CYBER CRIME AND CRIME LAWS

Cybercrime is an illegal activity committed online against computers and networks like stealing
people information, hacking into systems, spreading malware, and tricking users private data or
money. Cybercrime poses a serious threat not only to business, entertainment, and government but
to the individual security and safety of a nation economic security as well.

What is Cyber Crime?

Cybercrime can be defined as illegal activities in which the computer, or the internet is used as a tool
to commit crimes. It could be through various conducts such as identity theft, online
fraud, cyberbullying, and the propagation of malware such as viruses or ransomware.

TYPES

Cyber Crimes Targeting Computer Networks or Devices

These types of crimes involve different threats (like viruses, bugs, etc.) and (DoS) denial-of-service
attacks.

1. Malware: This kind of

cyber threat relates to malware viruses, worms, Trojans, etc. for interfering, damaging,
or unauthorized access to computer systems. For example, ransomware encrypts files
and then later demands ransom for decryption.

2. Denial-of-Service (DoS) Attacks: Here, the attackers focus on a system and flood it with
high traffic, hence making it inaccessible to the users. Another dangerous variant of DoS
is DDoS, wherein many compromised systems target one, thus, much difficult to defend
against.
3. Phishing Attacks: These are masqueraded e-mails or messages claiming to
be from a formal web but only request that the user grant access to sensitive information
like password points for an account or credit card numbers. Phishing can be described as an
outstanding one of the most common cyber threats
4. Botnets: A number of hijacked computers can become a “botnet” of malware that can
be used by an attacker for coordinated attacks or spamming.
5. Exploits and Vulnerabilities: The typical area through which cyber-thieves exploit
software weakness is the application or operating system vulnerability in order to access it
illegally.

2. Crimes Using Computer Networks to Commit Other Criminal Activities

These types of crimes include cyberstalking, financial fraud, or identity thief.

1. Cyberstalking: This is considered as that crime in the nature of threatening or

frightening a person on-line and spreading fear and emotional distress. This can
be termed as involving threats, constant monitoring, or receiving repeated unwanted
messages.
2. Financial Fraud: This is an example of a cybercrook manipulating the victim online
to proceed with stealing money, such as fake investment opportunities, ,
hacking a business email, and using someone else’s credit card details.

3. Identity Theft: It is normally the identity of people whose information is stolen

with the intention of only acting like them either to misuse their cash or money from
their account or even to do malicious reasons. It always lowers the credit score of the victim
and in the worst case scenario, misused the account/loan financially
with incorrect transactions.

4. Online Harassment and Hate Crimes: When people use the internet to discriminate against a
particular person based on his or her racial background, gender, religion, or whatever, which
can psychologically disturb the harassed person.

5. Intellectual Property Theft: Intellectual property theft refers to the theft of copyrighted
content or business secrets through the internet, thereby financially and competitively
hurting individuals and companies.

Examples of Cyber Crime

 Cyber Terrorism: It happens when people use computers and the internet to carry out
violent acts that can harm or kill others. It involves using technology to threaten the safety of
citizens.

 Cyber Extortion: Cyber extortion happens when hackers attack websites or computer
systems and demand money to stop the attacks. They threaten to keep attacking unless they
receive a large payment.

 Cyber Warfare: Cyber warfare is when countries use computers and networks as part of their
battles. It includes both attacking and defending against cyber threats, like hacking and
spying.

 Internet Fraud: This type of fraud occurs when someone tricks others on internet to steal
money or private information. It involves hiding or giving false information to deceive people
and covers many different illegal actions.

 Cyber Stalking: Cyber stalking is a form of online harassment where someone sends
threatening messages or emails to a victim they know. If the stalker feels it’s not working,
they may also start following the victim in real life to make their life more difficult.

How to Protect Yourself Against Cybercrime?

 Use strong password: Maintain different password and username combinations for each
account and resist the temptation to write them down. Weak passwords can be easily
cracked using certain attacking methods like Brute force attack, Rainbow table attack etc, So
make them complex. That means combination of letters, numbers and special characters.

 Use trusted antivirus in devices: Always use trustworthy and highly advanced antivirus
software in mobile and personal computers. This leads to the prevention of different virus
attack on devices.

 Enable Two-Factor Authentication: Activate two-factor authentication on your accounts for

an extra layer of security, which requires a second verification step.
 Keep your device software updated: Whenever you get the updates of the system software
update it at the same time because sometimes the previous version can be easily attacked.

 Use secure network: Public Wi-Fi are vulnerable. Avoid conducting financial or corporate
transactions on these networks.

 Never open attachments in spam emails: A computer get infected by malware attacks and
other forms of cybercrime is via email attachments in spam emails. Never open an
attachment from a sender you do not know.

 Software should be updated: operating system should be updated regularly when it comes
to internet security. This can become a potential threat when cybercriminals exploit flaws in
the system.

Cybercrime Against Women and Children:

 Cybercrime against women and children refers to illegal activities carried out using digital
technologies, such as the internet, social media, and mobile devices, targeting women and
children. These crimes often exploit vulnerabilities, privacy, or emotional factors, causing
psychological, emotional, and sometimes financial harm.

