Cyber Safety

1. B sic risks nd d ngers on Internet nd soci l medi (prev lent

cybercrimes in Nep l, eg, pir cy, f ke pro ile, online thre ts, cyber
st lking/bulling, sp m, phishing, sc ms, identity theft)
2. Preventive me sures from cyber-crimes.
3. Cyber ethics nd l ws (Nep l)
a
a
a
a
a
a
a
a
a
a
a
a
a
a
f
a
a
a
a
 Cyber Safety
• Cyber safety refers to the practice of protecting internet user,
user’s information, and user’s digital devices from various online
threats and risks.
• It involves adopting proactive measures and employing safe
practices to ensure a secure and responsible online experience.
• Cyber safety encompasses a wide range of strategies and
behaviors aimed at safeguarding individuals, organizations, and
systems from cyber threats, including hackers, malware,
phishing scams, identity theft, and cyberbullying.
 Computer Crime, Cyber Crime and Categories:
• Any illegal act involving a computer generally is referred to as a
computer crime.
• Alternatively referred to as cyber crime, e-crime, electronic crime,
or hi-tech crime.
• The term cybercrime refers to online or Internet-based illegal acts.
• Cybercriminals use computer technology to access personal
information, business trade secrets or use the internet for malicious
purposes.
• Computer crime is an act performed by a knowledgeable computer
user, sometimes referred to as a hacker, that illegally browses or
steals a company's or individual's private information.
• In some cases, this person or group of individuals may be malicious
and destroy or otherwise corrupt the computer or data files.
• Common types of cybercrime include: online bank information
theft, identity theft, online predatory crimes and unauthorized
computer access.
• Some of the examples of computer crimes are copyright violation,
cracking, cyber terrorism(threats and blackmails), cyberbullying or
cyberstalking, creating malware, DOS attack, identity theft,
phishing, scam, software piracy etc.
• Computer crime laws prohibit a person from performing certain acts
without authorization, including:
• Improperly accessing a computer, system, or network;
• Modifying, damaging, using, disclosing, copying, or taking
programs or data;
• Introducing a virus or other contaminant into a computer system;
• Using a computer in a scheme to fraud;
• Interfering with someone else's computer access or use; and
• Stealing an information service from a provider.
 Basic risks and dangers on Internet and social media

• The internet and social media have revolutionized the way we

communicate, access information, and interact with others.
• However, along with the benefits, there are also several risks and
dangers associated with these platforms.
• The internet and social media offer numerous benefits and
opportunities for communication, collaboration, and entertainment,
users must remain careful and informed about the potential risks and
dangers associated with online activities.
• Here are some of the basic risks and dangers:
 Basic risks and dangers on Internet and social media
1. Piracy

