Information Security and Cyber Crimes:

The objective of this message is to educate

and create awareness amongst the public on
use of Technology, Internet media and its
implications on possible cyber crimes. Some
of the possible preventive measures, one can
take to avoid getting victimized for a cyber
crime
At the end of this presentation you
will learn
What is Cyber Crime
Types of Cyber Crime
Threats & Trends of Cyber Crime
 Cyber Laws Cyber crime is a generic term that refers to all
criminal activities done using the medium of computers, the
internet, cyber space and the worldwide web.

 "Cyber Security“ means protecting information, equipment,

devices, computer, computer resource, communication device
and information stored therein from unauthorized access, use,
disclosure, disruption, modification or destruction.

 Cyber law is a term used to describe the legal issues related

to use of communications technology, particularly
"cyberspace", i.e. the Internet. Cyber Law is represented by
Indian IT ACT 2008
 Cyber Crime – Motivation

• Money/Greed
• Curiosity
• Revenge
• Fun
• Praise seekers
 Cyber Crime – Upward Trends

• Huge increase in the use of Internet and smart phones

• Individuals share personal and work related
information on Internet
•Critical and sensitive information are shared on
Internet
• Financial transactions take place on Internet
• Security controls are never 100% and adequate
Cyber Crime – Its No more a
fun
Committing any crime using
cyber space (using internet) is
no more fun as there are
stringent laws.
Common Cyber-crime scenarios and
Applicability of Legal Sections

Let us look into some common cyber-crime scenarios

which can attract prosecution as per the penalties and
offences prescribed in IT Act 2000 (amended via 2008)
Act and Indian Penal Codes.
. Tampering with computer source
documents
Section 65
Whoever knowingly or intentionally conceals,
destroys or alters or intentionally or knowingly causes
another to conceal, destroy, or alter any computer
source code used for a computer, computer
programme, computer system or computer network,
when the computer source code is required to be kept
or maintained by law for the time being in force, shall
be punishable with imprisonment up to three years,
or with fine which may extend up to two lakh rupees,
or with both
Email Account Hacking

• Making unauthorized access / hacking of mail ID , any

type of social network IDs, websites etc

Provisions Applicable:- Section 66 of Information

Technology Act
ATM Card Fraud and Lottery Fraud

• Committing cheating by impersonation in the name of

bank manager or e.g. using names and logos of reputed
companies
Provisions Applicable:- Sections 66C, 66D of IT Act and
section 420 of the IPC.
Harassment via fake public profile on social
networking site

• Creation of fake profile in social media using personal

details of others like picture, name and other data

Provisions Applicable:- Sections 66C of IT Act and 500 of

IPC
Online Hate Community

• Uploading mainly in social media and in other websites etc

with intent to spread communal hatred

Provisions Applicable: Section and 153/153A /

153B/295/295A/504/505 of the Indian Penal Code.
Creation of fake websites mainly for
cheating or defamation

• If any fake website or alike website is created for the

purpose of cheating or defamation to any organization
where identical features and logos are used.

• Provisions Applicable:- 66D of IT Act and

468/469/471/419/420 IPC
Introducing malignant contents, alteration
and deletion of data etc

• If any virus, worm, trojan,bug,backdoor,rootkit etc are

introduced in any computer system or if any alteration ,
deletion of data or unauthorized copying or erasing are
made.
Provisions Applicable:- Punishable under section 66 of IT
Act
Cyber Terrorism

• If with intent to threaten the unity , integrity , security or

sovereignty of country or to strike terror in the people or
for any act which may cause denial of services of computer
system

• Punishable u/s 66F of IT act

Online sale of illegal Articles

• Where sale of narcotics, drugs weapons and wildlife is

facilitated by the Internet
Provisions Applicable:- Generally conventional laws are
applied in these cases.
Phishing and Email Scams

• Phishing involves fraudulently acquiring sensitive

information through masquerading a site as a trusted
entity. (E.g. Passwords, credit card information)
Provisions Applicable:- section 66D of IT Act and Section
419/420 of IPC
Theft of Confidential Information
( Data Theft)
• Many business organizations store their confidential
information in computer systems. This informations are
targeted by rivals, criminals and disgruntled employees.
Provisions Applicable:- Sections 72/72A of IT Act and
406/408 of Indian Penal Code
Source Code Theft

• Source code generally is the most coveted and important

“crown jewel” asset of a company. If intentionally destroys
or alteration of source of code is committed which is
punishable under the following section of law.
• Provisions applicable:- Section 65 of IT Act and Section 63
of Copyright Act.
 Uploading of videos/pictures having sexual/pornographic
contents

•Whoever publishes or transmits or causes to be published in the

electronic form, any material which is lascivious or appeals to the
prurient interest and for defamation of woman/girl.

