This document summarizes common types of internet fraud and scams. It defines internet fraud as "a crime that uses elements of the internet to deprive a person of property through false representations." Some common fraud types discussed include hacking, spam, phishing, denial of service attacks, identity theft, malware/ransomware, Nigerian scams, dating/romance scams, and securities fraud. The document concludes with tips to prevent losses from internet fraud such as verifying unsolicited communications, using credit cards cautiously online, limiting personal information shared, and maintaining computer security.
CA Tejal Kokila Adani's Research on Internet Fraud
1. 199TH FAFD BATCH OF ICAI
HELD IN MUMBAI (OCT 2019)
RESEARCH PAPER
PRESENTATION
Prepared by
CA TEJAL SAMIR KOKILA ADANI (M.NO. 116412)
INTERNET RELATED FRAUD
2. Computer or computer networks are
used as a tool or a target or a place of
criminal activity. While there are
various methods for execution of cyber
crimes, majority of these make use of or
are executed over the internet.
INTERNET RELATED FRAUD is defined as “A crime in which
the perpetrator develops a scheme using one or more elements of
the internet to deprive a person of property or any interest, estate,
or right by a false representation of a matter of fact, whether by
providing misleading information or by concealment of
information.”
INTRODUCTION AND DEFINITION
3. HACKING
Hacking occurs when a scammer gains access to personal
information by using technology to break into the victim’s
computer, mobile device or network.
Government websites are generally the hot targets due to
the press coverage.
Hacking offence is cognizable, bailable, compoundable
with permission of the court before which the prosecution
of such offence is pending and triable by any magistrate.
If crime is proved under IT Act, accused shall be punished
for imprisonment, which may extend to three years or
with fine, which may extend to five lakh rupees or both.
Some examples include malware & ransomware,
exploiting security weaknesses, payment redirection
scams, etc.
4. Spam is a generic term used to describe electronic ‘junk
mail’ or unwanted messages sent to one’s email account
or mobile phone.
They may try to persuade the victim to buy a product or
service; or they may attempt to trick people into divulging
bank account or credit card details.
An act by the criminals to flood the bandwidth of the
victim’s network or fill his E-mail box with spam
mail depriving him of the service he is entitled to.
A Distributed Denial of Service (DDoS) attack uses
multiple computers and Internet connections to flood
a network/system.
Examples: ping of death (attacker sends a very large
network packet) and Tear drop attacks (victim server
receives fragmented packets that it is not able to
process).
SPAM
DENIAL OF SERVICE ATTACKS
5. PHISHING
Form of social engineering attack
– an act of sending an e-mail
falsely claiming to be an
established legitimate business in
an attempt to deceive the
unsuspecting recipient into
divulging personal, sensitive
information such as passwords,
credit card numbers, and bank
account information after
directing the user to visit a
specified website.
6. IDENTITY THEFT Fraud that involves stealing money or getting
other benefits by pretending to be someone
else
Stolen credit cards are the most common form
of Identity theft schemes
Common methods are phishing, hacking, fake
online profiles, remote access scams, malware
& ransomware, etc.
MALWARE & RANSOMWARE
Malware tricks one into installing software that
allows scammers to access files and track
activities, while ransomware demands payment
to ‘unlock’ computer or files.
A spoof email is one that appears to originate
from one source but actually has been sent from
another source.
E-MAIL SPOOFING
7. NIGERIAN SCAMS
INHERITANCE SCAMS
Nigerian scams involve someone
overseas offering the victim a
share in a large sum of money or a
payment on the condition they are
helped to transfer money out of
their country.
These scams offer the false promise of an
inheritance to trick the victim into parting
with money or sharing bank or credit
card details.
8. UNEXPECTED PRIZE & LOTTERY SCAMS
SCRATCHIE SCAMS
TRAVEL PRIZE SCAMS
Unexpected prize and lottery scams work
by asking one to pay some sort of fee in
order to claim prize or winnings from a
competition or lottery one never entered.
Scratchie scams take the form of fake scratchie
cards that promise some sort of prize, on the
condition that the ‘winner’ pays a collection fee
Travel prize scams are attempts to trick
one into parting with money to claim a
‘reward’ such as a free or discounted
holiday.
9. SECURITIES FRAUD
Also called investment fraud -
involves the offer of bogus stocks
or high-return investment
opportunities, market
manipulation schemes, pyramid
and Ponzi schemes, or other "get
rich quick" offerings.
DATING & ROMANCE FRAUD
Scammers take advantage of people looking
for romantic partners, often via dating
websites, apps or social media by pretending to
be prospective companions.
They play on emotional triggers to get the
victim to provide money, gifts or personal
details.
10. PREVENT LOSSES FROM INTERNET FRAUDS...
Stay informed and be very sceptical of anything
that seems too good to be true
Modify behavioural response – to hardwire tricks
to avoid internet scam traps based on shared
experiences about safety
Verifying before action is a safe rule, always -
know that a bank, card provider or tax authorities
will never ask to reveal details over the phone or
click a link on a mail
11. ...PREVENT LOSSES FROM INTERNET FRAUDS
Low-limit separate credit card for
online purchases to minimise the
potential loss if things go wrong
Limiting the amount of personal
information one allows to be in ‘the
public domain’ that could be used to
assist in identity theft
Keep the firewall turned on
Install or update Antivirus/
Antispyware software
Keep the operating system up to date
Be careful what to download
Turn off the computer