Professional Documents
Culture Documents
2 ComputerCrime Revision
2 ComputerCrime Revision
Computer Crime
Computer crime is an illegal act performed by a computer user using a computer. Other names
that refer to computer crime are cyber crime, hi-tech crime or electronic crime. Examples of
computer crime are hacking, computer fraud, eavesdropping and spreading of malware.
Pharming
Pharming is where malicious code installed on a user’s personal computer or web server
misdirects users to a fraudulent or fake website in the hopes of gathering personal information
without the person’s knowledge or consent.
Countermeasures
Use trusted legitimate internet service provider.
Maintain effective, up to date anti-malware utility to identify and remove pharming code
Keep simple names for domains which can be easily recalled by customers and which are less
prone to hackers.
Use anti-pharming tool which is available for windows –based servers
The user should always be alert and look out for ‘clues’ that they are being re-directed to
another site
Educate website users on pharming and its dangers.
Don’t download software from sites you’re not sure you can trust, regardless of what
operating system you run.
Avoid pirated software as you may get some malware thrown in.
Phishing
Phishing is an act of deceiving individuals to gain private or personal information about that
person usually via e-mails that seem to come from trusted sources.
An internet user receives an urgent message from a trusted source e.g. an online shop or bank.
The email looks real as it even uses the logo and colour scheme of that company.
The email asks the user to click on a (malicious) link that takes him/her to a fake log-in page
or a page asking you to grant permission by entering your personal details from ID and
password, to credit, banking, and other information.
Countermeasures
Identity theft
This is when someone gains access to your personal information and uses it for their own
benefit. This could be a hacker stealing your online banking account login and password to gain
access to your financial details or thief using stolen bank cards to access the victim’s account.
Countermeasures
Never connect to your bank account on a public computer, or using a WiFi access point
you’re not absolutely sure you can trust.
Never share any personal information – such as your bank account number or any
information a fraudster could use to steal your identity
When logging into your bank, ensure the communication is secure by verifying that the
address begins with “https” instead of “http”.
Ignore any email from your bank, your credit card company asking you to update your
personal information.
Make sure your business computers have anti-virus and anti-spyware protection.
Make sure your network is protected with a firewall.
Keep software and browsers updated with security patches.
Freeze all financial accounts if the bank cards are stolen.
Cyber stalking
Cyber stalking involves using the internet to constantly harass, threaten or frighten another
person. The harassment could be sexual or hostility in nature usually through e-mails and social
networks. Cyber stalking is also known as cyber bullying or trolling.
Countermeasures
Keep your personal information secret, don’t post your images to social networks
unnecessarily.
Report cyber stalking cases to the police.
Hacking
Hacking is the use of software or other means to gain unauthorised access into a person’s computer
system. Hacking must not be confused with ethical hacking used by many organisations to check
their internet security protection. Ethical hackers may be hired to help in situations where an
organisation employees have forgotten their login credentials like passwords.
To cause direct harm to the data (delete, alter, corrupt and steal data) or computer system such
as identity theft or credit card fraud (Black-hat hacker).
To test their skills and show the public their capabilities (Grey-hat hacker).
To find security loop holes in a computer systems.
Countermeasures
Child pornography
Child pornography is an on-line crime to produce, possess or distribute sexual content involving
a minor. Child pornography is one of the fastest growing businesses on the internet.
Countermeasures
Denial of service attack is an attempt to overload a network or server with requests and data such
that it cannot serve its intended users. The network speed becomes slow and some websites will
not be available to users. However, it may be difficult to separate a DoS attack from a poor
network connection.
Countermeasures
Have an antivirus program and firewall into your network to restrict bandwidth usage to only
authenticated users.
Use security tools to detect and prevent ICMP flood attacks or block HTTP request attacks
on the server.
Use enterprise products to identify and block single origin attacks as soon as they begin
Industrial espionage
The use of the internet to spy on a person, business or government in order to gain competitive
advantage over the business or person or for national security reasons in the case of
governments. The information could be sales reports or trade agreements for an organisation.
Countermeasures
Transfer of files in and out of the organisation must be carried out without exposing and
risking the internal network.
Information waiting to be retrieved by the business or sent to the business partner must be
kept in a secure location.
Protect data from tampering by using methods such as digital signatures to detect
unauthorised changed to the files.
Detailed logs auditing and tracking of every activity must be available.
End-to-end data encryption must be maintained while the data is being transported over the
network.