When you connect to the internet, you are exposing yourself to the activities of cybercriminals! If you have not secured your computer, your machine can be corrupted within minutes. In fact, a brand new computer just been connected to the internet without internet security, can be infected by malware and viruses within 15-30 minutes.
As a home computer user you need to know how you can protect yourself from cybercriminals. To do that you need to understand how cybercriminals operate and the tools they use to attack your computer.
What is Cybercrime?
Computer crime, otherwise known as cybercrime, refers to any crime involving a computer, where the computer has been used as a tool in committing a crime.
Netcrime refers to the criminal exploitation of the Internet. Examples of Netcrime are spam, fraud, hacking, phishing, skimming, identity theft, copyright infringement, child pornography, and child grooming.
Cyber warfare occurs when governments and non-state actors can engage in activities like organized crime, drug trafficking, espionage, financial theft and cyber terrorism.
What Motivates Cybercriminals?
Most computer users associate computer threats with making their computers operate slowly while surfing the internet; or damaging the computer. However, this is flawed thinking. There are much more sinister goals associated with these computer threats. Their motives are more about deception and stealing your money or your identity, than they are about crippling your computer equipment!
The following case studies demonstrate the damaging effects computer nasties can have on unsuspecting users….and the motivation of the cyber-criminal.
Case #1 Rosalie's bank account was skimmed by hackers!
Rosalie was doing her Christmas shopping and she'd just purchased quite a number of presents. She paid by credit card which the shop assistant processed through the EFTPOS machine. Unfortunately, Rosalie's credit card was declined.
Rosalie had only checked her card only a few hours ago and there was plenty of credit available. The shop assistant processed her card again….alas, the same result! Rosalie knew that there was money in their main bank account so she offered her debit transaction card to pay for the goods from her bank account.
The shop assistant processed the transaction….again the same result insufficient funds. Shocked, Rosalie managed to find enough spare cash in her purse to pay for the goods.
She went to the bank immediately and discussed her problem with a bank employee called Geoff. When he checked his computer he became quite concerned and asked if she had purchased anything from the Ukraine lately. Apparently, two large purchases have been made in the last few hours but Rosalie confirmed they hadn't made those purchases. Now she was really worried and she asked Geoff to check her cheque account....she knew that there should be $5000 in it. Sorry, there wasn't any money left in the account....$5000 has just been withdrawn leaving $106 in the account!
Now you must understand that Rosalie and her husband Tom were very responsible and careful people. They had never given their credit card, debit card or PIN number to anyone. Neither Rosalie or Tom had lost their details…and they both hadn't done anything stupid. Geoff's supervisor Jill talked to Rosalie while Geoff closed all of Rosalie's existing bank accounts and opened new ones for her.
Jill advised Rosalie that an ATM located outside the shopping center had been compromised that morning.
Rosalie and a number of other bank customers had just become victims of a skimming scam run by international criminal gangs.
They had stolen customer bank login details, accessed their accounts and withdrawn all their money. Of course, the bank refunded the customers for the money stolen from their bank accounts.
Case #2: Maxine's bank details were hacked from an insecure website!
It was 2001, at the height of the dotcom boom. Maxine was interested in learning about the internet and cashing in its' success. She had recently received an e-mail offering a seminar that was being conducted in her city on setting up an internet business.
She signed up using the online form on the website. She didn't realize that the website was insecure and that her details could be easily hacked. Maxine attended the course and learned how to set up an internet business.
She had no idea that she was the intended target of an internet scammer.
A few days later Maxine was back at her job and checked the computer to see whether her salary had been deposited. She checked her credit card worked out how much she needed to transfer from her bank account.
To Maxine's astonishment she found a number of large purchases had been made on her credit card in the last few days. She knew something was wrong and phoned the bank who confirmed the transactions were fraudulent.
The bank closed Maxine's accounts, opened new ones for her and refunded all the stolen money.
Case #3: Brian's Facebook page was hacked & his house was stolen!
Brian was an Australian computer consultant who was temporarily living in New Zealand….working on a computer project. Brian was quite well off because he owned five investment properties in Australia plus his own house.
One day, a neighbour rang to enquire about an investment property that he was selling. Brian was quite confused because he wasn't selling any of his properties, so he rang his real estate agent.
The agent confirmed that the property was listed for sale on Brian's instructions…But Brian he given no such instructions!
