Unit 2 - Cyber crime

• 1. Classification of Cyber Crimes
  • [[#1. Classification of Cyber Crimes#1.1. Cyber Crimes Against Individuals|1.1. Cyber Crimes Against Individuals]]
  • [[#1. Classification of Cyber Crimes#1.2. Cyber Crimes Against Property|1.2. Cyber Crimes Against Property]]
  • [[#1. Classification of Cyber Crimes#1.3. Cyber Crimes Against Government or Society|1.3. Cyber Crimes Against Government or Society]]
  • [[#1. Classification of Cyber Crimes#1.4. Cyber Crimes Against Organizations or Businesses|1.4. Cyber Crimes Against Organizations or Businesses]]
• 2. Common Cyber crimes
  • [[#2. Common Cyber crimes#2.1. Cyber Crimes Targeting Computers and Mobiles|2.1. Cyber Crimes Targeting Computers and Mobiles]]
  • [[#2. Common Cyber crimes#2.2. Cyber Crimes Against Women and Children|2.2. Cyber Crimes Against Women and Children]]
  • [[#2. Common Cyber crimes#2.3. Financial Frauds|2.3. Financial Frauds]]
  • [[#2. Common Cyber crimes#2.4. Phishing|2.4. Phishing]]
  • [[#2. Common Cyber crimes#2.5. Social Engineering Attacks|2.5. Social Engineering Attacks]]
  • [[#2. Common Cyber crimes#2.6. Malware and Ransomware Attacks|2.6. Malware and Ransomware Attacks]]
  • [[#2. Common Cyber crimes#2.7. Zero-Day and Zero-Click Attacks|2.7. Zero-Day and Zero-Click Attacks]]
    • [[#2.7. Zero-Day and Zero-Click Attacks#Zero-Day Attacks|Zero-Day Attacks]]
    • [[#2.7. Zero-Day and Zero-Click Attacks#Zero-Click Attacks|Zero-Click Attacks]]

1. Classification of Cyber Crimes

Cyber crimes refer to illegal activities that are committed using computers, networks, or the internet. These crimes can be classified into several categories based on the target and nature of the offense:

1.1. Cyber Crimes Against Individuals

These crimes directly impact a person’s privacy, identity, or safety.

• Cyber Stalking: Repeated use of digital communication to harass or threaten someone.

• Online Harassment: Sending offensive, abusive, or threatening messages via emails, social media, or messaging platforms.

• Identity Theft: Stealing someone’s personal information (e.g., Aadhaar number, SSN, passwords) and using it for impersonation or fraud.

• Defamation: Spreading false information about a person online to damage their reputation.

• Cyber Bullying: Especially affects teens and children; involves threatening, mocking, or shaming someone online.

1.2. Cyber Crimes Against Property

These target digital assets like data, software, hardware, or networks.

• Hacking: Gaining unauthorized access to systems or networks to steal or manipulate data.

• Cyber Trespassing: Illegally accessing a device or network without causing damage but still violating privacy.

• Data Theft: Unauthorized copying or transfer of sensitive or confidential data.

• Intellectual Property Theft: Stealing content, software, designs, or inventions protected under copyright or patents.

• Spreading Malware: Intentionally distributing malicious programs that damage data or disrupt operations.

1.3. Cyber Crimes Against Government or Society

These crimes threaten national security, public order, or democracy.

• Cyber Terrorism: Using cyberspace to carry out terrorist acts, such as attacking power grids, or inciting violence.

• Cyber Warfare: Nation-state-sponsored hacking targeting another country’s infrastructure or defense systems.

• Online Propaganda: Disseminating hate speech, fake news, or extremist ideologies to destabilize societies.

• Espionage: Spying on government agencies or officials to gather confidential information.

1.4. Cyber Crimes Against Organizations or Businesses

Targets enterprises to disrupt services or steal corporate data.

• DDoS Attacks: Overloading a server or website with traffic to make it unavailable.

