Cyber-crimes
Subtheme: Social media: a vector for cyber crimes
Introduction:
Social media though is the most efficient method of sharing data but also a target for
criminals to track and compromise information about oneself, company enterprise, etc. This
acquired information is leaked for trading which might prove to be detrimental to the privacy
of the user. Be it an individual or a company, may turn out to be the ideal prey for cyber
criminals, regarding the data shared on social media
Targets are just two clicks away from getting their information scattered on social media to
be compromised by such cyber attacks1. This is because data is readily available and many
cyber criminals are already doing this. For example, on Facebook, a quick search for some
credit card credentials, within minutes, could enable such people to hack and gain access to
one’s bank account.2
an infrastructure is provided by social media networks to contact like-minded peoples, and
since most of them don’t have identity verification process, promoting anonymity thus,
policing them is a rigorous task.
It takes minutes to set up a fake profile to avoid identification. Also to garner maximum
users, social media sites have provided simple access. But due to the inherently open nature
of these leading to breach of security and promotion of anonymity being a typical instance.
About:
Cyber criminals generally target websites with large user bases, such as Facebook, Twitter,
LinkedIn, and Instagram. A majority of current attacks modelled after the older Koobface
malware, only use the social platforms as a delivery mechanism. This information can be
put various illegal representations with negative repercussions.
1
Moore, R. (2005) "Cyber crime: Investigating High-Technology Computer Crime," Cleveland, Mississippi:
Anderson Publishing
2
Rourkela case.
�Social media attacks can hack into users’ accounts, upon login, by stealing their
authentication credentials. For the purpose of discreetly pulling personal data from users'
online friends and colleagues, this is done.
The
"false flag" is yet another social media attack exposed back in 2014 is the "false flag" attack.
It essentially tricks a user to reveal personal data or login credentials under the guise of the
site. The attack will immediately steal all the usernames and password
s stored to take personal information about the user, upon changing the passwords.
Discussion/Issue/Analysis:
There are three kinds of cyber crimes on social media by their method of operation, namely:
Broad-sweep scams which may enable tricking for valid personal data.
Scams which attempt to lure one to click on or visit pages, which contain a
push malware to infect one’s computer.
Acquisition of personal data via hacking.3
Initial malware, in many cases, is just a method to gain access to the system. It doesn't
directly cause adverse effects. But this access may then be put up for sale, once a back door is
established to the infected computer.
Criminals may install software once the access to these infected computers is received. This
software proceeds to hijack the victim's online banking or collects personal data like
usernames and passwords.4
Installing Ransomware is one of the most profitable scams. They refer to a set of malicious
software that can encrypt the data on a victim's computer and ransom in the form of financial
gratification is asked for, to restore the system to its original state.
3
Robert Davis, Bodo Lang & Josefino San Diego. A Comparison of Online and Offline Gender And Goal
Directed Shopping Online.
4
Hoon Park Young Gul Kim, (2003), Identifying Key Factors Affecting Consumer Purchase Behaviour in an
Online Shopping Content: International Journal of Retail & Distribution Management, Vol.31 Iss 1pp. 16-29.
�In a case, two persons, including alleged mastermind Debasis Pandit, a BCA student and
Rabi Narayan Sahu were arrested in an online fraud racket busted by the Rourkela police
worth Rs 12.5 lakh. The accused were alleged to hack into the eBay India website and make
purchases under the guise of the credit cardholders whose numbers were stolen.
Under Sections 420 and 34 of the Indian Penal Code and Section 66 of the IT Act, a case was
registered, and further investigation had been held.
According to the evidence produced and facts stated, Pandit was arrested from his residence
Sahu, his associate, and was nabbed at his house. The accused had allegedly hacked into the
eBay India website. He then proceeded to collect the details of at least 700 credit cardholders
and made purchases by using their passwords.
The fraud was initially noticed by the eBay officials when it was detected that while the
customers were based in cities like Bangalore, Jaipur and even London, several purchases
were made from Rourkela. The matter is then brought to the notice of Rourkela police by the
company after the affected lot had lodged complaints.
The accused were forwarded to the court of the sub divisional judicial magistrate.
Conclusion:
In order to prevent social media breaches, and secure company data protect user information,
privacy maintenance and protection of anonymity increased vigilance by individual users and
enterprise policies are the best ways to ensure data breaches are avoided.
People should also take Basic precautionary measures like avoiding to re follow anyone who
followed them on Twitter, entering secured websites, using anti- phishing software, checking
the authenticity of the sites they log into and e-mails sent by them, and being cautious of the
kind of personal information they share online.
