Polytechnic Institute of Tabaco

100 Panal, Tabaco City, Albay

COURSE TITLE : IAS

COURSE CODE : IT 17
COURSE CREDIT : 3 UNITS
PROGRAM : BSIT
YEAR LEVEL/SEM :
PROFESSOR : MARNEIL ALLEN G. SANCHEZ
TOPIC : TYPES OF COMPUTER CRIMES (Module 8)

I. Introduction

Are you concerned about cybercrime? Understanding exactly what cybercrime is, the
different types, and how to protect yourself from it will help put your mind at rest.

This article explores cybercrime in depth so that you know exactly what threats you need to
protect yourself against to stay safe online

II. Objectives

Types of cybercrime. Identity theft and invasion of privacy. Internet fraud. ATM fraud.
Wire fraud. File sharing and piracy. Counterfeiting and forgery. Child pornography.
Hacking. Computer viruses. Denial of service attacks. Spam, steganography, and e-mail
hacking. Sabotage.

III. Content

What is cybercrime?

Cybercrime is criminal activity that either targets or uses a computer, a computer network or a
networked device.

Most, but not all, cybercrime is committed by cybercriminals or hackers who want to make
money. Cybercrime is carried out by individuals or organizations.

Some cybercriminals are organized, use advanced techniques and are highly technically skilled.
Others are novice hackers.

Rarely, cybercrime aims to damage computers for reasons other than profit. These could be
political or personal.

Types of cybercrime

Here are some specific examples of the different types of cybercrime:

• Email and internet fraud.

• Identity fraud (where personal information is stolen and used).
• Theft of financial or card payment data.
• Theft and sale of corporate data.
 • Cyberextortion (demanding money to prevent a threatened attack).
• Ransomware attacks (a type of cyberextortion).
• Cryptojacking (where hackers mine cryptocurrency using resources they do not own).
• Cyberespionage (where hackers access government or company data).

Most cybercrime falls under two main categories:

• Criminal activity that targets

• Criminal activity that uses computers to commit other crimes.
Cybercrime that targets computers often involves viruses and other types of malware.

Cybercriminals may infect computers with viruses and malware to damage devices or stop
them working. They may also use malware to delete or steal data.

Cybercrime that stops users using a machine or network, or prevents a business providing a
software service to its customers, is called a Denial-of-Service (DoS) attack.

Cybercrime that uses computers to commit other crimes may involve using computers or
networks to spread malware, illegal information or illegal images.

Sometimes cybercriminals conduct both categories of cybercrime at once. They may target
computers with viruses first. Then, use them to spread malware to other machines or
throughout a network.

Cybercriminals may also carry out what is known as a Distributed-Denial-of-Service (DDos)

attack. This is similar to a DoS attack but cybercriminals use numerous compromised computers
to carry it out.

The US Department of Justice recognizes a third category of cybercrime which is where a

computer is used as an accessory to crime. An example of this is using a computer to store
stolen data.
The US has signed the European Convention of Cybercrime. The convention casts a wide net and
there are numerous malicious computer-related crimes which it considers cybercrime. For
example:
• Illegally intercepting or stealing data.

• Interfering with systems in a way that compromises a network.

• Infringing copyright.
• Illegal gambling.
• Selling illegal items online.
• Soliciting, producing or possessing child pornography.
Examples of cybercrime

So, what exactly counts as cybercrime? And are there any well-known examples?

In this section, we look at famous examples of different types of cybercrime attack used by
cybercriminals. Read on to understand what counts as cybercrime.

Malware attacks

A malware attack is where a computer system or network is infected with a computer virus or
other type of malware.

A computer compromised by malware could be used by cybercriminals for several purposes.

These include stealing confidential data, using the computer to carry out other criminal acts, or
causing damage to data.

A famous example of a malware attack is the WannaCry ransomware attack, a global

cybercrime committed in May 2017.

Ransomware is a type of malware used to extort money by holding the victim’s data or device
to ransom. WannaCry is type of ransomware which targeted a vulnerability in computers
running Microsoft Windows.

When the WannaCry ransomware attack hit, 230,000 computers were affected across 150
countries. Users were locked out of their files and sent a message demanding that they pay a
BitCoin ransom to regain access.

