UNIT-1

Introduction to Cyber Security

Cyber Security is the practice of protecting computers, networks, software, and

data from unauthorized access, attacks, damage, or theft. It involves using
technologies, processes, and best practices to defend digital systems from cyber
threats such as viruses, malware, hacking, and online frauds.

As the use of the Internet and digital devices increases, the risk of cybercrimes also
grows. Therefore, Cyber Security is essential to ensure the privacy, integrity, and
availability of information. It plays a vital role in safeguarding individuals,
businesses, and governments from financial loss, data breaches, and misuse of
sensitive information.

E-Mail Spoofing

Definition:
E-Mail Spoofing is a cyber technique where an attacker sends emails by forging
the sender's address to make it appear as if it is coming from a trusted source. The
main aim is to deceive the recipient and gain confidential information or spread
false information.

How it works:
The attacker manipulates the email header so that the sender’s address looks
genuine. Victims often open such emails believing they are from friends,
colleagues, banks, or reputed companies.

Purposes:

 To trick people into revealing personal data like passwords or bank details
(phishing).
 To spread malware by attaching infected files or links.
 To damage the reputation of the real sender.
 To cause confusion and mistrust in organizations.

Impacts:
E-Mail Spoofing can lead to financial frauds, identity theft, leakage of sensitive
data, and loss of trust among stakeholders.

Prevention:
  Use of email authentication protocols like SPF (Sender Policy Framework)
and DKIM (DomainKeys Identified Mail).
 Avoid clicking on suspicious links or attachments.
 Verify the sender’s email address carefully.
 Use updated anti-virus and spam filters.

Spamming

Definition:
Spamming is the act of sending unsolicited and irrelevant bulk messages, mainly
for advertising or spreading malicious content, over emails, messaging apps, or
online platforms.

How it works:
Spammers collect millions of email addresses from websites, social media, or data
leaks. Then, using automated software, they send bulk messages repeatedly to
these addresses.

Types:

 Email Spam: Unwanted promotional emails.

 SMS Spam: Unwanted text messages on mobile phones.
 Instant Messaging Spam: Junk messages on apps like WhatsApp or
Facebook.
 Newsgroup Spam: Posting irrelevant ads on online forums.

Purposes:

 Advertising fake or low-quality products/services.

 Spreading phishing links or malware.
 Generating traffic for certain websites (click fraud).
 Disrupting network performance.

Impacts:

 Wastes users’ time and storage space.

 Slows down network performance.
 Increases the risk of malware and phishing attacks.
 Reduces productivity in workplaces.

Prevention:
  Use spam filters in email services.
 Do not share your email address publicly.
 Avoid subscribing to untrusted websites.
 Report and block spam senders.
 Keep your system and antivirus updated.

Cyber Defamation

Definition:
Cyber Defamation is the act of publishing or spreading false and harmful
statements about a person, company, or group through the internet or digital
platforms, with the intention of damaging their reputation.

How it happens:
It can occur through:

 Fake social media posts or comments.

 False information on websites or blogs.
 Defamatory emails sent to multiple people.
 Uploading fake or edited photos and videos.

Purpose:
Usually done to insult, harass, take revenge, or damage someone’s personal or
professional image.

Effects:

 Harms an individual’s or business’s reputation.

 Causes mental stress and emotional harm.
 May lead to financial losses.

Legal Action:
Victims can file complaints under cyber laws and defamation laws to remove the
content and seek compensation.

Prevention:

 Do not share personal details with unknown people online.

 Regularly check your online reputation.
 Report defamatory content to websites or social media platforms.
Internet Time Theft

Definition:
Internet Time Theft is a type of cybercrime where a person uses another person’s
internet access, time, or computer resources without permission. It is also known as
“unauthorized use of internet time.”

How it happens:

 An employee uses office internet for personal browsing, chatting, or

watching videos during working hours.
 A hacker steals another person’s internet account credentials and uses their
paid internet service for free.
 Public Wi-Fi users may misuse open networks without the owner’s consent.

Purpose:

 To avoid paying for internet services.

 To misuse company time for non-work activities.
 To hide illegal activities by using someone else’s network.

Effects:

 Financial loss for internet account owners or companies.

 Decreased productivity in workplaces.
 Possible legal issues for the account owner if illegal activities are done using
their connection.