Now the real estate agent was really confused. He had received written instructions by email from Brian to sell two of his investment properties. The first property was sold and the second was sold and about to be settled.
The proceeds from the "sale" of the first property were supposedly banked in Brian's overseas bank account…almost $500k! Actually they were in a fake bank account set up in Brian's name!
Brian's knew that something was very wrong, so he immediately stopped the sale of the second property. He reported the case to police and the local Department of Consumer Affairs. Their investigations revealed that Nigerian scammers had hacked his Facebook account and his email account.
The scammers assumed Brian's identity and made the property transactions under his name without his knowledge or consent.
Brian is now trying to recover the money and currently out of pocket to the tune $500k plus legal expenses.
Rosalie, Maxine and Brian stories are a few of many stories where innocent Australians are being scammed over the internet by online criminals.
They are just normal Australians going about their business and suddenly they become victims of an internet scam. They didn't do anything wrong or stupid….they're just innocent victims of cyber-crimes!
Rosalie and Maxine were lucky because they detected and reported the crime immediately. Unfortunately, many people like Brian don't detect the crime until months or years after the crime has happened!
Australian victims have reported having all their bank accounts cleaned out, their share portfolio stolen, superannuation stolen….and even houses stolen. Some victims have had loans taken out in their own name which they knew nothing about. They didn't find out about the loans until years down the track through debt collectors demanding payments or when they applied for a new loan!
Case #4: Malware hijacked Brian's Facebook page
In chapter 6, "Too Much Information" we looked at the case of Brian Rutberg. A regular user of social networking site Facebook, Brian had his Facebook page hijacked and scam messages were sent to his Facebook friends.
Many of his friends had received an e-mail that told them that Brian had been robbed at gunpoint while travelling in England. The e-mail shouted that Brian was in trouble in England needed money to get home to the USA. One of Brian's friends even transferred $1200 to a Western Union branch in London to help Brian. Within minutes, concerned friends were ringing offering to help him.
One of Brian's friends, Beny Rubinstein was tricked into believing the scam. He immediately transferred $600 via Western Union's online service. The following morning, Beny received a phone message asking for more money... He went to a local store and wired another $600!
Brian became the latest victim of a targeted version of the "Nigerian," or "419," scam. The first reports of such targeted Nigerian scams emerged back in November 2008. Usually they send millions of spam messages hoping to trap a few gullible people.
There is a new trend in the computer underground. Cyber-criminals are much more professional in their cyber-attacks. They are now extracting information from social networking sites and other databases in an effort to make their story lines more believable. When unsuspecting users provide too much information on social networking sites like Facebook, the scammers pretend to be a friend and build a profile on them.
In this case, the phishing scammers used the victim's Facebook profile to perpetuate fraud including identity theft.
Case #5: Danny was forced to purchase and download rogue software
In December 2009, Danny, the father of three teenage children, logged on to his computer. The following warning message appeared on his computer screen:
The message warned that the home computer was infected with malware and that Danny could not use the computer anymore… until he purchased and installed the promoted software. He had a choice… spend $50 or he would never be able to use the computer again.
Danny attempted to by-pass the warning message but to no avail. The anti-virus software installed on the computer had been automatically switched off. He was blocked from downloading fixes from the Internet. The message also warned that if the instructions were not followed then the computer would be permanently damaged. A time limit was given to purchase and install the promoted software.
Eventually, he decided to switch off the computer and restart it. When he did, his computer was redirected to a pornographic website and was soon swamped with pornographic images. Danny suspected that one of his children had been surfing the Internet and this had allowed the download of the offensive material. This assumption is not always true.
Danny asked me for my advice. My suspicion was that rogue ransom ware [1] software called XP Anti-virus [2] had been installed on his computer. This rogue software is called malware [3] and delivers false security warning messages. It is designed by hackers to scare computer users into purchasing fake security software to clean their machine from viruses. If you purchase the software, your personal details are used to steal your more money and/or your identity.
The XP Anti-virus software is actually useless because it does not clean the computer, at all. In fact, testing by Internet security experts has shown that it has no real anti-malware code in it at all. The software installs other more damaging malware and viruses [4] . This rogue software completely overrides your existing computer security software.
