New types of Cyber Crimes

New Cyber Crimes:

Crap-flooding:
Crap flooding is a form of online trolling with illogical, repetitive postings to make it difficult for other users to read relevant, useful information. The aim behind crap flooding may also include wasting the website’s bandwidth and storage space with useless text. Automated soft-wares can be employed for the purpose, which can execute the task quickly and efficiently, than manual methods. 

Backscatter:
It is the side effect of spam emails, worms and viruses. Consider this example: A hacker sends millions of spam emails using your email address as sender. Many of them will be addressed to non-existent email addresses, resulting in - “this example@gmail.com address is invalid” type back responses. Since, you shall be receiving thousands of similar reply, you will get overwhelmed and irritated with backscattered responses from invalid email addresses. 

Griefers:
A griefer is a playing character in an online game that deliberately causes annoyance or grief to other player(s). The game developer, often release patches to nullify them, or reprimand offenders as they drive players away. Others opt for report abuse (crowd sourcing approach), where griefers are red flagged and then handled as per norms. 

The various ways of causing grief include:  

  • Targeted killing: Singling out the same player and killing them over and over, especially when they are defenseless. 
  • Verbal abuse: Sending vulgar and offensive messages to playing characters.   
  • Blocking: Blocking the path of a particular player, in order to waste time or to irritate the player.
  • Others: Like kill stealing, verbal threats, group attacks, shadowing etc.   

Joe – Job:
It is a spam attack using spoofed sender’s data. They are usually motivated politically or through personal animosity. The ultimate aim maybe to ruin the reputation of the apparent sender or business competitor. 

A Joe Job sends spam email which appears to come from a source other than the actual. The attacker is said to be Joeing the legitimate owner of the email address they spoof. The spammer only needs to change the “Reply To” address in the email field. The attackers also sometimes use the user name in the signature of the message. 

Logic Bomb:
It’s a piece of code intentionally inserted into a software system, which triggers off when a particular condition occurs, for example, after a fixed software is removed. Generally, it sets off a malicious task such as deleting or altering the file and folder names. 

Time bomb is an example, which is programmed to wait for a specific time before inflicting the damage. The damage may range from computer crash to release of virus, malwares etc. Or simply the program may stop working after a pre-determined period of time. 

Piggy backing:
Piggy backing refers to using wireless internet connection without the subscriber’s permission or knowledge. Motive can be to save money on internet data or to hide illegal activities like such as while performing un-authorized financial transactions. 

Piggy backing can be done by simply bringing one’s device within the range of another’s open wireless connection. For example, outsiders to hotel using the hotel’s Wi-Fi network. Cyber criminals often resort to piggy backing to commit online crimes, without leaving a trail behind for investigators. The network owner may face the repercussions, for crimes done through their networks. 

Another similar term is Ward-driving. It is collection of information about the various unsecured Wireless Access Points (WAPs) they find while driving. However, if subsequently they also connect to the network without authorization, it’s called piggy backing.  

Pod Slurping:
Pod slurping is the use of portable data storage devices like USB stick, flash drives etc to facilitate data theft. As data storage devices are shrinking in size, they pose real life threat to organizations and individuals. Device, slurping software and the opportunity to connect the device to the victim’s computer is sufficient to complete the process. Dangers are graver as even amateurs can execute the task and can be used to steal large quantities of sensitive and confidential information within minutes! 

Scavenging:
Scavenging refers to attempts to cull out useful information from someone’s trash. The useful data include Personally Identifiable Information (PIIs) like address, phone numbers, credit card details, email ID details etc. The data may not directly yield financial returns, but are nevertheless useful for hackers. The information can be used for designing and executing well coordinated phishing campaigns or for identity theft. 

Zeus Zeus:
Zeus Zeus is one of the most dangerous banking Trojan that is stealing banking credentials since 2007. It spreads mainly from drive by download form a malicious website in the control of hackers or via a phishing email that re-directs you to a fake website. 