Prevention:
✅ Use strong passwords for internet accounts and Wi-Fi networks.
✅ Monitor employee internet usage in offices.
✅ Use firewalls and network security tools to detect unauthorized access.
Newsgroup Spam / Crimes from Usenet Newsgroup

Definition:
Newsgroup Spam refers to the practice of posting unwanted, irrelevant, or
excessive promotional messages to Usenet newsgroups or online discussion
forums. Usenet is an early internet system for sharing messages in discussion
groups.

How it happens:

 Spammers post the same advertisement or message repeatedly in multiple

newsgroups, regardless of the topic.
 Attackers may post fake news or harmful content to mislead users.
 Spammers may flood groups with junk posts, making it hard for genuine
users to find useful information.

Purpose:

 To promote products, services, or websites without permission.

 To advertise illegal or fake offers.
 To disrupt healthy discussions and spread misinformation.

Effects:

 Wastes storage and bandwidth of servers.

 Annoys and misleads legitimate users.
 Reduces the quality and usefulness of online discussions.
 May lead to fraud if users trust fake offers or links.

Prevention:
✅ Use spam filters and moderation tools in newsgroups.
✅ Report and block spammers.
✅ Use verified and moderated forums for discussions.
✅ Educate users not to trust unsolicited offers.
Industrial Spying / Industrial Espionage

Definition:
Industrial Spying, also called Industrial Espionage, is a cybercrime where
confidential business information, trade secrets, or sensitive data are secretly stolen
from companies to gain an unfair competitive advantage.

How it happens:

 Hackers break into company networks to steal research data, business plans,
or client lists.
 Employees or insiders leak confidential information to competitors.
 Malware, spyware, or phishing attacks are used to collect secret data without
detection.

Purpose:

 To gain secret knowledge about new products, patents, or marketing

strategies.
 To damage the targeted company’s business position.
 To benefit competitors by selling stolen information.

Effects:

 Huge financial losses for the victim company.

 Loss of competitive advantage and reputation.
 Legal issues and loss of trust among clients and partners.

Prevention:
✅ Use strong cybersecurity measures like firewalls and encryption.
✅ Educate employees about data security and insider threats.
✅ Restrict access to confidential information on a “need-to-know” basis.
✅ Monitor networks for suspicious activities.
Hacking

Definition:
Hacking is the unauthorized access to computer systems, networks, or digital
devices to steal, alter, or destroy data, or to disrupt services.

How it happens:

 Hackers exploit security weaknesses in software or networks.

 They may use malware, viruses, or phishing to gain access.
 Once inside, they can steal confidential data, change system settings, or
damage files.

Purpose:

 Steal sensitive data (passwords, financial details).

 Cause financial or reputational damage.
 Show technical skill or protest against organizations (hacktivism).
 Sell stolen information on the dark web.

Effects:

 Data breaches and financial losses.

 Loss of trust among customers and clients.
 System downtime and recovery costs.

Prevention:
✅ Use strong passwords and change them regularly.
✅ Install updated antivirus and firewalls.
✅ Regularly update software and security patches.
✅ Educate users about phishing and safe browsing.
Online Frauds

Definition:
Online Frauds are illegal activities carried out over the internet to deceive people
and gain money, goods, or sensitive information.

Types:

 Phishing: Fake emails or websites tricking people into sharing personal

information.
 Fake Shopping Sites: Selling non-existent products or never delivering
purchased items.
 Lottery/Prize Scams: Claiming the victim has won a prize but demanding
fees to release it.
 Job Frauds: Fake job offers asking for money for training or registration.

Purpose:

 To cheat people and make easy money.

 To steal financial details like credit card numbers and bank information.

Effects:

 Financial loss to victims.

 Identity theft and misuse of personal data.
 Loss of trust in online services.

Prevention:
✅ Do not trust emails or websites that look suspicious.
✅ Verify sellers and websites before making payments.
✅ Avoid sharing bank details with unknown persons.
✅ Report frauds to cybercrime authorities immediately.
Pornographic Offenses

Definition:
Pornographic Offenses refer to creating, storing, publishing, sharing, or
distributing obscene or sexually explicit material through digital devices or the
internet, which is illegal under cyber laws in many countries.

How it happens:

 Uploading or sharing pornographic videos and images on websites or social

media.
 Running illegal adult content websites.
 Circulating obscene material through emails, chat groups, or messaging
apps.
 Producing or distributing child pornography, which is a severe crime.

Purpose:

 To make money through illegal adult websites.

 To blackmail or harass victims using intimate content.
 To exploit minors for criminal profit.

Effects:

 Moral and psychological harm to individuals and society.

