Case study on cyber crime

Case Study on Cyber Crime
Mehta Ishani J
2nd
M.E.(C.S.E)
130040701003
ishmecse.13@gmail.com
B.H.Gardi College of Engineering and Technology

Case Study on Cyber Crime Mehta Ishani J
B.H.Gardi College of Engineering and Technology 2
Table of Contents
Introduction........................................................................................................ 3
The Evolution of Cyber Crime...................................................................... 4
Categories of Cyber Crime ............................................................................ 6
Cyber Crime Tools ............................................................................................. 8
Real World Cases ........................................................................................... 111
Current occurring Crime News.................................................................... 27
Statistical Overview..................................................................................... 30
Conclusion .......................................................................................................... 32
References .......................................................................................................... 33

Introduction
In 1960s internet was developed for better communication and
research. With advancement of technology and expansion of
internet every area becomes easy to access but it also provides
a pathway to commit crimes easily without any effort only
sitting on a system.
The rapid growth of the Internet, not just in terms of users,
but also in terms of functionality has allowed entire industries
to move their operations, and importantly their money onto the
Internet. This has lead naturally towards a prolific growth in
criminal activity conducting solely through virtual means.
Some human minds of criminal nature use internet as a tool of
crime which is now known as cyber crime committed in cyber
space. Cyber crime is now the burning issue for all countries to
handle because most of data is transferred online even
governmental data also. Cyber crime term is used to describe
criminal activity in which computer or computer network are a
tool or target of criminal activity to denial of service attack.
It also include traditional crime in which computer are used.
Cyber crime mainly consists of unauthorized access to Data and
data alteration, data destruction, theft of funds or
intellectual property. Due to these online criminal activities
cyberspace is most unsafe place to do business. Word cyber space
was first used by William Gibson, in his book, Necromancer,
written in 1984. Cyberspace can be defined as a virtual world of
computers where internet is involved, where individuals can
interact, conduct business, do transactions, develop graphics.
In this case study I will discuss many types of cyber crime
commonly committed with some current case happened in various
cities. I will also discuss statics

The Evolution of Cyber Crime
Cybercrime evolved from hacking of another system, the public
switched telephone network. These phone “phreakers” developed
methods of breaking into phone systems to make long distance
calls for free. Perhaps, the most famous of these phreakers was
John Draper (aka "Cap'n Crunch"), who discovered that toy
whistles given away with Cap'n Crunch cereals generate a 2600-
hertz sound, which can be used to access AT&T's long-distance
switching system. Draper proceeded onto build a "blue box"
which, when used together with the whistle, allowed phreakers to
make free calls. Shortly after, wire fraud in the United States
escalates. Draper was arrested on toll fraud charges in 1972 and
sentenced to five years' probation.
In the 1970's, the first affordable personal computers became
available on the market, and it was shortly thereafter that the
first bulletin board service, or BBS, was established. Still,
even as the Internet grew, getting online was far from easy.
Designers of operating systems at the time had no idea how
important the Internet would be. They didn’t design software
with built-in functionality to connect to an Internet service
provider. ISPs were few and far between, and very pricey. For a
user to connect to the Internet, they would have to obtain,
install and configure a number of settings that could be tricky
for the casual user.
Online services such as CompuServe, AOL, and Prodigy helped to
solve this problem. They provided their subscribers with
software that would enable them to connect to their service with
relative ease.
In 1986, alarmed by the larger numbers of computer break-ins,
the US government passes the Computer Fraud and Abuse Act. This
made it a crime to illegally break into computer networks. The
law did not apply to juveniles.
Robert Morris became the first person to be convicted under the
new Computer Fraud and Abuse Act of 1986. Morris was punished
for his Internet worm, which crashed 6,000 Net-linked government
and university computers.

Price was still an issue, though, but in the early 1990’s, costs
for the user dropped to around $3 an hour, and eventually, to
less than $20 a month for unlimited usage, allowing not only the
Internet to grow exponentially, but also for criminals to learn
how to effectively exploit the system.
Computers are now ubiquitous and many tasks performed in the
daily lives of users depend on computers and computer networks.
The Internet has become a mission-critical infrastructure for
governments, companies, and financial institutions. Computers
and networks are used for controlling and managing manufacturing
processes, water supplies, the electric power grid, air traffic
control systems, and stock market systems, to mention a few.
A benefit of online services that attracts criminals is the
anonymity they offer, making it easier for criminals to change
identities and cover their tracks. The rapid growth of the
Internet in the mid 1990’s gave rise to cybercrime as we know it
today.
Ten years ago, hackers were dabbling on other systems to only
see how they were configured and operated. Most of the time they
did not cause any damage. Unfortunately, the circumstances have
changed and become incredibly malicious. Instead of being driven
by curiosity, hackers today are driven mostly by financial
motives.
The value of Internet activities and the wealth stored on
computers is the source of the attraction. While e-commerce
represents only a fraction of total commerce, it reached almost
$70 billion in the U.S. at the end of 2004, an increase of 24
percent over 20033. A third of the U.S. workforce is online,
roughly 50 million people, an important consideration since more
than half of e-commerce transactions are made from work.
Sixty million residents of North America, almost half of the
Internet user population in Canada and the U.S., have online
bank accounts. The combination of banking and commerce draws
criminals more than anything else.

