CYBER CRIME- AWARENESS AND SECURITY

The Cyber space is a huge community comprising of billions of users and websites. Users
access the cyber space for a variety of reasons, official, business, shopping, study, seeking
information, movies, video games, financial transactions, ecommerce etc. This gives reasons
to the criminals for malicious practice in the cyber world and take undue advantage. The
cybercrime rate is increasing day by day. Due to this, the Cyber Security has become very
important. Several laws have been made related to cybercrime and Cyber Cells have also been
established in police stations to handle the related issues. The Cybercrime is a great threat in
today’s world, security of nation, to someone’s personal data and information, individual
security, however, with some basic awareness and security measures, people can safeguard
themselves from such crime. It is very important to know about the types of cybercrime, the
security measures to be taken and over all be Cyber Aware.

A. INTRODUCTION
In today’s contemporary world, Information Technology is an emerging vocation, it provides
a number of positive implications, in our routine life. Although what happens when some
illicit individual decides to use the World Wide Web to conduct some misdemeanour?
Internet can be subject various such violations, termed as ‘Cyber Crime’. In this digital era,
the rate of cyber-crime has increased manifolds, as such, it is very important that one should
be aware of the cybercrime and the laws related thereto.
A report (sponsored by McAfee), published in 2014, estimated that the annual damage to the
global economy was $445 billion. Approximately $1.5 billion was lost in 2012 to online
credit and debit card fraud in the US. In 2018, a study by Center for Strategic and
International Studies (CSIS), in partnership with McAfee, concludes that close to $600
billion, nearly one percent of global GDP, is lost to cybercrime each year.
Cyber-crime is a crime that involves a computer and a network. The computer may have been
used in the commission of a crime, or it may be the target. Cyber-crime may threaten a
person, company or a nation’s security and financial health.

The cyber-crime and the criminals are growing at a considerable speed. The key reasons for
reckless growth of cyber-crime are-

a. No physical visit is required for the crime.

b. Can be committed from anywhere in the world to anywhere in the world.
c. The crime are mostly pre-programmed to execute at a pre decided time, place and target
resources as planned.
d. Authorities are not very aware and prepared to handle the crime.
 Can be executed on many victims at different location simultaneously.

e. Identification of the criminal can be hidden easily.

f. Ignorance of cyber laws

g. Poor practice of cyber safety measures

B. TYPES OF CYBER CRIME

The cybercrime can be classified as under-

1. According to usage of Computer

2. According to type of victim

3. According to the use of internet.

1. According to the usage of Computer-

As per this, the cyber-crime can be divided as under-

i. Computer used for any crime, such as making duplicate certificates, duplicate stamp
papers, printing fake currency notes etc.

ii. Crimes targeting the computer/ computer resources viz. virus attack, e-mail bombing, e-mail
spoofing, ransomware

iii. Using computer for unauthorised surveillance

2. According to type of victim-

i. Cybercrime against individuals, viz.

Cyber obscenity
Cyber defamation/ Libel
Cyber Harassment/intimidation Cyber stalking
Email Bombing Data Didding
E-mail spoofing

2. Cybercrime against property-

 Cyber extortion Virus attack Data theft
IPR theft

3. According to usage of the internet-

 This type includes a variety of crimes such as- data theft, phishing, dark net, IPR violation, website
defacement, cyber terrorism, spamming, internet forgery, cyber extortion, online gambling, illegal
articles trading, cyber pornography, data diddling, email frauds, financial crimes, social networking
misuses etc.

C. CYBERCRIME WAYS-

It is important to have the basic knowledge of the ill practice and crime being carried by the cyber
criminals. Some of them are-

1. Hacking or Cracking– Hacking is the most common cybercrime. Accessing any computer
without the consent is called hacking. The criminals make an unauthorised access to the computer
resources/ network by breaking security codes/ passwords. It can for intents such as data theft, greed,
publicity, revenge, destruction. The offence is punishable under section 66 of the Information
Technology Act, 2000.

