Module 3

Tools and Methods Used in Cybercrime

[06 hours]
15-20 marks

Phishing, Password Cracking, Key loggers and Spywares,

Virus and Worms, Steganography
DoS and DDoS Attacks, SQL Injection, Buffer Over Flow
Attacks on Wireless Networks, Identity Theft (ID Theft)
Book: Ch. 4 and Ch. 5, Nina Godbole, Sunit Belapure - "Cyber Security", Wiley India, New Delhi,
2012

1
2
Phishing

●Phishing is a cybercrime in which a target or targets are

contacted by email, telephone or text message by
someone posing as a legitimate institution to lure
individuals into providing sensitive data such as personally identifiable
information, banking and credit card details, and passwords.
●Phishing attacks typically rely on social networking techniques applied to email
or other electronic communication methods.
●One of the oldest types of cyberattacks, dating back to the 1990s, and it's still
one of the most widespread and pernicious, with phishing messages and
techniques becoming increasingly sophisticated.
●The "ph" is part of a tradition of whimsical hacker spelling.

3
4
Phishing - Types

●Email Phishing
● Also called “deception phishing”
●HTTPS Phishing
●Spear Phishing
●Whaling/CEO fraud
●Vishing
●Smishing
●Angler Phishing
●Pharming
●Pop-up Phishing
● newer version of pop-up phishing uses the web browser’s “notifications” feature
●Clone Phishing
●Evil Twin-(fake wifi network)
●Watering hole Phishing

5
Phishing - Types

● Email Phishing
● Also called “deception phishing”
Phishing is a type of online
scam that targets consumers
by sending them an e-mail that
appears to be from a well-
known source – an internet
service provider, a bank, or a
mortgage company, for
example.

6
As an example, the scenario usually plays out as follows:

An individual receives an email from his or her bank (for example, Chase).
The email appears to be sent from Chase, with the Chase logo embedded in the
email.
The email explains how there is an urgent issue with the individual's account,
instructing her to click on a link to address the matter right now.
Once the individual clicks on the link, she is brought to a webpage which mimics
that of Chase.
Unknowingly, the individual enters her username and password to enter the
website.

7
Phishing - Types

●Email Phishing
● Also called “deception phishing”

8
Phishing - Types

● HTTPS Phishing:- Fraudulent HTTPS sites are a favorite gateway to this

information for hackers who are savvy in how to easily provide a false sense
of security. It is relatively simple for them to set up a fake HTTPS site with
that trusted padlock in attacks that are often described as “low risk, high
reward.

9
Phishing - Types

●Spear Phishing

10
11
12
Phishing - Types

● Whaling (CEO Fraud) :-A whaling attack is a type of phishing attack that targets high-level
executives, such as the CEO or CFO, to steal sensitive information from a company

13
14
Phishing - Types

● Vishing:- Vishing (voice or VoIP phishing) is a type of cyber attack that uses voice and
telephony technologies to trick targeted individuals into revealing sensitive data to
unauthorized entities.

15
Phishing - Types

● Smishing:-the fraudulent practice of sending text messages purporting to be from reputable

companies in order to induce individuals to reveal personal information, such as passwords
or credit card numbers

16
Phishing - Types

● Angler Phishing:-Angler phishing is a type of phishing attack that targets social media users.

17
Phishing - Types

●Pharming:-Pharming is online fraud that involves the use of malicious code to direct victims
to spoofed websites in an attempt to steal their credentials and data.

18
Phishing - Types

●Pop-up Phishing:-Pop-up phishing is a scam in which pop-up ads trick users into installing
malware on their computers or convince them to purchase antivirus protection they don't
need. These pop-up ads sometimes use scare tactics.

19
Phishing - Types

●Clone Phishing:-Clone phishing is a scam where a cybercriminal replicates a legitimate

email or website to trick the victim into giving personal information. The cloned email looks
almost the same as the original and contains legitimate details, making clone phishing
more difficult to spot than other phishing attacks

20
 Phishing - Types

● Evil Twin:-An evil twin attack is

a rogue Wi-Fi access point (AP)
that masquerades as a
legitimate one, enabling an
attacker to gain access to
sensitive information without
the end user's knowledge. An
attacker can easily create an
evil twin with a smartphone or
other internet-capable device
and some easily available
software

21
Phishing - Types

●Watering Hole Phishing:-A watering hole attack is a form of cyberattack that targets groups
of users by infecting websites that they commonly visit

22
Real-Life Examples of Angler Phishing Attacks

Tax Season Phishing Scams:

Angler phishing attacks often surge during tax season, with cybercriminals impersonating tax authorities or
financial institutions. Victims may receive emails claiming issues with their tax returns and prompting them
to click on malicious links.

