Hacking in simple terms means an illegal intrusion into a computer system and/or network. There is an equivalent term to hacking i.e. cracking, but from Indian Laws perspective there is no difference between the term hacking and cracking. Every act committed towards breaking into a computer and/or network is hacking. Hackers write or use ready-made computer programs to attack the target computer. They possess the desire to destruct and they get the kick out of such destruction. Some hackers hack for personal monetary gains, such as to stealing the credit card information, transferring money from various bank accounts to their own account followed by withdrawal of money. They extort money from some corporate giant threatening him to publish the stolen information which is critical in nature.
Government websites are the hot targets of the hackers due to the press coverage, it receives. Hackers enjoy the media coverage.
Motive Behind The Crime
- Desire to access forbidden information
- Destructive mindset
- Wants to sell n/w security services
The Internet is being highly used by its abusers to reach and abuse children sexually, worldwide. The internet is very fast becoming a household commodity in India . Itâ€™s explosion has made the children a viable victim to the cyber crime. As more homes have access to internet, more children would be using the internet and more are the chances of falling victim to the aggression of pedophiles.
The easy access to the pornographic contents readily and freely available over the internet lower the inhibitions of the children. Pedophiles lure the children by distributing pornographic material, then they try to meet them for sex or to take their nude photographs including their engagement in sexual positions. Sometimes Pedophiles contact children in the chat rooms posing as teenagers or a child of similar age, then they start becoming friendlier with them and win their confidence. Then slowly pedophiles start sexual chat to help children shed their inhibitions about sex and then call them out for personal interaction. Then starts actual exploitation of the children by offering them some money or falsely promising them good opportunities in life. The pedophiles then sexually exploit the children either by using them as sexual objects or by taking their pornographic pictures in order to sell those over the internet.
In physical world, parents know the face of dangers and they know how to avoid & face the problems by following simple rules and accordingly they advice their children to keep away from dangerous things and ways. But in case of cyber world, most of the parents do not themselves know about the basics in internet and dangers posed by various services offered over the internet. Hence the children are left unprotected in the cyber world. Pedophiles take advantage of this situation and lure the children, who are not advised by their parents or by their teachers about what is wrong and what is right for them while browsing the internet
How do they Operate
Pedophiles use false identity to trap the children/teenagers
Pedophiles contact children/teens in various chat rooms which are used by children/teen to interact with other children/teen.
Befriend the child/teen.
Extract personal information from the child/teen by winning his confidence.
Gets the e-mail address of the child/teen and starts making contacts on the victimâ€™s e-mail address as well.
Starts sending pornographic images/text to the victim including child pornographic images in order to help child/teen shed his inhibitions so that a feeling is created in the mind of the victim that what is being fed to him is normal and that everybody does it.
Extract personal information from child/teen
At the end of it, the pedophile set up a meeting with the child/teen out of the house and then drag him into the net to further sexually assault him or to use him as a sex object.
Cyber Stalking can be defined as the repeated acts harassment or threatening behavior of the cyber criminal towards the victim by using internet services. Stalking in General terms can be referred to as the repeated acts of harassment targeting the victim such as following the victim, making harassing phone calls, killing the victims pet, vandalizing victims property, leaving written messages or objects. Stalking may be followed by serious violent acts such as physical harm to the victim and the same has to be treated and viewed seriously. It all depends on the course of conduct of the stalker.
Both kind of Stalkers â€“ Online & Offline – have desire to control the victims life. Majority of the stalkers are the dejected lovers or ex-lovers, who then want to harass the victim because they failed to satisfy their secret desires. Most of the stalkers are men and victim female.
How do they Operate
Collect all personal information about the victim such as name, family background, Telephone Numbers of residence and work place, daily routine of the victim, address of residence and place of work, date of birth etc. If the stalker is one of the acquaintances of the victim he can easily get this information. If stalker is a stranger to victim, he collects the information from the internet resources such as various profiles, the victim may have filled in while opening the chat or e-mail account or while signing an account with some website.
The stalker may post this information on any website related to sex-services or dating services, posing as if the victim is posting this information and invite the people to call the victim on her telephone numbers to have sexual services. Stalker even uses very filthy and obscene language to invite the interested persons.
People of all kind from nook and corner of the World, who come across this information, start calling the victim at her residence and/or work place, asking for sexual services or relationships.
