28May
Cyber Crimes and Security

In this growing digital age, we have become more dependent on the internet for many of our daily activities. Be it communicating with friends, searching for information, doing banking transactions, availing online services, finding job, finding life partner or even running entire businesses. The internet touches almost all aspects of our lives.

There are both advantages and disadvantages of using internet. Everyday, we see new cyber crimes being reported. Though Government Agencies are equipped to deal with cyber crimes, it is our duty to take precautions to remain safe.

It is a proven fact that if we are aware about how various cyber crimes are committed, then it helps us to protect ourselves and our family from such frauds.

Research have found that almost 90% of Cyber Attacks are Caused by Human Error or Negligence

India ranks 3rd among nations facing most cyber threats. USA ranks 1st followed by China at 2nd spot.

In India, U.P is on the top with the highest incidence of cyber crimes committed followed by Karnataka and Maharashtra.

Preventing cyber crimes by creating awareness is the main objective of this session.

Cyber Crime – Cyber Crime is not defined in any legislation.

Cyber – relating to computers, information technology and virtual reality.

Cyber Crimes are offences relating to computers, information technology, internet and virtual reality.

Cybercriminals often commit crimes by targeting computer networks or devices. Cybercrime can range from security breaches to identity theft.

Classification of Cyber Crime can also be done in another way:

  • Cybercrimes against persons
  • Cybercrimes against property
  • Cybercrimes against government

1. Cybercrime against a Person

  • Phishing – It is act of sending fraudulent e-mail that appears to be from a legitimate source, for example, a bank, a recruiter or a credit card company etc. in an attempt to gain sensitive personal information, bank account details etc. from the victim.
  • Vishing/Smishing
  • Lottery Fraud
  • Credit/Debit Card Fraud
  • Job Related Fraud
  • Cyber stalking ­- the repeated use of electronic communications to harass or frighten someone
  • Cyber bullying – sending, posting or sharing negative, harmful, false content about someone else. The intention is to cause embarrassment or humiliation.
  • Impersonation– an act of pretending to be another person for the purpose of fraud
  • Loss of Privacy
  • Transmission of Obscene Material
  • Harassment with the use of computer

2. Cybercrime against Property

  • Unauthorized Computer Trespassing
  • Computer vandalism
  •     (deliberate damage/ destruction)
  • Transmission of harmful programmes
  • Siphoning of funds from financial  institutions
  • Stealing secret information & data

3. Cybercrime against Government

  • Hacking of Government websites
  • Cyber Extortion
  • Cyber Terrorism – the politically motivated use of computers and information technology to cause severe disruption or widespread fear in society.

Some Other Crimes

  • Cyber-attacks using Infected Mobile Applications
  • Denial-of-service (DDoS) attack – occurs when multiple systems flood the bandwidth or resources of a targeted system.
  • Hacking 
  • Virus attacks – through external devices or by downloading files from un-trusted websites or by installation of malicious software. It can cause slowing down the computer, lead to data corruption/deletion or data loss.
  • Logic Bombs – a set of instructions secretly incorporated into a program so that if a particular condition is satisfied they will be carried out, usually with harmful effects.
  • E-Mail Bombing– sending large volumes of email to an address in an attempt to overflow the mailbox

Recently, Ministry of Home Affairs, Indian Cyber Crime Coordination Centre has issued alerts regarding:

  1. Coronavirus email spam campaign to spread Emotet Malware.
    A new spam email campaign has been identified that is using Coronavirus related information as a lure to infect people with Emotet Malware, primarily a banking trojan.
  2. Fleeceware Cyber frauds – Free Trial Apps
    Fleeceware is new form of app-based cyber fraud that tricks users into paying excessive amounts of money for basic app functionality (like image editing, horoscope, QR-code/bar code scanning etc.)