Payment Fraud via Impersonation:

Cybercriminals may impersonate company executives in Angler Phishing attacks targeting finance
departments. The attackers request urgent payments or financial transactions, leading to unauthorized fund
transfers.

Credential Harvesting via COVID-19 Lures:

Angler Phishing attacks have exploited global events, such as the COVID-19 pandemic. Cybercriminals send
emails claiming to provide pandemic-related information, tricking users into clicking on malicious links and
revealing login credentials.
23
24
Phishing - Satistics

25
Phishing - Satistics

26
Phishing - Satistics

27
Phishing - Satistics

28
29
Phishing - Satistics

30
Phishing - Satistics

31
Phishing - Satistics

●75% of organizations around the world experienced some kind of phishing

attack in 2020.
●35% of organizations experienced spear phishing.
●65% of organizations faced BEC attacks.
●74% of organizations in the United States experienced a successful phishing
attack.
●65% of active cybercriminal gangs relied on spear phishing as the primary
infection vector.
●Google has registered 2,145,013 phishing sites as of Jan 17, 2021. This is up
from 1,690,000 on Jan 19, 2020 (up 27% over 12 months).
●48% of malicious email attachments are Office files.
●94% of malware is delivered by email.
●Phishing attacks account for more than 80% of reported security incidents
32
33
34
Password Cracking

●Password cracking means recovering passwords from a computer or from data

that a computer transmits.
●Password cracking is the process of attempting to gain Unauthorized access to
restricted systems using common passwords or algorithms that guess
passwords.
●In other words, it’s an art of obtaining the correct password that gives access to
a system protected by an authentication method.

35
Password Cracking - Password Strength

●Password strength is the measure of a password’s efficiency to resist password

cracking attacks
● Length
● Complexity
● Unpredictability

36
Password Cracking - Password Strength

●Password strength is the measure of a password’s efficiency to resist password

cracking attacks
● Length
● Complexity
● Unpredictability

37
Password Cracking - Techniques

●Brute Force Attack

● Methods of hacking that involves guessing all possible passwords
● Employ some sort of automated processing, allowing vast quantities of
passwords to be fed into a system.
●Dictionary Attack
● Uses an automated process of feeding a list of commonly-used
passwords and phrases into a computer system until something fits.
●Rainbow Table Attack
● Hackers maintain directories that record passwords & their corresponding
hashes
● Rainbow tables go one step further, as rather than simply providing a
password and its hash, it stores a precompiled list of all possible plain text
versions of encrypted passwords
38
Password Cracking - Techniques

●Social Engineering
● Successful social engineering attacks can be incredibly convincing and
highly lucrative
● The CEO of a UK-based energy company lost £201,000 to hackers after
they tricked him with an AI tool that mimicked his assistant’s voice.
●Phishing
● Tricks the user into entering their login credentials into a bogus site
●Spidering
● Describes the process of a hacker getting to know their target, to the
extent that they’re able to get credentials based on their activity.
● Many organizations use passwords that relate to their business which
Hackers are able to study in order to build a list of possible word
combinations
39
Password Cracking - Techniques

●Malware
● Keyloggers, screen scrapers, and a host of other malicious tools
●Network analyzers
● Hackers monitors and intercept data packets sent over a network and lift
the plain text passwords contained within
●Shoulder surfing
● Look over the shoulders of employees or grab sensitive documents with
potential passwords.
●Guessing
● If all else fails, a hacker can always try and guess your password.

40
Password Cracking - Tools

●Programmers have developed Aircrack-ng: A suite of tools that assess

many password cracking tools. Wi-Fi network security to monitor and
Every tool has its own export data and attack an organization
advantages and disadvantages. through methods like fake access points
and packet injection.
● Brutus
● RainbowCrack John the Ripper: An open-source
● Wfuzz password recovery tool that supports
● Cain and Abel hundreds of cipher and hash types,
● John the Ripper including user passwords for macOS, Unix,
● THC Hydra and Windows, database servers, web
● Medusa applications, network traffic, encrypted
private keys, and document files.
● OphCrack
● L0phtCrack
● Aircrack-NG 41
Wfuzz is a tool designed for bruteforcing Web Applications, it can be used for
finding resources not linked (directories, servlets, scripts, etc), bruteforce
GET and POST parameters for checking different kind of injections (SQL,
XSS, LDAP,etc), bruteforce Forms parameters (User/Password), Fuzzing,etc.