• Piracy refers to the unauthorized distribution, reproduction, or

use of copyrighted material, such as movies, music, software,
and books, without the permission of the copyright owner.
• In Nepal, piracy is widespread, particularly in the form of illegal
downloading and sharing of movies and music through torrent
sites and le-sharing platforms.
• This deprives content creators of their rightful earnings and
undermines the entertainment industry.
fi
 1. Piracy
• Downloading Movies and Music Illegally: Getting movies, songs, or software from uno cial
websites or le-sharing platforms without paying for them.
• Buying Fake DVDs: Purchasing DVDs or CDs with copied movies or music that haven't been
authorized by the creators.
• Watching Pirated Streams: Streaming movies, TV shows, or sports events from websites that
don't have the right to broadcast them.
• Using Cracked Software: Installing computer programs without buying licenses or subscriptions,
which is often done through illegal downloads.
• Recording Movies in Theaters: Using cameras to record movies playing in theaters and then
sharing those recordings online.
• Using Images without Permission: Using pictures or photos from the internet without getting
permission from the photographers or owners.
• Downloading Games Illegally: Getting video games from the internet without buying them,
which is often done through uno cial websites or torrents.
fi
ffi
ffi
 Fake Pro iles
• Fake pro les on social media platforms pose signi cant risks,
including identity theft, cyberbullying, harassment, and fraud.
• In Nepal, fake pro les are commonly used for impersonation,
spreading false information, and scamming unsuspecting
users.
• These fake pro les may be created for various malicious
purposes, such as spreading propaganda, conducting
phishing attacks, or defrauding individuals.
fi
f
fi
fi
fi
 • Fake Social Media Accounts: Creating a fake pro le on platforms like Facebook,
Instagram, or Twitter using a ctitious name, photos, and personal information.
• Impersonating Someone: Pretending to be someone else by using their name,
photos, or other details to create a fake pro le and interact with others online.
• Cat shing: Creating a fake persona, often with fake photos, to deceive others
into forming romantic or emotional relationships online.
• Professional Impersonation: Creating a fake pro le posing as a professional,
such as a doctor, lawyer, or business executive, to gain trust and credibility for
fraudulent purposes.
• Trolling: Creating fake pro les with the intention of harassing, provoking, or
upsetting others by posting in ammatory or o ensive comments or messages.
fi
fi
fi
fl
fi
ff
fi
fi
 Online Threat
• Online threats encompass a wide range of malicious activities
aimed at disrupting computer systems, stealing sensitive
information, or causing harm to individuals or organizations.
• Common online threats in Nepal include malware infections,
ransomware attacks, denial-of-service (DoS) attacks, and data
breaches.
• Cybercriminals may exploit vulnerabilities in software, phishing
emails, or malicious websites to carry out these attacks.
• Malware: Malicious software designed to disrupt, damage, or gain unauthorized access to
computer systems. Examples include viruses, worms, Trojans, ransomware, and spyware.
• Phishing: Emails, messages, or websites that impersonate legitimate entities to trick users into
providing sensitive information, such as usernames, passwords, or nancial details.
• Identity Theft: Theft of personal information, such as social security numbers, credit card
numbers, or driver's license details, to impersonate individuals or commit fraud.
• Cyberbullying: Harassment, intimidation, or bullying conducted online, often through social
media platforms, messaging apps, or online forums.
• Data Breaches: Unauthorized access to sensitive information stored by organizations, resulting in
the exposure or theft of personal or con dential data.
• Denial-of-Service (DoS) Attacks: Deliberate attempts to disrupt the normal functioning of a
computer network or website by overwhelming it with a high volume of tra c or requests.
• Ransomware: Malware that encrypts les on a victim's computer and demands payment (ransom)
in exchange for decryption keys to restore access to the les.
fi
fi
fi
fi
ffi
 Cyber Stalking/Bullying
• Cyber stalking and cyberbullying involve using electronic
communication channels, such as social media, email, or
messaging apps, to harass, intimidate, or threaten individuals.
• In Nepal, cases of cyberbullying and cyber stalking have been
reported, particularly targeting women and vulnerable groups.
• Perpetrators may use fake pro les, o ensive comments, or
private messages to harass their victims, leading to
psychological distress and emotional harm.
fi
ff
• Harassing Messages: Sending repeated, threatening, or abusive messages to
an individual through email, social media platforms, or messaging apps.
• Posting Hurtful Comments: Leaving derogatory or hurtful comments on
someone's social media posts, photos, or videos to embarrass or humiliate
them publicly.
• Impersonation: Creating fake pro les or accounts to impersonate someone
else and post o ensive or damaging content in their name.
• Threats or Blackmail: Making threats of physical harm, violence, or exposing
sensitive information to coerce or manipulate the victim.
• Photoshopping or Memes: Creating and sharing edited or manipulated
images or memes to joke, tease, or defame the victim.
ff
fi
 Spam
• Spam refers to unsolicited or unwanted emails, messages, or
advertisements sent in bulk to a large number of recipients.
• In Nepal, spam emails and messages are commonly used for
promoting fraudulent schemes, phishing scams, and fake
products.
• Spam messages may contain malicious links or attachments
designed to steal personal information, infect devices with
malware, or trick users into revealing sensitive data.
 • Email Spam: Unwanted emails advertising products, services, or fraudulent schemes,
often containing misleading subject lines, fake o ers, or malicious attachments.
• Phishing Emails: Emails that impersonate legitimate organizations, such as banks,
social media platforms, or online retailers, to trick recipients into providing sensitive
information, such as passwords, credit card numbers, or personal details.
• Text Message Spam: Unwanted text messages promoting products, services, or
