UNIVERSITY INSTITUTE OF LEGAL STUDIES

Class: Masters of Law (LL.M)

Subject: Cyber crimes and law
Topic: Types of cyber crime
Subject Code: 21LDT-683
Submitted To: Prof. Vineet kumar sharma
Submitted By: SUSHANE SOOD
UID : 21MLL1437

DISCOVER . LEARN . EMPOWER

 INTRODUCTION
Cybercrime is defined as a crime where a computer is the object of the crime or is used as a
tool to commit an offense. A cybercriminal may use a device to access a user’s personal
information, confidential business information, government information, or disable a device.
It is also a cybercrime to sell or elicit the above information online
cybercrime is vastly growing in the world of tech today. Criminals of the World Wide Web
exploit internet users’ personal information for their own gain. They dive deep into the dark
web to buy and sell illegal products and services. They even gain access to classified
government information.
Cybercrimes are at an all time high, costing companies and individuals billions of dollars
annually. What’s even more frightening is that this figure only represents the last 5 years with
no end in sight. The evolution of technology and increasing accessibility of smart tech means
there are multiple access points within users’ homes for hackers to exploit. While law
enforcement attempts to tackle the growing issue, criminal numbers continue to grow, taking
advantage of the anonymity of the internet.

2
 TYPES OF CYBER CRIME
There are literally a dozen ways in which a cybercrime can be perpretrated, and you need to know what
they are.
In order to protect yourself you need to know about the different ways in which your computer can be
compromised and your privacy infringed. In this section, we discuss a few common tools and techniques
employed by the cyber criminals. This isn’t an exhaustive list by any means, but will give you a
comprehensive idea of the loopholes in networks and security systems, which can be exploited by
attackers, and also their possible motives for doing so.
1. HACKING
In simple words, hacking is an act committed by an intruder by accessing your computer system without
your permission. Hackers (the people doing the ‘hacking’) are basically computer programmers, who
have an advanced understanding of computers and commonly misuse this knowledge for devious
reasons. They’re usually technology buffs who have expert-level skills in one particular software program
or language. As for motives, there could be several, but the most common are pretty simple and can be
explained by a human tendancy such as greed, fame, power, etc. Some people do it purely to show-off
their expertise – ranging from relatively harmless activities such as modifying software (and even
hardware) to carry out tasks that are outside the creator’s intent, others just want to cause destruction.
3
2. VIRUS DISSEMINATION
Viruses are computer programs that attach themselves to or infect a system or files, and have a
tendency to circulate to other computers on a network. They disrupt the computer operation and
affect the data stored – either by modifying it or by deleting it altogether. “Worms” unlike viruses don’t
need a host to cling on to. They merely replicate until they eat up all available memory in the system.
The term “worm” is sometimes used to mean selfreplicating “malware” (MALicious softWARE). These
terms are often used interchangeably in the context of the hybrid viruses/worms that dominate the
current virus scenario. “Trojan horses” are different from viruses in their manner of propagation.
They masquerade as a legitimate file, such as an email attachment from a supposed friend with a very
believable name, and don’t disseminate themselves. The user can also unknowingly install a Trojan-
infected program via drive-by downloads when visiting a website, playing online games or using
internet-driven applications. A Trojan horse can cause damage similar to other viruses, such as steal
information or hamper/disrupt the functioning of computer systems.
[Link] BOMBS
A logic bomb, also known as “slag code”, is a malicious piece of code which is intentionally inserted
into software to execute a malicious task when triggered by a specific event. It’s not a virus, although it
usually behaves in a similar manner. It is stealthily inserted into the program where it lies dormant until
specified conditions are met. Malicious software such as viruses and worms often contain logic bombs
which are triggered at a specific payload or at a predefined time. The payload of a logic bomb is
unknown to the user of the software, and the task that it executes unwanted. Program codes that are
scheduled to execute at a particular time are known as “time-bombs”.
4
 For example, the infamous “Friday the 13th” virus which attacked the host systems only on specific dates;
it “exploded” (duplicated itself) every Friday that happened to be the thirteenth of a month, thus causing
system slowdowns

