Thursday, September 15, 2011

Different type of cyber crimes and their investigation.

1. Hacking
Hacking in simple terms means illegal intrusion into a computer system without the permission of the computer owner/user.

Evidences to be secured: HDD, Mails with Header, Network Logs
Investigation Mechanism: IP Tracing, Location Tracing Mac address Verification and figure printing

2. Phishing
It is technique of pulling out confidential information from the bank/financial institutional account holders by deceptive means.

Evidences to be secured: Mails with Header, Network Logs.
Investigation Mechanism: Mail Tracing, IP Tracing, Location Tracing.

3. Credit Card Fraud
You simply have to type credit card number into www page off the vendor for online transaction if electronic transactions are not secured the credit card numbers can be stolen by the hackers who can misuse this card by impersonating the credit card owner.

Evidence to be secured: Transaction logs, network logs, product delivery address, sometime HDD.
Investigation Mechanism: Transaction Verification, IP Tracing, Location Tracing, Mac Address Verification and finger printing, log Analysis.

4. Denial of Service (SPAMMING)
This is an act by the criminal, who floods the bandwidth of the victim’s network or fills his e-mail box with spam mail depriving him of the services he is entitled to access or provide.

Evidences to be secured: Mails with Header, Network Logs.
Investigation Mechanism: Mail Tracing, IP Tracing, Location Tracing, Log Analysis.

5. VIRUS Dissemination
Malicious software that attaches itself to other software...
(Virus, worms, Trojan horse, Time bomb, Logic Bomb, Rabbit and Bacterium are the malicious software’s)

Evidences to be secured: HDD, Mails with Header, Network Logs.
Investigation Mechanism: Mail Tracing, IP Tracing, Location Tracing, Log Analysis, Finger printing.

6. Software Piracy
Theft of software through the illegal copying of genuine programs or the counterfeiting and
Distribution of products intended to pass for the original..
• Retail revenue losses worldwide are ever increasing due to this crime
• Can be done in various ways- End user copying, Hard disk loading, Counterfeiting, Illegal downloads from the internet etc..

Evidences to be secured: HDD, Mails with Header, Network Logs
Investigation Mechanism: Mail Tracing, Log Analysis, Finger printing.

7. Pornography
Pornography is the first consistently successful ecommerce product.
• Deceptive marketing tactics and mouse trapping technologies Pornography encourage customers

To access their websites.
• Anybody including children can log on to the internet and access websites with pornographic
Contents with a click of a mouse.
• Publishing, transmitting any material in electronic form which is lascivious or appeals to the prurient Interest is an offence under the provisions of section 67 of I.T. Act -2000.

Evidences to be secured: HDD, Network Logs
Investigation Mechanism: IP Tracing, Location Tracing, Log Analysis, Finger printing.

8. PAEDOPHILIES
THE SLAUGHTER OF INNOCENCE (Paedophilia or sexual attraction to children by an adult, is a sickness that does not discriminate by race, class, or age.

1. Instant access to other predators worldwide;
2. Open discussion of their sexual desires ways to lure victims;
3. Mutual support of their adult child sex philosophies;
4. Instant access to potential child victims worldwide;
5 Disguised identities for approaching children, even to the point of presenting as a member of teen groups;
6 Ready access to "teen chat rooms" to find out how and why to target as potential victims;
7 Shared ideas about Means to identify and track down home contact information;
8 Ability to build a long-term "Internet" relationship with a potential victim, prior to attempting to engage the child in physical contact.

Evidences to be secured: HDD, Mails with Header, Network Logs
Investigation Mechanism: Identity Verification, Mail Tracing, IP Tracing, Location Tracing, Log Analysis, Finger printing.

9. IRC Crime
Internet Relay Chat (IRC) servers have chat rooms in which people from anywhere the world can come together and chat with each other
• Criminals use it for meeting coconspirators.
• Hackers use it for discussing their exploits / sharing the techniques
• Pedophiles use chat rooms to allure small children
• Cyber Stalking - In order to harass a woman her telephone number is given to others as if she
Wants to befriend males
Evidences to be secured: HDD, Network Logs
Investigation Mechanism: Identity Verification, IP Tracing, Location Tracing, Log Analysis, Finger printing.