Categories of Cyber Crime
Cybercrime has manifested itself in many different forms over
the years. The following points are illustrative of some of the
different categories that criminals have entered.
1) Spam - Although for much of history, spam was not
technically a crime, the 2003 CAN-SPAM Act4 changed legal
definitions on what is acceptable. Spam now represents more
than 50 percent of all email transmitted over the Internet.
It’s costs, which Internet service providers (ISPs) pass on
to their customers, are enormous. With spam’s ubiquity
comes a whole culture and industry devoted to fighting it.
Large groups of people, such as the Spamhaus Project, spend
enormous effort to identify the sources of spam so as to
block their activity. New technologies have been created to
flag its sources, like blacklists, and spam identification
through Bayesian filters, distributed checksum databases,
and other advanced heuristics. Increasingly on the
defensive, spammers are fighting back by becoming more
sophisticated, generating unique messages, and using
subverted computers to send messages.
2) Extortion and Damaging Reputations - In the Internet
variant of blackmail, criminal gangs will threaten
companies with disruption of their networks, through denial
of service attacks, or the theft of valuable information,
unless they pay ransom into offshore bank accounts.
Defacement of a company’s website can cause not just
embarrassment but loss of sales. In other cases, spite or a
desire to inflict harm means that the attack will be
executed without warning.
3) Fraud and Phishing - The anonymity and opportunities for
misrepresentation found on the Internet make fraud easy.
Consumer Sentinel, a complaint database developed and
maintained by the US Federal Trade Commission5, has
recorded more than 390,000 Internet-related fraud
complaints regarding transactions involving over US$540
million losses in 2004 alone.
Fraud schemes are usually peddled by individuals who spam
potential victims, such as the Nigerian, or 419, scam. But
as the number of fraud cases has increased, so has the

public’s awareness of them; fraudsters are increasingly
forced to resort to more intricate schemes.
New practices like “phishing” are gaining popularity with
fraudsters. Using this scheme, criminals create email
messages with return addresses, links, and branding that
seem to come from trusted, well-known organizations with
the hope to convince victims to disclose sensitive
information.
This practice originates in attempts to fool America Online
users into parting with their screen names and passwords in
the mid-1990s. The goal these days is to extract
information from a victim that crackers can use for
financial gain. A commonly targeted item is victim’s credit
card information.
Criminals also want access to Internet payment systems such
as e-Bullion, egold, or PayPal; online transaction services
such as Authorize.Net, iBill, and Verotel; and Internet
accessible banks which includes almost all major banks
today.
4) Service Disruption - A cybercriminal can use an Internet
attack to disrupt a key service. Denial of service attacks
are one method, worms and viruses containing malicious code
are another.
A major auto manufacturer was one of many companies that
had to shutdown its e-mail network for a few days because
of the Love Letter virus.
5) Information Theft - The most damaging category of Internet
crime, information theft can take several forms.
Cybercriminals can extract personal identification
information or credit information from a company’s database
and affect thousands of consumers. Cybercriminals can also
extract a company’s own financial information.
Finally, cybercriminals can steal valuable intellectual
property from a company. While the reported cost of
information theft is declining, it remains one of the
greatest Internet risks a company can face.

6) Money Laundering - The growth of global financial services
makes it easy to conduct banking operations across borders
over the Internet. The Financial Action Task Force, a group
of national law enforcement agencies, notes that “within
the retail banking sector, services such as telephone and
Internet banking allow customers to execute transactions on
a non face-to-face basis from any location with telephone
or Internet access.”
While use of the Internet provides law enforcement agencies
a greater ability to trace transactions through electronic
records, the volume of transactions, the anonymity, and the
lack of consistent record-keeping make it attractive to
criminals and terrorists.
Cyber Crime Tools
Cybercriminals have developed a wide array of potential tools
that have had varying degrees of success over the years. The
following are a short list of some of these techniques.
1) Bots — A bot (short for robot) is a computer on which a
worm or virus has installed programs that run automatically
and allow cybercriminals access and control. Cybercriminals
use viruses or other bots to search for vulnerable
computers where they can load their own programs or store
data.
A botnet is a collection of these infected machines that
can be centrally controlled and used to launch simultaneous
attacks. Spammers, hackers, and other cybercriminals are
acquiring or renting botnets, making it harder for
authorities to track down the real culprits.
2) Keylogging — Keyloggers are programs that covertly recover
the keys typed by a computer user and either stores the
data for later access or secretly sends the information to
the author. The advantage of a keylogger program is that
the cybercriminal does not need to trick a user into
supplying sensitive information.
3) Bundling — Covertly attaching a virus or spyware to a
benign or legitimate download, such as a screensaver or a
game. When the computer user downloads and installs the
legitimate file, they are unwittingly also giving
permission to install the criminal program.

4) Denial of Service — An attack specifically designed to
prevent the normal functioning of a computer network or
system and to prevent access by authorized users.
A distributed denial of service attack uses thousands of
computers captured by a worm or trojan to send a landslide
of data in a very short time. Attackers can cause denial of
service attacks by destroying or modifying data or by using
zombie computers to bombard the system with data until its
servers are overloaded and cannot serve normal requests.
5) Packet Sniffers — Software programs that monitor’s network
traffic. Attackers use packet sniffers to capture and
analyze data transmitted via a network. Specialized
sniffers capture passwords as they cross a network.
6) Rootkit — A set of tools used by an intruder after hacking
a computer. The tools allow the cybercriminal to maintain
access, prevent detection, build in hidden backdoors, and
collect information from both the compromised computer.
7) Spyware — Software that gathers information without the
users’ knowledge. Spyware is typically bundled covertly
with another program. The user does not know that
installing one also installs the other. Once installed, the
spyware monitors user activity on the Internet and
transmits that information in the background to someone
else.
8) Social Engineering — Social engineering is not limited to
cybercrime, but it is an important element for cyber fraud.
Social engineering tricks deceive the recipient into taking
an action or revealing information. The reasons given seem
legitimate but the intent is criminal.
Phishing is an obvious example, a certain percentage of
users will respond unthinkingly to a request that appears
to be from a legitimate institution.
9) Worms and Trojans — A trojan is a malicious program
unwittingly downloaded and installed by computer users.
Some trojans pretend to be a benign application. Many hide
in a computer’s memory as a file with a nondescript name.
Trojans contain commands that a computer automatically
executes without the user’s knowledge. Sometimes it can act
as a zombie and send spam or participate in a distributed