Some stalkers subscribe the e-mail account of the victim to innumerable pornographic and sex sites, because of which victim starts receiving such kind of unsolicited e-mails.
Some stalkers keep on sending repeated e-mails asking for various kinds of favors or threaten the victim.
In online stalking the stalker can make third party to harass the victim.
Follow their victim from board to board. They “hangout” on the same BB’s as their victim, many times posting notes to the victim, making sure the victim is aware that he/she is being followed. Many times they will “flame” their victim (becoming argumentative, insulting) to get their attention.
Stalkers will almost always make contact with their victims through email. The letters may be loving, threatening, or sexually explicit. He will many times use multiple names when contacting the victim.
Contact victim via telephone. If the stalker is able to access the victims telephon, he will many times make calls to the victim to threaten, harass, or intimidate them.
Track the victim to his/her home.
Definition of Cyberstalking?
Although there is no universally accepted definition of cyberstalking, the term is used in this report to refer to the use of the Internet, e-mail, or other electronic communications devices to stalk another person. Stalking generally involves harassing or threatening behavior that an individual engages in repeatedly, such as following a person, appearing at a person’s home or place of business, making harassing phone calls, leaving written messages or objects, or vandalizing a person’s property. Most stalking laws require that the perpetrator make a credible threat of violence against the victim; others include threats against the victim’s immediate family; and still others require only that the alleged stalker’s course of conduct constitute an implied threat.(1) While some conduct involving annoying or menacing behavior might fall short of illegal stalking, such behavior may be a prelude to stalking and violence and should be treated seriously.
Nature and Extent of Cyberstalking
An existing problem aggravated by new technology
Although online harassment and threats can take many forms, cyberstalking shares important characteristics with offline stalking. Many stalkers – online or off – are motivated by a desire to exert control over their victims and engage in similar types of behavior to accomplish this end. As with offline stalking, the available evidence (which is largely anecdotal) suggests that the majority of cyberstalkers are men and the majority of their victims are women, although there have been reported cases of women cyberstalking men and of same-sex cyberstalking. In many cases, the cyberstalker and the victim had a prior relationship, and the cyberstalking begins when the victim attempts to break off the relationship. However, there also have been many instances of cyberstalking by strangers. Given the enormous amount of personal information available through the Internet, a cyberstalker can easily locate private information about a potential victim with a few mouse clicks or key strokes.
The fact that cyberstalking does not involve physical contact may create the misperception that it is more benign than physical stalking. This is not necessarily true. As the Internet becomes an ever more integral part of our personal and professional lives, stalkers can take advantage of the ease of communications as well as increased access to personal information. In addition, the ease of use and non-confrontational, impersonal, and sometimes anonymous nature of Internet communications may remove disincentives to cyberstalking. Put another way, whereas a potential stalker may be unwilling or unable to confront a victim in person or on the telephone, he or she may have little hesitation sending harassing or threatening electronic communications to a victim. Finally, as with physical stalking, online harassment and threats may be a prelude to more serious behavior, including physical violence.
Denial of service Attack
This is an act by the criminal, who floods the bandwidth of the victim's network or fills his e-mail box with spam mail depriving him of the services he is entitled to access or provide
Short for denial-of-service attack, a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic. Many DoS attacks, such as the Ping of Death and Teardrop attacks, exploit limitations in the TCp/IP protocols. For all known DoS attacks, there are software fixes that system administrators can install to limit the damage caused by the attacks. But, like Virus, new DoS attacks are constantly being dreamed up by Hacker.
Credit card fraud
How does credit card fraud occur?
Credit card fraud happens when consumers give their credit card number to unfamiliar individuals, when cards are lost or stolen, when mail is diverted from the intended recipient and taken by criminals, or when employees of a business copy the cards or card numbers of a cardholder.
What is an unauthorized charge on my credit card?
credit card image An unauthorized charge is a purchase on your credit card that you did not make or permit anyone else to make. When your card is lost or stolen, the person who finds it or steals it may use it to make purchases. Criminals can use the card by forging your name, or order goods and services by phone or on the Internet.
My brother stole my credit card and personal identification number (PIN) and took out a cash advance using the card. Can I still dispute the transaction?
