Let's Understand the Cyber Crime in simple terms :
1. Cybercrime is a crime involving computers and networks. This includes a wide range of activities, from illegally downloading music files to stealing money from online bank accounts.
2. Cyberspace is a digital or online world, connected with computer and mobile networks. Cybercriminals are not always financially motivated. It also includes non-monetary offences as well.
3. It include frauds such as
a. Job-related frauds or Lottery Frauds, or Matrimonial frauds;
b. Stealing and misusing sensitive personal information (Aadhaar details, credit/debit card details, bank account credentials, etc.);
c. Defamation of an individual on social media;
d. Distribution of computer viruses etc.
4. Cybercrimes can also lead to physical or sexual abuse.
5. Cybercriminals can steal our money or damage our reputation.
According to a study by a leading industry research organization, 90% of all cyber attacks are caused by human negligence. Therefore, cybersecurity awareness is important for everyone today.
We must be vigilant while making use of technology to reduce the risk of cyber threats. Some common types of cybercrimes are prevalent today.
We will discuss these type of cyber crime in very simple terms, with stories and videos in the coming sections. Do read it carefully and watch the video till the end for the better understanding.
Part 1: Social Media Frauds Cyber Crime
Part 2: Psychological Tricks & Digital Banking Frauds Cyber Crime
Part 3: Identity Theft and Safety Measures Tips of Cyber Crime
Part 1: Social Media Frauds Cyber Crime
Let's watch this video till the end to understand the Social Media Frauds and Safety Tips ππ
Social Media Frauds Cyber Crime Type 1: Sympathy Fraud Crime
i. The attacker becomes friends with the victim on social media. (".....illness or use children to draw sympathy")
ii. The attacker gains trust through frequent interactions. The attacker later extracts money/harms the victim.
Social Media Frauds Cyber Crime Type 2: Romance Fraud Crime
In Romance Fraud,
i. The attacker becomes friends with the victim on social media.
ii. Over a period, the attacker gains the victim’s affection.
iii. The attacker later exploits the victim physically, financially and/or emotionally.
Lets understand the Cyber Crime Frauds using amazing videoππ
Social Media Frauds Cyber Crime Type 3: Cyberstalking Crime
i. Cyberstalking is a crime in which the attacker harasses a victim using electronic communication, such as e-mail, instant messaging (IM), messages posted on a website or a discussion group.
ii. A cyberstalker relies upon the fact that his/her true identity is not known in the digital world.
iii. A cyberstalker targets the victim with threatening/abusive messages and follows them/their activities in the real world.
Cyber Stalking, Someone is secretly Watching You, Stay Safe!
Social Media Frauds Cyber Crime Type 3: Cyberbullying Crime
i. Cyberbullying is bullying that takes place over digital devices.
ii. Cyberbullying can occur through SMS, social media, forums or gaming apps where people can view, participate or share content.
iii. Cyberbullying includes sending, posting or sharing negative, harmful, false content about someone else.
iv. The intention is to cause embarrassment or humiliation. At times, it can also cross the line into unlawful criminal behaviour.
How to protect ourselves from any kind of social media attacks?
Preventive Measures/Precautions
1. Restrict your social media profiles from the public searches.
2. Enable two-factor authentications to login the social media account.
3. Don’t save your password on any browser or public library computer or share with anyone.
4. Log out after each session.
5. Don’t accept friend requests from unknowns.
6. Figure Privacy Policy, Only share with friends while sharing any information.
7. Remember that information scattered over multiple posts, photographs, status, comments etc. may together reveal enough about you to enable a fraudster to steal your identity and defraud you. So, apply maximum caution while sharing anything online.
8. Enable the notification and select the right alerts.
Part 2 a: Psychological Tricks Cyber Crime
1. Psychological tricks are where attackers play with the minds of the user to trap them with lucrative offers.
2. Once trapped, the attackers can exploit the victim by either stealing money or stealing sensitive personal information (name, Aadhaar details, bank account details etc.) or harm the victim in any other way.
3. These criminals creates such kind of emergency that user has to take decisions rapidly, he becomes nervous and act impulsively which makes them follow the instructions given by the attacker and makes him/her infected with these crimes.
4. The entire basis of this kind of attack is to make the victim fall into their trap by sending fake emails/website (Phishing), calls (Vishing) or SMS (Smishing).
Let us look at some examples of psychological tricks.
a. Lottery Fraud
b. Credit/Debit Card Fraud
c. Job-Related Fraud
d. Matrimonial Fraud
Let us Understand the Psychological Tricks Cyber Crime:
Psychological Trick Cyber Crime Type 1 : Phishing
i. Phishing is the act of sending fraudulent messages via email, telephone/voice or text messages which appears to be from legitimate sources. Like a bank, a recruiter, a credit card company etc.
ii. This is done in an attempt to gain sensitive personal information, bank account details etc. from the victim.
