ACKNOWLEDGEMENT

This is to express my earnest gratitude and extreme joy at being bestowed with an opportunity to get an opportunity to get an interesting and informative project on CYBER CRIME IN BANKING SECTOR I would like to thank all the people who have helped me in completion of project, I would avail this opportunity to express my profound gratitude and indebtness to all those people. I am extremely grateful to my project guide Prof. KISHOR. who has given an opportunity to work on such an interesting project. She proved to be a constant source of inspiration to me and provided constructive comments on how to make this report better. Credit also goes to my friends whose constant encouragement kept me in good stead. Lastly without fail I would thank all my faculties for providing all explicit and implicit support to me during the course of my project.

EXCECUTIVE SUMMARY
Cyber crimes are any illegal activities committed using computer target of the criminal activity can be either a computer, network operations. Cyber crimes are genus of crimes, which use computers and networks for criminal activities. The difference between traditional crimes and cyber crimes is the cyber crimes can be transnational in nature. Cyber crime is a crime that is committed online in many areas using ecommerce. A computer can be the target of an offence when unauthorized access of computer network occurs and on other hand it affects E - C O M M E R C E . C yb e r c r i m e c a n b e o f v a r i o u s t y p e s s u c h a s T e l e c o m m u n i c a t i o n s P i r a c y , Electronic Money Laundering and Tax Evasion, Sales and Investment Fraud, Electronic Funds Transfer Fraud and so on The modern contemporary era has replaced these traditional monetary instruments from a paper and metal based currency to plastic money in the form of credit cards, debit cards, etc. This has resulted in the increasing use of ATM all over the world. The use of ATM is not only safe but is also convenient. This safety and convenience, unfortunately, has an evil side as well that do not originate from the use of plastic money rather by the misuse of the same. This evil side is reflected in the form of ATM frauds that is a global problem. Internet commerce has grown exponentially during the past few years and is still growing. But unfortunately the growth is not on the expected lines because the credit card fraud which has become common has retarded the e-commerce growth. Credit card fraud has become regular on internet which not only affects card holders but also online merchants. Credit card f r a u d c a n b e d o n e b y t a k i n g o v e r t h e a c c o u n t , s k i m m i n g o r i f t h e c a r d i s s t o l e n . C e r t a i n preventive measures can be taken to becoming a credit card victim. The term "Internet fraud" refers generally to any type of fraud scheme that uses one or more components of the Internet - such as chat rooms, e-mail, message boards, or Web sites - to present fraudulent solicitations to prospective victims, to conduct fraudulent transactions, or to transmit the proceeds of fraud to financial institutions or to other connected with the scheme. Some form of Internet fraud, include: Spam, Scams, Spyware, Identify theft, Phishing, Internet banking fraud. The modern thief can steal more with a computer than with a gun. Tomorrows terrorist may be able to do more damage with a keyboard than with a bomb. - National Research council.Computers at Risk,1991

INDEX
SR. NO
1 2 3 4 5 6 7 8

TOPICS
CYBER CRIME TYPES OF CYBER CRIME CLASSIFICATION OF CYBER CRIME REASON FOR CYBER CRIME CYBER CRIMINALS MODE AND MANNER OF COMMITING CRIMES BANKING SECTOR CYBER CRIMES IN BANKING SECTOR A) ATM FRAUD B) MONEY LAUNDERING C) CREDIT CARD FRAUD CASE STUDY GENERAL TIPS ON AVOIDING POSSIBLE INTERNET FRAUD SCHEMES RECENT CASE CONCLUSION BIBLOGRAPHY

PAGE NO.

9 10 11 12 13

CYBER CRIME
INTRODUCTION
The usage of internet services in India is growing rapidl y. It has given r i s e t o n e w opportunities in every field we can think of be it entertainment, business, sports and education.

Cybercrime is a kind of crime that happens in "cyberspace", that is, happens in the world of computer and the Internet. Although many people have a limited knowledge of "cybercrime", this kind of crime has the serious materials talk about the "crime" of "cybercrime", but this paper will talk more about "cyber". In this paper, first, new breed of crime, few papers or textbooks focus on the "computer science" itself. In other words, most of information exchange happening in "cyberspace". Thus, it is necessary to introduce cybercrime detailedly. Potential for severe impact on our lives and society, because our society is becoming an information society, full we will introduce the definition, origins and evolution of cybercrime. Second, the three categories of cybercrime, which are target cybercrime, tool cybercrime, computer incidental, are presented in each section respectively, While there are several textbooks talking about cybercrime, but focusing on the statutes and laws relevant this where some latest cases will be studied. There are many pros and cons of some new types of technology which are been discovered. Similarly the new & profound technology i.e. using of INTERNET Service , has also got some pros & cons. These cons are named CYBER CRIME, the major disadvantages, illegal activity committed on the internet by certain individuals because of certain loop -holes. The internet, along with its advantages, has also exposed us to security risks that come with connecting to a large network. Computers today are being misused for illegal activities like e mail espionage, credit card fraud, spams, and software piracy and so o n , w h i c h i n v a d e o u r privacy and offend our senses. Criminal activities in the cyberspace are on the rise. Computer crimes are criminal activities, which involve the use of information technology t o g a i n a n i l l e g a l o r a n u n a u t h o r i z e d a c c e s s t o a

c o m p u t e r s ys t e m w i t h i n t e n t o f d a m a g i n g , deleting or altering computer data. Computer crimes also include the activities such as electronic f r a u d s , m i s u s e o f d e v i c e s , i d e n t i t y t h e f t a n d d a t a a s w e l l a s s ys t e m i n t e r f e r e n c e . C o m p u t e r c r i m e s m a y n o t n e c e s s a r i l y i n v o l v e d a m a g e t o p h ys i c a l p r o p e r t y. T h e y r a t h e r i n c l u d e t h e manipulation of confidential data and critical information. Computer crime can broadly be defined as criminal activity involving an information technology infrastructure, including illegal access (unauthorized access), illegal interception (by technical means of non-public transmissions of computer data to, from or within a computer system), data interference (unauthorized damaging, deletion, deterioration, alteration or suppression of computer data), systems interf erence (interfering with the functioning of acomputer system by inputting, transmitting, dama ging, deleting, deteriorating, altering o r suppressing computer data), misuse of devices, forgery (ID theft), and electronic fraud (Taylor,1999)

