2. WHAT IS CYBER CRIME?
Cyber crime encompasses any criminal act dealing
with computers and networks. Additionally, cyber
crime also includes traditional crimes conducted
through the Internet. For example; hate crimes,
telemarketing and Internet Fraud, Identity Theft, and
Credit Card Account Thefts are considered to be Cyber
Crimes when the illegal activities are committed
through the use of a computer and the Internet.
3. HOW HAS THINGS CHANGED:
WHERE IS THE EVIDENCE NOW?
PAST: Physical documents
PRESENT: Data contained in:
- Computers
- Cell phones
- Tablets
PAST: Postal Service
PRESENT: WWW (World Wide Web)
4. CRIMES
CARD FRAUD ON INTERNET
BID OR BUY / EBAY – NON DELIVERY OF
GOODS
EFT TRANSACTIONS
PHYSING
PHARMING
419 SCAMS
YOU HAVE WON! SCAMS (RICA)
OVER DEPOSIT SCAMS (TELKOM, SARS)
5. CYBER CRIME TERMINOLOGY
Phishing:
A technique whereby the perpetrator impersonates
another individual or business through the use of e-mail
or Web sites that copy (or mimic) legitimate e-mail or
Web site characteristics.
How Phishing works
This scam uses email or pop-up messages to trick the
victim into disclosing their credit card number, bank
account information, password or other sensitive
information.
Emails claim to be from a business or organization the
victims know - such as a bank or online payment service
6. Spear phishing
A targeted form of phishing where e-mails or
Web sites are transmitted to an identified
target of the activity, as opposed to the use of
phishing, designed to ensnare targets that
have not been previously identified (i.e.,
spamming). Spear phishing is a form of
social engineering
7. Pretexting
The act of creating and using an invented
scenario (the pretext) to persuade a targeted
victim to release information or perform an
action.
Pretexting is typically done over the telephone.
It is more than a simple lie, as it often involves
some prior research to set up and use the pieces
of information (e.g., date of birth) to establish
legitimacy and perceived authority in the mind
of the target
8. Spoofing
A scheme in which a person or program
masquerades as another by falsifying data
resulting in the deception of the recipient or user.
Spoofing takes many forms. Web page spoofing
involves use of a Web page that reproduces the
"look and feel" of a legitimate site, but is under
the control of another for the purpose of
collecting information from a user who believes
they are interacting with the trusted site.
9.
10. Smishing
A text message is sent to the victim’s
mobile phone that asks the victim to
call a toll-free number.
Once that call is made, they will ask
for personal information such as
Account Number, Credit/Debit card
number.
11. KEY LOGGERS
A criminal suspect can install key loggers in
public computers (such as cyber cafes,
airport lounges etc) or the computers of the
victim. Unsuspecting victims would use
these compromised computers to make
online transactions. The credit card
information of the victim would be emailed
to the suspect.
12. SPYWARE, MALWARE, VIRUSES
Spyware is a software that aids in gathering
information about a person or organization without
their knowledge and that may send such information
to another entity without the consumer's consent, or
that asserts control over a computer without the
consumer's knowledge.
Malware, short for malicious software, is software
used or programmed by attackers to disrupt computer
operation, gather sensitive information, or gain access
to private computer systems
13. Computer Virus is a type of malware that, when
executed, replicates by inserting copies of itself
(possibly modified) into other computer programs,
data files, or the boot sector of the hard drive; when
this replication succeeds, the affected areas are then
said to be "infected". Viruses often perform some type
of harmful activity on infected hosts, such as stealing
hard disk space or CPU time, accessing private
information, corrupting data, displaying political or
humorous messages on the user's screen, spamming
their contacts, or logging their keystrokes
14. THEFT OF PAYMENT
INFORMATION
TROJAN HORSE : A hacking program, which gains
privileged access to the operating system while
appearing to perform a desirable function.
Banking Trojans are the most dangerous kind.
Automatically collects all payment data and
sometimes even conducts financial transactions on the
victims behalf
They capture keystrokes, makes screenshots, bypasses
virtual keyboards, changes hosts files and redirects user
to fake website
15. LETS LOOK AT A STUDY DONE BY NORTON
DURING 2012.
And some Internet Security Tips
17. MOBILE DEVICES
PC’s Still remain the Primary targets, but cyber
criminals are also finding ways to attack
consumers on mobile devices
McAfee found 13000 different types of Mobile
malware in 2012 compared to 2000 in 2011
18. SECURITY
There exists various applications for smartphones
whereby they can remotely locate, lock and even
wipe data from a misplaced or lost device
Data can also be backed up to a Cloud
A huge part of our lives are contained in these
small devices
More and more personal and valuable information
is stored on these devices such as banking
particulars, personal particulars, passwords.
Are we really aware of how valuable such
information is to a criminal?
20. SAFE GAURDS
PASSWORDS:
• Passwords protect your stuff
• A good password stops a hacker in his/her tracks
• A good password doesn’t make you crazy trying
to remember it
• A good password strategy = peace of mind
22. Think Unique
• Not guessable word or phrase
• Different for each site and account
• Some use a few complex passwords and then one
“master” passwords for accounts considered
unimportant
• All accounts are important
• Not password that anyone else would use
23. No Dictionary Words
Avoid using full words you might find in a
dictionary
Real words can be “edited” for password use
Dictionary becomes
D1(t10nAry (as an example)
But hackers are “on to” common letter replacement
tricks like these
24. No Pet Names
Children often use their pet’s name
Friends and siblings hack accounts this way
Security Questions and Answers should be
hard to guess
You can use “fake” answers to “mother’s
maiden name” but you’ll need to remember
what you used
Better are sites that let you create your own
questions
25. Pay Particular Attention to Most
Important Accounts
Email is most important
“Forgot your password” link on sites goes to
email
Hacker with access to email can reset all other
accounts
Nearly as important is social networking
Hacker can run scams against friends and
colleagues
Financial sites and shopping sites with stored
credit cards, too
26. Never Share or Show Passwords
Don’t write them down
Never email or text them to someone
If you tell it to someone, change the password as
soon as possible
Legitimate companies NEVER ask for your account
password
27. INTERNET SECURITY
Get a security product for all devices:
Computers
Mobile phones
Tablets
Prevent password-stealing malware from infecting
your device
28. Secure Mobile Devices with a
Password
Mobile apps may auto log you in to accounts
Protect access with a password on phone or tablet
Remove apps you don’t use anymore that may have
credit cards or financial info store:
Shopping sites
Banking and Investment companies
Travel sites
29. TO SUM UP…
Create unique passphrase (no dictionary words)
Nothing others will guess
Customize for each site
Focus on email, social, financial sites first
Use password managers
Never share or show passwords
Take action if breached
Use security software
Set passwords on mobiles