10. NET Extortion
Copying the company’s confidential data in order to extort said company for huge amount.

Evidences to be secured: HDD, Mails with Header, Network Logs
Investigation Mechanism: Identity Verification, Mail Tracing, IP Tracing, Location Tracing, Log Analysis, Finger printing.

11. Spoofing ( SMS Spoofing)
Getting one computer on a network to pretend to have the identity off another computer, usually one with special access privileges, so as to obtain access to the other computers on the network.

Evidences to be secured: Mails with Header, Network Logs
Investigation Mechanism: Mail Tracing, IP Tracing, Location Tracing, Log Analysis.

12. Threatening
Threats that can create a fear by using computers. Most of the time these threats are generated from email, blogs and social network posts.

Evidences to be secured: HDD, Mails with Header, Network Logs
Investigation Mechanism: Identity Verification, Mail Tracing, IP Tracing, Location Tracing, Log Analysis, Finger printing.

13. Identity Theft
Identity theft is the fastest growing crime in the U.S., with over nine million victims each year. Just being careful isn't enough to protect your identity. Identity theft occurs when someone uses your personal information, such as your Social Security number, name or credit card number, without your permission, to commit fraud or other crimes. A thief could take out a mortgage in your name or commit a crime and pretend to be you when caught. Thieves can even use your personal information to apply for a job or use your medical insurance! . (Information Technology Act 2000 Chapter IX Sec 43 (b))

Evidences to be secured: HDD, Mails with Header, Network Logs
Investigation Mechanism: Identity Verification, Mail Tracing, IP Tracing, Location Tracing, Log Analysis, Finger printing.

14. Carding
Carding is a term used for a process to verify the validity of stolen card data. The thief presents the card information on a website that has real-time transaction processing. If the card is processed successfully, the thief knows that the card is still good. The specific item purchased is immaterial, and the thief does not need to purchase an actual product; a Web site subscription or charitable donation would be sufficient. The purchase is usually for a small monetary amount, both to avoid using the card's credit limit, and also to avoid attracting the card issuer's attention. A website known to be susceptible to carding is known as a cardable website.
In the past, carders used computer programs called "generators" to produce a sequence of credit card numbers, and then test them to see which valid accounts were. Another variation would be to take false card numbers to a location that does not immediately process card numbers, such as a trade show or special event.

Evidence to be secured: Transaction logs, network logs, product delivery address, sometime HDD.
Investigation Mechanism: Transaction Verification, Identity Verification, IP Tracing, Location Tracing, Mac Address Verification and finger printing, log Analysis.

15. Cracking
Software cracking is the modification of software to remove or disable features which are considered undesirable by the person cracking the software, usually related to protection methods: copy protection, trial/demo version, serial number, hardware key, date checks, CD check or software annoyances like nag screens and adware.

Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password. The purpose of password cracking might be to help a user recover a forgotten password (though installing an entirely new password is less of a security risk, but involves system administration privileges), to gain unauthorized access to a system, or as a preventive measure by system administrators to check for easily crackable passwords. On a file-by-file basis, password cracking is utilized to gain access to digital evidence for which a judge has allowed access but the particular file's access is restricted.

Evidences to be secured: HDD, Applications and Systems Logs
Investigation Mechanism: IP Tracing, Location Tracing Mac address Verification and figure printing

16. Salami Attack
In such crime criminal makes insignificant changes in such a manner that such changes would go unnoticed. Criminal makes such program that deducts small amount like Rs. 2.50 per month from the
Account of all the customer of the Bank and deposit the same in his account. In this case no account holder will approach the bank for such small amount but criminal gains huge amount.

Evidences to be secured: Transaction Logs
Investigation Mechanism: Transaction Verification, Identity Verification, IP Tracing, Location Tracing, Mac Address Verification and finger printing, log Analysis.

17. Phreakers
Phreaking is a slang term coined to describe the activity of a culture of people who study, experiment with, or explore telecommunication systems, such as equipment and systems connected to public telephone networks. As telephone networks have become computerized, phreaking has become closely linked with computer hacking.[1] This is sometimes called the H/P culture (with H standing for hacking and P standing for phreaking).