Worldwide, the WannaCry cybercrime is estimated to have caused $4 billion in financial losses.

Phishing

A phishing campaign is when spam emails, or other forms of communication, are sent en
masse, with the intention of tricking recipients into doing something that undermines their
security or the security of the organization they work for.

Phishing campaign messages may contain infected attachments or links to malicious sites. Or
they may ask the receiver to respond with confidential information

A famous example of a phishing scam from 2018 was one which took place over the World
Cup. According to reports by Inc, the World Cup phishing scam involved emails that were sent
to football fans.

These spam emails tried to entice fans with fake free trips to Moscow, where the World Cup
was being hosted. People who opened and clicked on the links contained in these emails had
their personal data stolen.
Another type of phishing campaign is known as spear-phishing. These are targeted phishing
campaigns which try to trick specific individuals into jeopardizing the security of the
organization they work for.

Unlike mass phishing campaigns, which are very general in style, spear-phishing messages are
typically crafted to look like messages from a trusted source. For example, they are made to
look like they have come from the CEO or the IT manager. They may not contain any visual
clues that they are fake.

Distributed DoS attacks

Distributed DoS attacks (DDoS) are a type of cybercrime attack that cybercriminals use to bring
down a system or network. Sometimes connected IoT (internet of things) devices are used to
launch DDoS attacks.

A DDoS attack overwhelms a system by using one of the standard communication protocols it
uses to spam the system with connection requests.

Cybercriminals who are carrying out cyberextortion may use the threat of a DDoS attack to
demand money. Alternatively, a DDoS may be used as a distraction tactic while other type of
cybercrime takes place.

A famous example of this type of attack is the 2017 DDoS attack on the UK National Lottery
website. This brought the lottery’s website and mobile app offline, preventing UK citizens from
playing.
 How to protect yourself against cybercrime

So, now you understand the threat cybercrime represents, what are the best ways to protect
your computer and your personal data? Here are our top tips:

Keep software and operating system updated

Keeping your software and operating system up to date ensures that you benefit from the
latest security patches to protect your computer.

Use anti-virus software and keep it updated

Using anti-virus or a comprehensive internet security solution like Kaspersky Total Security is a
smart way to protect your system from attacks.

Anti-virus software allows you to scan, detect and remove threats before they become a
problem. Having this protection in place helps to protect your computer and your data from
cybercrime, giving you piece of mind.

If you use anti-virus software, make sure you keep it updated to get the best level of protection.

Use strong passwords

Be sure to use strong passwords that people will not guess and do not record them anywhere.
Or use a reputable password manager to generate strong passwords randomly to make this
easier.

Never open attachments in spam emails

A classic way that computers get infected by malware attacks and other forms of cybercrime is
via email attachments in spam emails. Never open an attachment from a sender you do not
know.
 Do not click on links in spam emails or untrusted websites

Another way people become victims of cybercrime is by clicking on links in spam emails or
other messages, or unfamiliar websites. Avoid doing this to stay safe online.

Do not give out personal information unless secure

Never give out personal data over the phone or via email unless you are completely sure the
line or email is secure. Make certain that you are speaking to the person you think you are.

Contact companies directly about suspicious requests

If you get asked for data from a company who has called you, hang up. Call them back using the
number on their official website to ensure you are speaking to them and not a cybercriminal.

Ideally, use a different phone because cybercriminals can hold the line open. When you think
you’ve re-dialed, they can pretend to be from the bank or other organization that you think
you’re speaking to.
 Be mindful of which website URLs you visit

Keep an eye on the URLs you are clicking on. Do they look legitimate? Avoid clicking on links
with unfamiliar or spammy looking URLs.

If your internet security product includes functionality to secure online transactions, ensure it is
enabled before carrying out financial transactions online.

Keep an eye on your bank statements

Our tips should help you avoid falling foul of cybercrime. However, if all else fails, spotting that
you have become a victim of cybercrime quickly is important.

Keep an eye on your bank statements and query any unfamiliar transactions with the bank. The
bank can investigate whether they are fraudulent.

IV. Activities

None

V. References

Schou,C Hernandez, S: Information Assurance Handbook, Mc Graw Hill 2015