2. Denial of Service Attack (DoS) – In DoS attack, the computer system is chocked by
sending more inputs at a time than it can handle. If more information are sent at a time, a computer
system stops responding and becomes unavailable. This is a publishable offence under section 43F/66
The Information Technology Act, 2000.

3. Cyber stalking– Cyber stalking is unauthorised surveillance by any person on any other
person by use of e-mail, instant messaging (IM), messages posted on a website or a discussion group. A
cyber stalker targets the victim with threatening/abusive messages and follows them/their activities in
the real world. It is used as for harassment and is punishable under section 354D of the Indian Penal
Code, 1860.

4. Salami Attacks- It is an economic cyber-crime. Here, the software is so changed that small
attacks add up to one major attack or amounts are add up that can go undetected due to the nature of this
type of cyber crime. It is also known as salami slicing. Salami Attack is punishable under section 65/66
of the IT Act, 2000.

5. Trojan and key Loggers- An illegal computer programme which gets loaded into the
computer secretly and damages the computer data and program. This provide the information from
typing/ screen to the cyber-criminal for data stealing. It is punishable under section 43(c )/66 of the IT
Act, 2000.

6. Intellectual property Right (IPR) Crime- Intellectual properties viz. trade mark, know how,
innovation, design, patents are valuable assets for a business. Software piracy, copyright infringement,
trade mark infringement, piracy of source code are some of the examples of intellectual property related
crimes. It is punishable under section 65/66 of the IT Act, 2000 and also under the IPR laws.

7. Web Defacement- here, the original web page is replaced with some other page. It is a
punishable offence under section 43 and 66 of the IT Act, 2000.
8. Web Jacking- A website is hijacked by cracking its security code/ password. This is done
with the motive of getting ransom money from the owner of the website in lieu of releasing the website.
It is punishable under section 66 of the IT Act, 2000.

9. Virus/ worm attack- Virus or malware attacks are getting common. These are rogue software
programs which spread from one computer to another computer and can damage the data stored. It is
punishable under section 43(c )/66 of the IT Act, 2000.
10. Internet Time Theft- It is the unauthorised use of the paid internet or resources by
unauthorised person. Punishable under section 43(h)/66 of the IT Act, 2000.

11. Online Gambling- Betting/ gambling is prohibited in many countries including many states
of India. There are websites which provide for online gambling, betting irrespective of the prohibition
under the local laws. It is punishable crime in India.

12. Ransomware- Ransomware is extremely notorious virus which encrypts data in the
computers where it attacks and the data becomes un usable for the user. The criminal demands ransom
in the form of crypto currency such as bitcoin to release the data. Some of the ransomware are-
Wannacry, Petya, Locky etc.

13. SIM card swapping- The criminals get duplicate Mobile SIM card issued for an existing
Mobile SIM by giving fake KYC documents to the operators, thereby receiving all the transaction
passwords, OTP on their mobile. Huge financial loss is occurred to the original mobile owner. Offence
is punishable under action 66 of the IT Act, 2000.

14. Debit or Credit card data skimming and cloning of ATM Card- Cyber criminals attach a
skimming device plus pin hole camera in an ATM machine. The ATM/ debit card when used by the
User in an ATM machine, the card information gets collected in the skimming device and the PIN
number also gets captured in the pin hole camera. With this information, a clone ATM card is made and
is used for withdrawing the money, with the PIN captured in the camera. The offence is punishable
under section 66 of the IT Act, 2000.

15. Bot Networks- Bot network is remotely controlled computer network, which is used for
remote attacks like DoS, spoofing, phishing etc. Bots are computer programme and work
according to their remote controller through control and command center. Whenever a victim opens a
mail loaded with the programme (Torjan), the computer becomes infected and becomes part of the Bot
network and the victim computer is controlled completely. This is punishable under section 66 of the IT
Act, 2000.

16. Phishing Attack- In phishing, a deceptively similar website is prepared in look and features,
and the host the website at a deceptively similar URL. Now emails are sent to the prospective victims
with a link containing phishing website. When the customer clicks the link, the deceptive website opens
and the customer fills his user name, passwords and other important data in the phishing website. As
such the information is passed to the criminal through the phishing website. Phishing is punishable
under section 66C/66D of the IT Act, 2000.