Yes, if you did not allow your brother to use your card. You may have to sign a sworn statement that your brother took the card and PIN without your permission.
What is a counterfeit credit card?
Counterfeit credit cards are fakes that have real account information stolen from victims. Often, the victims still have their real cards, so they don't know a crime has occurred. The cards appear legitimate, with issuers' logos and encoded magnetic strips. Criminals use stolen account information to create counterfeit cards or to charge items over the phone or the Internet. Counterfeit cards often are used just a few times and abandoned before the victim becomes aware and reports their misuse.
What is identity theft?
Identity theft, or ID theft, is the fraudulent use of an individual's personal information—such as Social Security number or date of birth—to commit financial fraud.
What happens to victims of identity theft?
Identity thieves harm and inconvenience victims by using their names and other personal information to open new credit accounts or access existing credit and bank accounts, and by placing fraudulent charges on these accounts. Victims of identity theft have to dispute these charges as fraudulent, and locate and close down all bogus accounts opened in their names.
Are victims of ID theft held liable for the losses?
No. But while victims of identity theft are not held liable for the losses, it may take years for victims to clean up the financial and credit problems caused by the crime.
Skimming, phishing and online fraud
What is credit card "skimming"?
Credit card skimming refers to thieves making an illegal copy of a credit card or a bank card using a device that reads and duplicates the information from the original card. Dishonest business employees use small machines called "skimmers" to read numbers and other information from credit cards and capture and resell it to criminals, who create counterfeit cards or charge items over the phone or the Internet.
What is "phishing"?
Phishing is a crime that starts with deceptive e-mails being sent to consumers. These messages are made to look as if they come from the person's bank, in an effort to get the intended victim to reveal personal information, such as bank account numbers and online passwords. Phishing has become a widespread practice of criminals, who have succeeded in stealing personal information from many people. The crime succeeds because the e-mails look legitimate, with realistic bank logos and web site addresses (URLs) that are very similar to the bank URLs.
What could happen if I respond to a phishing e-mail?
Account holders who respond to such e-mail messages are directed to a fake web site where they are asked to type in account numbers, passwords and other personal banking or credit card information. Then, in a matter of hours, the criminals can drain your bank accounts, using your passwords to authorize the electronic transfer of funds to accounts they control.
How can I tell the difference between a scammer's e-mail and a legitimate attempt by my bank to contact me?
Banks don't use e-mail communications to ask for personal information because e-mail is not secure. Hit the delete button and never respond to such an e-mail. Don't respond to e-mails—or phone calls—asking you to provide your credit card numbers, Social Security number or your mother's maiden name. Even when you have a legitimate request, banks ask that you never send detailed account information in an e-mail. This is because criminals might intercept your e-mails. When you wish to address an issue that requires personal account information, visit your bank in person, use its secure web site, place a phone call or write a letter.
How can I protect the bank and credit card accounts I access online?
Change your user name and password several times per year. Never use variations of your name, children's names, birth date, address, etc., that might be guessed by criminals. Examine your bank's web site home page and log-in screens carefully. If the look of the site changes, contact the bank by phone before logging in to ask if they have made site changes and to let them know you have concerns.
What is a credit card "security code" and what purpose does it serve?
Many credit cards have a special numerical code used by many merchants to verify that the card is in your possession when you make purchases by phone or on the Internet. These 3- or 4-digit numbers are found at the top right corner of the card or on the back, following the credit card number, near the space where you sign the card. If your card number and expiration date were stolen, but not the card itself, the thief would not have access to this security code.
What should I do when I receive a new credit card?
As a protection, most card issuers now suggest that you call from your home phone to activate a new card before you use it. Sign the back of the card as soon as you receive it. Some people suggest writing "ask for ID" in the signature space. This is not a good idea. Many credit card issuers have advised merchants not to let purchases go through if the cardholder hasn't signed the card.
How can I prepare myself in case my card is lost or stolen?
Record all your account numbers and company contact information and keep this list in a safe and secure place. Do not keep it in your wallet or purse.
How can I protect myself against unauthorized charges?
Keep copies of your vouchers and ATM receipts, so that you can check them against your billing statements. Notify your card issuer immediately if you suspect unauthorized use or fraudulent use of your card.
How can I avoid becoming a victim of credit card fraud?
