Chapter 7:- Cybercrime: Illustrations, Examples and Mini-Cases

Content:
7.1Real-Life Examples
7.2 Mini-Cases
7.3 Illustrations of Financial Frauds in Cyber Domain
7.4 Digital Signature-Related Crime Scenarios
7.5 Digital Forensics Case Illustrations
7.6 Online Scams

7.1Real-Life Examples:
 MGM: SEPTEMBER 2023
 MGM Resorts reported on September 11, 2023 that a “cybersecurity issue” began
affecting some of its systems. The hotel/casino chain promptly shut down these
systems in order to protect themselves. Subsequently, hotel room digital keys and
slot machines were out of order, causing nothing short of chaos for resort guests
and the organization itself.
 Reports that the hackers used an employee's information on LinkedIn to
impersonate them in a call to MGM’s IT help desk. This act of social engineering
allowed the cybercriminals to then gain access to that employee’s credentials.
Though, MGM has not confirmed this.
 While rumors continued to spread, MGM did not respond to a request for
information on who was behind the attack.

 OREGON AND LOUISIANA DEPARTMENTS OF MOTOR VEHICLES: JUNE 2023

 One of the organizations directly affected by the MOVEit software breach happens
to be our next example. The US states of Oregon and Louisiana reported that their
departments of motor vehicles experienced data loss. Louisiana’s Office of Motor
Vehicles (OMV) reported at least 6 million records stolen. Meanwhile, the Oregon
Department of Motor Vehicles (DMV) estimated around 3.5 million stolen driver’s
licenses and identity cards.
  The states’ third-party software breach resulted in leaked personal information
such as names, addresses and birthdates, Social Security numbers, vehicle
registration numbers and handicap information.
 MOVEIT: MAY 2023
 The largest hack of 2023, not to mention one of the largest in recent history,
belongs to MOVEit. Everything began in May of 2023 when Progress discovered a
vulnerability in MOVEit Transfer. For reference, MOVEit Transfer is their file
transfer service which thousands of organizations utilize around the world. Data
moved through this service is often sensitive in nature.
 This vulnerability allowed hackers to infiltrate the servers and steal these
organization’s sensitive information within. Most notably a notorious
ransomware and extortion cybergang by the name of Clop is taking advantage of
this security vulnerability.
 So far the number of organizations affected by this breach is over 1,000, and the
number of individuals affected is sitting around 60 million. Experts expect
numbers to rise as time goes on and more organizations confirm their MOVEit
security breaches.
 SHIELDS HEALTH CARE GROUP: APRIL 2023
 April 2023’s largest data breach was due to a cybercriminal gaining unauthorized
access to the Shields Health Care Group’s systems. This Massachusetts-based
medical services provider reported the personal data leak of over 2.3 million
people.
 The incident, according to Shields, dates back to March 2022, when they first
noticed suspicious activity on their servers. The organization followed protocol by
sending letters to individuals affected. However, the firm’s investigation
concluded this year and was able to fully reveal the scale of the damage.
 Sensitive data extracted by cybercriminals in the two weeks the breach was active
included:

 Patients’ Social Security numbers.

 Dates of birth, home addresses.
 Healthcare provider information.
 Healthcare history.
 Billing information.
 Insurance numbers.
 LATITUDE FINANCIAL: MARCH 2023
 In March of 2023, the Melbourne-based company Latitude Financial suffered a
security breach resulting in the compromise of more than 14 million records. The
company, which provides loans and credit cards, reports that the cybercriminals
captured several different types of data in their attack.
 Nearly 8 million driver’s licenses, along with 53,000 passport numbers fell into
the hands of these hackers. The list of compromised data continues as dozens of
monthly financial statements and an additional 6 million records dating back to
2005 became compromised at this time.
 Unfortunately, public scrutiny over this breach intensified as originally Latitude
Financial reported the attack only affected 300,000 people.

7.2 Mini-Cases:
 CASE 1: A BUSINESS TRIP TO SOUTH AMERICA GOES SOUTH

SCENARIO:

 A 10-person consulting firm sent a small team to South America to complete a

client project. During their stay, an employee used a business debit card at a local
ATM. A month after returning to the US, the firm received overdraft notices from
their bank. They identified fraudulent withdrawals of $13,000, all originating from
South America. There was an additional $1,000 overdraft fee.

