E –mails

Short for electronic mail, e-mail or email is information stored on a computer that is exchanged between two users
over telecommunications. More plainly, e-mail is a message that may contain text, files, images, or
other attachments sent through a network to a specified individual or group of individuals.

Advantages of Email

There are many advantages of email, which are as follows:

o Cost-effective: Email is a very cost-effective service to communicate with others as there are several email
services available to individuals and organizations for free of cost. Once a user is online, it does not include
any additional charge for the services.
o Email offers users the benefit of accessing email from anywhere at any time if they have an Internet
connection.
o Email offers you an incurable communication process, which enables you to send a response at a
convenient time. Also, it offers users a better option to communicate easily regardless of different
schedules users.
o Speed and simplicity: Email can be composed very easily with the correct information and contacts. Also,
minimum lag time, it can be exchanged quickly.
o Mass sending: You can send a message easily to large numbers of people through email.
o Email exchanges can be saved for future retrieval, which allows users to keep important conversations or
confirmations in their records and can be searched and retrieved when they needed quickly.
o Email provides a simple user interface and enables users to categorize and filter their messages. This can
help you recognize unwanted emails like junk and spam mail. Also, users can find specific messages easily
when they are needed.
o As compared to traditional posts, emails are delivered extremely fast.
o Email is beneficial for the planet, as it is paperless. It reduces the cost of paper and helps to save the
environment by reducing paper usage.
o It also offers a benefit to attaching the original message at the time you reply to an email. This is beneficial
when you get hundreds of emails a day, and the recipient knows what you are talking about.
o Furthermore, emails are beneficial for advertising products. As email is a form of communication,
organizations or companies can interact with a lot of people and inform them in a short time.

Disadvantages of Email

o Impersonal: As compared to other forms of communication, emails are less personal. For example, when
you talk to anyone over the phone or meeting face to face is more appropriate for communicating than
email.
o Misunderstandings: As email includes only text, and there is no tone of voice or body language to provide
context. Therefore, misunderstandings can occur easily with email. If someone sends a joke on email, it can
be taken seriously. Also, well-meaning information can be quickly typed as rude or aggressive that can
impact wrong. Additionally, if someone types with short abbreviations and descriptions to send content on
the email, it can easily be misinterpreted.
o Malicious Use: As email can be sent by anyone if they have an only email address. Sometimes, an
unauthorized person can send you mail, which can be harmful in terms of stealing your personal
information. Thus, they can also use email to spread gossip or false information.
 o Accidents Will Happen: With email, you can make fatal mistakes by clicking the wrong button in a hurry.
For instance, instead of sending it to a single person, you can accidentally send sensitive information to a
large group of people. Thus, the information can be disclosed, when you have clicked the wrong name in an
address list. Therefore, it can be harmful and generate big trouble in the workplace.
o Spam: Although in recent days, the features of email have been improved, there are still big issues with
unsolicited advertising arriving and spam through email. It can easily become overwhelming and takes time
and energy to control.
o Information Overload: As it is very easy to send email to many people at a time, which can create
information overload. In many modern workplaces, it is a major problem where it is required to move a lot
of information and impossible to tell if an email is important. And, email needs organization and upkeep.
The bad feeling is one of the other problems with email when you returned from vacation and found
hundreds of unopened emails in your inbox.
o Viruses: Although there are many ways to travel viruses in the devices, email is one of the common ways
to enter viruses and infect devices. Sometimes when you get a mail, it might be the virus come with an
attached document. And, the virus can infect the system when you click on the email and open the attached
link. Furthermore, an anonymous person or a trusted friend or contact can send infected emails.
o Pressure to Respond: If you get emails and you do not answer them, the sender can get annoyed and think
you are ignoring them. Thus, this can be a reason to make pressure on your put to keep opening emails and
then respond in some way.
o Time Consuming: When you get an email and read, write, and respond to emails that can take up vast
amounts of time and energy. Many modern workers spend their most time with emails, which may be
caused to take more time to complete work.
o Overlong Messages: Generally, email is a source of communication with the intention of brief messages.
There are some people who write overlong messages that can take much time than required.
o Insecure: There are many hackers available that want to gain your important information, so email is a
common source to seek sensitive data, such as political, financial, documents, or personal messages. In
recent times, there have various high-profile cases occurred that shown how email is insecure about
information theft.