 Harassment and exploitation of victims, especially minors.
 Legal trouble for those involved in production, circulation, or viewing
prohibited content.

Legal Aspects:

 Many countries strictly ban child pornography and obscene content.

 Offenders can face heavy fines, imprisonment, and content removal.
Prevention:
✅ Avoid accessing or sharing obscene or illegal content.
✅ Report websites or individuals involved in such activities to cybercrime
authorities.
✅ Use content filters and parental controls to protect minors.

Software Piracy

Definition:
Software Piracy is the illegal copying, downloading, using, or distributing of
software without proper license or permission from the copyright owner.

How it happens:

 Making unauthorized copies of licensed software and sharing it with others.

 Downloading cracked versions of paid software from illegal websites.
 Using a single licensed copy on multiple computers beyond allowed limits.
 Selling counterfeit software CDs/DVDs or fake license keys.

Purpose:

 To avoid paying for original software.

 To earn profit by selling pirated software at a lower price.

Effects:

 Financial loss for software companies and developers.

 Users may get malware or viruses from pirated software.
 Legal consequences for users and sellers involved in piracy.

Prevention:
✅ Always buy genuine and licensed software from authorized vendors.
✅ Use open-source or free alternatives if cost is a concern.
✅ Report piracy to authorities or software companies.
✅ Educate people about the legal and security risks of pirated software.
Password Sniffing

Definition:
Password Sniffing is a cybercrime where an attacker secretly intercepts and
captures usernames and passwords as they travel over a network. This is done
using special software tools called “sniffers.”

How it happens:

 Hackers install sniffing tools on a network to monitor and record data

packets.
 If the data is not encrypted, login details can be easily read.
 Sniffed passwords can be used to hack into email, bank accounts, or
company systems.

Purpose:

 To gain unauthorized access to sensitive accounts or systems.

 To steal confidential data, money, or personal information.
 To further attack other connected networks.

Effects:

 Identity theft and financial loss for victims.

 Data breaches and leakage of confidential information.
 Damage to the reputation and security of organizations.

Prevention:
✅ Use strong encryption protocols (like HTTPS, SSL) for online transactions and
logins.
✅ Use secure, password-protected Wi-Fi networks.
✅ Regularly update passwords and avoid using the same password for multiple
accounts.
✅Install firewalls and intrusion detection systems.
Credit Card Frauds and Identity Theft

Definition:
Credit Card Frauds occur when someone illegally uses another person’s credit card
information to make unauthorized purchases.
Identity Theft is a crime where an attacker steals someone’s personal information
(like name, address, bank details) and uses it to commit fraud or crimes in that
person’s name.

How it happens:

 Hackers steal credit card numbers through phishing emails, fake websites, or
by hacking online stores.
 Card skimmers are used at ATMs or payment machines to copy card data.
 Stolen personal data is used to open fake bank accounts or take loans.

Purpose:

 To make illegal purchases without paying.

 To withdraw money fraudulently.
 To commit other crimes while pretending to be someone else.

Effects:

 Financial loss for victims and banks.

 Damage to the victim’s credit score and reputation.
 Victims spend time and money to recover from the fraud.

Prevention:
✅ Use secure websites (look for HTTPS) for online shopping.
✅ Do not share credit card details with unknown or untrusted sources.
✅ Check bank statements regularly for suspicious transactions.
✅ Use strong passwords and enable two-factor authentication.
Categories of Cybercrime

Passive Attacks

Description:
Passive attacks are stealthy activities where an attacker silently intercepts or
monitors communications or data without altering them. The main goal is to
gather information or observe ongoing communication to learn about the target
system or network. These attacks do not affect the system’s operation directly, so
they are harder to detect.

Key Features:

 No modification of data or system resources.

 Focused on confidentiality breaches.
 Difficult to detect because operations continue normally.

Examples:

 Eavesdropping: Listening to private conversations over a network.

 Traffic Analysis: Monitoring the flow of messages to deduce information
patterns, such as the frequency and length of messages, to gather
intelligence.

Real-world scenario:
A hacker captures unencrypted Wi-Fi traffic in a café to steal user login
credentials.

Active Attacks

Description:
Active attacks involve direct interaction with the system to disrupt, modify, or
damage data or services. In these attacks, the attacker attempts to alter system
operations or data integrity, often causing visible effects like system crashes,
corrupted files, or denial of access.

Key Features:

 Directly affects system resources and operations.

