profit, a cause they believe in, general
maliciousness or just because they like the challenge.
• They may steal credit card numbers, leave viruses, destroy files or collect personal
information to sell.
• Crackers can also refer to those who reverse engineer software and modify it for their
own amusement.
• The most common way crackers gain access to networks or systems is through social
engineering, whereby the cracker contacts employees at a company and tricks them into
divulging passwords and other information that allows a cracker to gain access.

4
 Types of DoS attacks
• Consumption of computational resources, such as bandwidth, disk space, or
processor time.
• Disruption of configuration information, such as routing information.
• Disruption of state information, such as unsolicited resetting of TCP sessions.
• Disruption of physical network components.
• Obstructing the communication media between the intended users and the
victim so that they can no longer communicate adequately.
A DoS attack may include execution of malware intended to:
 Max out the processor’s usage, preventing any work from occurring.
 Trigger errors in the microcode of the machine.
 Trigger errors in the sequencing of instructions, so as to force the
computer into an unstable state or lock-up.
 Exploit errors in the operating system, causing resource starvation and/or
thrashing, i.e. to use up all available facilities so no real work can be
accomplished.
 Crash the operating system itself.
5
 Symptoms of DoS attacks

• Unusually slow network performance (opening files or accessing web sites)

• Unavailability of a particular web site
• Inability to access any web site
• Dramatic increase in the number of spam emails received—(this type of DoS
attack is considered an e-mail bomb)

6
 Malicious codes
• Malicious software, or malware as it is commonly known, is a relatively
dynamic category of threats.
• The techniques used to destroy data, disrupt services, and steal information
have evolved to adapt to changes in security practices and
countermeasures.

o Virus
o Worms
o Malwares

7
 Malicious codes –Worms

• A worm is a malicious program that uses a

computer network to replicate (worms are
sometimes called network viruses).
• A worm is designed to enter a computer through
the network and then take advantage of
vulnerability in an application or an operating
system on the host computer.
• Once the worm has exploited the vulnerability on
one system, it immediately searches for another
computer on the network that has the same
vulnerability

8
 Bombs – Logic bombs

 A set of instructions secretly incorporated into a program so that if a

particular condition is satisfied they will be carried out, usually with harmful
effects.

9
 Bombs – Time bombs

 A set of instructions secretly incorporated into a program; so that if a

particular time is reached they will be carried out, usually with harmful
effects.

10
 Steganography

• The practice of concealing messages or information within other non-secret text

or data.

11
 Steganography
• Steganography is the practice of concealing a file, message, image, or video
within another file, message, image, or video.
• The word steganography combines the Greek words steganos meaning
"covered, concealed, or protected", and graphein meaning "writing".
• Generally, the hidden messages appear to be (or be part of) something else:
images, articles, shopping lists, or some other cover text.
• The advantage of steganography over cryptography alone is that the intended
secret message does not attract attention to itself as an object of scrutiny.
• Plainly visible encrypted messages—no matter how unbreakable—arouse
interest, and may in themselves be incriminating in countries where encryption
is illegal.
• Thus, whereas cryptography is the practice of protecting the contents of a
message alone, steganography is concerned with concealing the fact that a
secret message is being sent, as well as concealing the contents of the message.

12
Crimes through social networking sites
• About 81 percent of Internet-initiated
crime involves social networking sites,
mainly Facebook and Twitter. These
platforms are ideal sources for criminals
to obtain personal information from
unsuspecting people.
• The vast majority of cyber crimes
consist of identity theft, phishing
schemes, fraud, and data mining. One in
five adult online users report that they
were the target of cyber crime, while
more than a million become victims of
cyber crime every day.

13
 Social Engineering
• A collection of techniques used
to manipulate people into
performing actions or divulging
confidential information.
– Most attackers never comes
face-to-face with victims.
o Most victims seldom realize that
they have been manipulated. No
technology in the world can
prevent social engineering!
o Because there is no patch for
human stupidity!
o People are the largest
vulnerability in any network or
security chain!
o Path of Least Resistance
o Why spend hours, days,
weeks to crack a password
when you can just ask for it?
14