Chapter—2

Cybercrime and Cyber law

 Classification of cyber crimes,
 Common cyber crimes- cyber crime targeting computers and mobiles,
 cyber crime against women and children,
 financial frauds,
 social engineering attacks,
 malware and ransom ware attacks,
 zero day and zero click attacks,
 Cybercriminals modus-operandi,
 Reporting of cyber crimes,
 Remedial and mitigation measures,
 Legal perspective of cyber crime,
 IT Act 2000 and its amendments, Cyber crime and offences, Organizations
dealing with Cybercrime and Cyber security in India, Case studies.
 cyber crimes

Cyber crimes are crimes that involve criminal

activities done through cyberspace by devices
connected to the internet.
At times, cyber crimes are also called ‘computer
crimes’.
The major objective of committing such crimes is
to gather confidential data from people and use it
for monetary, political, or personal motives.
 Classification of cyber crimes
There are two types:

1) Cybercrime in Narrow Sense :

 The computer / information stored on the computer is the
subject/target of the crime.
 example: Hacking, sabotage, virtual child pornography

2) Cybercrime in Broad Sense :

 The computer / information stored on the computer play a non-
substantial role in the act of crime, but does contain evidence of
the crime.
 example: Murder using computer techniques, bank robbery and
drugs trade .
 cyber crimes can be classified
under three heads, depending on
the groups they are targeted at.
There are 4 types:
i. Cyber crime against Individual
ii. Cyber crime Against Property
iii. Cyber crime Against Organization
iv. Cyber crime Against Society
Cyber crime targeting computers and
mobiles

• Cybercrime targeting computers and mobile

devices is a growing concern in today's digital
world.
• ▪ These crimes encompass a wide range of
illegal activities conducted using technology,
often with the goal of financial gain, data
theft, or causing harm to individuals,
organizations, or government .
 Here are some common types of cybercrimes that target computers and
mobiles:
1. Malware Attacks: This includes viruses, worms, Trojans, ransomware, spyware, and adware.
Malware can steal data, damage systems, or hold data hostage for a ransom.

2. Phishing: passwords, credit card numbers, or personal details by posing as a legitimate entity
through email, text messages, or fake websites.
3. Identity Theft: access their financial resources.

4. Online Scams:, lottery scams, and romance scams. These scams deceive people into sending
money or personal information to fraudsters.

5. DDoS Attacks: Distributed Denial of Service (DDoS) attacks overwhelm a target's computer or
network with traffic, making it unavailable to users. These attacks are often used to disrupt
services or extort money.

6. Data Breaches: trade secrets, or financial records. These breaches can result in significant
financial losses and reputational damage.

7. Cyber bullying: harass, threaten, or intimidate individuals. It can take place through social
media, messaging apps, or email.

8. Mobile Device Theft and Hacking: hack into them to access personal data, financial
information, or install malware.
 Cyber crime against women and
children
1. Cyber bullying: online harassment, threats, and intimidation. Perpetrators may use social media, messaging
apps, or other digital platforms to target their victims.
2. Online Harassment: This includes sending unsolicited, offensive, or threatening messages, images, or videos to
women or children. It can be a form of cyber bullying and may have severe emotional and psychological effects.
3. Revenge Porn: Perpetrators may share explicit or intimate images or videos of women without their consent,
often as an act of revenge. This is a violation of privacy and can cause significant harm to victims.
4. Sexting Exploitation: In cases involving children, sexting can lead to exploitation when someone coerces or
blackmails minors into sharing explicit images or videos. This can have legal and psychological consequences for
the child involved.
5. Online Grooming: Predators may use online platforms to groom children for sexual exploitation. They build trust
with the child and gradually manipulate them into sharing personal information or engaging in inappropriate
activities.
6. Child Pornography: The distribution, possession, or creation of child pornography is illegal and exploits children.
Criminals often use the internet to share such material.
7. Online Trafficking: Human traffickers may use the internet to lure and exploit women and children, including for
purposes of forced labor or sexual exploitation. Online platforms can be used to recruit victims.
8. Cyberstalking: This involves persistent and unwanted online attention, often leading to fear or emotional
distress. Women and children can be targeted by cyberstalkers who may threaten or harass them through
digital means.
9. Financial Fraud: Women can also be victims of financial fraud, including online scams targeting personal
finances or online dating scams where perpetrators exploit emotional connections for financial gain.
10. Privacy Violations: Privacy breaches can occur when personal information or photographs are shared without
consent, affecting both women and children.
 Financial frauds
 Financial frauds can have economy as a whole. While digital
payments have made life convenient and easy In India, they have
also made us prone to all kinds of financial frauds.
 Ponzi Schemes: A Mirage of False Promises, Ponzi schemes lure
investors with promises of unusually high returns in a short period.
The fraudsters use funds from new investors to pay off earlier
investors, creating a false illusion of profitability.
 One infamous example is the Saradha chit fund scam, where
millions of investors lost their hard-earned money. The group,
consisting of over 200 private companies, falsely portrayed its
collective investment schemes as chit funds.
 With an estimated collection of ₹200 to 300 billion (US$4–6 billion),
the scheme managed to attract deposits from more than 1.7 million
individuals before its eventual downfall.
 IDENTITY FRAUD