ATTACK:

 The criminals installed an ATM skimmer device to record card account

credentials. Many false debit cards were manufactured and used at ATMs in
different cities across South America.
 What is Skimming? Skimming occurs when criminals install devices on ATMs, point-
of-sale (POS) terminals, fuel pumps, etc. to capture data or record cardholders’ PINs.
Criminals use the data to create fake debit or credit cards and then steal from
victims’ accounts.

RESPONSE:

 Realizing they had been defrauded, the firm contacted their bank and closed the
impacted account immediately. Their attempts to pursue reimbursement from the
 bank were unsuccessful. The commercial account used at the ATM for local
currency had different protections from consumer accounts and the bank was not
required to reimburse them for their losses. The bank went on to deduct the
$1,000 overdraft fee from the firm owner’s personal account.
 The firm severed ties with that bank. The new bank offered comprehensive fraud
protection guarantees.
 The firm created two business accounts:
 one for receiving funds and making small transfers
 one for small expense payments
 The firm updated travel protocols, banning the use of company-provided debit
cards. Employees now prepay expenses electronically, pay cash, or use a major
credit card, as necessary.

IMPACT:

 The entire cash reserve for the small business was wiped out, netting losses of
almost $15,000.

LESSONS LEARNED:

 1 Use major credit cards when traveling - they have more consumer fraud protection
than debit cards.
 2 Get notified - set up transaction alerts with your credit and debit card companies
to monitor fraud.
 3 Check your bank account frequently.
 4 Create withdrawal alerts.
 5 Understand your bank’s policies about covering losses from fraud.

DISCUSS:

 Knowing how the firm responded, what would you have done differently?
 What are some steps you think the firm could have taken to prevent this incident?
 Is your business susceptible? How are you going to reduce your risk?
7.3 Illustrations of Financial Frauds in Cyber Domain:
 1. WANNACRY RANSOMWARE ATTACK:
 In May 2017, the WannaCry ransomware infected hundreds of thousands of
computers globally. Exploiting a vulnerability in Microsoft Windows, the malware
encrypted files and demanded ransom payments in Bitcoin. The attack affected
hospitals, businesses, and government agencies, highlighting the widespread
disruption that ransomware can cause.
 2. EQUIFAX DATA BREACH:
 In 2017, Equifax, a credit reporting firm, faced a huge data breach. Personal
information, including names, Social Security numbers, and birth dates of 147
million individuals, was compromised. The breach underscored the vulnerability
of personal data and the severe consequences of identity theft.
 3. BUSINESS EMAIL COMPROMISE (BEC) SCAM ON TOYOTA BOSHOKU
CORPORATION:
 In 2019, Toyota Boshoku Corporation, a subsidiary of Toyota, fell victim to a BEC
scam. Cybercriminals impersonated a legitimate business partner and tricked the
company into transferring approximately $37 million to fraudulent accounts. The
incident highlighted the financial impact and sophistication of BEC attacks on
large corporations.
 4. SOLARWINDS SUPPLY CHAIN ATTACK:
 In late 2020, the SolarWinds supply chain attack compromised the software
supply chain, impacting numerous organizations and government agencies.
Cybercriminals inserted a malicious code into the software update of SolarWinds'
Orion platform. This allowed them to gain unauthorized access to the networks of
SolarWinds customers, leading to extensive data breaches.