Example: Lottery Fraud
i. The fraudster congratulates the victim for winning a handsome lottery via e-mail/call/SMS.
ii. The victim is delighted and is eager to get the lottery money.
iii. The fraudster asks the victim to transfer a token amount and share vital personal information to get the lottery money.
iv. The victim loses his/her money and does not get anything in return.
Psychological Trick Cyber Crime Type 2: Vishing (Voice Phishing)
Vishing is similar to phishing. But, instead of e-mail, in this type of crime, the fraudster uses the telephone to obtain sensitive personal and financial information.
Example: Credit/Debit Card Fraud
i. The attacker tries to scare the victim by informing them that their credit/debit card has been blocked.
ii. The victim becomes worried and starts panicking. The attacker takes advantage of this situation and asks the victim to provide sensitive personal information to re-activate the card.
iii. This information is then misused to steal money or cause harm to the victim.
Debit/Credit Card Scam on Call
Preventive Measures
1. Do not get petrified if you receive a call stating that your card is blocked.
2. Bank will never convey such information on call.
3. Do not share your PIN, password, card number, CVV number, OTP etc. with any stranger, even if he/she claims to be bank employee. Bank will never ask for any vital information.
4. Keep your bank’s customer care number handy so that you can report any suspicious or unauthorized transactions on your account immediately.
Psychological Trick Cyber Crime Type 3: Smishing (Mobile/Instant Message Phishing )
i. Smishing is the SMS equivalent of phishing. It uses SMS to send fraudulent text messages.
ii. The SMS asks the recipient to visit a website/weblink or call a phone number.
iii. The victim is then tricked into providing sensitive personal information, debit/credit card details or passwords etc.
iv. Phishing, Vishing and Smishing are done in an attempt to steal money from the victim or cause any other harm to the victim.
Lottery Frauds Awareness using Video
Example: Job-Related Fraud
i. The attacker sends a fake SMS to the victim offering a job with an attractive salary.
ii. The victim, unfortunately, believes it and follows the instructions.
iii. The attacker then steals the money or harms the victim physically.
Preventive Measures/Precautions
1. Have you received an SMS or email saying that you have won a prize in a lottery? It's a scam. Do not respond it.
2. Never respond to fake lottery winning related calls/SMS/Emails.
3. Have you received an SMS or email about transferring of money into your account? It's a scam. Do not respond it.
4. Have proper spam filters in your email account.
5. Follow the thumb rule : Never transfer funds to unknown persons or entities in anticipation of high returns. This is never going to happen.
6. Always search and apply for jobs posted on authentic job portals, newspapers etc.
7. Check if the domain of the e-mail is the same as the one you have applied with. For example, all government websites have “.gov.in” or “.nic.in” as domain.
8. If an e-mail has spelling, grammatical and punctuation errors, it could be a scam.
9. Beware of the fake calls/e-mails impersonating themselves as recruiters and requesting for personal information or money.
10. Authentic recruiters never ask to pay processing fee to offer a Job, it could be a scam.
Example: Matrimonial Frauds and Safety
i. Fraudsters create fake profiles on leading matrimonial websites for cheating.
ii. If there is any demand for transfer of funds, cross verify the genuineness of the person.
iii. Create profiles only on a registered/Authentic matrimonial site. (Search and Check reviews of website)
iv. Verify educational qualification and job description by calling up the educational institutes or employer.
v. If you are getting married, Instead of taking decision on your own, it’s better to involve family members.
vi. Visit the person’s house and meet his/her parents & relatives not once but a number of times. Invite them to your house as well.
vii. Do a lot of background verification about the interested person.
Safety Precautions on Matrimonial Sites
i. If a person is reluctant to come on video chat or to meet in person, he/she can be a fraudster as the profile picture posted on matrimonial website may not be of his/ her.
ii. A fraudster may express his/ her love in just a short span of acquaintance without any meeting or background checks.
iii. Fraudsters will usually call from multiple numbers. He/ She usually don’t give a number to call back. Even if he/ she give a number, they don’t pick up when you call. Later, he/ she calls you back from a new number.
iv. If a person enquires about your financial status at initial stage of interaction.
Part 2 b: Online/Digital Banking Frauds
1. Nowadays, all banking services are shifting online. Services like retrieving account statement, funds transfer to other accounts, requesting a cheque book, preparing demand draft etc. can all be done online. Most of these services can be done sitting at home without physically visiting the bank.
2. As the services are shifting towards online platforms, cyber frauds related to banking are also increasing.
3. Just like we protect our locker full of jewelry with a lock and key, we must protect our online bank accounts with strong passwords.
