`Hey,
Note: Brother if you have any queries related the answer
please do comment. I would be very happy to resolve all your
queries.
It is gaining the headlines because after the internet
is being explored, there are plethora of ways criminal can use it
to do fraud. The frauds have been multiplexed.
Below are some frauds done using intenet
- Business E-Mail Compromise (BEC): A
sophisticated scam targeting businesses working with foreign
suppliers and companies that regularly perform wire transfer
payments. The scam is carried out by compromising legitimate
business e-mail accounts through social engineering or computer
intrusion techniques to conduct unauthorized transfers of
funds.
- Data Breach: A leak or spill of data which is
released from a secure location to an untrusted environment. Data
breaches can occur at the personal and corporate levels and involve
sensitive, protected, or confidential information that is copied,
transmitted, viewed, stolen, or used by an individual unauthorized
to do so.
- Denial of Service: An interruption of an
authorized user's access to any system or network, typically one
caused with malicious intent.
- E-Mail Account Compromise (EAC): Similar to
BEC, this scam targets the general public and professionals
associated with, but not limited to, financial and lending
institutions, real estate companies, and law firms. Perpetrators of
EAC use compromised e-mails to request payments to fraudulent
locations.
- Malware/Scareware: Malicious software that is
intended to damage or disable computers and computer systems.
Sometimes scare tactics are used by the perpetrators to solicit
funds from victims.
- Phishing/Spoofing: Both terms deal with forged
or faked electronic documents. Spoofing generally refers to the
dissemination of e-mail which is forged to appear as though it was
sent by someone other than the actual source. Phishing, also
referred to as vishing, smishing, or pharming, is often used in
conjunction with a spoofed e-mail. It is the act of sending an
e-mail falsely claiming to be an established legitimate business in
an attempt to deceive the unsuspecting recipient into divulging
personal, sensitive information such as passwords, credit card
numbers, and bank account information after directing the user to
visit a specified website. The website, however, is not genuine and
was set up only as an attempt to steal the user's information.
- Ransomware: A form of malware targeting both
human and technical weaknesses in organizations and individual
networks in an effort to deny the availability of critical data
and/or systems. Ransomware is frequently delivered through spear
phishing emails to end users, resulting in the rapid encryption of
sensitive files on a corporate network. When the victim
organization determines they are no longer able to access their
data, the cyber perpetrator demands the payment of a ransom,
typically in virtual currency such as Bitcoin, at which time the
actor will purportedly provide an avenue to the victim to regain
access to their data.
Protecting Privacy
- Don’t give private information to anyone you don’t know or who
doesn’t have a legitimate need for it.
- Don’t provide personal, sensitive or confidential information
online unless you are using a trusted, secure web page.
- At a minimum, look for “https” in the URL to indicate that
there is a secure connection.
- Get to web sites by typing the web address in directly. Don’t
click or cut and paste links in unsolicited emails.
- Remember that links and web sites that look legitimate can
really be bogus sites designed to steal information or infect your
computer.
- Don’t put sensitive information in locations that are
accessible from the Internet. Even unlinked web pages can be
found.
Protecting information in Email and
IM/Texts
- Never assume that email, instant messages (IM), texts or
attachments are private or confidential.
- Avoid sending large attachments.
- Use the “Bcc” (blind carbon copy) line for large numbers of
recipients. This protects the email addresses of the recipients by
hiding them and makes your email easier to read.
Security Cautions
Don’t click on unknown links or attachments in email, texts,
social networking sites, or pop-up ads/windows. These could
compromise your computer or take you to malicious web sites
designed to steal information.
- Just opening a malicious web page or attachment can infect a
computer. Make sure you know where you’re going before clicking on
a link or opening something.
- Instead of clicking on an unknown link – including “tiny URLs”
– look up the website yourself (e.g. Google it) and go there on
your own. If you can't verify that something is legitimate, DELETE
IT!
File sharing and IM
Be extremely careful with file sharing software (BitTorrent, Kazaa,
eDonkey, Limewire, etc.) and Instant Messaging (IM).
- File sharing can expose your computer to malicious files and
attackers. Files may not always be what they say they are.
- Improperly configured filesharing software can allow others
access to your entire computer.
- Also, if you share copyrighted files, you risk being
disconnected from the campus network, as well as serious legal
consequences.
- Some anti-virus programs cannot detect viruses in P2P/IM/chat
files, so viruses and other malicious code can be spread this
way.
Kindly revert for any queries
Thanks.