What is Cybercrime?

 Cybercrime is defined as a criminal act committed with the assistance of a computer or

other electronic devices connected to the internet.
 Cybercrime can be committed by individuals or small groups of people with little
technical knowledge.
 As well as highly organized global criminal groups with relatively talented developers
and specialists.
 Any criminal activity carried out over the internet is referred to as cybercrime with 4.5
million attacks in July 2020.
 India was the country with the highest number of attacks making it vital to raise the
awareness about cybercrime.
Now the question arises,
why cybercrimes are carried out?
 So the majority of cybercrime is committed by cyber criminals or hackers looking to
make money.
 cybercrime affects both individuals and organizations aside from that cyber criminals
may use computer or networks to send viruses malware and other malicious software
 cyber criminals use a variety of profit driven criminal ads to make money
Such as
 stealing and reselling identities
 gaining access to financial accounts
 fraudulently using credit cards to obtain funds
 Basic cybercrime examples are stolen credit card information
 the most common type of cybercrime occurs when a person's credit card
information is stolen and illegally used to acquire or purchase goods or services
via the internet
 Another example is hacking
 Into a government website tampering with delicate government statistics is
another type of cyber-attack or cybercrime.

CYBER CRIME CATEGORIES

Cybercrime has been broadly classified into three categories
 Individual cybercrime category
 Cybercrime involves a single person disseminating malicious or illegal material
through the internet.
 human trafficking
 online stacking
 Are the examples of individual cybercrime category.
 Property cybercrime category
 This is similar to a real life insurance of a criminal illegally processing an
individual's bank or credit card information.
 Criminals use people's bank details to gain access to their funds conduct online
transactions or carry out phishing schemes to persuade people to give up their
personal information
 They could also use malicious software to gain access to a web page with
confidential information.
 Government
 while this type of cybercrime is uncommon it is still considered a serious offense
 it entails breaking into government databases and hacking official websites
 terrorists are the hackers who break into government websites and a crime
against the government is also known as cyber terrorism
 these criminals are usually terrorists or enemy government of other nations

CYBERCRIME TYPES
1. Malware
2. Phishing
3. Dos
4. Attack man in the middle attack
5. Drive by download attack

1. MALWARE
 Malware is a broad face that encompasses a wide range of cyber-attacks such as Trojans
viruses and worms malware is simply described as code written to steal data or to
destroy things on a computer
 Malware is basically any piece of software that is designed with the intent to damage
disrupt or gain unauthorized access to our device and even inflict harm to data in multiple
ways.
Types of malwares
 viruses
 worms
 Trojans
Viruses
 Viruses like their biological namesakes attach to and infect clean files
 They can even spread uncontrollably causing damage to the core functionality as
well as deleting and corrupting files
  they typically manifest as executable files downloaded from the internet by the
active user
 virus need an already infected at active operating system or program to attack the
computer usually spread via infected websites file sharing or email attachment
downloads.
Worms
 worms uses the network interface to infect an entire network or devices either
locally or remotely or via the internet.
 with each infected machine it infects more machines
 worms are spread via soft vulnerabilities too.
Trojans
 malware that masquerades legitimate software that can be hacked
 it prefers to operate and create security back doors through which other
viruses can enter the system because it looks trustworthy users download it.
 Trojan themselves are a doorway unlike a worm they need to host the work.

2. PHISHING
 fishing phishing frequently disguises itself as a request for information from a
trustworthy third party
 consumers are sent phishing emails in which they are invited to click on a link and
enter their personal information
 phishing emails have become more complex in recent years making it difficult for
some people to distinguish between a legitimate request for information and a
fraudulent one
 although phishing emails are sometimes confused with spam the spam messages they
are far more dangerous than the than a simple advertisement
 This type of attack involves hackers sending malicious emails attachment or URL to
users to gain access to their accounts or computer.
 cyber criminals are becoming more established and many of these emails are not
flagged as spam users are tricked into emails or not flagged as spam
 Phishing consists of five steps:
 preparation
 setup
 carry out
 recording the data
 identity theft
 preparation or planning step
 the official must decide which businesses to target and how to obtain
email addresses from those businesses customers
 set up
  after deciding which firm to imitate and who their victims will be they
will begin the setup process
 fishers create communications to distribute them and collect data the third
phase of phishing is
 carry out
 Carry out the attack most people are familiar with this step the fisher
sends a bogus message that appears to be from a reputable source.
 recording data or data collection
 The official keeps track of the information that victims enter into websites
or pop-up windows.
 identity theft and fraud
 Officials use the information they collect to take make fraudulent
transactions and up to a quarter of victims never fully recover from
phishing attack.