scams, often containing links to malicious websites or instructions to call a phone
number for further details.
• Social Media Spam: Automated or repetitive posts, comments, or messages on social
media platforms, such as Facebook, Twitter, or Instagram, promoting fake products,
a liate links, or fraudulent schemes.
ffi
ff
 Phishing
• Phishing is a form of cyber attack where attackers impersonate
legitimate entities, such as banks, government agencies, or reputable
companies, to deceive individuals into providing sensitive
information, such as passwords, credit card details, or personal
identi cation numbers (PINs).
• Phishing attacks are prevalent in Nepal, targeting online banking
users, social media users, and email account holders.
• Victims may be lured into clicking on malicious links or downloading
malicious attachments, leading to nancial losses or identity theft.
fi
fi
• Email Phishing: An attacker sends an email purporting to be from a trusted
organization, such as a bank, social media platform, or online retailer,
requesting the recipient to click on a link and log in to their account to verify
their information. The link directs the recipient to a fake website that looks
identical to the legitimate site, where the attacker captures the victim's login
credentials.
• Social Media Phishing: Attackers create fake social media pro les or pages
impersonating well-known brands, celebrities, or organizations and use them to
send phishing messages or posts containing links to fake websites or malicious
content. These messages may o er fake promotions, discounts, or giveaways to
lure users into disclosing their personal information or downloading malware.
ff
fi
 Scams
• Various types of scams operate online, targeting unsuspecting
individuals with fraudulent schemes aimed at deceiving them
into providing money, personal information, or access to their
accounts.
• In Nepal, common online scams include lottery scams, job
scams, investment scams, and romance scams.
• Scammers may use fake pro les, false promises, or emotional
manipulation to exploit their victims' trust and vulnerability,
resulting in nancial losses and emotional distress.
fi
fi
 • Online Shopping Scams: Fraudulent websites or sellers o er products at unrealistically low prices to lure
customers into making purchases. After payment is made, the products are never delivered, or they turn out to
be counterfeit or signi cantly di erent from what was advertised.
• Tech Support Scams: Scammers impersonate tech support representatives from well-known companies, such
as Microsoft or Apple, and contact individuals claiming that their computer has a virus or other issue. They then
persuade the victim to provide remote access to their computer or purchase unnecessary software or services to
x the non-existent problem.
• Lottery or Prize Scams: Victims receive noti cations claiming that they have won a lottery, sweepstakes, or
prize draw, often requiring them to pay fees or provide personal information to claim their winnings. In reality,
there is no prize, and the scammers may use the victim's personal information for identity theft or further scams.
• Romance Scams: Scammers create fake online dating pro les to establish romantic relationships with
individuals, often building trust over time before requesting money for various reasons, such as medical
emergencies, travel expenses, or nancial di culties.
• Investment Scams: Fraudulent investment schemes promise high returns with little or no risk, often targeting
inexperienced investors or individuals seeking quick pro ts. Scammers may use fake investment opportunities to
defraud victims of their money.
• Employment Scams: Fake job postings or work-from-home opportunities promise good salaries or easy
income, requiring applicants to pay upfront fees for training materials, background checks, or equipment.
Victims may never receive the promised job or reimbursement for their expenses.
fi
fi
ff
fi
ffi
fi
fi
ff
fi
 Identity Theft
• Identity theft occurs when cybercriminals steal personal information,
such as social security numbers, bank account details, or passport
numbers, to impersonate individuals or commit fraudulent activities.
• In Nepal, identity theft is a signi cant concern, particularly due to the
lack of robust data protection measures and inadequate
cybersecurity practices.
• Stolen identities may be used to open fraudulent bank accounts,
obtain loans, or conduct illegal transactions, causing nancial harm
and damaging victims' reputations.
fi
fi
 • Financial Identity Theft: An individual steals another person's personal information, such as
their social security number, credit card details, or bank account information, to make
unauthorized purchases, open fraudulent accounts, or apply for loans or credit cards in the
victim's name.
• Medical Identity Theft: Someone obtains a victim's personal information, such as their health
insurance or Medicare card details, to receive medical treatment, prescription drugs, or services
under the victim's identity. This can lead to inaccuracies in the victim's medical records and
potentially impact their ability to access healthcare.
• Criminal Identity Theft: A person commits a crime using another individual's name, date of
birth, or social security number, resulting in the victim being falsely accused or arrested for
o enses they did not commit. This can have serious legal consequences and damage the victim's
reputation.
• Employment Identity Theft: An identity thief uses a victim's personal information to secure
employment or obtain government bene ts illegally.
ff
fi
 Preventive measures from Cyber Crimes
Preventing cybercrime involves implementing various measures to protect
yourself, your devices, and your data from online threats. Here are some
preventive measures to consider:
1. Use Strong and Unique Passwords: Create complex passwords for your online
accounts and avoid using the same password across multiple accounts.
Consider using a password manager to securely store and manage your
passwords.
2. Enable Two-Factor Authentication (2FA): Enable 2FA wherever possible,
especially for sensitive accounts such as email, banking, and social media.
2FA adds an extra layer of security by requiring a second form of veri cation,
such as a code sent to your phone or generated by an authenticator app.