Common Cybercrimes Against Women

1. Cyberstalking: Repeatedly following, harassing, or threatening women online through

messages, emails, or social media.

2. Online Harassment: Sending abusive or threatening messages, comments, or images on

digital platforms.

3. Revenge Porn: Sharing private or intimate photos or videos without consent, often to
blackmail or humiliate the victim.

4. Impersonation: Creating fake profiles to deceive or damage the reputation of a woman.

5. Sextortion: Threatening to release private content unless the victim fulfills demands, such as
money or personal favors.

Common Cybercrimes Against Children

1. Cyberbullying: Harassing or humiliating children online through hurtful messages or public

shaming.

2. Child Grooming: Predators building trust with children online to exploit or harm them.

3. Exposure to Inappropriate Content: Sharing or exposing children to harmful or age-

inappropriate content, such as pornography or violent material.

4. Child Exploitation: Using digital platforms for trafficking, child pornography, or other forms
of abuse.

Prevention

1. Awareness and Education: Teaching safe online practices to women and children.
2. Privacy Settings: Using strong passwords and limiting access to personal information.

3. Reporting Mechanisms: Promptly reporting crimes to law enforcement or platforms.

4. Laws and Policies: Governments enforcing strict laws against cybercrime to deter
perpetrators.

Social Engineering Attacks:

Social engineering attacks are tactics used by cybercriminals to manipulate people into revealing
confidential information or performing specific actions, like clicking on malicious links or
providing passwords. Instead of hacking computers directly, these attacks exploit human
emotions like trust, fear, or curiosity.

Common Types of Social Engineering Attacks

1. Phishing

o Sending fake emails or messages that look legitimate, tricking victims into sharing
sensitive information (e.g., passwords or credit card details).

2. Spear Phishing

o A targeted form of phishing aimed at a specific individual or organization, often using

personal details to gain trust.

3. Pretexting

o Creating a fake story or scenario to persuade a victim to share confidential data. For
example, a scammer pretending to be from tech support.

4. Baiting

o Luring victims with promises of rewards or free offers, such as fake downloads or
"winning a prize," which actually infect their system with malware.

5. Tailgating

o Physically following someone into a secure area by pretending to be an authorized

person, exploiting trust and politeness.

6. Vishing (Voice Phishing)

o Using phone calls to trick people into revealing sensitive information, like pretending
to be a bank representative asking for account details.

Why Social Engineering Works

 Exploits human emotions like fear, urgency, or curiosity.

 Relies on trust, authority, or ignorance of digital security.

 Often disguised as legitimate communication from trusted sources.

Malware and Ransomware Attacks:

Malware

Malware (short for "malicious software") is any software designed to harm, exploit, or disrupt
devices, networks, or systems. It can steal data, damage files, or take control of a system.

Malware can enter systems without the user’s knowledge and cause a wide range of problems,
from stealing sensitive information to completely disabling a device.

Characteristics of Malware

 Operates without the user’s consent.

 Often disguised as legitimate software.

 Delivered through email attachments, downloads, infected websites, or USB drives.

Types of Malwares with Examples

1. Viruses:

o Attach to files and spread when the file is opened or shared.

o Example: Melissa Virus – Spread through email attachments.

2. Worms:

o Self-replicating programs that spread across networks, consuming bandwidth.

o Example: Code Red Worm – Exploited vulnerabilities in Microsoft IIS servers.

3. Trojan Horses:

o Pretend to be useful programs but execute harmful actions when run.

o Example: Zeus Trojan – Stole banking information by logging keystrokes.

4. Spyware:

o Secretly monitors user activity and collects sensitive information.

o Example: CoolWebSearch – Redirected browsers to malicious websites.

5. Adware:

o Displays intrusive ads, sometimes leading to harmful websites.

o Example: Fireball – Hijacked browsers to generate ad revenue.

6. Rootkits:

o Hides deep inside the system to avoid detection while giving attackers remote
access.

7. Keyloggers:

o Record everything a user types, often to steal passwords or credit card details.

o Example: HawkEye – Targeted corporate users for sensitive data.

 Ransomware

Ransomware is a type of malware that encrypts a victim's files or locks them out of their
device. The attacker demands a ransom payment to restore access.

How It Works

1. The ransomware infects the victim’s system, often through phishing emails or malicious
downloads.

2. It encrypts files or locks the device, displaying a ransom message.

3. The victim is asked to pay a ransom, usually in cryptocurrency, to receive the decryption key.

Types of Ransomware

1. Locker Ransomware:

o Locks the user out of their device, preventing access to files or applications.

o Example: Police-themed ransomware – Pretends to be law enforcement demanding

fines.

2. Crypto Ransomware:

o Encrypts files and demands payment for the decryption key.

o Example: WannaCry – A massive ransomware attack that affected systems

worldwide.