The term phreak is a portmanteau of the words phone and freak, and may also refer to the use of various audio frequencies to manipulate a phone system. Phreak, phreaker, or phone phreak are names used for and by individuals who participate in phreaking. A large percentage of the phone Phreaks were blind.[2][3] Because identities were usually masked, an exact percentage cannot be calculated.
http://www.theregister.co.uk/2007/03/22/voip_fraud/

18. IP Infringement
An intellectual property infringement is the infringement or violation of an intellectual property right. There are several types of intellectual property rights, such as copyrights, patents, and trademarks. Therefore, an intellectual property infringement may for instance be a
Copyright infringement
Patent infringement
Trademark infringement
Techniques to detect (or deter) intellectual property infringement include:
Fictitious entry, such as:
Fictitious dictionary entry. An example is Esquivalience included in the New Oxford American Dictionary
Trap street, a fictitious street included on a map for the purpose of "trapping" potential copyright violators of the map
Evidences to be secured: HDD, Mails with Header

19. H/W S/W Sabotage
Sabotage is a deliberate action aimed at weakening another entity through subversion, obstruction, disruption, or destruction.
Evidences to be secured: Pictures of Damaged Hardware’s, and HDD for S/w

20. Cyber Terrorism
Premeditated, usually politically-motivated violence committed against civilians through the use of, or with the help of, computer technology.

Investigation Mechanism: Identity Verification, Mail Tracing, IP Tracing, Location Tracing, Log Analysis, Finger printing.


21. Cyber Vandalism
Damaging or destroying data rather than stealing or misusing them (as with cyber theft) is called cyber vandalism. This can include a situation where network services are disrupted or stopped.

Evidences to be secured: HDD, Mails with Header, Web Page Dumps of social Network Sites..
Investigation Mechanism: Identity Verification, Mail Tracing, IP Tracing, Location Tracing, Log Analysis, Finger printing.


22. Cyber Contraband
Transferring illegal items through the internet (such as encryption technology) that is banned in some locations.
• Sale Of Narcotics
• Sale & Purchase through net..
• There are web site which offer sale and shipment off contrabands drugs..
• They may use the techniques off steganography for hiding the messages..
• Sale Of Not Permitted Encryption Software and Hardware’s

23. Cyber Laundering
Electronic transfer of illegally-obtained monies with the goal of hiding its source and possibly its destination.
Evidences to be secured: Transaction Logs, Applications Logs, Mails with Header, Network Logs

24. Cyber Stalking
Cyberstalking is the use of the Internet or other electronic means to stalk or harass an individual, a group of individuals, or an organization. It may include false accusations, monitoring, making threats, identity theft and damage to data or equipment, the solicitation of minors for sex, or gathering information in order to harass.
Evidences to be secured: HDD, Applications and Systems Logs

25. CYBER Defamation
The Criminal sends emails containing defamatory matters to all concerned off the victim or post the defamatory matters on a website.(Disgruntled employee may do this against boss,, ex-boys friend against girl,, divorced husband against wife etc.)

Evidences to be secured: HDD, Mails with Header, Web Page Dumps of social Network Sites..
Investigation Mechanism: Identity Verification, Mail Tracing, IP Tracing, Location Tracing, Log Analysis, Finger printing.

26. Cyber Squatting
The misleading use of trademarks for Internet domain names. using a domain name with bad faith intent to profit from the goodwill of a trademark belonging to someone else. The cyber squatter then offers to sell the domain to the person or company who owns a trademark contained within the name at an inflated price.

Evidences to be secured: HDD, Mails with Header, Web Page Dumps of social Network Sites..
Investigation Mechanism: Identity Verification, Mail Tracing, IP Tracing, Location Tracing, Log Analysis, Finger printing.

27. Pay-Per-Click Click Fraud



28. Pump & dump schemes

"Pump and dump" schemes, also known as "hype and dump manipulation," involve the touting of a company's stock (typically microcap companies) through false and misleading statements to the marketplace. After pumping the stock, fraudsters make huge profits by selling their cheap stock into the market.

Pump and dump schemes often occur on the Internet where it is common to see messages posted that urge readers to buy a stock quickly or to sell before the price goes down, or a telemarketer will call using the same sort of pitch.

References:-
1. Mumbai Police Cyber Crime Awareness Program.
2. http://www.slideshare.net/sanjay_jhaa/cyber-crimeppt-1
3.http://www.redorbit.com/news/technology/2021986/cybersquatting_activity_jumped_28_percent_in_2010/index.html
4. http://www.wipo.int/pressroom/en/articles/2011/article_0010.html