denial of service attack. It may be a keylogger or other
monitoring program that collects data and sends it covertly
to the attacker.
Worms are wholly contained viruses that travel through
networks, automatically duplicate themselves and send
themselves to other computers whose addresses are in the
host computer.
In the past, cybercriminals occasionally use worms and
trojans to hijack a victim’s Web browsers. They replace
the victims’ home and search pages with links to Web spam,
as well as drop links to the spam in the victims’ bookmarks
and on their desktops. To make money, they infect computers
with malicious code that generates fraudulent ad views.
10) Virus — A program or piece of code that spreads from
computer to computer without the users’ consent. They
usually cause an unexpected and negative event when run by
a computer. Viruses contaminate legitimate computer
programs and are often introduced through e-mail
attachments, often with clever titles to attract the
curious reader.
11) Internet message boards – Internet message boards
dedicated to stocks are fertile ground for impersonators. A
habit of many posters to these boards is to cut-and-paste
press releases and news stories from other electronic
sources into their posts to alert other posters and
visitors to that information. Frequently, posters will
paste in a hyperlink to direct a reader to a source
directly, as Hoke did in the PairGain hoax.6 In addition to
the rising threat, as national level attacks become more
plausible, the vulnerabilities have also increased.

Real World Cases
This section presents real world cases. First the various
scenarios are covered. A detailed discussion on the various
cyber crimes, is covered from the ASCL publication titled
“Understanding Hackers and Cyber Criminals”. Then the applicable
law and legal liabilities are covered. Then the modus operandi
usually followed by the criminals is discussed.
1 Orkut Fake Profile cases
Orkut.com is a very popular online community and social
networking website. Orkut users can search for and interact with
people who share the same hobbies and interests. They can create
and join a wide variety of online communities. The profiles of
Orkut members are publicly viewable.
The scenarios
1. A fake profile of a woman is created on Orkut. The profile
displays her correct name and contact information (such as
address, residential phone number, cell phone number etc).
Sometimes it even has her photograph. The problem is that
the profile describes her as a prostitute or a woman of
“loose character” who wants to have sexual relations with
anyone. Other Orkut members see this profile and start
calling her at all hours of the day asking for sexual
favours. This leads to a lot of harassment for the victim
and also defames her in society.
2. An online hate community is created. This community
displays objectionable information against a particular
country, religious or ethnic group or even against national
leaders and historical figures.
3. A fake profile of a man is created on Orkut. The profile
contains defamatory information abut the victim (such as
his alleged sexual weakness, alleged immoral character etc)
The law
Scenario 1: Section 67 of Information Technology Act and
section 509 of the Indian Penal Code.
Scenario 2: Section 153A and 153B of Indian Penal Code.
Scenario 3: Section 500 of Indian Penal Code.
Who is liable?
Scenario 1: Directors of Orkut as well as all those who
create and update the fake profile.
Scenario 2: Same as Scenario 1.

Scenario 3: Same as Scenario 1.
The motive
Scenario 1: Jealousy or revenge (e.g. the victim may have
rejected the advances made by the suspect).
Scenario 2: Desire to cause racial hatred (e.g. Pakistani
citizens creating an anti-India online community).
Scenario 3: Hatred (e.g. a school student who has failed
may victimize his teachers).
Modus Operandi
1. The suspect would create a free Gmail account using a
fictitious name.
2. The email ID chosen by him would be unrelated to his
real identity.
3. The suspect would then login to Orkut.com and create the
offensive profile.
2 Email Account Hacking
Emails are increasingly being used for social interaction,
business communication and online transactions. Most email
account holders do not take basic precautions to protect their
email account passwords. Cases of theft of email passwords and
subsequent misuse of email accounts are becoming very common.
The scenarios
1. The victim’s email account password is stolen and the
account is then misused for sending out malicious code
(virus, worm, Trojan etc) to people in the victim’s
address book. The recipients of these viruses believe
that the email is coming from a known person and run the
attachments. This infects their computers with the
malicious code.
2. The victim’s email account password is stolen and the
hacker tries to extort money from the victim. The victim
is threatened that if he does not pay the money, the
information contained in the emails will be misused.
3. The victim’s email account password is stolen and
obscene emails are sent to people in the victim’s
address book.
The law
Scenario 1: Sections 43 and 66 of Information Technology
Act.

Act and section 384 of Indian Penal Code.
Scenario 3: Sections 43, 66 and 67 of Information
Technology Act and section 509 of the Indian Penal Code.
Who is liable?
Scenario 1: Persons who have stolen the email account
password and who are misusing the email account.
password and who are threatening to misuse it.
password and who are misusing the email account.
The motive
Scenario 1: Corporate Espionage, perverse pleasure in being
able to destroy valuable information belonging to strangers
etc.
Scenario 2: Illegal financial gain.
Scenario 3: Revenge, jealousy, hatred.
Modus Operandi
1. The suspect would install keyloggers in public computers
(such as cyber cafes, airport lounges etc) or the computers
of the victim.
2. Unsuspecting victims would login to their email accounts
using these infected computers.
3. The passwords of the victim’s email accounts would be
emailed to the suspect.
3 Credit Card Fraud
Credit cards are commonly being used for online booking of
airline and railway tickets and for other ecommerce
transactions. Although most of ecommerce websites have
implemented strong security measures (such as SSL, secure web
servers etc), instances of credit card frauds are increasing.
The scenario
The victim’s credit card information is stolen and misused
for making online purchases (e.g. airline tickets,
software, subscription to pornographic websites etc).
The law
Sections 43 and 66 of Information Technology Act and
section 420 of Indian Penal Code.