42
RainbowCrack is a computer program which generates rainbow tables to be
used in password cracking.
RainbowCrack differs from "conventional" brute force crackers in that it uses
large pre-computed tables called rainbow tables to reduce the length of time
needed to crack a password drastically.
A rainbow table is a database containing precomputed hashed outputs for
various passwords, utilizing a time/memory tradeoff to efficiently store and
retrieve password/hash combinations.

43
Start with password strength. Follow a few rules:

Do make your password long. Aim for about eight characters, if not more.
Don't use common passwords like "password" or "1,2,3,4."
Do use special characters like $ and * to replace recognizable letters.
Don't make your password so complicated that you'll never remember it.
Do get creative and innovative when you write.
Don't include details, like your pet's name or your address, that people can
discover on social media.

44
45
What does this mean?

●White hat ●BlueSmacking

●Grey hat ●BlueJacking
●Black hat ●BlueSnarfing
●Baiting ●Bluebugging
●Cross Site Scripting ●BlueBorne
●Taligating ●PUPs
●Pretexting ●Exploit Kits
●Quid Pro Quo
●Carding
●Piggy Backing
●Physical Hacking
●MAC Spoofing

46
47
Key Logger

●a software program designed to secretly monitor and log all keystrokes

●a keylogger doesn’t have to be software – it can also be a device.
●Most modern keyloggers are considered to be legitimate software or hardware
and are sold on the open ACmarket.
●many keyloggers hide themselves in the system (i.e. they have rootkit
functionality), which makes them fully-fledged Trojan programs.
●Keyloggers may also be used by:
● Employers to observe employees' computer activities
● Parents to supervise their children's internet usage
● Device owners to track possible unauthorized activity on their devices
● Law enforcement agencies to analyze incidents involving computer use.

48
Key Logger

●As such programs are extensively used by cyber criminals, detecting them is a
priority for antivirus companies.
●Kaspersky Lab’s malware classification system has a dedicated category for
malicious programs with keylogging functionality: Trojan-Spy.
● Trojan-Spy programs, as the name suggests, track user activity, save the
information to the user’s hard disk and then forward it to the author or
‘master’ of the Trojan.
● The information collected includes keystrokes and
screen-shots, used in the theft of banking data to
support online fraud.

49
50
Types of Key Loggers

●Software Keyloggers
● programs that plan to monitor your PC’s working framework.
● Allow access to locally recorded data from a remote location.
● This communication can happen by using one of the following methods:
● Uploading data to a website, database or FTP server.
● Periodically emailing data to a predefined email address.
● Wirelessly transmitting data through an attached hardware
● Software enabling remote login to your local machine.

51
Types of Key Loggers

●Software Keyloggers
● Additional features include:
● Clipboard logging
Anything that can be copied to the clipboard is captured.
● Screen logging
Randomly timed screenshots of your screen are logged.
● Activity tracking
Recording of which folders, programs and windows are opened and
also possibly screenshots of each.
● Recording
Recording of search engine queries, instant message conversations,
FTP downloads along with any other internet activities.

52
Types of Key Loggers

●Hardware Keyloggers
● Keyboard hardware
● Piece of hardware inserted somewhere between the
computer keyboard and the computer, typically along the keyboard's
cable connection.
● Wireless keyboard sniffers
● Signals sent from a wireless keyboard is intercepted
● Keyboard overlays
● Popular in ATM theft cases where thieves capture user's PIN number

53
Types of Key Loggers

●Acoustics Keyloggers
● Acoustic keylogger monitors the sound created by each individual keystroke
● Uses the subtly different acoustic signature that each key emits to analyze
and determine what the target computer’s user is typing.

54
Key Logger - Mitigation

●There are a variety of ways to detect a keylogger, though none are

a catchall
●If you have reason to suspect your computer has a keylogger,
try a variety of these tactics:
● Run antivirus, which can often detect a keylogger on your system.
● Run a program like Spybot Search and Destroy or MalwareBytes
● Check your task list and examine the tasks running
● Scan your hard disk for the most recent files stored. Look at the contents of
any files that update often, as they might be logs.
● Use your system configuration utility to view which programs are loaded at
computer start-up.