In 2002 the newly formed U.S. Internet Crime Complaint Center reported that more than$54 million dollars had been lost through a variety of fraud schemes; this represented a threefold increase over estimated losses of $17 million in 2001. The annual losses grew in subsequent years, reaching $125 million in 2003, about $200 million in 2006 and close to $250 million in2008.

CYBERCRIMES IN INDIA
As India become the fourth highest number of Internet users in the world, cyber crimes in India has also increased 50 percent in 2007 over the previous year. According to the Information Technology (IT) Act, the majority of offenders were under 30 years of age. Around 46 percent of cyber crimes were related to incidents of cyber pornography, followed by hacking. According to recent published 'Crime in 2007 report', published by the National Crime Record Bureau (NCRB), in over 60 percent of these cases, offenders were between 18 and 30. These cyber -crimes are punishable under two categories; the IT Act 2000and the Indian Penal Code (IPC). According to the report, 217 cases of cyber-crime were registered under the IT Act in 2007, which is an increase of 50 percent from the previous year. Under the IPC section, 339 cases were recorded in 2007 compared to 311 cases in 2006. Out of 35 mega cities, 17 cities have reported around 300 cases of cyber-crimes under both categories that is an increase of 32.6 percent in a year. The report also shows that cyber crime is not only limited to metro cities but it also moved to small cities like Bhopal. According to the report, Bhopal, the capital of Madhya Pradesh has reported the highest incidence of cyber crimes in the country. I n o r d e r t o t a c k l e w i t h c yb e r c r i m e , D e l h i P o l i c e h a v e t r a i n e d 1 0 0 o f i t s o f f i c e r s i n handling cyber crime and placed them in its Economic Offences Wing. These officers were trained for six weeks in computer hardware and software, computer networks comprising data communication networks, network protocols, wireless networks and network security. Faculty at Guru Gobind Singh Indraprastha University (GGSIPU) were the trainers.

CRIME STATISTICS
As per the National Crime Records Bureau statistics, during the year 2005, 179 cases were registered under the IT Act as compared to 68 cases during the previous year, there by reporting a significant increase of 163.2% in 2005 over 2004. During 2005, a total of 302 cases were registered under IPC sections as compared to 279 such cases during 2004, there by reporting an increase of 8.2% in 2005 over 2004. NCRB is yet to release the statistics for 2006.In 2006, 206 complaints were received in comparison with only 58 in 2005, a 255% increase in the total number of complaints received in the Cyber Cell/EOW over the last year. In terms of cases registered and investigated in 2006 (up to 22.12.06), a total of 17 cases, where the computer was the victim, a tool or a repository of evidence, have been registered in the Cyber Cell/EOW as compared to 12 cases registered in 2005. And mind you, these are just the reported cases.

While the number of cyber crime instances has been constantly growing over the last few years, the past year and a half, in particular, has seen a rapid spurt in the pace of cyber crime activities. Cyber lawyers, Pavan Duggal, advocate with the Supreme Court of India and Karnika Seth, partner, Seth Associates, Advocates and Legal Consultants, testify to this, pointing out that they have seen a jump in the number of cyber crime cases that they've been handling in the last o n e ye a r . O n e a l s o s h o u l d r e m e m b e r t h a t t h e t e r m ' C yb e r C r i m e ' s h o u l d b e a p p l i e d t o a l l offences committed with the use of 'Electronic Documents'. Hence, cyber crimes must grow at the same rate as the use of the Internet, mobile phone, ATM, credit cards or perhaps even faster.

"With the little offences came the larger ones involving huge money, and one has seen this sudden jump from smaller crimes to financial crimes in the last one year"
According to Captain Raghu Raman, CEO, Mahindra Special Services G r o u p ( S S G ) , t h e contributing factors are high volume of data processing, rapid growth and major migration into t h e o n l i n e s p a c e , e s p e c i a l l y o f financial institutions and their customer transactions. However, actual numbers continue to include, considering the fact that a majority of the cases go unreported. Most victims, especially the corporate, continue to downplay on account of the fear of negative publicity thereby failing to give a correct picture of the cyber crime scene in the country. According to Cyber law expert Na Vijayashankar (popularly known as Naavi) "If we, therefore, focus on the number of cases registered or number of convictions achieved, we only get diverted from real facts," he adds. Duggal points out to the results of a survey he conducted in early 2006 on the extent of under-reporting. For every 500 instances of cyber crimes that take place in India, only fifty are reported and out of that fifty, only one is registered as an FIR or criminal case. Nandkumar Sarvade, director, Cyber Security and Compliance at Nasscom, points out that very often, people are not aware whether an incident is a cyber crime; there is also lack of awareness on where to lodge a complaint or whether the police will be understand."Added to this is the fear of losing business and hence, many cases don't come to light," he adds.