4. DENIAL OF-SERVICE-ATTACK
A Denial-of-Service (DoS) attack is an explicit attempt by attackers to deny service to intended users of that
service. It involves flooding a computer resource with more requests than it can handle consuming its
available bandwidth which results in server overload. This causes the resource (e.g. a web server) to crash
or slow down significantly so that no one can access it. Using this technique, the attacker can render a web
site inoperable by sending massive amounts of traffic to the targeted site. A site may temporarily
malfunction or crash completely, in any case resulting in inability of the system to communicate adequately.
DoS attacks violate the acceptable use policies of virtually all internet service providers.
[Link]
This a technique of extracting confidential information such as credit card numbers and username password
combos by masquerading as a legitimate enterprise. Phishing is typically carried out by email spoofing.
You’ve probably received email containing links to legitimate appearing websites. You probably found it
suspicious and didn’t click the link. Smart move.
Not all phishing is done via email or web sites. Vishing (voice phishing) involves calls to victims using fake
identity fooling you into considering the call to be from a trusted organisation. They may claim to be from a
bank asking you to dial a number (provided by VoIP service and owned by attacker) and enter your account
details 5
 Once you do that, your account security is compromised. Treat all unsolicited phone calls with
skepticism and never provide any personal information. Many banks have issued preemptive warnings
informing their users of phishing scams and the do’s and don’ts regarding your account information.
Those of you reading Digit for long enough will remember that we successfully phished hundreds of
our readers by reporting a way to hack other people’s gmail accounts by sending an email to a made
up account with your own username and password… and we did that years ago in a story about , yes,
you guessed it, phishing!

 6. EMAIL BOMBING AND SPAMMING

Email bombing is characterised by an abuser sending huge volumes of email to a target address resulting
in victim’s email account or mail servers crashing. The message is meaningless and excessively long in
order to consume network resources. If multiple accounts of a mail server are targeted, it may have a
denial-of-service impact. Such mail arriving frequently in your inbox can be easily detected by spam
filters. Email bombing is commonly carried out using botnets (private internet connected computers
whose security has been compromised by malware and under the attacker’s control) as a DDoS attack.
This type of attack is more difficult to control due to multiple source addresses and the bots which are
programmed to send different messages to defeat spam filters. “Spamming” is a variant of email
bombing. Here unsolicited bulk messages are sent to a large number of users, indiscriminately. Opening
links given in spam mails may lead you to phishing web sites hosting malware. Spam mail may also have
infected files as attachments
6
[Link] JACKING
Web jacking derives its name from “hijacking”. Here, the hacker takes control of a web site fraudulently.
He may change the content of the original site or even redirect the user to another fake similar looking
page controlled by him. The owner of the web site has no more control and the attacker may use the
web site for his own selfish interests. Cases have been reported where the attacker has asked for
ransom, and even posted obscene material on the site.
The web jacking method attack may be used to create a clone of the web site, and present the victim with
the new link saying that the site has moved. Unlike usual phishing methods, when you hover your cursor
over the link provided, the URL presented will be the original one, and not the attacker’s site. But when
you click on the new link, it opens and is quickly replaced with the malicious web server. The name on
the address bar will be slightly different from the original website that can trick the user into thinking it’s
a legitimate site. For example, “gmail” may direct you to “gmai1”. Notice the one in place of ‘L’. It can be
easily overlooked.
8. CYBERSTALKING
Cyber stalking is a new form of internet crime in our society when a person is pursued or followed online.
A cyber stalker doesn’t physically follow his victim; he does it virtually by following his online activity to
harvest information about the stalkee and harass him or her and make threats using verbal intimidation.
It’s an invasion of one’s online privacy.

7
Cyber stalking uses the internet or any other electronic means and is different from offline stalking, but is
usually accompanied by it. Most victims of this crime are women who are stalked by men and children who
are stalked by adult predators and pedophiles. Cyber stalkers thrive on inexperienced web users who are
not well aware of netiquette and the rules of internet safety. A cyber stalker may be a stranger, but could
just as easily be someone you know.
9. DATA DIDDLING
Data Diddling is unauthorised altering of data before or during entry into a computer system, and then
changing it back after processing is done. Using this technique, the attacker may modify the expected
output and is difficult to track. In other words, the original information to be entered is changed, either by
a person typing in the data, a virus that’s programmed to change the data, the programmer of the
database or application, or anyone else involved in the process of creating, recording, encoding, examining,
checking, converting or transmitting data.
This is one of the simplest methods of committing a computer-related crime, because even a computer
amateur can do it. Despite this being an effortless task, it can have detrimental effects. For example, a
person responsible for accounting may change data about themselves or a friend or relative showing that
they’re paid in full. By altering or failing to enter the information, they’re able to steal from the enterprise.
Other examples include forging or counterfeiting documents and exchanging valid computer tapes or cards
with prepared replacements. Electricity boards in India have been victims of data diddling by computer
criminals when private parties were computerizing their systems.