 Breaches integrity and availability of data.
 Easier to detect due to system anomalies or service disruptions.
Examples:

 Denial of Service (DoS): Flooding a server with traffic to make it

unavailable to legitimate users.
 Data Modification: Changing the contents of a message or database.
 Man-in-the-Middle Attack: Intercepting and altering communication
between two parties.
 Malware Attacks: Introducing malicious software like viruses, worms, or
Trojans to damage or control systems.

Attack (Gaining and Maintaining System Access)

Description:

This category of cybercrime involves activities where an attacker actively tries to

break into a computer system or network, gain unauthorized access, and then
maintain that access for as long as possible without being detected. This allows
the attacker to control, monitor, steal, or manipulate data over time.

It’s usually a multi-step process:

1✅✅ Gaining Access: Finding and exploiting vulnerabilities in software,
networks, or user behavior to enter a system.
2✅✅ Maintaining Access: Installing tools or backdoors that allow repeated,
hidden access even if passwords are changed or systems are patched.
3✅✅ Covering Tracks: Hiding evidence of intrusion to avoid detection by
security teams.

Key Features:

 Involves unauthorized entry into systems.

 Uses various hacking techniques and exploits.
 Backdoors, rootkits, or remote access tools are often installed.
 Attackers may gain admin-level privileges to have full control.

Common Methods:

✅Exploiting Vulnerabilities: Taking advantage of software bugs, weak

passwords, or misconfigurations.
✅Brute Force Attacks: Trying many password combinations until the correct one
is found.
✅Phishing: Tricking users into revealing credentials.
✅Rootkits & Trojans: Installing hidden programs that allow remote control.
✅Privilege Escalation: Gaining higher-level permissions than originally
acquired.

Examples:

 A hacker uses a phishing email to steal an employee’s login details and

enters the company’s internal network.
 Malware installs a backdoor that lets the attacker come back later, even if
the original vulnerability is fixed.
 An attacker exploits an unpatched server vulnerability to gain administrator
rights and then disables security logs to remain hidden.

Cyberstalking

Description:

Cyberstalking is the use of the internet, email, or social media to harass, threaten,
or stalk someone repeatedly. It’s a form of online harassment and can cause
severe emotional distress to victims.

Key Features:

 Involves persistent unwanted communication.

 May include threats, defamation, or spreading false information.
 Often targets individuals, such as ex-partners, celebrities, or activists.

Methods Used:

✅ Sending threatening emails or messages.

✅ Tracking someone’s online activities.
✅ Impersonating the victim online to damage their reputation.
✅ Posting personal information (doxing).

Example:

A stalker repeatedly sends threatening messages on social media and uses fake
accounts to follow the victim’s online movements.
Cybercafe and Cybercrimes — Detailed Description

A cybercafe (or Internet cafe) is a place where computers with Internet access are
provided for public use, usually for a fee. These cafes became popular in the late
1990s and early 2000s, especially in regions where home internet connections were
expensive or unavailable. People visit cybercafes to browse the web, check emails,
play online games, chat with others, or work on digital documents.

However, alongside their legitimate uses, cybercafes have also become vulnerable
hotspots for various cybercrimes. The open and anonymous nature of public
internet access creates an environment where criminals can misuse these facilities
without easily being traced.

Common cybercrimes committed in or through cybercafes include:

 Hacking and unauthorized access: Criminals may use cybercafe

computers to hack into networks, steal sensitive information, or plant
malicious software.
 Email fraud and phishing: Fraudulent emails or phishing scams can be
sent using a cybercafe’s network to hide the perpetrator’s true identity.
 Identity theft: Cybercafes can be used to access stolen data or conduct
transactions using someone else’s identity.
 Distribution of illegal content: Some offenders use cybercafes to view or
distribute banned or illegal digital material, such as pirated software, movies,
or pornography.
 Terrorist or criminal communication: Because cybercafes often do not
record who uses which computer, criminals and terrorists may use them to
communicate and plan illegal activities anonymously.

Challenges in controlling cybercrime in cybercafes:

One major challenge for law enforcement is the difficulty of tracking users. Many
cybercafes do not maintain adequate logs of user identity or browsing activity. In
some countries, governments have mandated that cybercafes keep records, install
surveillance cameras, and require valid identification from customers to prevent
misuse.

Preventive measures include:

 Mandatory user registration with valid ID proof before granting access.

 CCTV surveillance within the premises to monitor user activities.
 Logging websites visited and session durations.
 Periodic inspections by authorities to ensure compliance.
 Educating cafe owners and staff about common cyber threats and their legal
responsibilities.