Danny's incident did not eventuate in identity theft. However, it is an example of computer takeover, which can lead to identity theft. Danny's children's Internet surfing practices would not have been responsible for the malware infection. In fact, it is more likely that they had received some spam e-mail with a link to an attachment. When the link was clicked the ransom ware was activated on the computer. Alternatively since he had his computer online a worm could have penetrated the firewall and installed the ransom ware.
The rouge software is dangerous because unsuspecting users are panicked into purchasing the software. The user gives out vital personal information, which can be used to perpetuate fraud including identity theft. Hackers [5] , Phishers [6] , worms, viruses, or having your computer online all the time, can expose you to serious problems.
Case #6 Julie Amero was mouse-trapped & convicted of a crime she didn't commit!
The long, drawn-out persecution of Julie Amero in Norwich, Connecticut, US, has highlighted the critical importance of computer security. Organizations have a responsibility to protect their employees from cyber-attack.
Ensuring a computer system is secured from the myriad number of viral 'nasties' is the responsibility of the employer, not the employee. Effectively, companies have to ensure the safety of staff from inadvertently getting involved in an activity that could lead to dismissal or criminal charges when using work PCs.
Julie Amero was a substitute teacher who was convicted for impairing the morals of children. Later, the conviction was vacated and she was granted a new trial. She pled guilty to a charge of disorderly conduct and walked from the court a free woman.
Here is a brief timeline of the events in this case.
On October 19, 2004, Julie Amero was acting as a substitute teacher at the Kelly Middle School in Norwich, Connecticut, USA. Students accessed the teacher's computer when the regular teacher and Mrs. Amero were out of the classroom. When Mrs. Amero took charge, the computer started showing pornographic images.
On January 5, 2007, the Norwich Superior Court convicted Amero for impairing the morals of a child. Her sentence was delayed four times after her original conviction. The prosecution and the judge were concerned that the case had been properly assessed. The charges for which she was originally convicted carried a maximum prison sentence of 40 years.
On June 6, 2007, a New London superior court judge overturned the convictions of Amero and she was granted a new trial. She pleads not guilty to all charges.
On November 21, 2008, Julie Amero in a plea bargain, she changed her plea to plead guilty to a single count of disorderly conduct. Amero paid a US$100 fine and had her Connecticut teaching credentials revoked.
The official transcripts for the trial State of Connecticut vs. Julie Amero can be found here… January 3rd, January 4th and January 5th 2007. The facts of the case are taken directly from these transcripts and the school's website.
It is helpful here to outline the two versions of the same event… the prosecution and the defense versions.
The prosecution argued that Mrs. Amero spent the whole day downloading pornography onto her computer. This was done in front of the children in the classroom. During the course of the day, some students viewed the offending material.
The prosecution argued that Mrs. Amero's actions were deliberate and reckless. Firstly, she would have had to actively gone to the pornographic websites to view the material. Secondly, she had to deliberately download the material onto her computer. Thirdly, they claimed that she was reckless because she did not stop the students from viewing the offensive material. She should have told students not to come near the computer and turned the computer off. Finally, her actions created a situation that could have impaired the morals of the children that were in the classroom.
The defense counsel did not dispute the facts of this case. They simply disagreed with the prosecutions' interpretation of the facts.
In 2008, the second trial of Julie Amero came to an end and her life finally returned to normal after four years of living hell. On November 21, 2008 she appeared at her second trial in Norwich Connecticut USA where under a plea bargain with the state she entered a guilty plea to a minor charge of disorderly conduct. She paid a small fine and had her teaching credentials revoked. She walked out of the court room a free woman… at last!
There are many questions, which the case of State of Connecticut vs. Mrs. Amero asks and answers:
Is this case another example of soft sentencing against a person who actively went to pornographic websites and deliberately downloaded the material in front of the children in her care? or
Can inexperienced computer users be trapped by an online pornography malware program over which they have no control?
Who does the law hold responsible for the protection of children from online crime… pornography, paedophiles and child abduction?
What steps should a parent, teacher, school or anyone who has responsibility for children's safety do to protect them from online predators?
Case #7 Malware downloaded pornography onto Michael's work computer… he was unfairly dismissed!
In 2006, Michael Fiola's employer issued him with a brand new Dell laptop computer. This started a series of events that cost him his job, his friends and a year of his life. He fought criminal charges brought against him by the State of Massachusetts that he had downloaded child pornography onto his laptop. In June 2008 prosecutors finally dropped their year-old case. An investigation of his computer found that there was insufficient evidence for the prosecution to prove their case.