7.5 Digital Forensics Case Illustrations:

 THE 26/11 MUMBAI TERROR ATTACKS:
 The 2008 Mumbai terror attacks witnessed the application of digital forensics in
analysing communication networks and electronic data. Investigation of phones,
emails, GPS data, and internet usage helped in the reconstruction of perpetrators’
activities, communication channels and coordination patterns. Digital forensics
 overcame difficulties with encrypted communications and cross-border data
access to assist the authorities in piecing together the timeline of events and
identify the individuals who were involved.
 THE IPL SPOT-FIXING SCANDAL:
 The Indian Premier League (IPL) spot-fixing scandal in 2013 involved the use of
digital forensic in recovering electronic evidences. Investigators were able to
identify the people involved in match fixing and unlawful betting activities
through the examination of mobile phones, phone logs, text messages, and money
transitions. Digital forensics played a significant role in order to establish the
communication networks and revealing the complexity of the scandal.
 THE AARUSHI TALWAR-HEMRAJ DOUBLE MURDER CASE:
 In the Aarushi Talwar-Hemraj double murder case of 2008, digital forensics
played a very important role in the examination of electronic evidences.
Investigators were able to reconstruct the communication and interactions
between the victims and possible suspects with the help of computer data, emails,
and mobile phone records. Analysis of digital footprints provides information on
the victim’s activities and possible leads in spite of certain data handling and
integrity challenges.
 THE VYAPAM SCAM:
 The Vyapam scam, a massive admission and recruitment scandal in Madhya
Pradesh involved digital forensics in examining electronic records and online
transitions. Analysis of computers, emails and financial transition, helped in
uncovering irregular and fraudulent practices in the examination and recruitment
processes. Digital forensic played a crucial role in establishing the trail of evidence
and locating major parties involved in it.
 KERALA GOLD SMUGGLING CASE:
 The Kerala Gold Smuggling case which unfolded in 2020, involved smuggling of
gold through diplomatic channels. Digital forensics played an important role in
examining electronic communications such as emails, phone records and chats to
trace the network which was involved in illegal activities. Examination of digital
evidences revealed important links, helping investigators in unravelling the
smuggling network and in identifying key individuals involved in the case.
7.6 Online Scams:
 The internet is such an integral part of our lives that it can be easy sometimes to
forget that not everyone we encounter online has our best interests at heart.
Internet scams are an ever-present threat, with hackers and cybercriminals doing
their best to stay one step ahead of internet users. Staying informed of the risks
and how to combat them is the best way to keep safe. Here is a list of the top online
scams and how to avoid getting duped.
 1. Job Offer Scams
 Job offer scams increased during the coronavirus pandemic. In this scam, you
receive an unsolicited email offering a job, typically not in your area of expertise,
often for a mystery shopper or similar position. When you accept, you are paid by
check or money order for an amount greater than your "employer" offered. You
are then asked to send back the difference, only to discover the original check or
money order was fake, and you're out of the money you sent to your fake
employer.
 With the widespread use of professional networking sites like LinkedIn,
unsolicited job offers are common, which means that anyone looking for work has
to become savvy at sifting through the legitimate offers from the scams.
 How to avoid job offer scams:
 If you decide to accept work, never cash suspicious checks without ensuring they
are authentic. To be sure, ask your bank to place a hold on the funds until the check
or money order is verified. Any time you are asked to send back the "difference,"
this is a sign that you are involved with a scam.
 2. Lottery Scams
 Reportedly, lottery scams were the fourth most common type of scam in the US in
2020. You typically receive an email with these scams claiming you have won a
little-known lottery, usually in another country and always with a substantial pay-
out. To claim your prize, you will be asked to pay a fee. Scammers will often say
these fees are for insurance costs, government taxes, bank fees, or courier charges.
You are asked to send personal details for verification, and suddenly you're the
victim of identity theft, and the money you sent is gone.
  Another version of unexpected lottery or prize scams involves scammers gaining
access to someone’s social media account and contacting friends and family
members and telling them that they have all won money. The scammer then
provides an email address through which they will receive instructions on how to
claim their prize. This is a particularly insidious version of the scam as it uses the
trust between friends and family to trick people out of their money.
 How to avoid lottery scams
 Lottery scams have a few tell-tale signs:
 The email is from a person, not a company.
 You're not the only recipient.
 You've never heard of the lottery.