55
Individuals can use a firewall to help protect against a keylogger. Since
keyloggers transmit data back and forth from the victim to the attacker, the
firewall could discover and prevent that data transfer.

Password managers that automatically fill in username and password fields may
also help protect against keyloggers. Monitoring software and antivirus
software can also keep track of a system's health and prevent keyloggers.

System cages that prevent access to or tampering with usb and ps/2 ports can
be added to the user's desktop setup. Extra precautions include using a
security token as part of two-factor authentication (2FA) to ensure an
attacker cannot use a stolen password alone to log in to a user's account, or
using an onscreen keyboard and voice-to-text software to circumvent using a
physical keyboard.

Application allow listing can also be used to allow only documented, authorized
programs to run on a system. It is also always a good idea to keep any
system up to date. 56
57
58
59
Spyware

●Spyware is unwanted software that infiltrates your computing device, stealing

your internet usage data and sensitive information.
●Spyware is classified as a type of malware — malicious software designed to
gain access to or damage your computer, often without your knowledge.
●Spyware gathers your personal information and relays it to advertisers, data
firms, or external users.
●It can easily infect your device and it can be hard to identify.

60
Types of Spyware

●Adware. This type of spyware tracks your browser history and downloads, with the intent of
predicting what products or services you’re interested in. The adware will display
advertisements for the same or related products or services to entice you to click or make a
purchase.
●Trojan. This kind of malicious software disguises itself as legitimate software. For example,
Trojans may appear to be a Java or Flash Player update upon download. Trojan malware is
controlled by third parties. It can be used to access sensitive information such as Social
Security numbers and credit card information.
●Tracking cookies. These track the user’s web activities, such as searches, history, and
downloads, for marketing purposes.
●System monitors. This type of spyware can capture just about everything you do on your
computer. System monitors can record all keystrokes, emails, chat-room dialogs, websites
visited, and programs run. System monitors are often disguised as freeware.

61
Spyware Infecting Techniques

●Security vulnerabilities
●Phishing and spoofing
●Misleading marketing
●Software bundles
●Trojans
●Mobile device spyware

62
Spyware Infecting Techniques

●Whatever way spyware manages to get on your PC, the method of operation is
generally the same
●It runs quietly in the background, maintaining a secret presence, collecting
information or monitoring your activities in order to trigger malicious activities
related to your computer and how you use it.
●And even if you discover its unwelcome presence on your system, Spyware does
not come with an easy uninstall feature.

63
Top 11 Spyware

●Pegasus
●CoolWebSearch
●Bzub
●Trojan.Gen
●Trojan Agent.Gen
●2nd Thought
●Zlob
●Trojan Ace X
●MatCash
●Areses
●Trojan Poolsy:

64
Top 10 Spyware Mitigating tools

65
Spyware Mitigating Techniques

●The best defense against spyware, as with most malware, starts with your
behavior.
●Follow these basics of good cyber self-defense.
● Keep your antivirus running in the background with web security and
periodic scan enabled
● Don’t open emails from unknown senders.
● Don’t download files unless they come from a trusted source.
● Enable the firewall.
● Mouse-over links before clicking on them and make sure you’re being sent
to the right webpage.
● Do not click of pop-ups on that redirect you to a random website
● Use a reputable cybersecurity program to counter advanced spyware.

66
67
Virus

●Viruses are malicious programs that self-replicate on

computers or via computer networks without the user
being aware.
● Each subsequent copy of such malicious programs is also able to self-replicate.
●designed to change the operation of a computer or mobile device and spread to
other systems.
●The virus lies dormant and often undetected until it is executed by running a
program, opening a file, or performing any task designed to trigger its execution.
●Viruses can destroy or corrupt data, damage hardware or software, and infect
systems across an entire network.
●They can install malware designed to steal data, passwords and personal
information, and be targeted to destroy files and corrupt or disable systems.