An initial investigation had come to the opposite conclusion. The authorities took a fresh look at Fiola's case only after he had hired a forensic investigator to look at his laptop. It was found that the software that was used to keep his laptop secure was not functional. The antivirus protection was also out of date and the laptop had many malicious programs installed. In the investigator's opinion, they were the most likely source of the pornographic files found on his computer. The prosecution investigators agreed with the defense.
Fiola had been employed as an investigator with the local Department of Industrial Accidents. He used the computer to check whether businesses had lodged worker's compensation plans. Now, he has become a spokesman for victims of cybercrime.
Case # 6 16-year old Matt Bandy faced 90 years jail for possession of child pornography….His computer had been hijacked!
The Maricopa county prosecutors charged teenager Matt Bandy with possessing kiddy porn. However, the police hadn't done their homework very well. Matt Bandy was only a 16-year-old youth, who'd never, committed a crime in his life, and was facing the possibility of ninety years in prison.
In December 2004, Phoenix AZ police, acting on a tip-off from website yahoo.com, searched the Bandy family computer and found ten images of child pornography. Prosecutors were convinced that Matt was guilty of possession and distribution of pornography; they charged him with ten felonies. Each of these felonies was worth a 10 to 24 years in prison - to be served consecutively.
There were many legal problems with this case. Prosecutor Thomas had an appalling lack of evidence. Police investigators hadn't even checked out the most basic of facts that would have immediately vindicated Matt…his computer had been infected by malware and was controlled by a Botnet. His computer was in fact a zombie in the botnet and was used by the Botnet controller to download and distribute the pornography without Matt's knowledge. Matt was not in control of his computer!
Ultimately, common sense prevailed and the case was resolved in November 2007. Attorney Andrew Thomas dropped the child porn charges against Matt. He did however, cop three other felonies. Matt was also not labelled a sex offender.
The Tools of Cybercriminals
The above case studies demonstrate that malicious software is the main danger that most computer users face when connecting to the Internet. Computer malware, spyware, adware, viruses, worms, rootkits, botnets and keyloggers are just a few of the tools cybercriminals use.
Cybercriminal Tool #1: Computer Malware
Malware, or malicious software, is software designed by cybercriminals to access a computer system without the owner's consent. Malware is a general description used by computer professionals to describe a variety of intrusive, hostile and annoying software.
The malware description is based on the intention of the creator rather than the particular features of the software. Malware includes computer worms and viruses, crimeware & scareware, Trojan horses, spyware and adware, most rootkits and other forms of malicious software.
There are different forms of malware. Parents, school administrators and police officers must understand that there are various forms of malware. Some malware spies on your activities whiles some records your key-strokes. Some types of malware slow your system down by using it to spread spam and Internet scams.
Malware is also used to perpetrate identity theft. Malicious programs imbedded in spam e-mail allow key-logger programs to be downloaded onto your computer. These programs record every key-stroke you make on your machine and then transmit that data to a hacker. Think about how much personal data you have stored on your machine. Further, do you use Internet banking? The key-logger program will record everything you do!
Other malware features programs called "mousetraps". The mousetrap is a web-based program, which causes pornographic sites to pop up automatically on the computer screen. When the user attempts to leave an infected site, the mousetrap takes control of the browser. The malware starts a continuous loop of pop-up screens that feature pornographic materials and will only stop by someone shutting down the computer. Malware and porn traps on the Internet means that there is a high likelihood that your children could accidentally access Internet pornography.
Everyone who is accused of intentionally accessing pornographic material on the Internet deserves the presumption of innocence. Accidental access of pornography is clearly highly possible. Whether the accessing of pornography was accidental or intentional must be determined after a full analysis of the facts. You need to know what the user was doing immediately before the incident occurred and how that person responded to the incident. You also need to analyse the computer logs to determine if malware exists. A review of the computer logs will also show whether the pattern of access was planned or random.
Data-stealing malware is a new web threat that steals victim's personal sensitive information. The cybercriminal's intention is to sell the stolen data to data brokers for financial gain. Security threats included in data-stealing malware include keyloggers software, spyware& adware, screen scrapers, backdoors and bots. Examples of data-stealing malware include:
Bancos, is an example of a phishing program that waits for a computer user to access their banking website. The program makes identical copies of web pages from the bank website with the intention of stealing the user's sensitive information.
