Please enable JavaScript.
Coggle requires JavaScript to display documents.
CHAPTER 6- Computer Crime - Coggle Diagram
CHAPTER 6- Computer Crime
Computer crime:
any crime involves a computer and a network
Categories:
:popcorn:crimes that primarily target computer networks or devices - malware
:popcorn:crimes that use computer networks or devices to advance other ends - hacking,fraud and identity theft,phishing scams
Hacking:
to gain illegal or unauthorized access to a file,computer or network.
Phase1:
:tada:positive term
:tada:"hacker"- creative programmer who wrote elegant or clever code
:tada:"hack"- was an especially clever piece of code
Phase2:
:zap:negative term
:zap:breaking into computers for which the hacker does not have authorized access
:zap:spreading of computer worms and viruses
:zap:phone phreaking- manipulating phone systems
Phase3:
:cherries:in the growth of Web
:cherries:hacktivism surfaced
:cherrDenial-of -service (DoS) attack used to shut down Web sites
:cherries:large scale theft of personal and financial information
Hacktivism:political hacking
:cherry_blossom:use hacking to promote a political cause
:cherry_blossom:disagreement about whether it is a form of civil disobedience and how it should be punished
:cherry_blossom:use appearance of hacktivism to hide other criminal activities
The Law:Catching and Punishing Hackers
:rose:1986 Congress passed the Computer Fraud and Abuse Act (CFAA)
:rose:penalties for young hackers
:rose: Security
:rose: Responsibility fir security
Identity Theft and Credit Card Fraud
Identity Theft:
various crimes which a criminal or large group uses the identity of an unknowning,innocent person
:explode:Technique used to steal personal and financial information
:cactus:Phishing-
email fishing for personal and financial information disguised ass legitimate business email
:cactus:Pharming-
false Web sites for personal and financial information by planting false URLs in Domain Name Servers
:explode:activation for new credit cards
:explode:retailers do not print the full card number and expiration date on receipts
:explode:software detects unusual spending activities and will prompt retailers to ask for identifying information
Responses to Identity Theft:
:check:authentication of email and web sites
:check:use of encryption to securely store data so it is useless if stolen
:check:authenticating customers to prevent use of stolen numbers,may trade convenience for security
Scams and Forgery
Auctions:
:red_flag:Federal Trade Commission -reports that online auction sites are one of the top sources of fraud complaints - some sellers do not send items or send inferior products
-sellers give themselves or friends glowing reviews to gather customer trust
:red_flag: auction sites use various techniques to counter dishonest sellers
:star:Click fraud -
repeated clicking on an ad to either increase a site's revenue or to use up a competitor's advertising budget
:star: Stock fraud :
most common method is to buy a stock low, send out emails urging others to buy and sell when the price goes up , usually only for a short time
:star:Digital Forgery
- new technologies are used to create fake checks,passports,visas,birth certificates-with little skill and investment
Analytical Tools For Cyber Crime
Fraud Analytical Tool
:strawberry:Detect fraud early
:strawberry:identity the right claims to focus on
:strawberry:automate time-consuming processes
:strawberry:streamline workflow
:strawberry:quickly identify suspicious participants or pattern in claims
Hacking Analytical Tool
:pen:sense and detect suspicious /doubtful applications which are able to leak private information/financial settlement/company's secret.
Fraud Detection Tools
:lock:Fraud.net Guardian
:lock:Splunk - for e-commerce purposes - protect customers and reputation and avoid fraud -related costs
:lock:FICO- Fraud Management System
:lock:fractals - Class-leading integrated,intelligent fraud detection and prevention framework for payment card issuers and acquirers
Hack detection Tools
:hibiscus:NetPatrol
:hibiscus:sXe Injected
:hibiscus:SMS- smishing hacking detector
Crime fighting VS Privacy and Civil Liberties:
search and seizure of computer-
:lower_left_crayon:Requires a warrant to search and seize a computer
:lower_left_crayon:automated searches
The Issues of Venue:
:koala:Charges generally filed where the crimes occurs
:koala:Laws differ between states and countries
:koala:FBI usually files in the sate where the crime was discovered and the investigation began
Cybercrime Treaty:
:avocado: to foster international cooperation among law agencies at different countries to fight cybercrime
Whose Laws Rule the Web
:warning:Laws vary from country to country
:warning:Corporations that do business in multiple countries must comply with the laws of all the countries involved
:warning:someone actions are legal in their own country may face prosecution in another country where their actions are illegal
Emergence Cyber Law in Malaysia:
:green_cross:Digital Signature Act 1997
:green_cross:Copyright (Amendment)Act 1997
:green_cross:Telemedicine Act 1997
:green_cross:Computer Crimes Act 1997
:green_cross:Communications & Multimedia Act (CMA)1998
:green_cross:Information Technology Act 2000
:green_cross:The Induce Act