4. If the key is stolen, then the jewelry will be stolen. Similarly, if the password is stolen, then the money in the bank accounts will be stolen.
5. Hence, protection of bank accounts with strong passwords becomes highly essential.
Let us look at some examples of online banking fraud:
a. Digital Payments Applications related attacks
b. Hacking of Bank Account due to Weak Password
c. Hacking of Multiple Accounts due to same password
Type 1: Digital Payments Applications related attacks and Safety
i. Digital payments have become very common in today’s life. However, they do pose a threat if the account is hacked.
ii. Due to lack of accurate information about digital payments, we easily fall prey into it, most of the frauds are happening through digital payment app/link, so we all need to be cautious.
iii. For example, if you are selling goods through websites like OLX or Quickr, then avoid paying by clicking on a link.
iv. Do not click on any given link to pay. This is another way of cheating people.
Media Report on Digital Payment Fraud
i. IAF Officer Robbed Of Rs 75,000 While Selling Furniture Online; This Is How UPI Fraud Happened. (Date: 26 May 2020)
ii. A conman cheated an IAS officer posted in Udaipur by sending a fake Know Your Customer (KYC) link on her mobile phone and allegedly siphoned off Rs 6.10 lakh from her bank account. (Date: 23 Oct 2019)
iii. A Thane resident lost a little over Rs 1 lakh in an online fraud involving popular payment gateways. The complainant, a resident of Patlipada, wanted to sell his furniture and posted an ad on Facebook on December 21, 2019.
iv. IIT-Bombay scientist loses Rs 80,000 in UPI collect call fraud. (Nov 2019)
Take Precautions and Be Safe!
Never Ever Share your CVV, OTP and PIN to anyone, an awareness Video
Type 2: Hacking of Bank Account due to Weak Password
i. In this type of attack, the attacker hacks into the victim’s account by using a program to guess commonly used passwords.
ii. Once the account is hacked, the attacker can steal money or perform an illegal transaction in order to defame or frame the victim.
Type 3: Hacking of Multiple Accounts due to same password
If same password is used for multiple accounts, then hacking of one account may also lead to hacking of other accounts.
Let's understand the need for Strong Password ππ
Part-3 Identity Theft and Safety Measures
Let's Understand the Identity Theft Cyber Crime with Stories and Videos
Identity Theft Crime Type 1: Hacking or Gaining access to Social Media Accounts
i. In this type of crime, the attacker hacks or gains access to the social media account of the victim.ii. The attacker can then harm the victim by misusing their personal information and photographs.
iii. The attacker can also post offensive content on the victim’s profile or defame the victim.
Let's understand the Identity Theft Cyber Crime Type 1 with an example
Sameera Learns following Preventive Measures for Social Networking Sites :
ii. Use 2-step verification such as one-time password (OTP) while using someone else’s computer.
iii. Do not save your username and password in the web browser at cyber cafe or public library
iv. Register your mobile number with social networking sites to get alerts in the event of un-authorized access.
v. Permanently delete all documents downloaded on computers in cybercafΓ©.
Identity Theft Crime Type 2: Credit/Debit Card Skimming/Cloning
i. In this type of crime, Credit/Debit card skimming is done using a small device called skimmer.
ii. The magnetic stripe of the card stores details such as name, credit/debit card number and expiration date.
iii. First, the credit/debit card is swiped through a skimmer, then, the skimmer captures all these details.
iv. Thieves use this stolen data to make online transactions.
v. They also use this data to create duplicate credit/debit cards and withdraw money from ATM.
vi. Sometimes Skimming Device or Small Camera is also hidden attached on the ATM Machine.
Let's watch this video till end to understand the Credit/Debit Card Skimming crime in ATM
Lets also understand this type of crime with a story :
Preventive Measures for Credit/Debit Card Skimming
i. Always ensure that credit/debit card swipes at shopping malls, petrol pumps, etc. are done in your presence.
ii. Do not allow the sales person to take your card away to swipe for the transaction.
iii. Look out for credit/debit card skimmers anywhere you swipe your card, especially at petrol pumps, ATMs etc.
iv. If you notice a credit/debit card reader that protrudes outside the face of the rest of the machine, it may be a skimmer.
v. Never share your PIN with anybody, however close they might be.
Identity Theft Crime Type 3: Misuse of Photocopies of Identity Proofs
i. The attacker misuses the photo copies of identity proofs of the victim.
ii. These can be PAN Card, Aadhaar Card or any other identity proof of the victim.
iii. The attacker can use these photo copies to steal money or cause harm to the victim.