Gator is a spyware program that covertly monitors the user's web-surfing habits. This program uploads data to a server and distributes targeted pop-up ads.
LegMir is a spyware program that steals sensitive information such as account names and passwords when users login to online games.
Qhost is a Trojan program that modifies the computer's main systems files to hijack them. When banking sites are accessed the program opens a spoofed login page to steal customer login credentials for those financial institutions.
There have been a number of data-stealing malware incidents in recent years:
Albert Gonzalez was found guilty of masterminding a cybercriminal ring using malware to steal more than 170 million credit card numbers of customers between 2006 and 2007. He sold the card numbers for profit! This crime is the largest computer fraud in history. USA firms that were targeted included Barnes & Noble Ltd, Boston Market Ltd, BJ's Wholesale Club Ltd, DSW Shoe Ltd, Forever 21 Ltd, OfficeMax Ltd, Sports Authority Ltd and TJX Ltd.
A Trojan horse computer malware hacked the website of Monster Worldwide Inc's job search service and stole more than 1.6 million customer records. The cybercriminals used the data to create phishing emails that were targeted at Monster.com users. Their purpose was to plant more malware on users' computers.
Customers of a Maine supermarket Hannaford Bros. became victims of a data breach of 4.2 million bank cards.
The Torpig Trojan stole the login credentials of 250,000 online bank accounts and just as many card numbers. Email accounts from numerous websites were also stolen.
Cybercriminal tool #2: Computer Viruses
The computer virus is a program that copies itself and re-installs itself on the target computers. Viruses spread by users sending them over a network or over the Internet, or through removable computer media such as floppy disks, CDs, DVDs, or USB drives. The term "virus" is often wrongly applied to malware which cannot automatically copy itself and move from one computer to computer.
In the 1980s, most viruses were spread using removable media e.g. floppy disks or floppies. Many users of personal computers regularly exchange information and programs using floppy disks.
Some viruses were spread by infecting the application programs stored on these disks, while other viruses installed themselves into the computers operating system. This tactic ensured that the virus would be run when the user started the computer. Early personal computers would attempt start from a floppy disk. This was the most successful infection strategy for personal computers.
Traditional computer viruses emerged in the 1980s. The spread of personal computers and the increase in the use of bulletin boards, modems and software sharing, contributed directly to the spread of Trojan horse programs. Viruses were written to infect popular computer game software.
The most common viruses written since the mid-1990s have affected Microsoft applications such as Word and Excel. These viruses are spread throughout Microsoft Office suite by infecting documents and spreadsheets. Since Microsoft Word and Excel programs were also available for Apple computers the viruses could also spread to Apple computers.
A virus may also send a web address link to all the contacts listed in the e-mail program on an infected machine. The recipient thinks that the link is from a friend or a trusted source and clicks the link to the website. The virus is hosted at the website infects this new computer and then other computers, and so on!
In recent years, viruses have been spread using cross-website scripting techniques. These viruses were first reported in 2002 and demonstrated in 2005. There have been multiple instances of the cross-site scripting viruses on the internet which have exploited weaknesses in websites such as Facebook, MySpace and Yahoo.
Cybercriminal Tool #3: Spyware or Adware
Spyware (or Adware) is a type of malware that collects small pieces of information about the user's web browsing habits. This is usually done without the user's knowledge or consent and is used by internet marketers, parents of children, spouses and employers.
Spyware is often used illegitimate marketing tactics such as spam. Here it is hidden from the user and is difficult to detect. Spyware has been known to change the computer's internet settings. This results in loss of Internet connection, slow connection speeds to the internet, web home pages being changed on the user's computer, the and the loss of functionality of the web browser.
Spyware software uses the same technology that is used for legitimate internet marketing purposes such as market research. The difference between legitimate marketing and illegitimate marketing (spam) is the user's express consent to be part of the research survey or study. The spammer's ignore user consent.
Spyware is installed on the user's personal computer. Sometimes, spyware programs such as keyloggers can be installed on a shared computer so that the administrator can monitor other user's activities e.g. employers monitor their employees web usage, parents often use keylogger programs to monitor their children's internet activities.