Who is liable?
All persons who have stolen the credit card information as
well as those who have misused it.
The motive
Illegal financial gain.
Modus Operandi
Scenario 1: The suspect would install keyloggers in public
computers (such as cyber cafes, airport lounges etc) or the
computers of the victim. Unsuspecting victims would use
these infected computers to make online transactions. The
credit card information of the victim would be emailed to
the suspect.
Scenario 2: Petrol pump attendants, workers at retail
outlets, hotel waiters etc note down information of the
credit cards used for making payment at these
establishments. This information is sold to criminal gangs
that misuse it for online frauds.
4 Online Share Trading Fraud
With the advent of dematerialization of shares in India, it has
become mandatory for investors to have demat accounts. In most
cases an online banking account is linked with the share trading
account. This has led to a high number of online share trading
frauds.
The scenario
Scenario 1: The victim’s account passwords are stolen and
his accounts are misused for making fraudulent bank
transfers.
Scenario 2: The victim’s account passwords are stolen and
his share trading accounts are misused for making
unauthorized transactions that result in the victim making
losses.
The law
Who is liable?
Scenario 1: All persons who have stolen the account
information as well as those who have misused it.
Scenario 2: All persons who have stolen the account
information as well as those who have misused it.

The motive
Scenario 1: Illegal financial gain
Scenario 2: Revenge, jealousy, hatred
Modus Operandi
Scenario 1: The suspect would install keyloggers in public
computers (such as cyber cafes, airport lounges etc) or the
computers of the victim. Unsuspecting victims would use
these infected computers to login to their online banking
and share trading accounts. The passwords and other
information of the victim would be emailed to the suspect.
Scenario 2: Same as scenario 1.
5 Tax Evasion and Money Laundering
Many unscrupulous businessmen and money launderers (havala
operators) are using virtual as well as physical storage media
for hiding information and records of their illicit business.
The scenario
Scenario 1: The suspect uses physical storage media for
hiding the information e.g. hard drives, floppies, USB
drives, mobile phone memory cards, digital camera memory
cards, CD ROMs, DVD ROMs, iPods etc.
Scenario 2: The suspect uses virtual storage media for
hiding the information e.g. email accounts, online
briefcases, FTP sites, Gspace etc.
The law
Scenario 1: Depending upon the case, provisions of the
Income Tax Act and Prevention of Money Laundering Act will
apply.
Scenario 2: Depending upon the case, provisions of the
Income Tax Act and Prevention of Money Laundering Act will
apply.
Who is liable?
Scenario 1: The person who hides the information.
Scenario 2: The person who hides the information. If the
operators of the virtual storage facility do not cooperate
in the investigation, then they also become liable.
The motive

Modus Operandi
Scenario 1: The suspect would purchase small storage
devices with large data storage capacities.
Scenario 2: The suspect would open free or paid accounts
with online storage providers.
6 Source Code Theft
Computer source code is the most important asset of software
companies. Simply put, source code is the programming
instructions that are compiled into the executable files that
are sold by software development companies. As is expected, most
source code thefts take place in software companies. Some cases
are also reported in banks, manufacturing companies and other
organizations that get original software developed for their
use.
The scenario
Scenario 1: The suspect (usually an employee of the victim)
steals the source code and sells it to a business rival of
the victim.
Scenario 2: The suspect (usually an employee of the victim)
steals the source code and uses it as a base to make and
sell his own version of the software.
The law
Scenario 1: Sections 43, 65 and 66 of the Information
Technology Act, section 63 of the Copyright Act.
Scenario 2: Sections 43, 65 and 66 of the Information
Technology Act, section 63 of the Copyright Act.
Who is liable?
Scenario 1: The persons who steal the source code as well
as the persons who purchase the stolen source code.
Scenario 2: The persons who steal the source code.
The motive
Modus Operandi
Scenario 1: If the suspect is an employee of the victim, he
would usually have direct or indirect access to the source
code. He would steal a copy of the source code and hide it
using a virtual or physical storage device. If the suspect
is not an employee of the victim, he would hack into the
victim’s servers to steal the source code. Or he would use

social engineering to get unauthorized access to the code.
He would then contact potential buyers to make the sale.
Scenario 2: If the suspect is an employee of the victim, he
would usually have direct or indirect access to the source
code. He would steal a copy of the source code and hide it
using a virtual or physical storage device. If the suspect
is not an employee of the victim, he would hack into the
victim’s servers to steal the source code. Or he would use
social engineering to get unauthorized access to the code.
He would then modify the source code (either himself or in
association with other programmers) and launch his own
software.
7 Theft of Confidential Information
Most business organizations store their sensitive information in
computer systems. This information is targeted by rivals,
criminals and sometimes disgruntled employees.
The scenario
Scenario 1: A business rival obtains the information (e.g.
tender quotations, business plans etc) using hacking or
social engineering. He then uses the information for the
benefit of his own business (e.g. quoting lower rates for
the tender).
Scenario 2: A criminal obtains the information by hacking
or social engineering and threatens to make the information
public unless the victim pays him some money.
Scenario 3: A disgruntled employee steals the information
and mass mails it to the victim’s rivals and also posts it
to numerous websites and newsgroups.
The law
Scenario 1: Sections 43 and 66 of the Information
Technology Act, section 426 of Indian Penal Code.
Who is liable?
Scenario 1: The persons who steal the information as well
as the persons who misuse the stolen information.
Scenario 2: The persons who steal the information as well
as the persons who threaten the victim and extort money.
Scenario 3: The disgruntled employee as well as the persons
who help him in stealing and distributing the information.