68
Virus

69
Virus

●This idea was first discussed in a series of lectures by

mathematician John von Neumann in the late 1940s and
a paper published in 1966, Theory of Self-Reproducing
Automata.
●The creeper program - 1970
●The rabbit virus - 1974
●ANIMAL - First Trojan 1975
●The brain boot sector - floppy disk 1986
●The loveletter virus - 2000
●Code Red Virus
●Heartbleed - 2014

70
Types of Virus

●Overwrite Virus
●Append Virus
●Macro Virus
●Boot Virus
●Resident Virus
●Multipartite Virus
●Polymorphic Virus
●Rabbit Virus ●CMOS Virus
●File Infector Virus ●Companion Virus
●Trojan Horse ●Encrypted Virus
●Cavity virus ●Executable Virus
●Stealth Virus

71
Symptoms of Virus

●Slow computer performance

●Frequent pop-ups
●Hard Drive issue
●Frequent crashes
●Dialog Boxes
●Unknown programs
●Printer Issues
●Unusual activities
●Impaired security solutions ●Changed Homepage
●Strange messages
●Network issue
●Unnecessary advertisement
●Display problems
●Affected Applications
●Blocked by Antivirus Sites

72
Virus - Mitigation

●Installation of an effective antivirus

software
●Patching up the operating system
●Patching up the client software
●Putting highly secured Passwords
●Use of Firewalls

73
Worms

●a malicious, self-replicating program that can spread throughout a network

without human assistance.
●cause damage similar to viruses, exploiting holes in security software and
potentially stealing sensitive information, corrupting files and installing a back
door for remote access to the system, among other issues.
●Does not need to attach itself to a software program in order to cause damage
●utilize large amounts of memory and bandwidth, so affected servers, networks
and individual systems are often overloaded and stop responding.

74
Worms - History

●The first Internet infection that required no human intervention to propagate was
the Morris Worm, discovered in 1988 and released by Robert Morris.
● used multiple exploits including buffer overflows, debugging routines in
mail components, password sniffing, and other streams of execution to
improve its ability to attack other computers.
●Modern Worms: Code Red
● exploited a buffer flow condition in the Microsoft IIS (Internet Information
Server).
● It was able to propagate quickly because of the "always on" nature of IIS
and many versions of the Windows operating system.
● Code Red was also equipped with scanning capabilities that improved its
throughput and gave it the ability to elude numerous IP address security
features.
75
Worms

●Email Worms
●Instant Messaging worms
●Internet Worms
●Internet Relay Chat worms
●File sharing worms

76
Worms

●If you suspect your devices are infected with a computer worm, run a virus scan
immediately.
●Even if the scan comes up negative, continue to be proactive by following these
steps.
● Keep an eye on your hard drive space
● Monitor speed and performance
● Be on the lookout for missing or new files

77
Virus vs Worms

78
Which is more dangerous?

79
 Module 3
Tools and Methods Used in Cybercrime
[06 hours]
15-20 marks

●Phishing, Password Cracking, Key loggers and Spywares,

●Virus and Worms, Steganography
●DoS and DDoS Attacks, SQL Injection, Buffer Over Flow
●Attacks on Wireless Networks, Identity Theft (ID Theft)
Book: Ch. 4 and Ch. 5, Nina Godbole, Sunit Belapure - "Cyber Security", Wiley India, New Delhi,
2012

80
81
Steganography

Steganos
Graph
Used to conceal the message inside another larger
message

●Steganography is the practice of hiding

a secret message inside of (or even on top of)
something that is not secret.

82
Steganography

●It is a form of covert communication and can involve the use of any medium to
hide messages.
●It’s not a form of cryptography, because it doesn’t involve scrambling data or
using a key.
●Where cryptography is a science that largely enables privacy, steganography is a
practice that enables secrecy – and deceit.

83
 STEGANOGRAPHY CRYPTOGRAPHY

Definition It is a technique to hide the existence of It’s a technique to convert data

communication into an incomprehensible form

Purpose Keep communication secure Provide data protection

Data Visibility Never Always

Data Structure Doesn’t alter the overall structure of data Alters the overall structure of
data
Key Optional, but offers more security if used Necessary requirement

Failure Once the presence of a secret message If you possess the decryption
is discovered, anyone can use the secret key, then you can figure out
data original message from the
ciphertext

84
Steganography

Plain text

Cover text

Stego text

85
Steganography

Plain text
Cipher text

Cover text

Stego text

86
Steganography

●The oldest documented case of steganography dates to 500 BC, in which

Histiaeus, the ruler of Milteus, tattooed a message on the shaved head of one of
his slaves and let the hair grow back. He then sent the slave to the Aristagoras,
his son-in-law, who shaved the slave’s head again and revealed the message.
●In the centuries that followed, more modern forms of steganography were
invented, such as invisible inks.
●Today, steganography has moved to the digital world.