CHANGING FACE OF CRIME

The last year has seen a quantum jump not only in the quantity and quality but also the very nature of cyber crime activities. According to Naavi, a perceptible trend being observed is that cyber crimes are moving from 'Personal Victimization' to 'Economic Offences'. SD Mishra, ACP, IPR and Cyber Cell, Economic Offences Wing, Delhi Police concurs that the cases that are now coming up are more related to financial frauds. As opposed to obscenity, pornography, malicious emails that were more prevalent in the past, now credit card frauds, phishing attacks, online share trading, etc. are becoming more widespread. As Seth points out, initially, when the Internet boom began, certain crimes were noticeable and cyber stalking was one of the first ones."However, with the little offences came the larger ones involving huge money and one has seen this sudden jump from smaller crimes to financial crimes in the last one year," she adds.

CYBERSPACE
As the cases of cybercrime grow; there is a growing need to prevent them. Cyberspace belongs to everyone. There should be electronic surveillance which means investigators tracking down hackers often want to monitor a cracker as he breaks into a victim's computer system. The two basic laws governing real-time electronic surveillance in other criminal investigations also apply in this context, search warrants which means that search warrants may be obtained to gain access to the premises where the cracker is believed to have evidence of the crime. Such evidence would include the computer used to commit the crime, as well as the software used to gain unauthorized access and other evidence of the crime. Researchers must explore the problems in greater detail to learn the origins, methods, and motivations of this growing criminal group. Decision-makers in business, government, and law e n f o r c e m e n t m u s t r e a c t t o t h i s e m e r g i n g b o d y o f k n o w l e d g e . T h e y m u s t d e v e l o p p o l i c i e s , methods, and regulations to detect incursions, investigate and prosecute the perpetrators, and prevent future crimes. In addition, Police Departments should immediately take steps to protect their own information systems from intrusions (Any entry into an area not previously occupied). Internet provides anonymity: This is one of the reasons why criminals try to get away easily when caught and also give them a chance to commit the crime again. Therefore, we users should be careful. We should not disclose any personal information on the internet or use credit c a r d s a n d i f w e f i n d a n yt h i n g s u s p i c i o u s i n e - m a i l s o r i f t h e s ys t e m i s h a c k e d , i t s h o u l d b e immediately reported to the Police officials who investigate cyber-crimes rather than trying to fix the problem by ourselves. Computer crime is a multi-billion dollar problem. Law enforcement must seek ways to keep the drawbacks from overshadowing the great promise of the computer age. Cybercrime is a menace that has to be tackled effectively not only by the official but also by the users by co -operating with the law. The founding fathers of internet wanted it to be a boon to the whole world and it is upon us to keep this tool of modernization as a boon and not make it a bane to the society.

TYPES OF CYBER CRIME

1. Theft of Telecommunications Services
The "phone phreakers" of three decades ago set a precedent for what has become a major criminal industry. By gaining access to an organizations telephone switchboard (PBX) individuals or criminal organizations can obtain access to dial-in/dial-out circuits and then make their own calls or sell call time to third parties (Gold 1999). Offenders may gain access to the switchboard by impersonating a technician, by fraudulently o btaining an employee's access code, or by using software available on the internet. Some sophisticated offenders loop between PBX systems to evade detection. Additional forms of service theft include capturing "calling card" details and on-selling calls charged to the calling card account, and counterfeiting or illicit treprogramming of stored value telephone cards.

It has been suggested that as long ago as 1990, security failures at one major telecommunicati ons carrier cost approximately 290 million, and that more recently, up to 5% of total industry
turnover has been lost to fraud (Schieck 1995: 2-5). Costs to individual subscriber scan also be significant in one case; computer hackers in the United States illegally obtained access to Scotland Yard's telephone network and made 620,000 worth of international calls for which Scotland Yard was responsible (Tendler and Nuttall 1996).

2. Communications in Furtherance of Criminal Conspiracies

Just as legitimate organizations in the private and public sectors rely upon information systems for communications and record keeping, so too are the activities of criminal organizations enhanced by technology. There is evidence of telecommunications equipment being used to facilitate organized drug trafficking, gambling, prostitution, money laundering, child pornography and trade in w e a p o n s ( i n t h o s e j u r i s d i c t i o n s w h e r e s u c h a c t i v i t i e s a r e i l l e g a l ) . T h e u s e o f e n c r y p t i o n technology may place criminal communications beyond the reach of law enforcement. The use of computer networks to produce and distribute child pornography has become t h e s u b j e c t o f i n c r e a s i n g a t t e n t i o n . T o d a y, t h e s e m a t e r i a l s c a n b e i m p o r t e d a c r o s s n a t i o n a l borders at the speed of light. The more overt manifestations of internet child pornography entail a modest degree of organization, as required by the infrastructure of IRC and WWW, but the activity appears largely confined to individuals. By contrast, some of the less publicly visible traffic in child pornography activity appears to entail a greater degree of organization. Although knowledge is confined to that conduct which has been the target of successful police investigation, there appear

to have been a number of networks which extend cross-nationally, use sophisticated technologies of concealment, and entail a significant degree of coordination. Illustrative of such activity was the Wonderland Club, an international network with members in at least 14 nations ranging from Europe, to North America, to Australia. Access to t h e g r o u p w a s p a s s w o r d p r o t e c t e d , a n d c o n t e n t w a s e n c r yp t e d . P o l i c e i n v e s t i g a t i o n o f t h e activity, codenamed "Operation Cathedral" resulted in approximately 100 arrests around the world, and the seizure of over 100,000 images in September, 1998.