17. Spear Phishing– It is an email spoofing attack that targets a specific organization or
individual, the spear phishing is similar to phishing in all other aspects. It is punishable under section
66C/66D of the IT Act, 2000.

18. Local File Inclusion (LFI) Attack– In LFI, some unwanted filed are attached to the files
that are already present on the server, through the exploiting of vulnerable inclusion procedures
implemented in the application. This is punishable under section 65/ 66 of the IT Act.
19. Man-in-the- Middle (MITM) Attack- MITM is a type of spying where communication
between two users is monitored and also modified by an unauthorized party. This offence is punishable
under section 66/66C/66D of the IT Act, 2000.

20. Crypto-Currency- Crypto Currency Exchanges are the platform to buy and sell digital
assets like bitcoin. Cyber criminals try to steal the crypto-currencies by various methods. As the
exchanges function
 as the trading platform, they are most vulnerable for Cyber Attacks for the crypto currencies.

D. CYBER FRAUDS AND AWARENESS

A number of cyber frauds are committed every day throughout the world. In most of the case, the
victim is ignorant of the Cyber world and the frauds.

There are several kind of Cyber frauds. It’s very important to be aware of the frauds. Some of the
cyber frauds are-

1. Financial Fraud

2. Data theft

3. Job Fraud

4. Matrimonial Fraud

5. Social Media Platform Frauds

Financial Frauds– With the growth of the digitization, more and more people are using the internet for
financial transactions, fund transfer, for payment of bills, Online purchase etc. People often get calls
asking for OTP, PIN etc. which results in huge financial losses. Never disclose your OTP, passwords,
CVV Number, ATM PIN to any one on phone or in any way. Bank or RBI or banks never ask for the
passwords or PIN.

Data theft- In today’s world, the data is a very important commodity and is considered equivalent to
gold, oil or any other valuable resource. Individuals’ privacy and their personal data are at risk. Hacking,
, identity theft, financial fraud, malware, medical fraud, messages, images, and video and audio
recordings are ways of the data theft. One needs to be much conscious about personal and professional
data so that it never gets vulnerable to cybercriminals.

Job Frauds- Job websites are used by the job seekers. Sometimes, some very lucrative job offers
appear on some website giving very good offer and on making some payment. You can be called for
the interview, but later would find that no such company existed and you ended with losing the amount.
So, one should be very caution, should verify the vacancy before making any payment, use only verified
websites and no company asks for any fee for appearing for the interview.

Matrimonial Frauds- There are number of good matrimonial websites which provides match for youth
for life partners. The websites are used by the youth and also by their parents to find a suitable match.
However, sometimes it may lead to frauds and a trap. So be caution and always use a trusted website for
registration and a background search to be done of the prospective match, make proper enquiry, do not
disclose your confidential information, do not share your sensitive photographs.

Social Media frauds- This is the widest spread and anyone using the social media should take some
 basic safety measures to avoid being trapped, facing frauds.

E. REPORTING OF CYBER CRIME-

The Government of India has established the Indian Cybercrime Coordination Center (I4C)
portal, to report Cyber Crime. The portal facilitate the reporting of all types of cybercrimes, with a
special importance on those committed against women and children. The portal also provides an
option of reporting an anonymous
 complaint for reporting online Child Pornography (CP) or sexually explicit content such as Rape/Gang
Rape (RGR) content. The link for the portal is https://cybercrime.gov.in.

There are two options for reporting cybercrimes on the portal:

Report Crime related to Women/ Child – Under this section, you can report complaints pertaining
to online Child Pornography (CP), Child Sexual Abuse Material (CSAM) or sexually explicit content
such as Rape/Gang Rape (CP/RGR) content.

Report Other Cybercrimes – Under this option, you can report complaints pertaining to cybercrimes
such as mobile crimes, online and social media crimes, online financial frauds, ransomware, hacking,
Crypto Currency crimes and online cyber trafficking.