Preventive Measures of Misuse of Photo-Copies
i. Never provide details or copy of identity proofs (e.g. PAN Card, Aadhaar Card, Voter Card, Driving License, Address Proof) to unknown person/organization.
ii. Do not share sensitive personal information (like Date of Birth, Birth Place, Family Details, Address, Phone Number) on public platforms.
iii. Always strike out the photo copy of the identity proof; write the purpose of its usage overlapping the photo copy. This way, it becomes difficult to reuse the photo copy.
Virus Attack on Personal Computer/Laptop/Mobile
i. Personal Computers or laptops or Mobile play a very important role in our lives. We store our crucial information such as bank account numbers, business documents etc. in the computer or Mobile.
ii. We also store personal files like photos, music, movies etc. in the computer/Mobile. Therefore, protection of all this data is highly essential.
iii. A virus is a malicious code designed to spread from host to host by itself without the user’s knowledge to perform malicious actions.
iv. Just as we keep a physical lock on our safe vaults, it is equally important to protect our valuable data from viruses/malicious applications that can damage it.
Let us understand the Virus Attack on Personal Computer/Laptop/Mobile and how to secure your device
Type 1: Virus Attack through External Devices
i. A virus can enter the computer through external devices like pen drive or hard disk etc.
ii. This virus can spread across all the computer files.
Type 2: Virus Attack by downloading files from untrusted websites
i. The virus can enter the computer by the download of files from un-trusted websites.
ii. The virus can be hidden in the form of music files, video files or any attractive advertisement.
iii. This virus can spread across all the computer files.
Type 3: Virus Attack by the installation of malicious software
i. The virus can enter into the computer by installing software from un-trusted sources.
ii. The virus can be additional software hidden inside unknown game files or any unknown software.
iii. This virus can spread across all the computer files.
Preventive Measures
i. Computers/Laptops/Mobile should have antivirus installed, enabled and running the latest version.
ii. Always scan external devices (e.g. USB) for viruses, while connecting to the Computer/Mobile.
iii. Always keep the “Bluetooth” connection in an invisible mode, unless you need to access file transfers on your mobile phone or laptops.
iv. Never download or install pirated software, applications etc. on your computer, laptops or hand-held devices. It is not only illegal but also increases your vulnerability to potential cyber threats.
v. Do not click on the URL/links provided in suspicious e-mails/SMS even if they look genuine as this may lead you to malicious websites. This may be an attempt to steal money or personal information.
vi. Always check “https” appears in the website’s address bar before making an online transaction. The “s” stands for “secure” and indicates that the communication with the webpage is encrypted.
Security Danger Of Public Wi-Fi
How to file a Complaint of Cyber Crime?
Where to Report a Cyber Crime Fraud?
1. Visit the nearest police station immediately. or
2. To report cyber crime complaints online,
i. Visit the National Cyber Crime Reporting Portal. This portal can be accessed at https://cybercrime.gov.in/.
ii. In this portal, there are two sections:
a. One section is to report crimes related to Women and Children (where reports can be filed anonymously as well).
b. Another section is to report other types of cybercrimes.
c. You can also file a complaint offline by dialing the helpline number 155260.
3. In case you receive or come across a fraud sms, e-mail, link, phone call asking for your sensitive personal information or bank details, please report it on Maharashtra Cyber’s web portal by visiting www.reportphishing.in
4. Refer to the latest advisories which are issued by CERT-IN on https://www.cert-in.org.in/
5. Report any adverse activity or unwanted behaviour to CERT-IN using the following channels
E-mail : incident@cert-in.org.in
Helpdesk : +91 1800 11 4949
Kindly provide the following information (as much as possible) while reporting an incident.
i. Time of occurrence of the incident
ii. Information regarding affected system/network
iii. Symptoms observed
6. To report lost or stolen mobile phones,
i. File a First Information Report (FIR) with the police.
ii. Post filing the FIR, inform Department of Telecommunications (DoT) through the helpline number 14422 or
iii. File an online complaint on Central Equipment Identity Register(CEIR) portal by visiting https://ceir.gov.in.
iv. After verification, DoT will blacklist the phone, blocking it from further use.
In addition to this, if anyone tries to use the device using a different SIM card, the service provider will identify the new user and inform the police.
Your opinion matters a lot...
We all know that due to COVID-19 Pandemic, we all are become heavily
dependent on the internet to complete the day to day activities. There is
a sharp rise in Incidents on Cyber Crime reported after Lockdown. It
has become important for all of us to understand the common type of
internet crime (Cyber Crime), how we can remain safe or protected in
this digital world.
This short blog will help to make people aware about the cyber crime
and empower their family, friends and love one to remain safe from
any kind of cyber crime.
YOUR VALUABLE FEEDBACK WILL HELP ME TO FURTHER IMPROVE THE
CONTENT PROVIDED IN THIS BLOG.
THANK YOU ! FOR READING THIS BLOG
Nice ,keep it up
ReplyDelete