3. Telecommunications Piracy
Digital technology permits perfect reproduction and easy dissemination of print, graphics, sound, and multimedia combinations. The temptation to reproduce copyrighted
material for personal use, for sale at a lower price, or indeed, for free distribution, has proven irresistible to many.

This has caused considerable concern to owners of copyrighted material. Each year, it has been estimated that losses of between US$15 and US$17 billion are sustained by industry by reason of copyright infringement (United States, Information Infrastructure Task Force 1995, 131). The Software Publishers Association has estimated that $7.4 billion worth of software was lost to piracy in 1993 with $2 billion of that being stolen from the Internet (Meyer and Underwood 1994). Ryan (1998) puts the cost of foreign piracy to American industry at more than $10 billionin 1996, including $1.8 billion in the film industry, $1.2 billion in music, $3.8 billion in business application software, and $690 million in book publishing. According to the Straits Times (8/11/99) A copy of the most recent James Bond Film The World is Not Enough, was available free on the internet before its official release. When creators of a work, in whatever medium, are unable to profit from their creations, there can be a chilling effect on creative effort generally, in addition to financial loss.

4. Dissemination of Offensive Materials

Content considered by some to be objectionable exists in abundance in cyberspace. This includes, among much else, sexually explicit materials, racist propaganda, and instructions for the fabrication of incendiary and explosive devices. Telecommunications systems can also be u s e d f o r harassing, threatening or intrusive communications, from the traditional obscenetelephone call to its contemporary

manifestation in "cyber-stalking" , i n w h i c h p e r s i s t e n t messages are sent to an unwilling recipient. One man allegedly stole nude photographs of his former girlfriend and her new boyfriend and posted them on the Internet, along with her name, address and telephone number. The unfortunate couple, residents of Kenosha, Wisconsin, received phone calls and e-mails from strangers as far away as Denmark who said they had seen the photos on the Internet.Investigations also revealed that the suspect was maintaining records about the woman's movements and compiling information about her family (Spice and Sink 1999). In another case a rejected suitor posted invitations on the Internet under the name of a 28-year-old woman, the would-be object of his affections that said that she had fantasies of rape and gang rape. He then communicated via email with men who replied to the solicitations and gave out personal information about the woman, including her address, phone number, details of her physical appearance and how to bypass her home security system. Strange men turned up at her home on six different occasions and she received many obscene phone calls. While the woman was not physically assaulted, she would not answer the phone, was afraid to leave her home, and lost her job (Miller 1999; Miller and Maharaj 1999). One former university student in California used email to harass 5 female students in1998. He bought information on the Internet about the women using a professor's credit card and then sent 100 messages including death threats, graphic sexual descriptions and references to their daily activities. He apparently made the threats in response to perceived teasing about his appearance (Associated Press 1999a). Computer networks may also be used in furtherance of extortion. The Sunday Times (London) reported in 1996 that over 40 financial institutions in Britain and the United States had been attacked electronically over the previous three years. In England, financial institutions were reported to have paid significant amounts to sophisticated computer criminals who threatened to wipe out computer systems. (The Sunday Times , June 2, 1996). The article cited four incidents between 1993 and 1995 in which a total of 42.5 million Pounds Sterling were paid by senior executives of the organizations concerned, who were convinced of the extortionists' capacity to crash their computer systems (Denning 1999 233-4).

5. Electronic Money Laundering and Tax Evasion

For some time now, electronic funds transfers have assisted in concealing and in moving the proceeds of crime. Emerging technologies will greatly assist in concealing the origin of ill-gotten gains. Legitimately derived income may also be more easily concealed from taxation authorities. Large financial institutions will no longer be the only ones with the ability to achieve electronic funds transfers transiting numerous jurisdictions at the speed of light. The development of informal banking institutions and parallel banking systems may permit central bank supervision to be bypassed, but can also facilitate the evasion of cash transaction reporting requirements in those nations which

have them. Traditional underground banks, which have flourished in Asian countries for centuries, will enjoy even greater capacity through the use of telecommunications. With the emergence and proliferation of various technologies of electronic commerce, one can easily envisage how traditional countermeasures against money laundering and tax evasion may soon be of limited value. I may soon be able to sell you a quantity of heroin, in return for an untraceable transfer of stored value to my "smart-card", which I then download anonymously to my account in a financial institution situated in an overseas jurisdiction which protects the privacy of banking clients. I can discreetly draw upon these funds as and when I may require, downloading them back to my stored value card (Wahlert 1996).

6. Sales and Investment Fraud

As E-COMMERCE becomes more prevalent, the application of digital technology to fraudulent endeavours will be that much greater. The use of the telephone for fraudulent sales pitches, deceptive charitable solicitations, or bogus investment overtures is increasingly common. Cyberspace now abounds with a wide variety of investment opportunities, fromtrad itional securities such as stocks and bonds, to more exotic opportunities such as coconut farming, the sale and leaseback of automatic teller machines, and worldwide telephone lotteries (Cella and Stark 1997 837-844). Indeed, the digital age has been accompanied by unprecedented opportunities for misinformation. Fraudsters now enjoy direct access to millions of prospective victims around the world, instantaneously and at minimal cost. Classic pyramid schemes and "Exciting, Low-Risk Investment Opportunities" are not uncommon. The technology of the World Wide Web is ideally suited to investment solicitations. In the words of two SEC staff "At very little cost, and from the privacy of a basement office or living room, the fraudster can produce a home page that looks better and more sophisticated than that of a Fortune 500 company" (Cella and Stark 1997, 822).