 Identity fraud is common on Internet. Criminals have a few options when

it comes to stealing your sensitive information.
 They might target you with a phishing attack where they email, call, or text
pretending to be from your bank. Or, they could target you with a cyber
attack to get you to install malware on your devices that steals your logins
and passwords.
 How do you know you're being targeted?
 Unfamiliar transactions on your credit card.
 Strange charges on your bank statements.
 New credit cards or loans in your name.
 Missing or error-filled tax returns.
 Calls from debt collectors about purchases you didn’t make.
• − A drop in credit score.
• − Bounced checks
 FRAUDULENT CHARITIES & CREDIT
CARD FRAUD
 Fraudulent charities
• • creating a fake charity and collecting “donations” that disappear along with the thief .
• − Scammers create fake charities — like military veteran charities — that sound like ones you know and trust. These scams are especially common
during natural disasters or international news events.
• − Only accepting donations through cash, crypto currency, gift cards, or wire transfers

 ▪ Credit card fraud

• • There are several ways that criminals can steal your credit card information.
• They could steal your physical card, trick you into entering information on a phishing website or email, buy your details on the Dark Web, or use any
number of other credit card scams.
• • Hackers can also create a clone of your physical card using just your credit card numbers.
• − Suspicious transactions on your credit card or bank statement.
• − Small unfamiliar charges on your account. (Fraudsters use a scam called carding to validate your credit card before making large purchases.)
• − Fraud alerts from your bank, credit card issuer, or credit monitoring service.
• ▪ Stock Market Manipulation
• • Stock market manipulation includes activities like price rigging, spreading false information, insider trading, and pump-and-dump schemes.
Fraudsters manipulate stock prices, deceiving investors and causing significant financial losses.
• • The Satyam Computer Services scandal is a prime example, where the company’s promoters manipulated financial statements to inflate stock
prices.
• ▪ Bank Frauds
• • Bank frauds encompass various fraudulent activities, including loan frauds, cheque frauds, forged documents, and unauthorized transactions. These
frauds result in substantial financial losses for banks and individuals.
• • One notable case is the Nirav Modi-PNB scam, where fraudulent Letters of Undertaking were issued, causing a massive loss to Punjab National
Bank.
• ▪ How to protect yourself against financial frauds
• 1. Protect your personal information
• 2. Monitor financial activities
• 3. Be cautious online
• 4. Use strong passwords and enable two-factor authentication
• 5. Stay informed about scams
• 6. Keep your devices secure
• 7. Exercise caution with public Wi-Fi
• 8. Verify before sharing information
 Social Engineering Attacks
• Social Engineering :
• ▪ It exploits the fact that people are the weak link in security.
• ▪ Social engineers build the trust with the victim/person to gain the unauthorized information/access
• ▪ Their goal is to fool someone into providing valuable information.
• ▪ Example: The attacker (social engineer) calling a user & pretending to be a tech support person & ask questions about the confidential files, passwords, etc.