Examples of Ransomware Attacks:

1. WannaCry (2017):

o Targeted vulnerabilities in Microsoft systems, affecting 200,000 devices globally.

o Demanded Bitcoin for file recovery.

2. NotPetya (2017):

o Masqueraded as ransomware but was designed for destruction, wiping out systems
rather than encrypting files.

3. Ryuk:

o Targeted hospitals and large organizations, demanding millions in ransom.

Impact of Malware and Ransomware

1. Economic Loss: Businesses and individuals can lose money due to ransom payments or lost
productivity.

2. Data Loss: Important files can be permanently destroyed or stolen.

3. Reputation Damage: Organizations may lose customer trust if attacks are publicized.

4. Operational Disruption: Critical infrastructure like hospitals and transportation can be

paralyzed by ransomware.
How to Prevent Malware and Ransomware Attacks

1. Avoid Clicking on Suspicious Links:

o Don’t open email attachments or click on links from unknown sources.

2. Regular Backups:

o Frequently back up your files to an external device or secure cloud service.

3. Use Antivirus and Anti-Malware Tools:

o Keep antivirus software updated to detect and block threats.

4. Update Software:

o Regularly install updates and patches to close vulnerabilities.

5. Enable Firewalls:

o Use firewalls to block unauthorized access to your network.

FINANCIAL FRAUDS:
Financial cyber crimes are scams that trick people into sharing sensitive financial
information. These crimes can involve identity theft, phishing, and ransomware attacks.

Financial crime occurs when someone or a group performs an illegal activity with money, assets,
or financial tools for personal gain like committing fraud, money laundering, and or cybercrime.
People often commit these crimes out of greed, a hunger for power, or to hide other illegal
activities like terrorism, human trafficking, and drug trafficking, making them a big issue for both
national and global security.

Various types of financial crimes range from credit card fraud to tax evasion. Here are some
common examples of financial crimes:

1. Money Laundering: This happens when an individual or a group of people hide illegal money
and try to make their dirty money or the money they earned via illegal means, to look clean.

2. Cybercrime: These crimes depend on the use of computers, networks, or the internet, such
as hacking, phishing, and identity theft. Financial crime trends are evolving with technology,
which makes digital fraud and cybercrimes more sophisticated and harder to detect.

3. Insider Trading: Sometimes, people try to buy and sell stocks based on
private or secretive information that is not out there to the public.

Financial fraud in cybercrime continues to evolve with new tactics and sophisticated attack
methods. Here are a few more detailed explanations of how these frauds operate and how
victims are targeted.

Account Takeover (ATO) Fraud

 How It Works: Cybercriminals use stolen login credentials from data breaches to gain
unauthorized access to a victim’s online banking or e-commerce accounts.

 Methods Used:
 o Credential Stuffing: Hackers use automated bots to try stolen usernames and
passwords on multiple sites.

o Man-in-the-Middle (MITM) Attacks: Attackers intercept communication between

users and their banks to steal sensitive data.

 Example: A victim’s PayPal account is hijacked, and the attacker transfers money to another
account.

Fake Tech Support Scams

 How It Works: Fraudsters pose as tech support agents from reputable companies (Microsoft,
Apple, etc.) and trick victims into allowing remote access to their devices.

 Methods Used:

o Fake pop-ups warning about viruses, prompting users to call a number.

o Phone calls from scammers claiming the victim's bank account is compromised.

 Example: The scammer tricks the victim into installing remote access software and then
steals banking details.

Money Mule Scams

 How It Works: Criminals recruit individuals (often unknowingly) to transfer stolen money,
making it harder to trace the funds.

 Methods Used:

o Offering fake work-from-home jobs.

o Using online romance scams to manipulate victims into transferring money.

 Example: A person is asked to receive money in their bank account and forward it to another
person, unknowingly participating in money laundering.

Deepfake and AI-Based Financial Fraud

 How It Works: Cybercriminals use artificial intelligence (AI) to create realistic fake videos or
voice recordings to deceive victims.

 Methods Used:

o Voice Cloning: Impersonating company executives to authorize fraudulent wire

transfers.

o Deepfake Videos: Faking a CEO in a virtual meeting to approve transactions.

 Example: A finance employee receives a deepfake video call from a fake CFO asking for an
urgent fund transfer.

Prevention Measures:
1. Use Strong, Unique Passwords – Enable multi-factor authentication (MFA).

2. Verify Communication Requests – Double-check emails and calls requesting fund transfers.
 3. Monitor Bank Statements Regularly – Report suspicious transactions immediately.

4. Avoid Clicking on Unknown Links – Stay cautious of phishing emails and websites.

5. Update Software and Security Patches – Protect devices from malware and trojans.

6. Use Secure Networks – Avoid using public Wi-Fi for financial transactions.

Legal Consequences and Law Enforcement

 Cybercrime Laws: Countries have laws like the Computer Fraud and Abuse Act (CFAA) in the
U.S. and GDPR in Europe.

 Law Enforcement Agencies: FBI, Interpol, and cybersecurity firms track and prevent financial
fraud cases.