Here are some common examples of spyware:
CoolWebSearch takes advantage of the vulnerabilities in Internet Explorer. The package re-directs traffic to advertisements on websites such as coolwebsearch.com. For example, this program displays pop-up ads and search engine results for pornographic websites.
Internet Optimizer, or DyFuCa, redirects error pages from Internet Explorer to advertising pages. When users enter an incorrect URL, they see a page of advertisements.
HuntBar, is installed by an ActiveX download at affiliate websites. Active X controls are small reusable computer programs use web browsers to create and distribute applications over the Internet. Examples of Active X programs include customized code for displaying animation. HuntBar may also be installed by advertisements displayed by other spyware programs. This is an example of how existing spyware can reproduce and install even more spyware. These spyware programs add toolbars to Internet Explorer to display pornographic advertisements; track the customer's browsing behavior; and redirect affiliate website references.
Movieland, is a movie download service that was the subject of thousands of user complaints in the USA. The advertisements demanded that users pay of at least $29.95 to continue the download service. The service claimed that the customers had signed up for a three-day free trial and had not cancelled the service before the trial period had ended. They were therefore obligated to pay the continuing fees. The offenders, Movieland and eleven other companies were convicted of engaging in deceptive conduct to extract payments from consumers.
MyWebSearch has a search toolbar plugin that is located at the top of the internet browser and spies on the user's search-habits. This spyware also has settings that affect Microsoft Outlook.
Cybercrime Tool #4: The Computer Worm
A computer worm is an example of a self-replicating harmful computer program. That is, it uses the computer network's computer resources to create and send copies of itself to other computers on the computer network. This process is done without user intervention and is allowed to operate through security shortcomings of the target computer.
Unlike a computer virus, a worm does not attach itself to an existing application program. Worms mainly cause harm to the network by consuming the computer resources and internet bandwidth. This make the computer network operate very slowly. On the other hand, viruses corrupt and modify important system files on a target computer.
Cybercrime Tool #5: Botnets
A botnet is a collection of hijacked computers that act like robots i.e. they run autonomously and automatically under the control of the botnet controller. The true owner of the system no longer has control of the computer.
The main motivation for botnets owners is recognition from the computer underground and also financial gain. The larger the botnet, the owner can claim more prestige among the underground black hacker community. More money can be made renting out the botnet.
The bot owner makes money by 'renting' out the services of the botnet to third parties. The tenant use botnets for sending out spam messages to make them look like the spam is coming from a legitimate source. Botnets are also used for denial of service attack against targeted computers. Botnets usually control a large number of zombie machines and generate a huge amount of traffic through email spam or denial of service attacks.
In recent years, a number of large botnets have been detected and closed down.
In 2005, the Dutch police detected and closed a 1.5 million node botnet
In 2004, Norwegian ISP Telenor detected and closed a botnet which controlled 10,000 computers.
In July 2010, a 23-year old Slovenian responsible for running a botnet with an estimated 12 million computers was convicted and jailed.
Large international efforts to shut down botnets have been initiated by thirty five countries such as USA, Canada, UK, Australia and the European Union etc. Experts have estimated that ¼ of personal computers are connected to the internet may be part of a botnet.
A botnet operator sends out viruses or worms to infect the ordinary users' computers. The payload is a malicious application-the bot.
The bot on the infected computer logs in to a particular web server.
A spammer rents the botnet from the operator of the botnet.
The spammer provides the spam messages. The operator has computer programs which control the compromised machines
The botnet controller makes it look like the compromised machines is sending out the spam messages.
Cybercrime Tool #6: Social Engineering
Social engineering or scamming is the unlawful manipulation of people into divulging confidential information. It applies to an act of deception for the purposes of information gathering….credit card numbers, bank accounts or computer system access. The cybercriminal perpetrates the fraud electronically and secretly.
E-mail spam or junk e-mail, is identical e-mail messages sent to numerous recipients. During the dotcom boom, startup companies began marketing their products online. E-mail is a more popular method of Internet marketing because it is very cheap to operate. Originally, spam was used for legitimate business purposes.
At the height of the dotcom boom, many commercial websites were built but were not secure. Spammers used this to take advantage of unsuspecting users and merchants. They developed programs that harvested or extracted personal information from unsecure websites. The sensitive information extracted included e-mail accounts, customer names and addresses, credit card and bank account numbers.
