Diwakar's Blog

An attack to commit a Cyber Crime can be called as a Cyber Attack! When it comes to the Internet, you are sure to acquire some malware, if you visit malicious websites without proper protection. At the minimum, you need an antivirus and a firewall. You also need to stay and steer clear of different types of cybercriminals trying to make money at your cost.

It is important to note that a computer, Internet or computer technology has to be involved, and when the use of any of the following techniques or activities is made to carry out a crime or illegal activity – only then can it be classified as a Cybercrime.

Identity theft

Identity theft is a crime in which an imposter obtains key pieces of personal information, such as Social Security or driver's license numbers, in order to impersonate someone else. The information can be used to obtain credit, merchandise, and services in the name of the victim, or to provide the thief with false credentials. In addition to running up debt, an imposter might provide false identification to police, creating a criminal record or leaving outstanding arrest warrants for the person whose identity has been stolen.

Ransomware

This is one of the detestable malware-based attacks. Ransomware enters your computer network and encrypts your files using public-key encryption, and unlike other malware this encryption key remains on the hacker’s server. Attacked users are then asked to pay huge ransoms to receive this private key.

DDoS attacks

DDoS attacks are used to make an online service unavailable and bring it down, by bombarding or overwhelming it with traffic from multiple locations and sources. Large networks of infected computers, called Botnets are developed by planting malware on the victim computers. The idea is normally to draw attention to the DDOS attack, and allow the hacker to hack into a system. Extortion and blackmail could be the other motivations.

Botnets

Botnets are networks of compromised computers, controlled by remote attackers in order to perform such illicit tasks as sending spam or attacking other computers.  Computer Bots can also be used act like malware and carry out malicious tasks. Then can be used to assemble a network of computers and then compromise them.

Spam and Phishing

Spamming and phishing are two very common forms of cybercrimes. There is not much you can do to control them. Spam is basically unwanted emails and messages. They use Spambots. Phishing is a method where cyber criminals offer bait so that you take it and give out the information they want. The bait can be in form of a business proposal, announcement of a lottery to which you never subscribed, and anything that promises you money for nothing or a small favor. There are online loans companies too; making claims that you can get insecure loans irrespective of your location. Doing business with such claims, you are sure to suffer both financially and mentally. Phishing has its variants too – notably among them are Tabnabbing, Tabjacking. And Vishing and Smishing. Such spamming and phishing attempts are mostly emails sent by random people whom you did not ever hear of. You should stay away from any such offers especially when you feel that the offer is too good. The US Cybercrime Center says – do not get into any kind of agreements that promise something too good to be true. In most cases, they are fake offers aiming to get your information and to get your money directly or indirectly.

Social Engineering

Social engineering is a method where the cyber criminals make a direct contact with you using emails or phones  mostly the latter. They try to gain your confidence and once they succeed at it, they get the information they need. This information can be about you, your money, your company where you work or anything that can be of interest to the cyber criminals. It is easy to find out basic information about people from the Internet. Using this information as the base, the cyber criminals try to befriend you and once they succeed, they will disappear, leaving you prone to different financial injuries directly and indirectly. They can sell the information obtained by you or use it to secure things like loans in your name. The latter case is of Identity theft. You should be very careful when dealing with strangers – both on phone and on the Internet.

Malvertising

Malvertising is a method whereby users download malicious code by simply clicking at some advertisement on any website that is infected. In most cases, the websites are innocent. It is the cyber criminals who insert malicious advertisements on the websites without the knowledge of the latter. It is the work of advert companies to check out if an advertisement is malicious but given the number of advertisements they have to deal with, the malverts easily pass off as genuine ads. In other cases, the cyber criminals show clean ads for a period of time and then replace it with malverts so that the websites and advertisements do not suspect. They display the malverts for a while and remove it from the site after meeting their targets. All this is so fast that the website does not even know they were used as a tool for cybercrime. Malvertising is one of the fastest, increasing types of cybercrime.

PUPs

PUPs, commonly known as Potentially Unwanted Programs are less harmful but more annoying malware. It installs unwanted software in your system including search agents and toolbars. They include spyware, adware, as well as dialers. Bitcoin miner was one of the most commonly noticed PUPs in 2013.

Drive-By-Downloads

Drive By Downloads too, come close to malvertising. You visit a website and it triggers a download of malicious code to your computer. These computers are then used to aggregate data and to manipulate other computers as well. The websites may or may not know that they have been compromised. Mostly, the cyber criminals use vulnerable software such as Java and Adobe Flash and Microsoft Silverlight to inject malicious codes as soon as a browser visits the infected website. The user does not even know that there is a download in progress.

Remote Administration Tools

Remote Administration Tools are used to carry out illegal activities. It can be used to control the computer using shell commands, steal files/data, and send location of the computer to a remote controlling device and more.

Exploit Kits

Vulnerability means some problem in the coding of software that enables cyber criminals to gain control of your computer. There are ready to use tools (exploit kits) in the Internet market which people can buy and use it against you. These exploit kits are upgraded just like normal software. Only difference is these are illegal. They are available mostly in hacking forums as well as on the Darknet.

Scams

Notable among Internet scams are, scams which misuse the Microsoft name and other general tech support scams. Scamsters phone computer users randomly and offer to fix their computer for a fee. Every single day, scores of innocent people are trapped by scam artists into Online Tech Support Scams and forced to shell out hundreds of dollars for non-existent computer problems.