• Classification of Social Engineering

1) Human based Social Engineering:
• It refers to person to person interaction to get the unauthorized information.
The following are its different types.

 Impersonating an employee or valid user:

• Posing as important user:
• Using a third person:.
• Calling technical support:
• Shoulder surfing: It involves gathering information (usernames, passwords, etc) by watching over a person’s shoulder while he/she logs into the system.
• Dumpster diving (Scavenging/Binning): It involves looking in the trash/dustbin for information written on pieces of paper, computer print outs, etc.

2) Computer based Social Engineering

• It refers to the attempts made to get the unauthorized information by using computer/software/internet.
▪ The following are its different types.
• i.Fake emails:
• ii.Email attachments:
• iii.Pop-up windows:

• Effects of Social Engineering:

• ▪ Loss/altering of medical & healthcare information, corporate financial data, electronic funds transfers, etc.
• ▪ Loss of customers
• ▪ Loss of funds
• ▪ Loss of trust
• ▪ Collapse of the organization

• Counter measures (Security) against Social Engineering:

• ▪ Providing training/awareness to the potential victims at regular intervals about the attacks
• ▪ Creating awareness on how attackers gain the trust of the victims
• ▪ Strict policies about service desk staff, not to ask for personal/sensitive information
• ▪ Educate potential victims to recognize social engineering attempt
 Malware and Ransom ware attacks

• Malware Attacks
• ▪ Malware attacks are any type of malicious software designed to cause harm or damage to a computer, server,
client or computer network and/or infrastructure without end-user knowledge
• ▪ Cyber attackers create, use and sell malware for many different reasons, but it is most frequently used to steal
personal, financial or business information.

• Types of Malware
• Adware: Display ads (sometimes malicious ads) to users as they work on their computers or browse the web.
• Viruses: A virus infects a computer and performs a variety of payloads. It may corrupt files, destroy operating
systems, delete or move files, or deliver a payload at a specific date.
• Worms: A worm is a self-replicating virus, but instead of affecting local files, a worm spreads to other systems and
exhausts resources.
• Trojans: A Trojan is named after the Greek war strategy of using a Trojan horse to enter the city of Troy. The
malware masquerades as a harmless program, but it runs in the background stealing data, allowing remote control
of the system, or waiting for a command from an attacker to deliver a payload.
• Bots: Infected computers can become a part of a botnet used to launch a distributed denial-of-service by sending
extensive traffic to a specific host.
• Keyloggers: Capture keystrokes as users type in URLs, credentials, and personal information and send it to an
attacker.
• RAT: “Remote access tools” enable attackers to access and control the targeted device remotely.
• Downloaders: Download other malware to install locally. The type of malware depends on the attacker’s motives.
• POS: Compromise a point-of-sale (PoS) device to steal credit card numbers, debit card and PINs, transaction
history, and contact information.
• How do I know I’ve been infected with malware?
•
¸À
▪ The most common signs that your computer has been compromised by malware are:
• ▪ Slow computer performance
• ▪ Browser redirects, or when your web browser takes you to sites you did not intend to visit
• ▪ Infection warnings, frequently accompanied by solicitations to buy something to fix them
• ▪ Problems shutting down or starting up your computer
• ▪ Frequent pop-up ads

• How can I protect myself from malware?

• Protect your devices
• Keep your operating system and applications updated. Cybercriminals look for vulnerabilities in old or outdated
software, so make sure you install updates as soon as they become available.
• Never click on a link in a popup. Simply close the message by clicking on “X” in the upper corner and navigate
away from the site that generated it.
• Limit the number of apps on your devices. Only install apps you think you need and will use regularly. And if you
no longer use an app, uninstall it.
• Be careful online
• Avoid clicking on unknown links. Whether it comes via email, a social networking site or a text message, if a link
seems unfamiliar, keep away from it.
• Be selective about which sites you visit. Do your best to only use known and trusted sites,
• Beware of emails requesting personal information. If an email appears to come from your bank and instructs you
to click a link and reset your password or access your account, don't click it. Go directly to your online banking site
and log in there.
• Avoid risky websites, such as those offering free screensavers.
• Perform regular checks
• If you are concerned that your device may be infected, run a scan using the security software you have installed
on your device.
• Check your bank accounts and credit reports regularly.
• ▪ A ransomware attack is a malware that encrypts personal information and documents while
demanding a ransom amount to decrypt them.
• ▪ Once the files are encrypted or locked behind a password, a text file is available to the
victim, explaining how to make the ransom payment and unlock the files for it.