Legislations governing Cyber Crimes
The laws that penalizes cyber crimes are
Indian Penal Code, 1860 (IPC)
Information Technology Act, 2000 (IT Act)
State legislations

The objective of the Information Technology Act,2000 in India:
• To provide legal recognition for all e-transactions
• To give legal recognition to digital signatures as a valid signature to accept agreements online
• To give legal recognition to keeping accounting books in electronic form by bankers as well as other organizations
• Protection of online privacy and stopping cyber crimes

It was criticized as draconian by some and others called it diluted and lenient.

There were amendments in year 2008
Notable features of Information Technology Amendment Act, 2008

  • Focusing of Data Privacy
  • Focusing on Information Security
  • Defining Cyber Café
  • Defining reasonable security practices to be followed by Corporate
  • Recognising Indian Computer Emergency Response Team
  • Inclusion of additional cyber crimes like child pornography and cyber terrorism
  • Authorising Inspector to Investigate cyber offenses (instead of DSP earlier).

Cyber Safety Road Map
….a few suggestions

  • Revisiting current law of land such as IT Act and IPC with respect to emerging cases, crime and technology scenarios
  • Setting up cyber crime forensic laboratories in each state to address the challenge of delay in examination of case data.
  • Setting up of cyber police cadre in the formal police recruitment system.

How to Prevent Cyber Crime?

No doubt that the cybersecurity laws or cyber laws in India provide protection from cybercrime. However, prevention is always better than cure. Therefore, one should take the following steps for preventing a cybercrime:

  • Secured website for online transactions: Always be sure about the correct address of the bank website and look for the ‘‘lock’’ icon on the browser’s status bar while visiting your bank’s website or conducting an online transaction. Always be sure ‘‘https’’ appears in the website’s address bar before making an online transaction. The ‘‘s’’ stands for ‘‘secure’’ and indicates that the communication with the webpage is encrypted.
  • Unsolicited text message – We all get text messages from an unknown number. One should be cautious and try to avoid responding to text messages or automated voice messages from an unknown number.
  • Always ignore an advertisement if it claims that you can earn money with little or no work or you can make money on an investment with little or no risk. It could be a scam. These offers seem, too good to be true, and you may end up losing money
  • Downloads on the mobile phone – Download everything on the mobile phone from a trustworthy source only.
  • Rating and feedback – Always check for the seller’s rating and feedback of customers for the seller. Be sure that you are checking current feedbacks. Also, beware of feedbacks that are 100% seller favoring or have an entry on the same date.
  • Personal Information Request – Everyone must have received a call or mail. In which, the person on the other side asks for personal information. This includes your card CVV or an email containing an attachment, which requires you to click on embedded links. Be sure to never respond to such emails or calls.
  • Use a full-service internet security suite (Anti-Virus)
  • Use strong passwords
  • Do not share your net-banking password, One Time Password (OTP), ATM or phone banking PIN, CVV number etc. with any person even he claims he is from bank.
  • Manage your social media settings- Keep your personal and private information locked down
  • Avoid using third-party extensions, plugins or add-ons for your web browser as it may secretly track your activity and steal your personal details
  • Talk to your children about the internet -You can teach your kids about acceptable use of the internet without shutting down communication channels. Make sure they know that they can come to you if they’re experiencing any kind of online harassment, stalking.

Know what to do if you become a victim
Where to Report a Cyber Fraud?

  • Visit the nearest police station immediately.
  • To report cybercrime complaints online, visit the National Cyber Crime Reporting Portal.
  •      This portal can be accessed at https://cybercrime.gov.in 
  • In this portal, there are two sections. One section is to report crimes related to Women and Children (where reports can be filed anonymously as well). Another section is to report other types of cybercrimes.

Cyber Crime Investigation Cell- Mohali – Punjab Police has set up a State level cyber Crime Investigation Cell at Phase-4, S.A.S Nagar, Mohali. It exclusively deals with the case of Cyber Crime. Email:  ps.cyber.police@punjab.gov.in Mobile: 95929-16023

Refer to the latest advisories which are issued by CERT-IN on https://www.cert-in.org.in