What is World Wide Web?

World Wide Web, which is also known as a Web, is a collection of websites or web pages stored in web servers and
connected to local computers through the internet. These websites contain text pages, digital images, audios, videos,
etc. Users can access the content of these sites from any part of the world over the internet using their devices such
as computers, laptops, cell phones, etc. The WWW, along with internet, enables the retrieval and display of text and
media to your device.
Difference between World Wide Web and Internet:

Some people use the terms 'internet' and 'World Wide Web' interchangeably. Internet is a worldwide network of
devices like computers, laptops, tablets, etc. It enables users to send emails to other users and chat with them online.
For example, when you send an email or chatting with someone online, you are using the internet.

WWW is a collection of websites connected to the internet so that people can search and share information .But,
when you have opened a website like google.com for information, you are using the World Wide Web; a network of
servers over the internet. You request a webpage from your computer using a browser, and the server renders that
page to your browser. Your computer is called a client who runs a program (web browser), and asks the other
computer (server) for the information it needs.

E – commerce & M – commerce System Security

E-commerce or electronic commerce refers to the process of buying and selling on the internet. The birth of e-
commerce is believed to occur in 1994, with the first purchase made over the internet in Philadelphia. Generally, e-
commerce points to online buying activities that happen over a computer or laptop.
M-commerce refers to online payment transactions that happen over a mobile device. The
advancement of mobile connectivity, security, and apps development has spurred retailers to offer services,
products, and payment gateways over the smartphone. The m-commerce trend is also spurred by the increasing
population that own smartphones.

The Differences( E – commerce & M – commerce)

So how do they really differentiate from each other? There’s a lot more to dig into:

M Commerce E Commerce

Handheld devices such as

Devices used smartphones and tablets Computers, laptops, …

Connection-
dependency Mandatory (*) Mandatory (*)

Reachability With push notifications in place, Limited

 mobile commerce can reach a wider
range of users even when they’re on
the go.

Low: Users can make

High: Users can make transactions transactions on their
everywhere as long as they are computers and laptops with
Mobility connected to the Internet. limited mobility

User Experience on mobile devices Harder to navigate in the

is optimized for as little taps-on- desktop websites of
Ease of Use screen per transaction as possible eCommerce stores.

Platform Web stores and native apps Web stores

Payment Caller’s rate, mobile banking or

Gateway user’s credit card Credit Cards

Location-
tracking
capability Yes No

Rely on the web security combined

with built-in mobile security Rely mainly on the web
Security features security

Top tips to secure your m-commerce and e-commerce data and systems:

1. Examine the needs of the business – are you embracing m-commerce now or in the near future? Identify
protection solutions that will de-identify customer credit card numbers (and other sensitive personally identifiable
information (PII)), as that data is entered into the browser, and travel with the data all the way to your secure back-
office systems. This approach will augment the security provided in your network by solutions such as SSL.

2. Make sure you can provide customer purchase behavior data back to the business. Don’t accept solutions which
pass the online buyer to another outside party or service during the critical check-out process. Serve your marketing
organization well with a fully branded purchase process, and keep the web analytics team happy by maintaining full
visibility into the customer experience at checkout.

3. Forego point security solutions for data-centric protection. You can effect comprehensive change over time and
across the business, by selecting solutions that work with virtually all platforms and languages. Data-centric security
solutions will enable use of cost-saving technologies like cloud computing, with secure premises-based stateless key
management.

4. Introduce tokenisation to address PCI compliance, but avoid solutions using a token database in the architecture.
Identify the solution that will remove the maximum number of applications and databases from audit scope. Expect
as much as 80% audit scope reduction. Look for stateless tokenization–and be sure to ask for published security
proofs, documented standards-based techniques and published third party validation of strong and proven security
techniques. Without proof and evidence you and your QSA can review, the solution cannot be used for PCI DSS
compliance.
5. Consider other kinds of sensitive data such as social security numbers, health information, account numbers, and
other PII. Will the same data protection framework secure all kinds of data whether structured or unstructured, and
for internal corporate web forms or customer transactions?