fi
3. Keep So ware Updated: Regularly update your operating
system, web browsers, and software applications to patch
known vulnerabilities and protect against malware and other
security threats. Enable automatic updates whenever possible.
4. Install Antivirus and Antimalware So ware: Use reputable
antivirus and antimalware software to protect your devices
from viruses, spyware, ransomware, and other malicious
software. Keep the software updated and perform regular
scans of your system.
ft
ft
5. Be careful of Phishing Attempts: Be careful when opening emails, clicking on links, or
downloading attachments, especially if they are from unknown or suspicious
senders. Verify the legitimacy of requests for sensitive information before providing
any personal or nancial details.
6. Secure Your Wi-Fi Network: Change the default administrator password for your
router and use strong encryption, such as WPA2 or WPA3, to secure your Wi-Fi
network. Enable network encryption and use a strong passphrase to prevent
unauthorized access to your network.
7. Backup Your Data Regularly:Backup your important les, documents, and data
regularly to an external hard drive, cloud storage service, or backup server. This will
help protect your data in case of a ransomware attack, hardware failure, or other
data loss incidents.
fi
fi
8. Be Careful with Personal Information: Avoid sharing sensitive
information, such as your social security number, nancial details, or
login credentials, on public or unsecured websites. Be cautious when
sharing personal information online and only provide it to trusted
and reputable sources.
9. Educate Yourself and Others: Stay informed about the latest
cybersecurity threats, scams, and best practices for online safety.
Educate yourself and others, including family members, friends, and
colleagues, about the importance of cybersecurity and how to
recognize and avoid online threats.