Information considered as evidence while filing complaint related to cybercrime-

As per the I4C FAQ, the following information can be the evidence while filing complaints- Credit card

receipt
Bank statement
Envelope (if received a letter or item through mail or courier) Brochure/Pamphlet
Online money transfer receipt Copy of email
URL of webpage Chat transcripts
Suspect mobile number screenshot Videos
Images
Any other kind of document

Once you report the complaints on the Portal, the complaints shall be handled by the concerned
State/UT police authorities based on your selection of State/ UT while reporting the complaint. A
complaint filed under REPORT WOMEN/ CHILD RELATED CRIME section cannot be withdrawn.
Complaint filed under REPORT OTHER CYBERCRIME section can be withdrawn before it is
converted into FIR.

Cyber Cells have been established in the Police stations to hand such crimes where Online complaints
can be lodged for the crimes such as – email related complaints, Social Media related complaints,
Mobile app related complaints, Business email compromise complaints, Data theft complaints,
ransomware complaints, Net Banking, ATM related complaints, fake calls frauds, Bitcoin related,
cheating, online transactions related etc.

F. HOW TO PROTECT YOURSELF AGAINST CYBERCRIME

One can protect oneself from the dangers of the cyber-crime by taking some simple and basic measures.

Installing Anti- Virus: An Anti- Virus software protects you from viruses, spyware, malware,
rootkits, phishing attacks, spam attack, and other online cyber threats.
Using a strong Password: A strong password consists of:
– At least 8 characters—the more characters, the better.

– A mixture of both uppercase and lowercase letters.

 – A mixture of letters and numbers.

– Including at least one special character, e.g., *&?]

Don’t open unreliable links anywhere: Be it your e-mail or any other dubious website, it is never a
good idea to open links that feels unsafe or shady. This is also the oldest trick in the book for malware
attacks!
Keep a constant check on your bank statements: If there are any strange transactions made via your
bank account which you are unaware of, it can be a fraudulent activity, hence you might be a victim of
cybercrime. So, if such an incident occurs, be sure to call your bank and confirm the same.
Cover your webcam– A web camera of our laptop, if hacked can be very dangerous and can be used to
observe, watch and record day to day activities. It is a recommended to cover webcam when not in use.
Do not do any private activities in front of the webcam.
Secure your online presence. Chose right setting on social media platforms. Do not accept
friends request from anyone or everyone. Remember to log out from the social media platform. Keep a
check on your account. Report to the social media service provide for any fake, unwanted or fraudulent
activities in your account. Be aware of your outfits on video call and video chats. No sensitive pics
should be there on your smart phone.
Your software should be updated: It is must to keep your software and Operating system up-to-date
with latest security patches. Always choose updated version of the browser and install safe browsing
tools
Take care of your communication devices: Make sure that your devices is protected by password,
PIN, Pattern or biometric information so that others cannot access easily.
Precaution on sensitive Browsing: Remember that you should browse shopping or banking websites or
apps only your devise. Avoid using friend’s phone, public computer, cyber cafe or free Wi-Fi for
sensitive browsing as data can be stolen or copied.
Be cyber aware- Make aware your children about potential online threats such as grooming, bullying,
and stalking, keep track of their online activities. Also, you should be aware of the latest applications,
securities devises and at the same time be aware the frauds, threats etc.

G. Cyber security and role of Professionals

Cybersecurity is protecting your organization’s data, computer system and internet from cyber-attacks.
Cyber Security in an organisation includes technologies, processes and practices in the organisation to
protect networks, computers, programs, and data from unauthorized access or damage. The strategy is to
ensure confidentiality, data integrity and safety. The Professionals can play a great role by taking
responsibility of safeguarding the Organisation and the business from the threat of the cyber-crime. The
following can be ensured by the professionals for cyber security-