87
Steganography

88
Steganography Techniques

Video Steganography

Image Steganography
Text Steganography Network Steganography

Audio Steganography

89
 Steganography Techniques

Text Steganography
Hiding information inside the text files
Changing format of existing text, changing words within a text,
generating random character sequences or using context-free
grammars to generate readable texts.

90
Steganography Techniques

Image Steganography
● Least Significant Bit Insertion

91
 Steganography Techniques

Image Steganography
● Least Significant Bit Insertion
● Masking and Filtering

92
 Steganography Techniques

Image Steganography
● Least Significant Bit Insertion
● Masking and Filtering
● Redundant Pattern Encoding

93
 Steganography Techniques

Image Steganography
● Least Significant Bit Insertion
● Masking and Filtering
● Redundant Pattern Encoding

● Encrypt and Scatter

Similar to LSB Insertion technique but uses Key to
encrypt and decrypt the message

94
 Steganography Techniques

Image Steganography
● Least Significant Bit Insertion
● Masking and Filtering
● Redundant Pattern Encoding

● Encrypt and Scatter

● Coding and Cosine Transformation

Compressing the image using DCT to reduce the

distortion in the image

95
 Steganography Techniques

● Most difficult stegnography method Audio Steganography

● Human Auditory System (HAS) has a very vibrant
range
● Only weakness loud sound drowns the quite sound

● Commonly used audio steganography Techniques

● Least Significant Bit Encoding
● Parity Encoding
● Phase Coding
● Spread Spectrum
● Echo Hiding

96
Steganography Techniques

● Least Significant Bit Encoding Audio Steganography

● Parity Encoding

97
Steganography Techniques

● Least Significant Bit Encoding Audio Steganography

● Parity Encoding
● Phase Coding

98
Steganography Techniques

● Least Significant Bit Encoding Audio Steganography

● Parity Encoding
● Phase Coding
● Spread Spectrum

99
Steganography Techniques

Network Steganography

100
Steganography Techniques

Network Steganography

Packet Modification

101
 Steganography Tools

•Stegosuite
Free steganography tool which is written in Java. With Stegosuite you can easily hide
confidential information in image files.
•Steghide
Open source Steganography software that lets you hide a secret file in image or audio file.
•Xiao Steganography
Free software that can be used to hide data in BMP images or in WAV files.
•SSuite Picsel
Free portable application to hide text inside an image file but it takes a different approach
when compared to other tools.
•OpenPuff
Professional steganographic tool where you can store files in image, audio, video or flash
files

102
Steganography and Cybercrime

●Steganography is now very popular with malware and spyware writers

●Anti-malware tools generally, and perimeter security tools specifically, can do

very little with payload-filled carriers. Such carriers are very difficult to detect, as
they look like regular image files (or other types of files)

●All steganography detection programs today are essentially proof-of-concept,

and their logic cannot be implemented in commercial security tools because
they are slow, have fairly low detection rates, and sometimes even contain errors
in the math

103
Steganography and Cybercrime

● Now that encryption is relatively easy to detect, saboteurs increasingly hide their
malevolence in plain sight—embedded in banner ads, text messages, or images. This is
steganography, and it’s described as the digital equivalent of invisible ink.
● Detecting the hidden data is like finding a needle in a haystack. The technique makes it
easy for criminals to transmit data-stealing malware.
● The threat is so serious that researchers formed a Criminal Use of Information Hiding
(CUIng) Initiative, gathering experts from all over the world to learn ways to detect and
disable information-hiding activity.
● “A recent trend involves exploiting various information-hiding techniques to empower
malware—for example, to bypass mobile device security frameworks or to exfiltrate
sensitive data,” say the CUIng researchers and authors of “The New Threats of
Information Hiding: The Road Ahead. ”

104
Steganography and Cybercrime

105
 Steganography and Cybercrime

“Such a stealth method makes it harder for security products to detect and protect
against the threats that use them. Antivirus products do not usually scan for non-
executable file headers (such as sound files, images)”

106
Summary:
●Phishing, Password Cracking, Key loggers and Spywares,
●Virus and Worms, Steganography

107