6. If you have mainframes in your environment, identify solutions that will tokenise customer data natively, without
“leaving the box”. This is a superior way to not only protect that data now, but also set the stage for potential use of
Hadoop or other Big Data ecosystems. You can tokenise sensitive customer data before it enters Hadoop for big data
analytics and count on high-performance capabilities and scalability.

7. When assessing data encryption solutions, require standards-based, NIST-recognised format-preserving

techniques ONLY. Standards-based format-preserving encryption enables the secure use of protected data for
analytics and sharing inside and outside the business, and enables the use of cost-saving technologies such as Cloud
services.

Government Regulation of the Internet

Content regulation of the Internet has recently come to the fore of public debate as an issue that both governments
and Net users are concerned about. there are various pressures on governments to regulate the Internet. It then
observes that governments do not regulate using any regulatory paradigm although the regulators are often also
regulators of broadcasting. The regulatory paradigm in fact sometimes comes from the print media.

Thumbnail sketches of the regulatory frameworks in several countries, especially the United States, France,
Singapore, China and South Korea, are then outlined. The paper notes that although there are more censorship laws
being passed around the world, and often after studying the area, censorship has actually been light-handed.

It concludes that there is no one universal model for Internet content regulation. Ultimately, each country's
regulation of the Internet is driven not by technology or law but by the culture--in the broadest sense of the word--of
the society. Each country has its own specific concerns and it is this rich variety of concerns that adds to the
diversity of the Internet.

Net users appear puzzled by governments' intention to regulate the Internet. Often users say that the Net is a
powerful medium that will be stifled by regulation. However, the power of the Internet is precisely the reason that
governments want to regulate it.

The European Union paper on "Illegal and harmful content on the Internet" probably best sums up the fears of
governments about the Internet:

 national security (instructions on bomb-making, illegal drug production, terrorist activities);

 protection of minors (abusive forms of marketing, violence, pornography);
 protection of human dignity (incitement to racial hatred or racial discrimination);
 economic security (fraud, instructions on pirating credit cards);
 information security (malicious hacking);
 protection of privacy (unauthorized communication of personal data, electronic harassment);
 protection of reputation (libel, unlawful comparative advertising);
 intellectual property (unauthorized distribution of copyrighted works, software or music) [ibid].
 Table 1. Regulatory framework
Substantive
Regulator Sanctions Mechanism
Rules
1. The actor him/herself Personal ethics Self-sanction Self
2. Second party controllers (i.e., the person Contractual Various self-help PICS, RSACi, filter
acted upon) provisions mechanisms software
3. Nonhierarchically organized social
Social norms Social sanctions Code of Conduct
forces
4. Hierarchically organized Industry self-
Organization rules Organization sanctions
nongovernmental organizations regulation
State enforcement, coercive
5. Governments Law Law
sanctions

Distinction between Cyber Crime and Conventional Crime

With the advancements in technology and exponential adoption of internet and computers, almost all domains have
started using these technologies in their businesses. The crackers are professional thieves, criminal gangs,
disgruntled employees, professional competition, activists, disillusioned youth and state adversaries. They have the
same motivations as traditional criminals such as boredom and vandalism, ideological or political support, malice
or revenge, monetary gain through extortion or sale of illegally obtained data, terrorism or notoriety and
ensationalism. Apart from use of technology, following are the differences:

The Scale

Attacks can be conducted on a scale not possible in the physical world. A traditional bank robber may only be able
to hit one or two banks a week, a cyber-attack can target 100’s if not 1000’s of sites at once.

The Reach

Attacks can be performed from anywhere in the world; they can be performed anonymously and within jurisdictions
where the consequences of those actions may not, or cannot, be addressed by the criminal justice system. Attackers
are also able to extract far more data digitally than would ever be possible in the physical world. For example 1
gigabyte of data is approximately 4,500 paperback books. Think of how many gigabytes of data is held on a system,
hackers can extract this within a matter of minutes.

The Speed

Attacks are conducted at machine speed; a criminal can write a piece of code that can target multiple sites in
minutes.