E-mail letterboxes were bombarded with spam; Identity theft and credit card fraud began to grow! Since 2003, electronic spam spread from e-mail messages to all forms of online communication including:
E-mail spam;
Mobile phone spam;
Forum spam;
Spamdexing manipulating a search engine;
Spam in blogs;
Newsgroup spam; and
Messaging spam ("SPIM"), use of instant messenger services for advertisement.
In 2003/04, spammers became much bolder and more intelligent in evading spam filters. They used images instead of text, and lines of gibberish instead of recognizable keywords. By 2005, the number of spam e-mails numbered in the billions. Thirty billion spam messages a day have transferred through the Internet slowing down the infrastructure, at great cost to Internet service providers (ISP).
Technology has controlled the growth of spam to some extent. From the 2005 onwards, most Internet service providers (ISP) started banning spamming entirely… you could get your account cancelled if you engaged in sending spam! Spammers then started using masking techniques [7] to avoid capture. They also move quickly to another Internet Service Provider (ISP) [8] or started using "Botnets" [9] .
The website spamunit.com an anti-spam research site provides statistics for the growth of spam in totals per day:
1978 - e-mail spam commenced;
2005 - averaged 30 billion per day;
2006 - averaged 55 billion per day;
2007 - averaged 90 billion per day; and
2007 - averaged 100 billion per day
In recent years the email has become the preferred method of delivery of scams.
Scams target people of all backgrounds, ages and income levels. Everyone is a target and can easily become a victim of a scam. Scammers are professional salespeople who study their victim and customise their scams to trick their victims!
There are two things that make scams succeed:
A scam looks like the real thing which meets your need or desire.
Scammers manipulate you by 'pushing your buttons' to produce the desired automatic response. People are wired up to act emotionally and socially; scammers are excellent at selling concepts and ideas that affect your emotions.
There are a number of different types of scams that online scammers use….phishing, work from home, lotteries, investment scams, telephone scams etc. These scams are described in detail in chapter 4 of this e-book. If you are unfamiliar with these scams you should re-read that chapter before moving forward.
Cybercrime Tool #7: Skimming strategies
Skimming is the theft of credit card information when used in a legitimate business transaction. It is usually an "inside job" done by a dishonest employee of a legitimate merchant.
The thief can captures the victim's credit card number using basic methods like photocopying receipts. Now the thief uses a small mobile electronic device to swipe and store victims' credit card numbers.
Skimming often occurs in restaurants or bars. Here the customer pays the bill by credit card and the employee takes the victim's credit card out of the customer's immediate view for processing. The thief uses a small keypad to transcribe the 3 or 4 digit card security code found on the back of the credit card.
Another common skimming practice is to place a device over the card slot of an ATM which reads the credit cards magnetic strip. The user unknowingly passes their card through the ATM machine and the credit card details are recorded.
ATM skimming devices is used in conjunction with a small camera that records the user's personal identification number. This method is being used very frequently in many parts of the world.
Another technique used by ATM skimmers is a keypad overlay which matches the buttons of the legitimate keypad below it. As the customer presses the keys the keylogging device records and transmits the customer's card details by wireless. These devices are commonly known as a "skimmer".
Skimming is usually difficult for the cardholder to detect. However, it is fairly easy for the card issuer to detect. The issuer collects a list of customers who have complained about fraudulent transactions. They use data mining techniques to discover relationships between the customers and the merchants used. For example, if a number of the defrauded customers use a particular merchant, then that merchant is investigated. Sophisticated algorithms search for patterns of fraud.
Merchants need to ensure the physical security of their terminals. There are significant penalties for merchants who have been compromised. This ranges from large fines by the issuer to complete exclusion from the credit card system….a death blow to businesses like restaurants where credit card transactions are commonly used!
What's next?
In today's world, protecting your private information is essential. As we have discovered in this book, there are many criminals, hackers and organized crime groups who attempt to steal your money and your identity. Software vulnerabilities allow hackers to attack your home computer network.
Chapter 15 is dedicated to describing the best defense strategy you can use to keep yourself safe on the Internet. The strategy is called the "Defense-in-Depth" strategy. It uses multiple layers of security to protect your computer and stops hacker's attacks in their tracks. This defense strategy is widely used by computer professionals around the world.