The motive
Scenario3: Revenge.
Modus Operandi
Scenario 1: The suspect could hire a skilled hacker to
break into the victim systems. The hacker could also use
social engineering techniques.
Illustration: A very good looking woman went to meet the
system administrator (sysadmin) of a large company. She
interviewed the sysadmin for a “magazine article”.
During the interview she flirted a lot with the sysadmin
and while leaving she “accidentally” left her pen drive at
the sysadmin’s room. The sysadmin accessed the pen drive
and saw that it contained many photographs of the lady. He
did not realize that the photographs were Trojanized!
Once the Trojan was in place, a lot of sensitive
information was stolen very easily.
Illustration: The sysadmin of a large manufacturing company
received a beautifully packed CD ROM containing “security
updates” from the company that developed the operating
system that ran his company’s servers. He installed the
“updates” which in reality were Trojanized software.
For 3 years after that a lot of confidential information
was stolen from the company’s systems!
Scenario 2: Same as scenario 1.
Scenario 3: The disgruntled employee would usually have
direct or indirect access to the information. He can use
his personal computer or a cyber café to spread the
information.
8 Software Piracy
Many people do not consider software piracy to be theft. They
would never steal a rupee from someone but would not think twice
before using pirated software. There is a common perception
amongst normal computer users to not consider software as
“property”. This has led to software piracy becoming a
flourishing business.
The scenario
Scenario 1: The software pirate sells the pirated software
in physical media (usually CD ROMs) through a close network
of dealers.
Scenario 2: The software pirate sells the pirated software
through electronic downloads through websites, bulletin
boards, newsgroups, spam emails etc.

The law
Technology Act, section 63 of Copyright Act.
Who is liable?
Scenario 1: The software pirate as well as the persons who
buy the pirated software from him.
Scenario 2: The software pirate as well as the persons who
buy the pirated software from him.
The motive
Modus Operandi
Scenario 1: The suspect uses high speed CD duplication
equipment to create multiple copies of the pirated
software. This software is sold through a network of
computer hardware and software vendors.
Scenario 2: The suspect registers a domain name using a
fictitious name and then hosts his website using a service
provider that is based in a country that does not have
cyber laws. Such service providers do not divulge client
information to law enforcement officials of other
countries.
9 Music Piracy
Many people do not consider music piracy to be theft. They would
never steal a rupee from someone but would not think twice
before buying or using pirated music. There is a common
perception amongst people users to not consider music as
“property”. There is a huge business in music piracy. Thousands
of unscrupulous businessmen sell pirated music at throw away
prices.
The scenario
Scenario 1: The music pirate sells the pirated music in
physical media (usually CD ROMs) through a close network of
dealers.
Scenario 2: The music pirate sells the pirated music
through electronic downloads through websites, bulletin
boards, newsgroups, spam emails etc.

The law
Who is liable?
Scenario 1: The music pirate as well as the persons who buy
the pirated software from him.
Scenario 2: The music pirate as well as the persons who buy
the pirated software from him.
The motive
Modus Operandi
Scenario 1: The suspect uses high speed CD duplication
equipment to create multiple copies of the pirated music.
This music is sold through a network of dealers.
Scenario 2: The suspect registers a domain name using a
fictitious name and then hosts his website using a service
provider that is based in a country that does not have
cyber laws. Such service providers do not divulge client
information to law enforcement officials of other
countries.
10 Email Scams
Emails are fast emerging as one of the most common methods of
communication in the modern world. As can be expected, criminals
are also using emails extensively for their illicit activities.
The scenario
In the first step, the suspect convinces the victim that
the victim is going to get a lot of money (by way of
winning a lottery or from a corrupt African bureaucrat who
wants to transfer his ill gotten gains out of his home
country). In order to convince the victim, the suspect
sends emails (some having official looking documents as
attachments).
Once the victim believes this story, the suspect asks for a
small fee to cover legal expenses or courier charges. If
the victim pays up the money, the suspect stops all
contact.
The law
Section 420 of Indian Penal Code

Who is liable?
The sender of the email.
The motive
Modus Operandi
The suspect creates email accounts in fictitious names and
sends out millions of fraudulent emails using powerful spam
software.
11 Phishing
With the tremendous increase in the use of online banking,
online share trading and ecommerce, there has been a
corresponding growth in the incidents of phishing being used to
carry out financial frauds. Phishing involves fraudulently
acquiring sensitive information (e.g. passwords, credit card
details etc) by masquerading as a trusted entity.
The scenario
Scenario 1: The victim receives an email that appears to
have been sent from his bank. The email urges the victim to
click on the link in the email. When the victim does so, he
is taken to “a secure page on the bank’s website”. The
victim believes the web page to be authentic and he enters
his username, password and other information. In reality,
the website is a fake and the victim’s information is
stolen and misused.
The law
Sections 43 and 66 of Information Technology Act and
sections 419, 420 and 468 of Indian Penal Code.
Who is liable?
All persons involved in creating and sending the fraudulent
emails and creating and maintaining the fake website. The
persons who misuse the stolen or “phished” information are
also liable.
The motive
Modus Operandi
The suspect registers a domain name using fictitious
details. The domain name is usually such that can be
misused for spoofing e.g. Noodle Bank has its website at