7. Illegal Interception of Telecommunications

Developments in telecommunications provide new opportunities for electronic eavesdropping. From activities as time-honoured as surveillance of an unfaithful spouse, to the
newest forms of political and industrial espionage, telecommunications interception has increasing applications. Here again, technological developments create new vulnerabilities. The electromagnetic signals emitted by a computer may themselves be intercepted. Cables may act as broadcast antennas. Existing law does not prevent the remote monitoring of computer radiation.

It has been reported that the notorious American hacker Kevin Poulsen was able to gain access to law enforcement and national security wiretap data prior to his arrest in 1991 (Littman1997). In 1995, hackers employed by a criminal organization attacked the communications system of the Amsterdam Police. The hackers succeeded in gaining police operational intelligence, and in disrupting police communications (Rathmell 1997).

8. Electronic Funds Transfer Fraud

Electronic funds transfer systems have begun to proliferate, and so has the risk that such transactions may be intercepted and diverted. Valid credit card numbers can be intercepted electronically, as well as physically; the digital information stored on a card can be counterfeited.

Of course, we don't need Willie Sutton to remind us that banks are where they keep the money. In 1994, a Russian hacker Vladimir Levin, operating from St Petersburg, accessed the computers of Citibank's central wire transfer department, and transferred funds from large corporate accounts to other accounts which had been opened by his accomplices in The United States, the Netherlands , Finland, Germany, and Israel. Officials from one of the corporatevictims, located in Argentina, notified the bank, and the suspect accounts, loc ated in SanFrancisco, were frozen. The accomplice was arrested. Another accomplice was ca ughtattempting to withdraw funds from an account in Rotterdam. Although Russian law precluded Levin's extradition, he was arrested during a visit to the United States and subsequently imprisoned. (Dennin 1999, 55). The above forms of computer-related crime are not necessarily mutually exclusive, and need not occur in isolation. Just as an armed robber might steal an automobile to facilitate a quick getaway, so too can one steal telecommunications services and use them for purposes of vandalism, fraud, or in furtherance of a criminal conspiracy.1 Computer-related crime may be compound in nature, combining two or more of the generic forms outlined above.

OTHER TYPES OF CYBER CRIME

1.HACKING

H a c k i n g i n s i m p l e t e r m s m e a n s a n i l l e g a l i n t r u s i o n i n t o a c o m p u t e r s ys t e m a n d / o r network. There is an equivalent term to hacking i.e. cracking, but from Indian Laws perspective there is no difference between the term hacking and cracking. Every act committed towards breaking into a computer and/or network is hacking. Hackers write or use ready-made computer programs to attack the target computer. They possess the desire to destruct and they get the kick out of such destruction. Some hackers hack for personal monetary gains, such as to stealing the credit card information, transferring money from various bank accounts to their own account followed by withdrawal of money. They extort money from some corporate giant threatening him to publish the stolen information which is critical in nature. Government websites are the hot targets of the hackers d u e t o t h e p r e s s c o v e r a g e , i t receives. Hackers enjoy the media coverage. Motive Behind The Crime a. Greed b. Power c. Publicity d. Revenge e. Adventure f. Desire to access forbidden information

g. Destructive mindset h. Wants to sell n/w security services

3. Cyber Stalking
Cyber Stalking can be defined as the repeated acts harassment or threatening behaviour of the cyber criminal towards the victim by using internet services. Stalking in General terms can be referred to as the repeated acts of harassment targeting the victim such as following the victim, making harassing phone calls, killing the victims pet, vandalizing victims property ,leaving written messages or objects. Stalking may be followed by serious violent acts such as physical harm to the victim and the same has to be treated and viewed seriously. It all depends on the course of conduct of the stalker. Both kind of Stalkers Online & Offline have desire to control the victims life. Majority of the stalkers are the dejected lovers or ex-lovers, who then want to harass the victim because they failed to satisfy their secret desires. Most of the stalkers are men and victim female.

How Do They Operate

a. Collect all personal information about the victim such as n a m e , f a m i l y b a c k g r o u n d , Telephone Numbers of residence and work place, daily routine of the victim, address of residence and place of work, date of birth etc. If the stalker is one of the acquaintances of the victim he can easily get this information. If stalker is a stranger to victim, he collect the information from the internet resources such as various profiles, the victim may have filled in while opening the chat or e-mail account or while signing an account with some website. b. The stalker may post this information on any website related to s e x - s e r v i c e s o r d a t i n g services, posing as if the victim is posting this information and invite the people to call the victim on her telephone numbers to have sexual services. Stalker even uses very filthy and obscene language to invite the interested persons. c. People of all kind from nook and corner of the World, who come across this information, start calling the victim at her residence and/or work place, asking for sexual services or relationships. d. Some stalkers subscribe the e-mail account of the victim to i n n u m e r a b l e p o r n o g r a p h i c and sex sites, because of which victim starts receiving such kind of unsolicited e-mails. e. Some stalkers keep on sending repeated e -mails asking for various k i n d s o f f a v o u r s o r threaten the victim.

f. In online stalking the stalker can make third party to harass the victim. g. Follow their victim from board to board. They hangout on the s a m e B B s a s t h e i r victim, many times posting notes to the victim, making sure the victim is aware that h e / s h e i s b e i n g f o l l o w e d . M a n y times they will flame their victim (becoming argumentative, insulting) to get their attention. h . S t a l k e r s w i l l a l m o s t a l w a ys m a k e c o n t a c t w i t h t h e i r v i c t i m s t h r o u g h e m a i l . T h e l e t t e r s may be loving, threatening, or sexually explicit. He will many times use multiple names when contacting the victim. i. Contact victim via telephone. If the stalker is able to access the victims telephone, he will many times make calls to the victim to threaten, harass, or intimidate them. j. Track the victim to his/her home.