 If you receive an email like this, do a quick Google search to see if it's legitimate.
(It never is.) We all want to find an easy windfall, but if you didn't buy a ticket, then
it is extremely unlikely that you have won a lottery. Never send your personal
information via email to anyone you don't know, and never trust anyone trying to
give you money for nothing.
 3. Beneficiary Scams
 You get an email from someone who is looking to move some money around
quickly. These emails sometimes come from people claiming to be royalty – you’ve
probably heard of the Nigerian prince scam – but more often, they're from a
"businessman" who says he has millions to move out of the country and wants
your help in exchange for a cut of the profits. The sender includes just enough
details to make the offer seem legitimate. But the money is inevitably delayed,
leaving you on the hook for a host of small payments to facilitate the transfer of
funds.
 How to avoid beneficiary scams
 Falling for this scam is easy if you're down on your luck; however, you should look
for a few signals that this is not what it seems. Poor grammar and spelling in the
original email and a reply address that doesn't match the sender’s prove that,
especially on the internet, anything that sounds too good to be true always is.
 4. Online Dating Scams
 Romance scams are on the rise. You meet someone through a dating app or
website, you start to get to know each other, and it can feel authentic. However,
 you can never be sure who is on the other side of your screen. If you find yourself
in an online relationship with someone who begins to ask for money or asks you
to redirect items they send you, then the person you've met is a scammer.
 "Catfishers," as they are sometimes called, often use the identity of a real person
to seem authentic and provide genuine details. However, they are sending fake
photos and contact information to cover their tracks. Romance scams or dating
site scams have a few key components:
 Demonstration of strong emotions in a very short time.
 A quick move from dating sites or apps into private channels.
 Requests for money based on personal hardship—for example, for a sick
relative or a failed business.
 How to avoid online dating scams
 Avoiding romance scams means carefully scrutinizing any online relationship that
develops too fast. Never give money to someone unless you also have a
relationship with them offline. And if you do make a date with someone outside of
cyberspace, be sure to let people in your life know where you'll be, to be on the
safe side.
 5. Charity Fraud Scams
 After large-scale natural disasters or other high-profile public tragedies, you want
to help any way you can, and scammers know to capitalize on this. They set up
fake donation sites and accounts and then craft an emotional pitch email to solicit
funds that never reach the victims. These scams are successful because they play
on sympathy, but always make sure you do your research. Fact-check any
donation sites and make sure they are affiliated with the issues they claim to
represent.
 How to avoid charity scams
 To avoid a charity web scam, do not donate to any sites that look suspicious. Any
actual charity will have a robust website with its mission statement and tax-
exempt documentation. To check if a charity is real or not, search for it on a
public databaselike Charity Check, CharityWatch, BBB Wise Giving Alliance,
or Charity Navigator.
 6. Coronavirus Scams
  The pandemic gave fraudsters the opportunity to devise new scams – although
often these were variations on existing scams but repackaged with a fresh
coronavirus angle.
 For example:
 Scammers posed as fake charities to solicit donations from the public.
 They offered fake testing, vaccine, or treatment kits, sometimes targeting
Medicare recipients in an attempt to steal personal information.
 They created fake websites purporting to show maps displaying Covid
infections, fatalities, and recoveries by country. In reality, scammers
designed these websites to inject malware, spyware, and viruses onto
users' machines.
 How to avoid coronavirus scams
 As with any charity scam, check that the charity is legitimate by using a known
database. Never send money or provide personal information, credit card details,
or online account details to anyone you do not know or trust. Check any website
carefully to make sure it’s not a fake website. Don’t click on links or open
attachments in any email you are unsure of. For more information on how to avoid
coronavirus scams, read our article.
 7. Repair Scams
 In a scam that starts in the real world and quickly moves into the online one, you
receive a phone call from someone who claims to work for "Microsoft", or another
large software company, claiming they can fix PC issues like slow internet speeds
and loading times. It sounds helpful, and so when the email arrives in your inbox,
you download a remote access program, which allows scammers to take control
of your computer and install malware. Not all consumers are equally tech-savvy,
so many don't know how their PC works and are easily deceived by scammers.
Once they install malware, they have access to your files, data, and personal
information.
 How to avoid repair scams
 Never accept any unsolicited repair advice, and do not purchase any repair
services unless you are sure who you are speaking with. Do not allow anyone