www.noodle.com The suspects can target Noodle customers
using a domain name like www.noodle-bank-customerlogin.com
The suspect then sends spoofed emails to the victims. e.g.
the emails may appear to come from info@noodle.com The fake
website is designed to look exactly like the original
website.
12 Cyber Pornography
Cyber pornography is believed to be one of the largest
businesses on the Internet today. The millions of pornographic
websites that flourish on the Internet are testimony to this.
While pornography per se is not illegal in many countries, child
pornography is strictly illegal in most nations today.
Cyber pornography includes pornographic websites, pornographic
magazines produced using computers (to publish and print the
material) and the Internet (to download and transmit
pornographic pictures, photos, writings etc).
The scenario
The suspect accepts online payments and allows paying
customers to view / download pornographic pictures, videos
etc from his website.
The law
Section 67 of Information Technology Act.
Who is liable?
The persons who create and maintain the pornographic
websites are liable. In some cases cyber café owners and
managers may also be liable in case they knowingly allow
their customers to access the pornographic websites.
The motive
Modus Operandi
The suspect registers a domain name using fictitious
details and hosts a website on a server located in a
country where cyber pornography is not illegal. The suspect
accepts online payments and allows paying customers to view
download pornographic pictures, videos etc from his
website.

13 Online Sale of Illegal Articles
It is becoming increasingly common to find cases where sale of
narcotics drugs, weapons, wildlife etc. is being facilitated by
the Internet. Information about the availability of the products
for sale is being posted on auction websites, bulletin boards
etc.
The scenario
The suspect posts information about the illegal sale that
he seeks to make. Potential customers can contact the
seller using the email IDs provided. If the buyer and
seller trust each other after their email and / or
telephonic conversation, the actual transaction can be
concluded. In most such cases the buyer and seller will
meet face to face at the time of the final transaction.
Illustration: In March 2007, the Pune rural police cracked
down on an illegal rave party and arrested hundreds of
illegal drug users. The social networking site, Orkut.com,
is believed to be one of the modes of communication for
gathering people for the illegal “drug” party.
The law
Depending upon the illegal items being transacted in,
provisions of the Narcotic Drugs and Psychotropic
Substances Act, Arms Act, Indian Penal Code, Wildlife
related laws etc may apply.
Who is liable?
The persons who buy and sell these items.
The motive
Modus Operandi
The suspect creates an email ID using fictitious details.
He then posts messages, about the illegal products, in
various chat rooms, bulletin boards, newsgroups etc.
Potential customers can contact the seller using the email
IDs provided. If the buyer and seller trust each other
after their email and / or telephonic conversation, the
actual transaction can be concluded. In most such cases the
buyer and seller will meet face to face at the time of the
final transaction.

14 Use of Internet and Computers by Terrorists
Many terrorists are using virtual as well as physical storage
media for hiding information and records of their illicit
business. They also use emails and chat rooms to communicate
with their counterparts around the globe.
The scenario
The suspects carry laptops wherein information relating to
their activities is stored in encrypted and password
protected form. They also create email accounts using
fictitious details. In many cases, one email account is
shared by many people. E.g. one terrorist composes an email
and saves it in the draft folder. Another terrorist logs
into the same account from another city / country and reads
the saved email. He then composes his reply and saves it in
the draft folder. The emails are not actually sent. This
makes email tracking and tracing almost impossible.
Terrorists also use physical storage media for hiding the
information e.g. hard drives, floppies, USB drives, mobile
phone memory cards, digital camera memory cards, CD ROMs,
DVD ROMs, iPods etc. They also use virtual storage media
for hiding the information e.g. email accounts, online
briefcases, FTP sites, Gspace etc.
The law
Terrorists are covered by conventional laws such as Indian
Penal Code and special legislation relating to terrorism.
Who is liable?
Terrorists as well as those who help them to protect their
information are liable. If email service providers do not
assist the law enforcement personnel in the investigation
then they are also legally liable.
The motive
Keeping terrorism related information confidential. Secure
communication amongst terrorist group members.
Modus Operandi
The terrorists purchase small storage devices with large
data storage capacities. They also purchase and use
encryption software. The terrorists may also use free or
paid accounts with online storage providers.

15 Virus Attacks
Computer viruses are malicious programs that destroy electronic
information. As the world is increasingly becoming networked,
the threat and damage caused by viruses is growing by leaps and
bounds.
The scenario
Scenario 1: The virus is a general “in the wild” virus.
This means that it is spreading all over the world and is
not targeted at any specific organization.
Scenario 2: The virus targets a particular organization.
This type of a virus is not known to anti-virus companies
as it is a new virus created specifically to target a
particular organization.
The law
Who is liable?
Scenario 1: The creator of the virus.
Scenario 2: The creator of the virus as well as the buyer
who purchases the virus (usually to target his business
rivals).
The motive
Scenario 1: Thrill and a perverse pleasure in destroying
data belonging to strangers.
Scenario 2: Illegal financial gain, revenge, business
rivalry.
Modus Operandi
Scenario 1: A highly skilled programmer creates a new type
or strain of virus and releases it on the Internet so that
it can spread all over the world. Being a new virus, it
goes undetected by many anti-virus software and hence is
able to spread all over the world and cause a lot of
damage. Anti-virus companies are usually able to find a
solution within 8 to 48 hours.
Scenario 2: A highly skilled programmer creates a new type
or strain of virus. He does not release it on the Internet.
Instead he sells it for a huge amount of money. The buyer
uses the virus to target his rival company. Being a new
virus, it may be undetected by the victim company’s anti-
virus software and hence would be able to cause a lot of

damage. Anti-virus companies may never get to know about
the existence of the virus.
16 Web Defacement
Website defacement is usually the substitution of the original
home page of a website with another page (usually pornographic
or defamatory in nature) by a hacker. Religious and government
sites are regularly targeted by hackers in order to display
political or religious beliefs. Disturbing images and offensive
phrases might be displayed in the process, as well as a
signature of sorts, to show who was responsible for the
defacement. Websites are not only defaced for political reasons,
many defacers do it just for the thrill.
The scenario
The homepage of a website is replaced with a pornographic
or defamatory page. In case of Government websites, this is
most commonly done on symbolic days (e.g. the Independence
day of the country).
The law
Sections 43 and 66 of Information Technology Act [In some
cases section 67 and 70 may also apply].
Who is liable?
The person who defaces the website.
The motive
Thrill or a perverse pleasure in inciting communal
disharmony.
Modus Operandi
The defacer may exploit the vulnerabilities of the
operating system or applications used to host the website.
This will allow him to hack into the web server and change
the home page and other pages. Alternatively he may launch
a brute force or dictionary attack to obtain the
administrator passwords for the website. He can then
connect to the web server and change the webpages.