fi
 Cyber Ethics and Law
• Cyber ethics, also known as internet ethics or digital ethics,
refers to the moral principles, values, and guidelines that
govern responsible behavior and decision-making in the
digital realm.
• It involves understanding the ethical suggestion of
technology use, respecting the rights and privacy of others,
and promoting ethical standards in online interactions.
 Some Cyber Ethics Principles includes:
• Privacy:
• The content that is available on the internet should not hurt any moral,
emotional, or personal ethics of individuals.
• Users should have the right to protect any information which they don’t
want to share openly.
• Private information like user’s contact details, address, security-related
information like bank details, credit card/debit card details, are all included
in basic cyber ethics of user privacy and must not be breached in any case.
• Any breach of privacy is theft/fraud of user identity and user personal
information, which is punishable as per the rules of law.
 Some Cyber Ethics Principles includes:
• Intellectual property Right:
• Cyber ethics promotes respect for intellectual property
rights, including copyrights, trademarks, and patents.
• It involves honoring the rights of creators and innovators
by complying with copyright laws, giving credit to original
authors or creators, and seeking permission before using or
sharing copyrighted material online.
 Some Cyber Ethics Principles includes:
• Security:
• Security on the internet is the most basic ethical right that
every user must be accessible.
• Users of the internet should feel safe while they surf the net.
• Security, in general means only authorized users to have
access to the content on the computer.
• And con dential information is safe, without any risk of
loss of information/content.
fi
 Some Cyber Ethics Principles includes:
• Accuracy:
• The content available on the internet is accessed by billions of users.
• If there is no reliability of the information that is posted online, then
it would mislead the masses.
• Cyberethics state the importance of posting content on the internet
that is correct in all aspects.
• Users trust the content of the internet and rely heavily on the internet
for facts, therefore it is highly needed that the asked information is
correct and reliable.
 Cyber Law in Nepal
• Cyber law is the area of law that deals with the Internet's
relationship to technological and electronic elements, including
computers, software, hardware and information systems (IS).
• Cyber law is also known as Internet Law.
• Cyber laws prevent or reduce large scale damage from
cybercriminal activities by protecting information access, privacy,
communications, intellectual property (IP) and freedom of speech
related to the use of the Internet, websites, email, computers, cell
phones, software and hardware, such as data storage devices.
• Cyber law applies to the internet and internet-related technologies.
• Cyber law provides legal protections to people using the internet.
• This includes both businesses and everyday citizens.
• Understanding cyber law is of the utmost importance to anyone who uses the
internet.
• Cyber law, also known as internet law or digital law, is the legal framework that
governs activities and transactions conducted online. It includes a wide range
of legal issues related to the internet, computers, and digital communications.
• Cyber law provides legal protections to people using the internet. It de nes
and penalizes activities that breach digital security, ensuring legal
consequences for those who do so.

fi
 Electronic Transaction Act/ETA (2063)
• Implemented on 2063/08/22
• It contains 12 Sections/Chapters and 80 Clauses.
• To make legal provisions for authentication and regularization, validity,
integrity and reliability of generation, production, processing, storage
of electronic records and and generating secure digital signature.
• To make legal provision for authentication and regulation of electronic
data.
• To make a reliable date generation, communication, and transmission.
• To make a secured and authentic means of electronic communication.
• To regulate all the relating matters of electronic transactions.
• Limitations:
• Potential Need for Update: As technology evolves rapidly,
the Act might not fully address emerging cyber threats.
Some argue it needs revision to stay relevant.
• Speci city Issues: Certain areas, like child pornography, lack
clear de nitions within the Act, making legal application
more complex.
fi
fi
 Characteristics of ETA 2063
• Focus on Secure E-Transactions:
• Legal Framework: The Act establishes a legal framework for conducting secure electronic
transactions in both public and private sectors. This allows for using digital signatures to
validate contracts and other electronic documents.
• Combating Cybercrime:
• Cybercrime De nitions: It de nes and criminalizes various cybercrimes, including:
• Unauthorized access to computer systems (hacking)
• Data alteration or destruction
• Online harassment or publication of illegal content that can:
• Spread hate speech
• Endanger national security
• Disrupt social harmony
• Violate women's rights
• Penalties: The Act outlines penalties for these cybercrimes, including imprisonment and nes.
fi
fi
fi
Cybercrimes and Punishment in Nepal (Electronic Transaction Act 2063)