Once the Trojan infects the machine it may lay dormant for years, until the victim visits the specified web page and fills out a form. The most powerful feature of this Trojan, is that it allows criminals to add fields to forms at the browser level. Thus, instead of directing victims to fake websites, it allows hacker to add additional fields in legitimate website, where additional fields are often disguised as for security reasons. 

Zombie: 
Zombie is a computer connected to internet that has been compromised by a hacker. They are often used by hackers for various purposes, without the knowledge of its owner. For example, they are used to send spam emails, to commit click frauds, to host money mule websites or to execute DDoS attacks. 

Data diddling:
Data diddling is illegal or un-authorized data alteration. It can affect any form of digital output and changes can occur before and during data input or before output. Some data diddling are done for fun while others for personal gains like altering grades, marks, bank records, security audit, clearances etc.  

The Blues:
Devices with Bluetooth capabilities, especially the mobile phones can be targeted in multiple ways. 

Blue-bugging: 
Blue-bugging is the most serious form of attack. It allows the blue-bugger to virtually “take over” the victim’s phone. The attacker can then:

  • Eavesdrop on phone conversation
  • Create a call forwarding mechanism to receive calls intended for the target’s phone 
  • Send messages
  • Read contacts and much mor

Blue-jacking:
Blue-jacking is the milder version of Blue-bugging, and involves sending anonymous, unwanted or threatening messages to other Blue-tooth enabled devices. If the messages sent by the hacker are used for criminal activities, the owner of the phone would appear to be the culprit to the police. And the phone owner may end up getting prosecuted!

Blue-snarfing:
Blue-snarfing is theft of data from a Blue-tooth enabled device. For this, the hacker connects to a nearby Blue-tooth device without its owner’s confirmation, and then downloads the data including photos, videos, contacts, emails etc. 

Click Fraud:
Click fraud occurs when click bots or multiple persons click on pay per click advertisement, without having an actual interest in the ad or it’s contents. The aim varies from generating fraudulent revenue to depleting the competitor’s advertising budget. 

Some companies even recruit people from geographically diverse areas to make fraudulent clicks on an ad in order to commit click fraud. On the other hand, tech savvy scammers, inject small pieces of code that spread like worms, in order to generate clicks from different IP addresses. Generally the code ensures that every device provides only a few clicks to avoid any detection. 

By Adv Pankaj Bafna (Bafna Law Associates)


Comments

Post a Comment

Popular posts from this blog

CELL PHONE HACKING CATEGORIES

Image
Cell Phone Lookup: How to Do a Reverse Cell Phone Lookup A Reverse Cell Phone Lookup is simply a process of finding someone’s personal details such as name, age, address and related information by using their cell phone number. At times it becomes necessary for us to start investigating on someone to know their personal details. The reason for this can be many – Some people may go for a cell phone lookup in order to locate their old friends, some to investigate the prank calls or to trace a suspicious number. There exists a lot of websites on the Internet that offer reverse cell phone search, some claim to be free while others ask you a small fee for the subscription. There also exists a few directories that provide access to both landline and cell phone numbers thereby providing an all-in-one lookup service. Since most people wish to access this information for free, they go in search of those websites which provide the reverse cell phone lookup service for free. M
Read more

What is Bitcoin and Is it Legal ?

Image
Bitcoin, often described as a cryptocurrency, a virtual currency or a digital currency - is  a type of money that is completely virtual. Each Bitcoin is basically a computer file which is stored in a 'digital wallet' app on a smartphone or computer. People can send   Bitcoins (or part of one) to your digital wallet, and you can send Bitcoins to other  people. Every single transaction is recorded in a public list called the blockchain. It's like an online version of cash. You can use it to buy products and services, but not many shops accept Bitcoin yet and some countries have banned it altogether. The physical Bitcoins you see in photos are a novelty. They would be worthless without the private codes printed inside them. How does Bitcoin work? Each Bitcoin is basically a computer file which is stored in a 'digital wallet' app on a smartphone or computer. People can send Bitcoins (or part of one) to your digital w
Read more