Implementation of a cybersecurity governance and risk management program depending on the size and
the importance of the data.
The Cybersecurity risk to be considered as a significant business risk and to be put at the same level of
importance as compliance, operational, financial and reputational risks.
Implementation of a proper and adequate policy for access to the sensitive information on need to know
basis.
Implementation of a policy for System Use ie how to use the IT Systems of the Organisation, use of
passwords, no use of the external devices such as pen drive, no copying of Organisation data, rules to
use the systems outside office, email use policy, internet use policy and remote access policy.
Ensure safety from malware, ransomware attacks by installing antivirus, firewall, anti-spam software,
anti- phishing software and several other good software available in the market. Make sure that
they are renewed and updated regularly.
 Keep the list of backup technicians, document the configuration of hardware and software applications
and keep this up to date so that at the time of emergency, the list is handy.
Hardware should be maintained adequately and timely. Sign contracts with hardware maintenance
service provider. Take adequate insurance policy for the systems.
Implement the basic practice in the organisation for Cyber security such as identify the cybersecurity
risk, protect and implement appropriate safeguards to ensure delivery of critical services, identify the
occurrence of cyber threat, action chart for a detected cybersecurity incident, develop a recovery and
restoration plan due to a cyber security incident.

H. SOME INSTANCES OF CYBER CRIME-

India’s Aadhaar, which is national centralized government ID database, which stores the biometric data
and identity data of 1.2 billion Indians, was subjected to a database breach in 2018.
Capital One Financial Corporation, an American Bank, revealed a data breach affecting 100 million US
customers and a further six million in Canada as Federal Bureau of Investigation (FBI) officers arrested
a suspect (2019).
Mailing and shipping services company Pitney Bowes, USA got an apparent ransomware attack (2019).
In UK, The WannaCry virus infiltrated the National Health Service (NHS) computer system which
made the system disabled for a week. The hospitals and medical practitioners operated entirely offline.
(2017).
Glasgow-born Gary McKinnon was accused of infiltrating 97 US military and NASA computers in
order to find evidence suggesting free energy suppression and UFO cover-ups. This was termed as the
‘biggest military computer hack of all time’ (2002)
The personal data (i.e., national identifier, name, gender, parents’ names, home address, date of birth,
and city of birth) of over 49 million Turkish citizens was made available in 2016, through an online
searchable database (Greenberg, 2016).
Mobile Malware Smith had attacked and infected about 25 million devices, in India and other Asian
countries, and also in UK and US (2019).
A group of Russian hackers broke the access code and were able to get the secure information of
more than 100 institutions in the world. They used malware to infect the bank computer systems and
were able to steal about £650 million from global banks (2015).
From Yahoo account, more than one billion user accounts were stolen, it included the names, phone
numbers, passwords and email addresses of the users. It was one of the largest cases of data theft in
history (2013).
Kevin David Mitnick was an all-time popular cybercriminal. In 1995, at the time of his arrest, he was
“the most wanted hacker in America.”

I. CONCLUSION

In conclusion, one can undoubtedly state the fact that cybercrime is a misdeed, and anyone using
cyberspace can be its victim. We also now know all the major types of crimes that one may have
to deal with, although in today’s world, offenders and hackers design new advance versions of
violation each day, so one can never be too aware in the matter of self-security. Any individual’s
precious personal data can be sold for as little as $0.20, up to $15.
Cybercrime is a serious crime, it breaches someone’s privacy and confidential data and also
exposes to financial losses. It involves infringement of human rights as well as of governmental laws.
Therefore, one must consistently follow all the precautions discussed earlier, because ‘Prevention is
better than cure’, as the well- known saying states.
 It is also extremely crucial to spread awareness about cybercrime, as 21% of files aren’t protected (2018
Global Data Risk Report). Along with your computer, it is also important to protect your smart phones,
as they contain almost all information.

Even after world class security, anyone can be a victim to an unethical hacker’s play. One such case is
of the French President Emmanuel Macron, even after getting the utmost elite security, his emails were
hacked.

So, it is not impossible to get victim of Cybercrime even after following every measure, but the spread
of education and awareness about the topic, can surely help many to be actually ready for the worst
cases, and be prepared to fight the crime.

J. REFERENCES

Indian Cybercrime Coordination Center, https://cybercrime.gov.in https://en.wikipedia.org

Cyber Crime, First Responder Guide, Anuj Agrawal Information available in the public domain.