Definition of Cyber stalking

Although there is no universally accepted definition of cyber stalking, the term is used in this report to refer to the use of the Internet, e-mail, or other electronic communications devices to stalk another person. Stalking generally involves harassing or threatening behaviour that an individual engages in repeatedly, such as following a person, appearing at a persons home or p l a c e o f b u s i n e s s , m a k i n g h a r a s s i n g p h o n e c a l l s , l e a v i n g w r i t t e n m e s s a g e s o r o b j e c t s , o r vandalizing a persons property. Most stalking laws require that the perpetrator make a credible threat of violence against the victim; others include threats against the victims immediate family; and still others require only that the alleged stalkers course of conduct constitute animplied threat. (1) While some conduct involving annoying or menacing behaviour might fall short of illegal stalking, such behaviour may be a prelude to stalking and violence and should be treated seriously

Nature and Extent of Cyber stalking

An existing problem aggravated by new technology. Although online harassment and threats can take many forms, cyber stalking shares important characteristics with offline stalking. Many stalkers online or offline are motivated by a desire to exert control over their victims and engage in similar types of behaviour to accomplish this end. As with offline stalking, the available evidence (which is largely anecdotal) suggests that the majority of cyber stalkers are men and the majority of their victims are women, although there have been reported cases of women cyber stalking men and of same-sex cyber stalking. In many cases, the cyber stalker and the victim had a prior relationship, and the cyber stalking begins when the victim attempts to break off the relationship. However, there also have been many instances of cyber stalking by strangers. Given the enormous amount of personal

information available through the Internet, a cyber stalker can easily locate private information about a potential victim with a few mouse clicks or key strokes. The fact that cyber stalking does not involve physical contact may create the misperception that it is more benign than physical stalking. This is not necessarily true. As the Internet becomes an ever more integral part of our personal and professional lives, stalkers can take advantage of the ease of communication as well as increased access to persona formation. In addition, the ease of use and non-confrontational, impersonal, and sometimes anonymous nature of Internet communications may remove disincentives to cyber stalking. Put another way, whereas a potential stalker may be unwilling or unable to confront a victim in person or on the telephone, he or she may have little hesitation sending harassing or threatening electronic communications to a victim. Finally, as with physical stalking, online harassment and threats may be a prelude to more serious behaviour, including physical violence.

Phishing
In the field of computer security, phishing is the criminally fraudulent process of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT Administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail or instant messaging, and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Even when using server authentication, it may require tremendous skill to detect that the website is fake. Phishing is an example of social engineering techniques used to fool users, and exploits the poor usability of c u r r e n t w e b s e c u r i t y t e c h n o l o g i e s . A t t e m p t s t o d e a l w i t h t h e g r o w i n g n u m b e r o f r e p o r t e d phishing incidents include legislation, user training, public awareness, and technical security measures. Phishing, also referred to as brand spoofing or carding , is a variation on "fishing," the idea being that bait is thrown out with the hopes that while most will ignore the bait, some will be tempted into biting. A phishing technique was described in detail in 1987, and the first recorded use of the term "phishing" was made in 1996.

Phishing email From: *****Bank [mailto:support@****Bank.com] Sent: 08 June 2004 03:25 To: India Subject: Official information from ***** Bank Dear valued ***** Bank Customer! For security purposes your account has been randomly chosen for verification. To verify your account information we are asking you to provide us with all the data we are requesting. Otherwise we will not be able to verify your identity and access to your account will be denied. Please click on the link below to get to the bank secure page and verify your account details. Thank you. https://infinity.*****bank.co.in/Verify.jsp ***** Bank Limited

1. Spam
Spam is a generic term used to describe electronic junk mail or unwanted message sent to your email account or mobile phone. These message vary, but are essential commercial and often annoying in their sheer volume. They may try to persuade you to buy a product or service, or visit a website where you to buy a product or service, or visit a website where you can make purchases; or they may attempt to trick you into divulging your bank account or credit card details. More information about spam is available from the Australian Communication and Media Authority (ACMA website).

2. Scams
The power of the Internet and Email communication has made it all too easy for email scams to flourish. These schemes often arrive uninvited by email. Many are related to welldocumented Nigerian Scam or Lotto Scams and use similar tactics in one form or another. While the actual amount of money lost by business and the community is unknown, the number of people claiming to have been defrauded by these scams is relatively low. More information about scam is available from the Australian Competition and Conusmer Commission (ACCC) SCAM watch website and the Australian Securities and Investments Commission FIDO website.

3. Spyware
Spyware is generally considered to be software that is secretly installed on a computer and take things from it without the permission or knowledge of the user. Spyware may take personal information, bandwidth; or processing capital and secretly gives it to someone else. It is recognized as a growing problem. More information about taking care of spyware is available from the Department of Broadband, Communication, and the Digital Economy (DBCDE) website.

4 . D en ial Of S ervi ce Atta ck

This is an act by the criminal, who floods the bandwidth of the victims network or fills his email box with spam mail depriving him of the services he is entitled to access or provide.

5 . V i rus Di ss emi n ation

Malicious software that attaches itself to other software. (Virus,, worms,, Trojan Horse, Time bomb,, Logic Bomb,, Rabbit and Bacterium are the malicious softwares).