3. Dos DENIAL OF SERVICE

 Dos attack which is denial of service dos attacks can be carried out in a variety of
method but the most common is a distributed denial of service attack in
computing.
 a denial of service attack is a cyber-attack in which the populator seeks to make a
machine or network resources unavailable to its intended users by temporarily or
indefinitely disrupting services of a host connected to the internet
 a dos attack as the name implies aims to disrupt network securities or services
 attackers send a large amount of data or traffic through the network until it becomes
overloaded and fails
 toss attack can be carried out in several ways the most common of which is
distributed denial of service attack
 the attacker sends traffic or data that overloads the system by utilizing multiple
machines
 in many cases a person may be unaware that his or her computer has been hijacked
and is aiding the Dos attack
 disrupting services can have major ramifications for security and internet access
many large-scale dos attacks have occurred in the past
 A Dos attack involves multiple connected online devices collectively known as
botnet which are used to override a target website with fake traffic.

4. MAN-IN-THE-MIDDLE ATTACK
 The middle attack can obtain information from the end user and the entity with which he
or she is communicating by impersonating the end point in online information exchange
 a man in the middle attack is a type of aves dropping attack where attackers interrupt an
existing conversation of data transfer.
 Man in the middle attack the man in: of data transfer after inserting themselves in the
middle of the transfer the attacker pretend to be both legitimate participants
How the man in the middle attack works?
 first the attacker sets up a fake chat service that mimics that of a well-known bank using
the knowledge gain from the first step the attacker pretends to be the bank
 and starts a chat with the target then the attacker starts a chat on the real bank website
pretending to be the target or the user and passing all the needed information to gain
access to the targets account.

5. Drive by download attack

 We no longer need to accept a download or install a software update to become infected
by simply visiting a hacked website may now result in the installation of a dangerous
core on the device.
 We only need to visit or drive by our website and click except for any software and the
malicious code will be downloaded automatically to your device in the background
without your concern.
 a download from these pages refers to the unintentional download of a virus or malicious
software onto a computer or mobile device
 Drive by downloads typically take advantage of exploit security flaws in an out of date
browser app or operating system.
How drive by download attacks work?
 Injection
 the attacker embeds or injects a malicious element into a compromised web page
 This could be JavaScript code an iframe a link or a redirect a malvertisement or cross site
scripting the user views the page triggering.
 Malicious element
 The element exploits vulnerability in a part of the software stack of the user computer
this could be the browser, browser plugins, and the operating system.
 Download the user
 For the user downloads the malicious file silently to the user to the computer in this
example the payload is a Trojan horse attackers may use other payloads.
 Execution
 The Trojan horse execution opening a shell the attacker that uses to gain control over the
device.
 Remote control
 The attacker gains remote control to the personal computer this enables them extract
passwords or other valuable data from the user’s device.
 lateral movement
  the attacker can now use credentials obtained from the user's device to connect to another
more valuable system such as companies website or network and get the again and get
them more information from regarding the user.
Prevention of Cybercrime
 Back up all the data
 The system and any considerations it enables data to be stored earlier to assist the
business in recovering from an unplanned event so basically in the event of a disaster one
must have all the data backed up to avoid serious downtime loss of data and serious
financial loss
 Enforce concrete security and keep it up to date
 choose a firewall with features that protect against malicious hackers malware and
viruses
 this enables us to identify and respond to threats more quickly the endpoints need to be
protected with protection system since most of the attacks are done via the endpoints
never give out personal information to a stranger
 the strangers can use the information to commit fraud on others or else the details
regarding confidential information about the identity
 this is the data that identity thieves seek individuals who have access to your personal
data can retrieve your login information from various websites or commit cybercrimes
such as tax fraud all while posing as you
 use virtual private networks VPN enables us to hide our IP addresses and delete our
website activities
 we pay and encrypt internet traffic and disguises the online identity of the person
 this make it more difficult for the third party to track the activities of the user online and
steal data restriction on access to your most valuable data or make a folder if possible so
that no one can see the confidential document create strong passwords to access the
documents
 If hacker gets access also it will be highly impossible them to crack the passwords and
get hands on private data check the network security to prevent cybercrime.
 A cyber firewall checks your network settings to see if anyone has logged into your
computer putting your network behind firewall is one of the most effective ways to
defend yourself from create strong passwords to access the documents if hacker gets
access also it will be highly impossible them to crack the passwords and get hands on
private data check the network security to prevent cybercrime.
 a cyber-firewall checks your network settings to see if anyone has logged into your
computer putting your network behind firewall is one of the most effective ways to
defend yourself from us from any cyber attack
 a firewall system will block any brute force attacks and made on your network or system
before it can do any damage
 also when visiting an authorized website keep your information secure using public
websites information can easily bypass the data.
CYBER SECURITY
 is a domain designed to eliminate cybercrime cyber security can also be referred to as
id security
 Cyber criminality is a kind of criminal behavior involving unauthorized access to
computer systems cyber security and cybercrime cyber.
 Cyber security and Cybercrime cyber security gives in-depth knowledge about how to
control or recover from cyber-attacks.
 Well cybercrime is a type of criminal conduct that involves gaining unauthorized
access to computer systems.

CONCLUSION:
 India was the country with highest number of attacks with 4.5 million cybercrime
attacks in 2020.
 cybercrime is unauthorized access to computer systems and criminal behavior
 Cyber security provides a thorough understanding of how cyber-attack can be
controlled or recovered online courses provide advice on.
 How cybercrime and cyber hazards can be prevented.
******************