8
10. IDENTITY THEFT AND CREDIT CARD FRAUD
Identity theft occurs when someone steals your identity and pretends to be you to access resources
such as credit cards, bank accounts and other benefits in your name. The imposter may also use your
identity to commit other crimes. “Credit card fraud” is a wide ranging term for crimes involving
identity theft where the criminal uses your credit card to fund his transactions. Credit card fraud is
identity theft in its simplest form. The most common case of credit card fraud is your pre-approved
card falling into someone else’s hands.
He can use it to buy anything until you report to the authorities and get your card blocked. The only
security measure on credit card purchases is the signature on the receipt but that can very easily be
forged. However, in some countries the merchant may even ask you for an ID or a PIN. Some credit
card companies have software to estimate the probability of fraud. If an unusually large transaction is
made, the issuer may even call you to verify.
With rising cases of credit card fraud, many financial institutions have stepped in with software
solutions to monitor your credit and guard your identity. ID theft insurance can be taken to recover
lost wages and restore your credit. But before you spend a fortune on these services, apply the no-
cost, common sense measures to avert such a crime.

9
11. SALAMI SLICING ATTACK

A “salami-slicing attack” or “salami fraud” is a technique by which cyber-criminals steal money or resources a
bit at a time so that there’s no noticeable difference in overall size. The perpetrator gets away with these
little pieces from a large number of resources and thus accumulates a considerable amount over a period
of time. The essence of this method is the failure to detect misappropriation. The most classic approach is
the “collect-the-roundoff” technique. Most calculations carried out in a particular currency are rounded off
up to the nearest number about half the time and down the rest of the time. If a programmer decides to
collect these excess fractions of rupees to a separate account, no net loss to the system seems apparent.
This is done by carefully transferring the funds into the perpetrator’s account.
Attackers insert a program into the system to automatically carry out the task. Logic bombs may also be
employed by unsatisfied greedy employees who exploit their know-how of the network and/or privileged
access to the system. In this technique, the criminal programs the arithmetic calculators to automatically
modify data, such as in interest calculations. Stealing money electronically is the most common use of the
salami-slicing technique, but it’s not restricted to money laundering. The salami technique can also be
applied to gather little bits of information over a period of time to deduce an overall picture of an
organization. This act of distributed information gathering may be against an individual or an organization.
Data can be collected from websites, advertisements, documents collected from trash cans, and the like,
gradually building up a whole database of factual intelligence about the target.

10
[Link] PRIVACY
Thanks to the internet and torrents, you can find almost any movie, software or song from any origin for free.
Internet piracy is an integral part of our lives which knowingly or unknowingly we all contribute to. This
way, the profits of the resource developers are being cut down. It’s not just about using someone else’s
intellectual property illegally but also passing it on to your friends further reducing the revenue they
deserve.
Software piracy is the unauthorised use and distribution of computer software. Software developers work
hard to develop these programs, and piracy curbs their ability to generate enoughrevenue to sustain
application development. This affects the whole global economy as funds are relayed from other sectors
which results in less investment in marketing and research.

The following constitute software piracy:

Loading unlicensed software on your PC

Using single-licensed software on multiple computers
Using a key generator to circumvent copy protection
Distributing a licensed or unlicensed (“cracked”) version of software over the internet and offline

11
[Link]

So far we’ve discussed the dedicated methods of committing cyber crimes. In a nutshell, any offence
committed using electronic means such as net extortion, cyber bullying, child pornography and internet
fraud is termed as cyber crime. The internet is a huge breeding ground for pornography, which has often
been subject to censorship on grounds of obscenity. But what may be considered obscene in India, might
not be considered so in other countries.

Since every country has a different legal stand on this subject matter, pornography is rampant online.
However, according to the Indian Constitution, largely, pornography falls under the category of obscenity
and is punishable by law. Child pornography is a serious offence, and can attract the harshest
punishments provided for by law. Pedophiles lurk in chat rooms to lure children. The internet allows
long-term victimisation of such children, because the pictures once put up, spread like wild-fire, and may
never get taken down completely. Internet crimes against children are a matter of grave concern, and are
being addressed by the authorities, but this problem has no easy solution.

12