6. Software Piracy
Theft of software through the illegal copying of genuine programs or the counter feiting and distribution of products intended to pass for the original. Retail revenue losses worldwide are ever increasing due to this crime. It can be done in various ways- End user copying, Hard disk loading,, Counter feiting, Illegal downloads from the internet etc

7. Spoofing
Getting one computer on a network to pretend to have the identity of another computer, usually one with special access privileges, so as to obtain access to the other computers on the network.

8. Net Extortion

Copying the companys confidential data in order to extort said company for huge amount.

9. SALAMI ATTACK
In such crime criminal makes insignificant changes in such a m a n n e r t h a t s u c h c h a n g e s would go unnoticed. Criminal makes such program that deducts small amount like Rs. 2.50 per month from the account of all the customer of the Bank and deposit the same in his account. In this case no account holder will approach the bank for such small amount but criminal gains huge amount.

10. SALE OF NARCOTICS

Sale & Purchase through net. There are web sites which offer sale and shipment off contrabands drugs. They may use the techniques off stenography for hiding the messages.

Electronic Spam Mails

These are unsolicited bulk e-mail to multiple recipients. They can be commercial, political, or religious. While the most widely recognized form of spam is e-mail spam, the term is applied to similar abuses in other media: instant messaging spam, web search engines, and blogs. Spamming is popular because the advertisers have no operating costs beyond the management of their mailing lists and it is difficult to hold senders accountable for their mass mailings. A good example is 419 mails or the Nigerian advance fee frauds which in 1996 was estimated to have cost unsuspecting clientele over five billion dollars. These mails emanate in a triangle called the "The Nigerian Connection" mostly in Europe and in some parts of Africa, The 419 Coalition, 2005. The Nigerian Scam, according to published reports, is the third to fifth largest industry in Nigeria.

CLASSIFICATION OF CYBER CRIME

Mr. Pavan Duggal, who is the President of cyber laws, net and consultant, in a report has clearly defined the various categories and types of cybercrimes. Cybercrimes can be basically divided into 3 major categories:

1 . Cyb ercri mes A gainst Persons

Cybercrimes committed against persons include various crimes like transmission of c h i l d - p o r n o g r a p h y, h a r a s s m e n t o f a n y o n e w i t h t h e u s e o f a c o m p u t e r s u c h a s e - m a i l . T h e trafficking, distribution, posting, and dissemination of obscene material including pornography and indecent exposure, constitutes one of the most important Cybercrimes known today. The potential harm of such a crime to humanity can hardly be amplified. This is one Cybercrime which threatens to undermine the growth of the younger generation as also leave irreparable cars and injury on the younger generation, if not controlled. A minor girl in Ahmadabad was lured to a private place through cyber chat by a man, who, along with his friends, attempted to gang-rape her. As some passersby heard her cry, she was rescued. Another example wherein the damage was not done to a person but to the masses is the case of the Melissa virus. The Melissa virus fir st appeared on the internet in March of 1999. It spread rapidly throughout computer systems in the United States and Europe. It is estimated that the virus caused 80 million dollars in damages to computers worldwide.

In the United States alone, the virus made its way through 1.2 million computers in one-fifth of the country's largest businesses. David Smith pleaded guilty on Dec. 9, 1999 to state and federal charges associated with his creation of the Melissa virus. There are numerous examples of such computer viruses few of them being "Melissa" and "love bug".

2 . Cyb ercri mes A gainst Prop erty

The second category of Cybercrimes is that of Cybercrimes against all forms of property. These crimes include computer vandalism (destruction of others' property), transmission of harmful programmes. A Mumbai-based upstart engineering company lost a say a n d m u c h m o n e y i n t h e business when the rival company, an industry major, stole the technical database from their computers with the help of a corporate cyber spy.

3. Cybercrimes Against Government

The third category of Cybercrimes relate to Cybercrimes against Government. Cyber terrorism is one distinct kind of crime in this category. The growth of internet has shown that the medium of Cyberspace is being used by individuals and groups to threaten the international g o v e r n m e n t s a s a l s o t o t e r r o r i z e t h e c i t i z e n s o f a c o u n t r y. T h i s c r i m e m a n i f e s t s i t s e l f i n t o terrorism when an individual "cracks" into a government or military maintained website. The Parliament of India passed its first Cyber law, the Information Technology Act in2000. It not only provides the legal infrastructure for E-commerce in India but also at the same time, gives draconian powers to the Police to enter and search, without any warrant, any public place for the purpose of nabbing cybercriminals and preventing cybercrime. Also, the Indian Cyber law talks of the arrest of any person who is about to commit a cybercrime. The Act defines five cybercrimes damage to computer source code, hacking, publishing electronic information which is lascivious or prurient, breach of confidentiality and publishing false digital signatures. The Act also specifies that cybercrimes can only be investigated by an official holding no less a rank than that of Dy. Superintendent of Police (Dy.SP). It is common that many systems operators do not share i n f o r m a t i o n w h e n t h e y a r e v i c t i m i z e d b y c r a c k e r s . T h e don't contact law e n f o r c e m e n t o f f i c e r s w h e n t h e i r c o m p u t e r systems are invaded, preferring instead to fix the damage and take action to keep crackers from gaining access again with as little public attention as possible. According to Sundari Nanda, SP, CBI, "most of the times the victims do not complain, may be because they are aware of the extent of the crime committed against them, or as in the case of business houses, they don't

want to confess their system is not secure". As the research shows, computer crime poses a real threat. Those who believe otherwise simply have not been awakened by the massive losses and setbacks experienced by companies worldwide. Money and intellectual property have been stolen, corporate operations impeded, and jobs lost as a result of computer crime. Similarly, information systems in government and business alike have been compromised. The economic impact of computer crime is staggering (great difficulty). We take five Indian banks and try to find out the security features using by the bank for online transactions. The data is collected by various reports from web, newspaper and media. For every security feature we provide 5 points. The banks are-

tional Bank [PNB]