• How Does a Ransomware Attack Work?

• ▪ The spread of ransomware mostly starts with phishing attacks. A ransomware attack gains
access to a victim's device through infected emails, messages, and malicious sites and
encrypts the data in that device.
• ▪ The ransomware uses simple asymmetric encryption algorithms, blocks a user's files, and
makes them difficult to decrypt without knowing the key.
• ▪ Another way to breach a system with ransomware is by using the Remote Desktop Protocol
or RDP access. It can access remotely a computer using this protocol, allowing a hacker to
install malicious software on the system with the owner, unaware of these developments.
• ▪ Ransomware adds instruction files describing the pay-for-decryption process, then uses
those files to present a ransom note to the user.
• ▪ Ransomware usually terminates and destroys itself by leaving only the payment instruction
files.
▪ If a system is infected with ransomware already, there is a website, 'nomoreransom.org.' It has a
collection of decryption tools for most well-known ransomware packages.
• Types of Ransom ware

• 1. Locker ransom ware 1

• It is a type of malware that blocks standard computer functions from being accessed until the
payment to the hackers is not complete.
• It shows a lock screen that doesn't allow the victim to use the computer for primary purposes.

• 2. Crypto ransom ware

• ▪ This ransomware encrypts the local files and documents on the computers.
• ▪ Once the files are encrypted, finding the decryption key is impossible unless the
• ransom ware variant is old and the keys are already available on the internet.
• 3. Scare ware
• ▪ It is a fake software that claims to have detected a virus or other issue on your computer and
directs you to pay to resolve the problem.
• ▪ Some scareware locks the computer, while others flood the screen with pop-up alerts without
damaging files.

• How to Prevent Ransom ware Attacks?

• ▪ One must always have backups of their data. Cloud storage for backup is easy, but a physical
backup in a hard drive is always recommended.
• ▪ Keeping the system updated with the latest security patches is always a good idea.
• ▪ Apart from system updates, one must always have reputed antivirus software installed.
 Zero day and Zero click attacks
• Zero day
• ▪ Software often has security vulnerabilities that hackers can exploit to
cause havoc.
• ▪ The term "zero-day" refers to the fact that the vendor or developer has
only just learned of the flaw – which means they have “zero days” to fix it.
• ▪ A zero-day attack takes place when hackers exploit the flaw before
developers have a chance to address it.
• ▪ Zero-day attackers can steal data, corrupt files, take control of devices,
install malware or spyware, and more.
• ▪ Typical targets for a zero-day exploit include:
• 1. Government departments.
• 2. Large enterprises.
• 3. Individuals with access to valuable business data, such as intellectual
property.
• 4. Hardware devices, firmware and Internet of Things (IoT).
 Modus Operandi of Cyber Criminals

• ▪ In general, modus operandi is the method

acquired by any criminal for the successful
commission of a crime. At a minimum, every
Modus Operandi will contain three basic
elements namely:
• 1. Ensure success of the crime
• 2. Protect identity
• 3. Facilitate effective escape
 Zero click
• ▪ zero-click attacks require no action from the victim – meaning that even the most
advanced users can fall prey to serious cyber hacks and spyware tools.
• ▪ also called interaction-less or fully remote attacks.
• ▪ spying software relies on convincing the targeted person to click on a
compromised link or file to install itself on their phone, tablet, or computer.
• ▪ However, with a zero-click attack, the software can be installed on a device
without the victim clicking on any link. As a result, zero-click malware or no-click
malware is much more dangerous.
• ▪ The target of a zero-click attack can be anything from a smartphone to a desktop
computer and even an IoT device