remote access to your computer. If someone calls, ask for identifying information.
 The odds are that if you ask enough questions, the scammer will realize you can't
be duped.
 8. Social Media Scams
 Social media scams are becoming increasingly more popular and come in many
forms.
 For example:
 You might see a social media quiz that promises to tell you what personality
type you are, or what celebrity you look like, or offers you an eye-catching
prize. They usually include terms and conditions which allow the data you
enter to be sold to third parties. The quiz developer can also obtain a lot of
information about you from your profile, friends list, and IP address –
which can be used to build up a picture as part of identity theft.
 Or perhaps you receive a random friend request on Instagram from a
fraudster posing as someone you may know, who then sends you a
phishing link that takes you to a malicious site.
 Perhaps you download an app on social media which you think is
legitimate, but in fact downloads malware onto your device.
 How to avoid social media scams
 Avoid quizzes and never click on pop-up messages or posts that contain content
that seems either shocking or else too good to be true. Don’t click on links or open
attachments in unsolicited messages.
 Beware of clicking on shortened URLs that hide the full location of the webpage.
They are very common on Twitter, and while they could innocently direct you to
the correct site, there’s always a chance they might divert you to one which installs
malware.
 9. Robocall Scams
 If you answer the phone and hear a recording rather than a live person speaking,
that’s a robocall. Robocalls are sometimes used to deliver useful information, such
as appointment reminders or flight cancellations. Mostly though, they are
unsolicited marketing calls, and many of them are scams.
 Robocall scams come in various forms – for example:
 They may pretend to be from the IRS, asking you to pay a fake tax bill and
saying that your Social Security number will be deleted if you don't.
  They may pretend to be from a well-known technology company such as
Apple, asking for customer information that a real company would not
request over the phone.
 They may offer a free trial for a product or service as a ruse to obtain your
credit card information.
 How to avoid robocall scams
 The best thing to do is not to answer your phone if you suspect a robocall.
However, you can’t always tell, so if you do answer the phone, hang up as soon as
you realize it’s a robocall. Avoid following the bot’s instructions, such as "press 1
to speak to a live representative," etc. Avoid saying the word “yes” if you can –
many robocalls start with the line “Hello, can you hear me?” to which users may
reply "yes" without thinking. The scammers then store the recording and use it for
fraudulent purposes.
 Any interaction or positive engagement with a robocaller lets the scammers know
that you are a potential prospect – so minimizing engagement is the best approach
to take. In the US, you can report robocalls to the Federal Trade Commission
at donotcall.gov.
 10. Messaging Scams
 Fraudsters also use messaging systems and apps, such as SMS, WhatsApp,
Facebook Messenger, Viber, Skype, Google Hangouts, and others, to scam you out
of money. Phishing scams carried out via SMS are known as “smishing”.
 There are various iterations of messaging scams. For example:
 You might receive a text message telling you that you have a package or
delivery pending, and you need to confirm your identity or pay a fee to
claim ownership.
 You might receive a message purporting to be from your bank, telling you
that your account is being closed, or your debit card is being locked or
charged, and to log in (to a fake website) to prevent that from happening.
 Or perhaps the message tells you that you’ve won a huge prize, and to claim
it, you need to submit your financial information.
 How to avoid messaging scams
 If an organization doesn’t usually contact you via a messaging app, that’s the first
red flag. Genuine organizations won’t contact you out of the blue, asking you to
 divulge sensitive or personal information via a messaging app. Check for spelling
errors or grammatical mistakes in the message – if it doesn’t look professional,
that’s a giveaway that it’s a potential online scam. If you’re not sure, don't click on
any links and avoid providing personal or financial data.
 11. Online shopping scams
 Scammers use the latest technology to set up fake retailer websites that look like
genuine online stores, using stolen logos and copied designs. Many of these
websites offer popular brands of clothing or jewelry, or gadgets at low prices.
Sometimes you may receive the item you’ve paid for, but often you don't. A more
recent version of the scam involves setting up a social media store, which usually
disappears after a while to resurface again in another guise. For more
information, read our article on Online Shopping Safety.
 How to avoid online shopping scams
 If a product is advertised at an incredibly low price that seems too good to be true,
that’s a clear warning sign. Another sign is if the other party insists on immediate
payment or payment by electronic funds transfer or a wire service. They may even
ask you to purchase vouchers up-front to access a cheap deal or giveaway.