It might not be possible to guarantee that you won't become a victim of fraud, but you can take these steps to cut down on your chances:
Safeguard your wallet or purse at all times.
Never leave your purse or wallet unattended in public.
Never carry all your cards—only the one or two that you might need.
Carry your credit cards separately from your wallet in a credit card case or in another compartment in your purse.
If your credit card is lost or stolen, call your credit card issuers immediately.
What is mail fraud and how can I avoid it?
Mail fraud is the illegal use of the postal service to commit a crime, such as the theft of mail. To avoid mail fraud:
Notify the post office immediately if you change your address.
Make sure your mailbox is secure and always locked. Never leave outgoing bill payments in your mailbox or apartment building lobby. Instead drop them off at the post office or postal service mailboxes.
Call your credit card and banking companies to change your billing address when you move.
Always put your return address on the envelope.
Shred before discarding all unwanted credit card solicitations.
Be aware of when your credit card and other bills are due to arrive each month, and call the companies if you fail to receive them.
What is "zero liability" on a credit card?
Credit card payments processed by Visa, MasterCard, American Express and Discover are subject to a “zero liability” policy—a guarantee that you will not be held responsible for any fraudulent charges.
What are some ways I can protect my credit card when I use it online?
Payment card networks, such as Visa, MasterCard and American Express, offer services to help you avoid fraud, such as special verification passwords. Make sure you are using a secure merchant site by dealing only with well-known reputable stores and checking that your browser is in the secure mode before making a purchase. (Look for a padlock or other security symbol in the lower right corner of your browser window.) Avoid websites that offer "free access" if you provide your credit card number. If you give them the number, your card is likely to be charged by the company you give it to, and maybe by companies unknown to you as well.
I bank online—is there anything I can do to protect my personal information?
If you bank online, don't use your Internet browser to automatically fill in your user name and password when you log in to bank or credit card sites, or to any merchant site that keeps your card number on file. Anyone using your computer would be able to sign on automatically and access your accounts. You can deactivate this function in your Internet browser's "preferences" menu under "security."
How can I make sure that my personal identification number (PIN) is safe?
With your PIN number and your card, a thief can make cash advance withdrawals from your account at an ATM machine. Keep your PIN secure by following these tips:
Never write down your PIN—memorize it.
Never give your PIN to anyone.
Don't write your PIN number on your credit card.
Don't write your credit card number on a post card or on the outside of an envelope you are going to mail.
Don't keep your PIN number in the same place as your credit card or ATM card.
How can I protect my credit cards?
Never provide your credit card number or other personal information on the phone, unless you are able to verify that you are speaking with your financial institution or a merchant you trust. When you lend your card, you are responsible for all charges. You will not be protected against unauthorized use if someone to whom you knowingly and willingly gave the card, including family and friends, makes the charges. Don't give your account number to anyone who calls you on the phone.
How can I protect myself from credit card skimming or any other attempt to steal my credit card number?
Watch closely as store and restaurant employees handle your card to make sure they are not copying or skimming your credit card number. The devices used for skimming are sometimes disguised as cell phones. After you make a purchase and your card is handed back to you, make sure it is your card and not a dummy card or another person's card.
I plan to take a trip and to use my credit card while I am away. Should I notify my credit card company?
If you are going to be traveling and plan to use your card away from home, notify your credit card company. This may prevent your account from being flagged for possible fraud and any inconvenience you might suffer if your issuer blocks your account.
We are going to renovate our bathroom and pay for the materials with our credit card. Should we let our credit card company know about our plans?
If you are going to make any unusually large purchases, notify your card company so that your account is not flagged for possible fraud. For instance, if you are renovating your home and plan to purchase materials, fixtures or appliances, let your issuer know in advance.
Why should I care about fraud when my credit card company has to pay for it, not me?
Consumers are not financially responsible for unauthorized charges if they behave responsibly and report lost or stolen cards, but credit card companies experience losses of close to $50 billion dollars per year because of credit card fraud. These costs "trickle down" in the form of higher interest rates and fees that are paid for by all consumers.
What are credit card companies doing to fight fraud?
Most credit card companies have developed the technology to help identify fraudulent activity and they will act quickly to stop misuse once they discover it. Your card company may contact you because it notices an especially large purchase or a charge made in a town that is not near your home or in another country. Occasionally, your card may be blocked or suspended until you call the company back. To avoid any inconvenience, notify your card company if you plan to be out of town or to make any large purchases.