• Examples of Zero-Click Attacks

• Apple zero-click, forced entry, 2021: In 2021, a Bahraini human rights activist had
their iPhone hacked by powerful spyware sold to nation-states.
• WhatsApp breach, 2019:This infamous breach was triggered by a missed call,
which exploited a flaw in the source code framework of WhatsApp.
 Common forms of modus operandi

1. Sending Annoying Messages :

1. Making Offensive Calls

 Reporting of cyber crimes

• ▪ Reporting cybercrimes is essential to combat

online threats and hold perpetrators
accountable. Here are the steps you can take
to report cybercrimes:
• 1. Contact Your Local Law Enforcement.
• 2. Report to a National Cybersecurity Agency.
• 3. Report to the Appropriate Online
Platforms:
• 4. Report to Anti-Fraud Organizations
 1

5)Report to Financial Institutions

6)Report to Internet Service Providers (ISPs):
7)Document the Incident.
8)Use Online Reporting Portals:
9)Consider Legal Advice:.
10)Protect Yourself:
 Remedial and mitigation measures
• Remedial Measures:
1. Incident Response: In the event of a cyber crime, organizations should have an incident response plan in place
to quickly identify, contain, and mitigate the impact of the attack. This includes isolating affected systems,
restoring backups, and applying patches or security updates.
2. Forensic Investigation: Engaging professional forensic investigators can help identify the source and extent of
the cyber crime, gather evidence, and aid in legal proceedings.
3. Data Recovery: If data is compromised or encrypted due to a cyber attack, organizations should have backups in
place to restore affected systems and minimize data loss.

Mitigation Measures:
1. Strong Security Practices: Implement robust security measures, such as firewalls, antivirus software, and
intrusion detection and prevention systems, to protect against cyber threats.
2. Regular Updates and Patching: Keep software, operating systems, and firmware up to date with the latest
security patches to mitigate vulnerabilities that cyber criminals may exploit.
3. Employee Education: Provide cybersecurity awareness and training programs to employees to educate them
about common cyber threats, phishing techniques, and safe online practices.
4. Multi-factor Authentication (MFA): Implement MFA wherever possible to add an extra layer of security,
making it harder for cyber criminals to gain unauthorized access to accounts or systems.
5. Data Encryption: Encrypt sensitive data, both in transit and at rest, to ensure that even if it is intercepted or
stolen, it remains unreadable and unusable for unauthorized individuals.
6. Regular Security Audits: Conduct regular security audits and vulnerability assessments to identify and address
any weaknesses or potential entry points for cyber criminals.
 Legal perspective of cyber crime
• ▪
• All legal issues related to internet crime are dealt with
through cyber laws.
• ▪ As the number of internet users is on the rise, the need
for cyber laws and their application has also gathered great
momentum.
• ▪ Cyber law is a framework created to give legal
recognition to all risks arising out of the usage of
computers and computer networks.
• ▪ Cyber law encompasses laws relating to:
1. Cyber crimes
2. Electronic and digital signatures
3. Intellectual property
4. Data protection and privacy
 Cyber crime and offences
• ▪ Cybercrime encompasses various illegal activities
conducted through digital means, often targeting
individuals, organizations, or systems. Here are some
common cybercrimes and offenses:
1. Hacking
• 2. Identity Theft:.
• 3. Phishing and Spoofing.
• 4. Cyber bullying:
• 5. Online Fraud.
• 6. Distributed Denial of Service (DDoS) Attacks:
• 7. Cyber Espionage:
• 8. Child Exploitation and Pornography:
• 9. Ransomware Attacks:
• 10. Cyberstalking:
 Organizations dealing with Cybercrime and
Cyber security in India,
• In India, several organizations are involved in dealing with cybercrime and
cyber security at various levels, including law enforcement, regulatory
bodies, and agencies focused on awareness and prevention.

• ▪ Some prominent ones include:

1. National Cyber Security Coordinator (NCSC):
2. Computer Emergency Response Team-India (CERT-In):
3. National Critical Information Infrastructure Protection Centre (NCIIPC):
4. State Police Cyber Cells:
5. National Investigation Agency (NIA
6. Cyber Appellate Tribunal (CAT):
7. Banks and Financial Institutions:
8. Private Cyber security Firms: