Cyber crime can be referred to as any illegal or criminal activity involving computer systems or networks. Although there is no single definition for cyber crime, it can be largely grouped into three types – those crimes that are committed with computer as the target; those, where a computer system serves as a tool or means to commit a conventional crime; and those, where a computer system serves as the environment or means to carry out such crime.
Types of Cyber Crimes
The various methods and techniques to carry out cyber crimes are numerous and continue to grow every year in both number as well as technicality. Modern cyber crimes have proven that it has achieved a level of sophistication, with computers and digital devices being used for terrorist activities and even to wage war against countries.
The various types cyber crimes have been briefly discussed in the following sections.
Cyber crimes against individuals
The various cyber crimes against individuals include –
- E-Mail related crimes
- Cyber stalking and harassment
- Cyber defamation
Cyber crimes against Property
- Credit card frauds
- Intellectual property crimes
- Computer vandalism
Cyber crimes against Organisations
- Unauthorised access
- Denial-of-service (DOS) attacks and Distributed DOS
- Spear phishing
- Salami attack
- Malware attacks
- Industrial espionage
- Website defacement
- Man-in-the-middle attacks
- Software Piracy
Cyber crimes against society
- Cyber terrorism
- Pornographic Offences
E-mail bombing– E-mail bombing refers to sending bulk messages to the victim’s e-mail address with an aim to crash the victim’s email account in case of an individual or to crash the server hosting the address in case of an e-mail service provider, resulting in some form of a denial-of-service attack.
Email spoofing – Email spoofing refers to when an e-mail appears to originate from a different source other that the real one from where it was actually sent. In other words, it is the creation of e-mails with a forged sender address, which can be done by fabricating an e-mail header.
Cyber-stalking and harassment– Cyber-stalking refers to when stalking and harassment takes place on the digital platform through the means of internet and/or other electronic communication such as e-mails, instant messaging or messages posted to social networking sites. It usually involves harassing or threatening the victim(s) repeatedly and may include constant monitoring, false accusations, spamming, defamation, causing embarrassment and humiliation to the victim.
Cyber defamation– Cyber defamation refers to another form of traditional defamation done through the use of virtual communication, that is, in order to harm the reputation of a person with the help of computers and/or the internet, such as posting defamatory or derogatory remarks about a person on a website.
Spamming – Spamming refers to the abuse of electronic messaging systems in order to send unsolicited bulk messages to a victim. Although the most common form of spamming is carried out through e-mails, other media such as SMS, social networking sites, internet forums, etc., are also used.
Pornographic offences – Cyber pornography refers to the act of using cyberspace or the digital platform to create, view, distribute, import, or publish any pornography or obscene material.Women and children are the most common targets of sexual exploitation through the internet. One of the most common pornographic offences is child pornography, which refers to the visual depiction of a photograph, video, or computer generated image of a minor engaged in sexually explicit conduct. The internet is a common place for abusers to target children for sexual purposes. Abusers or pedophiles usually tend to use a false identity to befriend kids on the internet. Once they gain their trust, they extract the child’s personal information such as their e-mails or phone numbers, to further develop the friendship. Most abusers also groom the child victims by exposing them to child pornographic images to create a feeling in the mind of the child that what is being fed to him/her is normal. At the end, the abusers try to get to meet the child in person and sexually assault him/her.
Cyber bullying- Cyber bullying refers to the traditional bullying committed using virtual communication medium like e-mail, social media, SMS, messengers, forums etc., to harass, threaten, embarrass, and humiliate victims. It usually involves sending, posting or sharing negative, false or mean content about the victim. It can be done anonymously or it can also have wider audience which can spread quickly. Cyber bullying is most common among teenagers.
Software piracy– Software piracy refers to the theft of software through illegal or illegitimate reproduction and distribution of the genuine products intended to pass for the original, for personal gain. Examples of software piracy may include end user copying, such as friends loaning disks to each other, counterfeiting or illegal downloads from the Internet.
Salami Attack – Salami attack refers to when small attacks add up to one major attack. It involves making minor alteration so insignificant that in a single case, it would go completely unnoticed. These attacks are generally used for the commission of financial crimes. For example, the attacker seizes the bank details of customers, deducting minuscule amounts from every account over a period of time, which usually goes unnoticed because of the amount involved. However, over time, these minute amounts add up to large sums of money.
Denial-of-service attack (DoS) and Distributed Denial-of-service attack (DDoS) refers to when an important service offered by a Web site or a server is denied or disrupted thereby making it unavailable to the intended users of the service. A DoS attack generally consists of the concerted efforts of a person or group of people to disrupt a service. This often involves sending a large amount of traffic to the targeted network or server so that it occupies the entire bandwidth of the system and ultimately results in a crash. The Distributed Denial-of-Service (DDoS) is a type of attack in which multiple systems known as zombie systems are synchronised to flood the bandwidth of the targeted system. The zombie systems are considered as secondary victims while the main target is the primary victim.
Website defacement- Website defacement refers to an attack intended for a Website, which involves changing the visual appearance of a website. The attacker may post some indecent, hostile and obscene images, messages, videos, etc., and sometimes make the Website dysfunctional. The most common cases of website defacement include hackers of one country trying to deface the websites of rival countries to display their technological superiority.
Malware attacks – Malware attacks refer to a range of destructive software programs that can be used to harm computer systems or gain access to sensitive information on the system or perform a variety of other cyber crimes such as altering or hijacking core computing functions and monitoring users’ computer activity without their permission. Attackers may use a variety of methods to spread malware that infect devices and networks. This can be done through physical means by delivering the malware to a system through an infected USB drive or can spread virtually over the internet through drive-by downloads, which automatically download malicious programs to systems without the user’s approval or knowledge.
Phishing – Phishing involves fraudulently acquiring the sensitive information of a person such as usernames, password and credit card details by disguising as a trustworthy entity. The attacker usually recreates a website or support portal of a renowned company and sends the link to targets via emails or social media platforms. The other person, completely unknown of the real attacker, thus, ends up compromising personal information. Phishing attempts usually try to draw the target in with an alarming subject line, such as ‘Unusual account activity detected’, ‘Urgent Action Required’, etc. Some users, being alarmed or curious fall for the trap and click the links that are provided in the fraudulent email.
Spear Phishing – Spear phishing is a targeted phishing aimed at specific individuals or groups within an organisation especially corporates. Spear phishing makes the use of information about a target to make attacks more specific and personal to the target. Although a similar attack, it requires an extra effort from the side of the attackers. They need to pay attention to the degree of uniqueness for the limited number of users they target.However, the chances of users falling for the false emails are considerably higher in the case of spear phishing.
Intellectual Property crimes – Intellectual property crime refers to when someone manufactures, sells or distributes counterfeit or pirated goods, such as patents, trademarks, industrial designs or literary and artistic works, for commercial gain. These include software piracy, copyright infringement, trademarks violations, theft of computer source code etc.
Cyber Espionage– Cyber espionage or spying is the act of engaging in an attack or series of attacks that lets an unauthorised user(s) view classified material. These attacks are often subtle, amounting to nothing more than an unnoticed bit of code or process running in the background of a workstation, and the target is usually a corporate or government entity. The goal is typically to acquire intellectual property or government secrets. These are also carried out by corporations to obtain information about product finances, research and development and marketing strategies of their competitor, an activity known as industrial espionage.
Cybersquatting – Cybersquatting is the practice of registering an Internet domain name that is likely to be wanted by another person, business, or organisation in the hope that it can be sold to them for a profit. Cybersquatting can have a few different variations, but its primary purpose is to steal or misspell a domain name in order to profit from an increase in website visits, which otherwise would not be possible. Trademark or copyright holders may neglect to re-register their domain names, and by forgetting this important update, cybersquatters can easily steal domain names. Cybersquatting also includes advertisers who mimic domain names that are similar to popular, highly trafficked websites.
Cyber terrorism – Terrorism is no longer bound by the means of creating harm in the physical world. The internet has provided terrorists with a deadly new weapon in their arsenal. Cyber terrorism refers to the use of computer resources to intimidate or compel government, its citizens or any section thereof in continuance of political or social purposes. Attackers often attempt to exploit unspecified character of the internet to intimidate governments and terrify the citizens of the country