Your billing statement
Is there any way that I can monitor my credit card between statements?
Yes. If you have Internet access, consider enrolling at the bank's web site so you can access your credit card account online. You can monitor your account online for unauthorized charges between statements.
Why is it important to review my credit card statement when it arrives?
To protect yourself against unauthorized credit card charges, report fraud as soon as you become aware of it. Review credit card statements the day you receive them and report any questionable charges to your card issuer immediately.
What should I do if my credit card statement does not arrive?
If one of your credit card bills is late, call the card issuer right away. A missing statement may indicate that your statement has been stolen. Call your issuer if you don't receive your statement at the usual time. (You are responsible for paying your bills on time even when you didn't receive the statement.)
What should I do with old statements after I have paid them?
Store old statements and receipts in a secure place and shred them before you discard them.
What will happen if I move and forget to change my mailing address with my credit card company?
If you don’t update your address, you may not receive the billing statement in time to avoid a late payment charge. Make sure to update your records with your credit card company when you move. Many merchants verify your address and ZIP code to make sure they match the bank's records.
I got a phone call from someone selling "credit card loss protection insurance." Is this a good thing to buy?
No. Be wary of credit card protection offers. This type of insurance is unnecessary because central law limits your credit card fraud liability. But scam artists try to sell $200-$300 credit card insurance by falsely claiming that cardholders face significant financial risk if their cards are misused. According to recent central Trade Commission estimates, 3.3 million consumers have purchased unnecessary insurance to prevent unauthorized use of their credit cards. To make sure you are fully protected against unauthorized use, report missing cards right away, before they are used. This way you are not responsible for any fraudulent charges. If a thief uses your card before you report it missing, the most you will owe under central law for unauthorized charges is $50. If your card has a zero liability policy, you will owe nothing.
Should I pay for a service that will notify all my card issuers if my cards are lost or stolen?
Save money by doing it yourself. Keep credit card account numbers and toll-free numbers in a separate place from your credit cards so that you can easily find the information when you need it.
Reporting credit card fraud
What should I do when my card is lost or stolen?
If you lose your credit cards or realize that they have been lost or stolen, call the issuers immediately. Most credit card companies have 24-hour customer service lines to deal with emergencies. Ask your issuer if it recommends that you follow up with a letter, and if so, ask what information you need to include in the letter. Report the loss of your card as soon you can. If someone has used your card without your permission, your maximum liability under central law is $50 per card.
What law protects my credit history from being damaged if I am a victim of identity theft or credit card fraud?
You have the right to get a free credit report if you are the victim of identify theft.You can also avail your rights through Consumer Forum
What is a credit card "billing error"?
A billing error is defined as:
A credit card charge for something you did not agree to buy.
A purchase made by a person who is not authorized to use your account.
A charge that is not properly identified, that is for a different amount than the actual purchase, or that was charged more than once.
A charge for something that was not delivered or not accepted by you when delivered.
A mathematical error on your billing statement.
A failure to properly credit a payment or other credit to your account.
A failure to mail the bill to your current address, provided you told the creditor about any address change at least 20 days before the end of the billing period.
Any charge which you cannot identify without more information.
What is my liability for charges made without my permission by someone who found or stole my credit card?
You’ll owe nothing if you report the lost card before unauthorized charges are made. When unauthorized purchases or cash advances were made, central law restricts your liability to fix price. However, if you card has a “zero liability” policy, you will not be liable for fraudulent charges.
When I checked my account online, I saw a charge I didn't make on my credit card. What should I do?
With online access, you can monitor posted transactions on a daily basis. This can help you monitor your account for fraud. If you look at your account online and see a charge that you didn't make, contact your credit card company immediately. Notify the company even if the card is still in your possession. You may be told that you must wait because you can't dispute "unbilled activity" until it shows up on a monthly statement. Tell the company that this is more than just a dispute—you suspect fraud.