 Tips: How to identify fake websites

 A key aspect of online safety is being able to identify fake websites. To
avoid website scams, there are several warning signs you can look out for.
 Ensure you check the website's domain name, particularly if redirected to the
website from another page or email. Scammers sometimes create websites whose
domain names appear similar to well-known brands or organizations – for
example, by changing a letter or adding a word.
 You can look up additional information about a domain if you’re suspicious.
The Whois Lookup domain tracker gives you information about who a domain
name is registered to, where they are, and how long the website has been active.
 It’s also wise to check the address bar of a website. Any website which invites you
to submit personal information needs to be secure, which you can tell is the case
if the URL starts with https:// instead of http:// - the “s” standing for
 “secure”. Secure websites will also display a padlock icon in the URL address
bar. This means the site has an SSL certificate.
 Website content can give you an indication of trustworthiness. If the content is
poorly written with numerous spelling or grammatical mistakes, this is a potential
red flag. A shortage of information, such as a lack of terms and conditions and
privacy policy, or no returns policy on a shopping website, can also indicate that
the website may not be legitimate.
 Check for secure payment methods if making a purchase online. Legitimate
websites should offer standard payment options, such as credit cards or PayPal. If
a website asks you to use a wire transfer, money order, or other unsecured (and
non-refundable) form of payment, then it’s best to stay away.
 Reviews can be another helpful tool for checking out websites. You can search for
the website at sites that aggregate online reviews. If reviews appear oddly similar
or are all quite new, bear in mind they could be fake reviews. If no reviews exist,
that is a cause for concern.
 Tips on how to avoid internet scams
 For those wondering how to avoid being scammed online, sensible tips you can
follow to stay safe include:
 1. Beware of any requests for your details or money
 Avoid sending money or providing credit card details, online account details, or
copies of personal documents to anyone you don't know or trust. Only use secure
payment methods you are familiar with. Don't agree to transfer money or goods
for someone else: money laundering is a criminal offense.
 2. Be alert to phishing scams
 A common theme amongst many online scams is phishing. Avoid clicking on links
or opening attachments in suspicious emails or texts, and never respond to
unsolicited messages and calls asking for personal or financial details.
 3. Don’t respond to phone calls asking for remote access to your computer
 If someone claims to be from a well-known telecom or technology company and
wants access to your computer to fix a problem or install a free upgrade, hang up
immediately. Their real motivation is to take control of your computer to install
malware on it so that they can gain access to your passwords and personal details.
 4. Keep your mobile devices and computers secure
  Use passwords to protect your devices and avoid giving access to others (including
remotely). Protect your Wi-Fi network with a password and avoid using public
computers or Wi-Fi hotspots to access online banking or provide personal
information.
 5. Use strong passwords
 A strong password is not easy to guess and ideally made up of a combination of
upper- and lower-case letters, special characters, and numbers. People often leave
passwords unchanged for years, which reduces their security. A password
manager tool is an excellent way to manage your passwords.
 6. Review your privacy and security settings on social media
 If you use social networking sites, be careful who you connect with and learn how
to use your privacy and security settings to ensure you stay safe. If you recognize
suspicious behavior, have clicked on spam, or have been scammed online, take
steps to secure your account and be sure to report it.
 7. Avoid streaming from unknown websites
 Streaming content from unfamiliar and potentially inauthentic websites can be a
considerable risk for malware. Criminals behind digital piracy often make content
free illegally to act as bait for a large number of visitors. Only stream content from
sites you know and trust.
 8. Resist the pressure to act immediately
 Legitimate businesses will give you time to make decisions. Anyone who applies
pressure on you to pay or disclose your personal information is potentially a
scammer.
 9. If It Seems Too Good To Be True, Then It Probably Is
 If a website or anyone you are communicating with online offers huge discounts
or massive prizes that seem unreal or implausible, then exercise caution. As the
old saying goes – if something seems too good to be true, it probably is.