BANK
SBI PNB CBI BOB

PE*

VK*

SSL*

SMS*

UAP*

Total

4 4 3 4 3

4 4 4 4 4

4 3 3 3 4

3 4 2 4 3

0 0 0 0 0

15 15 12 15 14

Allahabad

*PE- Password Encryption, *VK- Virtual Keyboard, *SSL-Secure Socket Layer, *SMSShort message service alerts, *UAP- User Awareness Program

REASONS FOR CYBER CRIME

Hart in his work The Concept of Law has said human beings are vulnerable so rule of law is required to protect them. Applying this to the cyberspace we may say that computers are vulnerable (capable of attack) so rule of law is required to protect and safeguard them against cyber crime. The reasons for the vulnerability of computers may be said to be:

1. Capacity To Store Data In Comparatively Small SpaceThe computer has unique characteristic of storing data in a very small space. This affords to remove or derive information either through physical or virtual medium makes it much easier.

2. E a s y T o A c c e s s
The problem encountered in guarding a computer system from unauthorised access is that there is every possibility of breach not due to human error but due to the complex technology. By secretly implanted logic bomb, key loggers that can steal access codes, advanced voice recorders; retina imagers etc. that can fool biometric systems and bypass firewalls can be utilized to get past many a security system.

3. Complex
The computers work on operating systems and these operating systems in turn are composed of millions of codes. Human mind is fallible and it is not possible that there might not be a lapse at any stage. The cyber criminals take advantage of these lacunas and penetrate into the computer system.

4. Negligence
Negligence is very closely connected with human conduct. It is therefore very probable that while protecting the computer system there might be any negligence, which in turn provides a cyber criminal to gain access and control over the computer system.

5. Loss Of Evidence
Loss of evidence is a very common & obvious problem as all the data are routinely destroyed. Further collection of data outside the territorial extent also paralyses this system of crime investigation.

CYBER CRIMINALS
The cyber criminals constitute of various groups/ category. The division may be justified on the basis of the project that they have in their mind.The following are the category of cyber criminals-

1. Children And Adolescents Between The Age Group Of 6-18 Years

The simple reason for this type of delinquent (A young offender) behaviour pattern in children is seen mostly due to the inquisitiveness to know and explore the thing. Other cognate reason may be to prove themselves to be outstanding amongst other children in their group. Further the reason may be psychological even. E.g. the Bal Bharati (Delhi) case was the outcome of harassment of the delinquent by his friend.

2. Organised Hackers
These kind of hackers are mostly organised together to fulfil certain objective. The reason may be to fulfil their political bias, fundamentalism, etc. The Pakistanis are said to be one of the best quality hackers in the world. They mainly target the Indian Government sites with the purpose to fulfil their political objectives. Further the NASA as well as the Microsoft site is always under attack by the hackers.

3. Professional Hackers/ Crackers

The work is motivated by the colour of money. These kind of hackers are mostly employed to hack the site of the rivals and get credible, reliable and valuable information. Further they are even employed to crack the system of the employer basically as a measure to make it safer by detecting the loopholes.

4. Discontented Employees
The group include those people who have been either sacked by the employer or are dissatisfied with their employer. To avenge they normally hack the system to their employee.

MODES AND MANNER OF COMMITING CYBER CRIME

1. Unauthorised Access To Computer System s or Networks / Hacking
This kind of offence is normally referred as hacking in the generic sense. However the framers of the Information Technology Act 2000 have no where used this term so to avoid any confusion we would not interchangeably use the word hacking for unauthorised access as the latter has wide connotation.

2. Theft Of Information Contained In Electronic Form

This includes information stored in computer hard disks, removable storage media etc. Theft may be either by appropriating the data physically or by tampering them through the virtual medium.

3. Email Bombing
The kind of activity refers to sending large numbers of mail to the victim, which may be an individual or a company or even a mail servers there by ultimately resulting into crashing.

4. Data Diddling
This kind of an attack involves altering raw data just before a computer processes it and then changing it back after the processing is completed. The electricity board faced similar problems of data diddling while the department was being computerised.

5. Salami Attacks
This kind of crime is normally prevalent in the financial institution or for the purpose of committing financial crimes. An important feature of this type of offence is that the alteration is so small that it would normally go unnoticed. E.g. the Ziegler case wherein a logic bomb was introduced in the banks system, which deducted 10 cents from ever account and deposited in a particular account.

6. Denial Of Service AttackThe computer of the victim is flooded with more request s than it can handle which cause it to crash. Distributed Denial of Services (DDS) attack, in which the offenders are wide in number and widespread .E.g. Amazon Yahoo.

7. Virus / Worm Attacks

Viruses are programs that attach themselves to a computer or a file and then circulate themselves to other files and to other computers on a network. They usually affect the data on a computer, either by altering or deleting it. Worms, unlike viruses do not need the host to attach themselves and do this repeatedly till they eat up all the available space on a computers memory. E.g. love bug virus which affected at least 5% of the computer of the globe. The losses were accounted to be $ 10 million. The worlds most famous worm was the Internet worm let loose