• Business Email Compromise (BEC): Posing as executives to trick employees into transferring money or data.

• Insider Threats: Employees or contractors misusing their access to steal or leak information.

• Ransomware Attacks: Encrypting company data and demanding payment to restore access.

2. Common Cyber crimes

2.1. Cyber Crimes Targeting Computers and Mobiles

These involve unauthorized access or damage to computing devices:

• Hacking: Accessing a device, server, or network without permission.
  Example: Breaking into someone’s email account to read messages.

• Spyware: Software that secretly collects user data (e.g., browsing habits, passwords).

• Keyloggers: Programs that log every keystroke to capture sensitive data like login credentials.

• Botnets: A network of infected devices controlled remotely to carry out large-scale attacks.

• Cryptojacking: Unauthorized use of someone’s device to mine cryptocurrencies.

---

2.2. Cyber Crimes Against Women and Children

Cyber space has increased vulnerability for women and minors:

• Cyber Stalking: Repeated online threats, tracking, or monitoring through social media or GPS apps.

• Revenge Porn: Sharing of private, intimate images/videos without consent—usually to shame or blackmail.

• Child Pornography: Creation, possession, or distribution of sexually explicit material involving minors.

• Online Grooming: Building emotional connections with minors online to exploit them sexually.

• Impersonation/Fake Profiles: Creating fake accounts to defame, harass, or extort.

---

2.3. Financial Frauds

Crimes intended to steal money or financial data:

• Phishing Scams: Fake emails/websites that trick users into revealing credit card or banking info.

• ATM Skimming: Installing devices on ATMs to capture card details and PINs.

• Online Shopping Frauds: Fake e-commerce websites that collect payments without delivering goods.

• Fake Investment Platforms: Promise high returns through cryptocurrency or stock scams.

• Carding: Use of stolen card information to buy goods/services online.

---

2.4. Phishing

Definition: A deceptive attempt to obtain sensitive data (like passwords or banking details) by pretending to be a trustworthy entity.

Types:

• Email Phishing: Emails that mimic legitimate companies asking for account verification.

• Spear Phishing: Customized phishing targeting a specific individual (e.g., CEO or HR).

• Smishing: Phishing via SMS.

• Vishing: Phishing via phone calls.

• Clone Phishing: Duplicate of a legitimate email with malicious attachments or links.

---

2.5. Social Engineering Attacks

Definition: Manipulating people into divulging confidential information by exploiting human psychology.

Techniques:

• Pretexting: Pretending to be someone in authority (e.g., bank manager) to extract info.

• Baiting: Leaving infected USB drives in public places to tempt users into plugging them in.

• Quid Pro Quo: Offering something in return for information (e.g., free software, fake support calls).

• Tailgating: Following someone into a restricted area by pretending to be an employee or delivery person.

---

2.6. Malware and Ransomware Attacks

• Malware: A blanket term for malicious software (viruses, trojans, worms, spyware, etc.).

• Ransomware: Locks access to files or systems and demands ransom for release.
  Example: WannaCry, which affected hospitals and banks worldwide.

• Adware: Unwanted software that floods a device with advertisements.

• Trojans: Programs that look harmless but carry hidden malicious code.

• Rootkits: Hide the presence of malware by modifying system processes.

---

2.7. Zero-Day and Zero-Click Attacks

Zero-Day Attacks

• Definition: Exploits vulnerabilities that are unknown to software vendors. The term “zero-day” implies the developer has had zero days to fix the flaw.

• Danger: Highly dangerous because there’s no patch or defense available at the time of attack.

• Example: Stuxnet malware that targeted Iranian nuclear facilities.

Zero-Click Attacks

• Definition: Exploits that require no user interaction (no clicks or downloads). The attack can happen just by receiving a message, email, or push notification.

• Use: Often found in spyware used by intelligence agencies to spy on journalists, activists, or politicians.

• Example: Pegasus spyware could infect a device just by sending a message on WhatsApp or iMessage.

---