Current occurring Crime News
Many of us are not aware of the terms used for crime like
stalking, phishing, vishing, bot networks, XSS etc. although we
know nature of crime.
1 Stalking:
Cyber stalking is one of the most common crimes which are
commenced on internet the modern world. Cyber stalking is use of
the Internet or other electronic means to stalk someone. This
term is used interchangeably with online harassment and online
abuse. Stalking generally involves harassing or threatening
behavior repeatedly such as following a person, appearing at a
person's home or place of business, making harassing phone
calls, leaving written messages or objects, or Vandalizing a
person's property. Cyber stalkers use websites, chat rooms,
discussion forums, open publishing websites (e.g. blogs and Indy
media) and email to stalk victim.
First stalking case registered in India:
The Delhi Police registered India’s First Case of Cyber
stalking. One Mrs. Ritu Kohli complained to the police against
a person who was using her identity to chat over the Internet at
the website www.mirc.com, mostly in the Delhi channel for four
consecutive days. Mrs. Kohli further complained that the person
was chatting on the Net, using her name and giving her address
and was talking obscene language. The same person was also
deliberately giving her telephone number to other chatters
encouraging them to call Ritu Kohli at odd hours. Consequently,
Mrs Kohli received almost 40 calls in three days mostly at odd
hours from as far away as Kuwait, Cochin, Bombay and Ahmedabad.
The said calls created havoc in the personal life and mental
peace of Ritu Kohli who decided to report the matter.
Report by Pawan Duggal, Cyberlaw consultant,
president, cyberlaws.net
2 Hacking.
"Hacking" is a crime, which entails cracking systems and gaining
unauthorized access to the data stored in them. Hacking could be
done easily by using Trojan horse virus. Cases of hacking
reported in 2011 was 157 and reported in 2012 was435 thereby %
variation in increase in cases over 2011 is 177.1%.

Case related to hacking reported:
MUMBAI: Cyber criminals hacked into the Mumbai-based current
account of the RPG Group of companies and shifted Rs 2.4 crore
recently. The bank has blocked the accounts of the illegal
beneficiaries, but the hackers have already managed to withdraw
some funds from them, sources said. Investigators said the cyber
criminals followed a similar procedure to the one executed on
January 31 when Rs 1 crore was siphoned off in Mulund from the
current account of a cosmetics company. "Prima facie, the
company officials may have responded to a Trojan mail sent by
the fraudsters. The hacker then probably got the group's current
account username and password when officials logged in," said an
investigator. The arrested men said they allowed their bank
accounts to be used in return for a good commission. A case has
been filed under sections of the Indian Penal Code and IT Act.
Investigators have also sought details from the bank on whether
it has followed the Know Your Customer norms.
Times of India,” Mumbai bank hacked, Rs 2.4 crore siphoned off
in 3 hours “, May 18, 2013
3Phishing
Phishing is just one type of the many frauds on the Internet,
trying to fool people into parting with their money. Phishing
refers to the receipt of unsought emails by customers of
financial institutions, asked them to enter their username,
password or other personal information to access their account
for some reason. Customers are directed to a Website which could
be fraud copy of the original institution's website when they
click on the links on the email to enter their information, and
so they remain unaware that the fraud has occurred. The criminal
then has access to the customer's online bank account and to the
funds contained in that account number.
Case related to phishing:
HYDERABAD:
An email allegedly from India's central bank, asking to secure
their bank account details with the RBI is fake, and an attempt
by new-age fraudsters to con people into giving away bank
account details and lose hard-earned money, security experts
said. The email says RBI has launched a new security system,
asking users to click on a link to open a page with list of
banks in place. Once anyone chooses a particular bank, it asks
for all net banking details, including card numbers and the
secret three digit CVV number, among others. "The email is so
neat and I for once was thrilled that RBI is taking such a big
step to ensure security of people. But at the advice of a

friend, I checked with the police and learned that I would have
lost all my savings to this racket," K Manoj, a resident said.
RBI is cautioning people that the central bank, which controls
the monetary policy of the Indian rupee, "has not developed any
such software and nor has it sent any such mail asking online
banking customers to update their account details to secure
their online accounts."The RBI does not even have any mail id
with extension@rbi.com, the central bank says.
Times of India, "Now, a phishing email in the name of RBI”,
may14, 2013.
4 Vishing
The name comes from “voice,” and “phishing,” Vishing is the act
of using the telephone in an attempt to scam the user. Which is,
of course, the use of spoofed emails designed to trap targets
into clicking malicious links that leads to a toll free number?
Instead of email, vishing generally relies on automated phone
calls, which instruct targets to provide account numbers for the
purpose of financial reward.
How vishing scams work:
Criminals set up an automated dialing system to text or call
people in a particular region or area code (or sometimes they
use stolen customer phone numbers from banks or credit unions).
The victims receive messages like: “There’s a problem with your
account,” or “Your ATM card needs to be reactivated,” and are
directed to a phone number or website asking for personal
information. Sometimes criminal quote some information about
your account before asking you to enter information, so you
could believe its an authenticated source. Sometimes, if a
victim logs onto one of the phony websites with a Smartphone,
they could also end up downloading malicious software that could
give criminals access to anything on the phone.
5 Squatting
Cyber squatting is the act of registering a famous domain name
and then selling it for a fortune. This is an issue that has not
been tackled in IT act 2000. As , The Gap, Inc. has filed a
cyber squatting case against TheGap.com under the
Anticybersquatting Consumer Protection Act (ACPA). The complaint
alleges that The Gap.com redirects visitors to websites that are
designed to deceive consumers into believing the sites belong to
The Gap, Inc.” or are affiliated with or sponsored by” The Gap,
Inc. ACPA- Anticybersquatting Consumer Protection Act.
The Hindu, “a new squatting case registered under ACPA”,
February 13th, 2013