The act of sending an e-mail to a user falsely claiming to be an established legitimate enterprise in an attempt to scam the user into surrendering private information that will be used for identity theft. The e-mail directs the user to visit a Web site where they are asked to update personal information, such as passwords and credit card, social security, and bank account numbers, that the legitimate organization already has. The Web site, however, is bogus and set up only to steal the user's information. By spamming large groups of people, the phishers counted on the e-mail being read by a percentage of people who actually had listed credit card numbers with legitimately. Phishing, also referred to as brand spoofing or carding, is a variation on phishing the idea being that bait is thrown out with the hopes that while most will ignore the bait, some will be tempted into biting.
Internet Guidelines for Children
The objective of the guidelines to the children is not only for imposing restrictions or limiting to their access for restricted sites but also to help children in understanding the necessity for the rules to access the internet so that they can take the responsibility for their own actions and to develop their own judgment on their actions and consequences thereof. Some useful guidelines for internet users:
Agree what types of sites are permissible (or safe) to access
Don't reveal your password to others
Don’t open e-mails from people whom you don’t know
Others privacy and safety are equally important as ours
Don’t trust anyone online while using chat, e-mail or other online services.
Don't give out personal information, photos, family details online
Uncomfortable mails may be reported to parents or authorities
Avoid face-to-face meetings with online friends
Be aware of copyright issues while using the online information.
Don’t click links or URLs that look suspicious
Avoid downloading free softwares which may contain viruses
Common Characteristics of Phishing Scam Emails
Unsolicited requests for sensitive information
Content appears genuine
Disguised hyperlinks and sender address
Email consists of a clickable image
Use various ruses to entice recipients to click
The customer's account details need to be updated due to a software or security upgrade.
The customer's account may be terminated if account details are not provided within a specified time frame.
Suspect or fraudulent activity involving the user's account has been detected and the user must therefore provide information urgently.
Routine or random security procedures require that the user verify his or her account by providing the requested information.
What to do if you receive a Suspected Phishing Scam?
DO NOT click on any links in the scam email.
DO NOT supply any personal information of any kind as a result of the email
DO NOT reply to the email or attempt to contact the senders in any way.
DO NOT supply any information on the bogus website that may appear in your browser if you have clicked a link in the email.
DO NOT open any attachments that arrive with the email
REPORT the phishing scam – confirm with the organization for authenticity of the email received.
DELETE the email as soon as possible.
General Scam Indicators
Be wary of unsolicited emails that:
Promise you money, jobs or prizes
Ask for donations
Propose lucrative business deals
Ask you to provide sensitive personal information
Ask you to follow a link to a website and log on to an account.
Do not’s for Mobile Users
Do not give your mobile phone numbers while chatting over the internet to avoid stalking. And do not lend it either.
Do not use or buy a used SIM card. Make sure your SIM card is bought and registered under your name with your permanent address,
Do not lend your mobile phone, and try to password protect the phone if the facility is available in the handset.
Do not use the mobile for obscene/pornographic images, videos or SMS and MMS.
Do not assume that any crime done with your mobile is undetectable.
Take care when using your phone in public places – do not flash it around
Avoid leaving your phone unattended - treat it like you would treat your wallet or purse
Make a note of the mobile's serial number - you can find it by typing *#06# on your phone. The serial number can help to track the mobile if it's ever stolen / lost.
Call the service provider immediately, in case your mobile phone is stolen. They will block use of the stolen SIM card in their network.
Report it to the police as soon as the crime occurs.
Cell Phone Etiquettes
There are certain things people just shouldn't do with cell phones.
Do not talk on your cell phone while driving.
Do not talk on your cell phone in classrooms. (You’re disturbing others too!)
Turn your cell phone to silent/vibrate mode in Places of Worship, Funerals, Job Interviews, Banks and places where you are requested to do so.
Turn off your cell phone in flights.
Turn off the cell phones, where there is any kind of such direction from the authorities.
Do not take photos / videos using cell phones without consent of others.
Do not send, transfer or store pornographic contents using cell phones.
Turn your cell phone off when you are at the movies or at least don't check the messages – people around you will be disturbed by the screen light up.
Never take a personal mobile call during a business meeting. This includes interviews and meetings with co-workers or subordinates.
Maintain at least a 10-foot zone from anyone while talking.
Never talk in elevators, libraries, museums, restaurants, cemeteries, theaters, dentist or doctor waiting rooms, places of worship, auditoriums or other enclosed public spaces, such as hospital emergency rooms or buses.
And don't have any emotional conversations in public, ever.