Perception and Media Effect

There is another part of the cyber threat to be considered, the public and media perception of cyber crime. When
large financial institutions have been hacked the media has often wholly apportioned blame to the organizations
rather than the criminals, this would not be the case in a physical bank robbery. Clearly, cyber attacks pose serious
threats to the world wide web and services that make use of it.
 What is cybercrime?

Cybercrime is criminal activity that either targets or uses a computer, a computer network or a networked device.
Most, but not all, cybercrime is committed by cybercriminals or hackers who want to make money. Cybercrime is
carried out by individuals or organizations. Some cybercriminals are organized, use advanced techniques and are
highly technically skilled. Others are novice hackers. Rarely, cybercrime aims to damage computers for reasons
other than profit. These could be political or personal.

Types of cybercrime

 Here are some specific examples of the different types of cybercrime:

 Email and internet fraud.

 Identity fraud (where personal information is stolen and used).
 Theft of financial or card payment data.
 Theft and sale of corporate data.
 Cyberextortion (demanding money to prevent a threatened attack).
 Ransomware attacks (a type of cyberextortion).
 Cryptojacking (where hackers mine cryptocurrency using resources they do not own).
 Cyberespionage (where hackers access government or company data).

 Most cybercrime falls under two main categories:

 Criminal activity that targets

 Criminal activity that uses computers to commit other crimes.

Types of Cyber Criminals:

1. Hackers:
The term hacker may refer to anyone with technical skills, however, it typically refers to an individual who uses
his or her skills to achieve unauthorized access to systems or networks so as to commit crimes. The intent of the
burglary determines the classification of those attackers as white, gray, or black hats. White hat attackers burgled
networks or PC systems to get weaknesses so as to boost the protection of those systems. The owners of the
system offer permission to perform the burglary, and they receive the results of the take a look at. On the opposite
hand, black hat attackers make the most of any vulnerability for embezzled personal, mo netary or political gain.
Grey hat attackers are somewhere between white and black hat attackers. Grey hat attackers could notice a
vulnerability and report it to the owners of the system if that action coincides with their agenda.
 (a). White Hat Hackers –
These hackers utilize their programming aptitudes for a good and lawful reason. These hackers may perform
network penetration tests in an attempt to compromise networks to discover network vulnerabilities. Security
vulnerabilities are then reported to developers to fix them.
 (b). Gray Hat Hackers –
These hackers carry out violations and do seemingly deceptive things however not for individual addition or to
cause harm. These hackers may disclose a vulnerability to the affected organization after having compromised
their network.
 (c). Black Hat Hackers –
These hackers are unethical criminals who violate network security for personal gain. They misuse
vulnerabilities to bargain PC frameworks.
2. Organized Hackers:
These criminals embody organizations of cyber criminals, hacktivists, terrorists, and state -sponsored hackers.
Cyber criminals are typically teams of skilled criminals targeted on control, power, and wealth. These criminals
are extremely subtle and organized, and should even give crime as a service. These attackers are usually
profoundly prepared and well-funded.
3. Internet stalkers:
Internet stalkers are people who maliciously monitor the web activity of their victims to acquire personal data.
This type of cyber crime is conducted through the use of social networking platforms and malware, that are able
to track an individual’s PC activity with little or no detection.
4. Disgruntled Employees:
Disgruntled employees become hackers with a particular motive and also commit cyber crimes. It is hard to
believe that dissatisfied employees can become such malicious hackers. In the previous time, they had the only
option of going on strike against employers. But with the advancement of technology there is increased in work
on computers and the automation of processes, it is simple for disgruntled employees to do more damage to their
employers and organization by committing cyber crimes. The attacks by such employees bring the entire system
down.

What is Digital Forgery ?

Creating a fake copy or imitation of a document or an object with the intention to deceive is called forgery. It can
involve everything from forging a signature, faking a masterpiece, creating a cheap replica of an expensive original
device to faking government documents like a licence, birth certificate etc. Market places are full of convincing
fakes of expensive originals items like designers shoes, clothes etc. All of these fakes can be called as forgeries.
Digital forgery involves creating the same fakes in electronic form.

Cyber Stalking/Harassment