6 Bot networks
A cyber crime called 'Bot Networks', where spamsters and other
perpetrators of cyber crimes remotely take control of computers
without the users realizing the fact that their system is being
in use by some fake user.
7 Cross Site Scripting (XSS)
Cross site scripting Cross-site scripting (XSS) is a type of
computer security threat in which malicious users insert some
harmful code into the WebPages of trusted web sites viewed by
other users.
These were some types discussed but there are many more sides of
cyber crimes which falls under IT act 2000 and IPC like obscene
publication, obtaining license of digital signature by providing
false information, breach of privacy, offence against public
servant, forgery, criminal breach of trust and many more. Detail
of each n every crime will be beyond the limit of this paper.
Statistical Overview
Technology plays a key role in the commission of many financial
crimes. Offenders use Internet-based tools such as spyware,
malicious codes, viruses, worms, and malware to commit fraud,
scams, identity theft, and other crimes.
In the first half of 2010, spyware infections prompted 617,000
U.S. households to replace or repair their computers. One of
every 11 households surveyed had a major problem due to spyware,
with damage totaling $1.2 billion.
In 2010, the Internet Crime Complaint Center (IC3) received
303,809 complaints regarding possible online criminal activity,
a 9.8 percent decrease from 2009. The IC3 averages 25,317
complaints a month. Of the total number of complaints, 121,710
(or 40 percent) were referred to federal, state, and local law
enforcement.
IC3 prepared 1,420 cases (representing 42,808 complaints) in
2010. The number of cases prepared by law enforcement was 698
(representing 4,015 complaints). Law enforcement also asked for
assistance from the FBI on 598 Internet crime matters. From the
referrals prepared by the FBI analysts, 122 open investigations
were reported, resulting in 31 arrests, 6 convictions, 17 grand
jury subpoenas, and 55 search/seizure warrants.

In 2010, non-delivery of payment scams were the number-one
Internet scam, accounting for 14.4 percent of all complaints,
followed by FBI-related scams at 13.2 percent, and identity
theft at 9.8 percent.
According to a 2011 report, the median annual cost of cybercrime
for 50 large benchmarked organizations is $5.9 million, with a
range from $1.5 million to $36.5 million each year per company.
The 50 companies studied experienced 72 successful attacks per
week.
The same study indicated that in 2011 malicious code, denial of
service, stolen or hijacked devices, Web-based attacks, and
malicious insiders accounted for 75 percent of all cyber crime
costs per organization on an annual basis.
Twenty-three percent of cybercrime costs were due to malicious
code attacks; 17 percent were due to denial of service attacks;
13 percent were due to stolen devices; 13 percent were due to
Web-based attacks; 9 percent due to malicious insiders; 9
percent were due to phishing and social engineering; 7 percent
were due to viruses, worms, and trojans; 4 percent were due to
malware; and 4 percent were due to botnets.

Conclusion
Cybercrime has captured the attention of not only law
enforcement, but also home users, system administrators and even
the government. The history of cybercrime has slowly converged
into a state in which large amounts of money are responsible for
driving crime rather than respect or youthful experimentation.
Although much work must be done in the field to standardize
processes and procedures, it is clear that the majority of
criminals will not remain anonymous forever. With successful
forensic investigations, it is then up to the law and government
to assign punitive measures.
This has and will remain challenging for law and policy makers
who traditionally move slowly. Moreover, international
cooperation is increasingly required to successfully resolve
crimes, resulting in the need for comprehensive treaties between
nations.
Finally, any discussion of cybercrime must discuss what
directions it seems to be heading in, as preparations must be
made for all contingencies. Certainly, criminals will attempt to
increase their use of the Internet to perpetrate acts of fraud
and other crimes. The real question though is whether
researchers, industry, law enforcement and the government can
work together in order to reign in the ability to commit crimes
and normalize it to a manageable level. It is still an open
debate, though and only time will tell whether cybercrime
becomes an unchecked monster or a just another growing pain in a
long history of the Internet.

References
1. Cyber Crime & Digital Evidence – Indian Perspective
authored by Rohas Nagpal.
2. Cybercriminal Activity
Hemavathy Alaganandam – The Evolution of Cybercrime
3. STATISTICS OF CYBER CRIME IN INDIA: AN OVERVIEW
Rupinder Pal Kaur*
Guru Nanak College For Girls, Muktsar , Punjab, India
chatharupinder@yahoo.com
4. StatiStical OverviewS
2013 NCVRW ResouRCe Guide

Case study on cyber crime

Recomendados

Recomendados

Mais conteúdo relacionado

Mais procurados

Mais procurados (20)

Semelhante a Case study on cyber crime

Semelhante a Case study on cyber crime (20)

Mais de ishmecse13

Mais de ishmecse13 (14)

Último

Último (20)

Case study on cyber crime