•It is punishable u/s 67/67A/67B of IT Act and 354D/500/509 IPC

which may extent to more than 7 years.

•If morphing is made in the sexual material then sections

67/67A/67B of IT Act and 465/469/471/354D/500/509 IPC

 
Cyber Crime
• Curiosity and Revenge may be
primary reasons for a perpetrator
to get motivated for a cyber crime.
• Most of the times, people are not
aware about the implications of
cyber crimes/laws
• Girls are the most found victims of
a cyber crimes
• Monetary un-lawful or quick
Gain/profit
 Common Scenarios – Defamatory Post
It is usually found that a victim shares photographs and personal videos in
good faith at the time of good relationship but the same photographs and
videos can be edited and uploaded in different social media sites and bad
websites in the pretext of revenge, defame, blackmail etc.

“Dos and don'ts"

Do not share your personal photographs and videos to
anyone,
Always secure your Profile picture in the social media, do
not accept friend requests from un-known persons.
 Vishing calls (BANKING FRAUD)
IT IS ALSO COMMON THAT ONE RECEIVES FRAUD CALL FROM
UNKNOWN MOBILE NUMBERS REVEALING THEMSELVES AS BANK
MANAGERS OF REPUTED BANK AND IN THE NAME OF GIVING
SERVICE MANAGES TO COLLECT THE DEBIT CARD DETAILS AND
OTP’S, EVENTUALLY SYPHONING THE AMOUNT FROM THE
VICTIMS’ BANK ACCOUNT.

"Dos and Don'ts"

DO NOT ENTERTAIN ANY CALL WHO POSES AS CALLING FROM

BANK AUTHORITIES

DO NOT AT ANY CONDITION SHARE YOUR OTP’S TO ANY ONE

DO NOT SHARE YOUR “BANKING “SECURE PIN”

BANK NEVER ASK FOR ANY CARD NO OR OTP’S OR PIN NO. ETC
FACEBOOK RELATED FRAUD
Fraudsters these days use face book as the platform to cheat
innocent people, the fraudster creates an fancy face book profile
(foreigners) and sends friend requests which gets accepted by
common victims. Over a period of time and several
conversations once the fraudster has relevant information
about the victim (birthdays, anniversary, etc) he poses to have
sent gifts from abroad having high values, the victim then gets
call of confirmation from airport customs that a gift has come
which has high value and needs payment for clearance, the
victim pays the initial amount and there on keeps on receiving
call demanding money for more clearance and at the day gets
cheated.
"Dos and Don'ts"
DO NOT ACCEPT FRIEND REQUEST FROM UNKNOWN
PERSONS ON FACEBOOK OR ANY SOCIAL MEDIA.
DO NOT PAY FOR ANY GIFTS
 Fake website related recruitment fraud:
A fraudster creates alike website copying the entire
details from the Original Organisation and they
upload the false results containing the name of the
candidates (victims), charges money from innocent
youths pursuing a career. Who pay them in the
belief of getting Job? But later finds out at the time
of Joining that the entire process was a fraud.

Dos & Don’ts

Do not believe in touts as there are no ways
they can land you to a Job.
Look the URL of the website carefully. Contact
with the admin (contact details are available in
google) of the website before believing it.
Insurance Fraud:
Fraudster mainly targets senior citizens and generally
contact them during the noon hours, in the name of
reopening the lapsed Insurance, they also visit their houses
and convinces the victim to issue cheques or and at times
provides an erasing pen to sign the cheque which they later
encash, thereby cheating the elderly people of huge fund.
They also issues new insurances in the name of the victim
as they get a majority of the commission for this.

"Dos and Don'ts"

Do not allow insurance agents to your house in
respect this sort of call.
 Retired Servicemen Fraud:
Fraudster mainly posing as to be calling from the
central team calls retired persons and informs them that
they have sum of money which is due as arrear which will
be credited to the their account. But in order to avail the
same the victim needs to pay processing fees to different
bank accounts. At the end after paying the processing fees
the amount never gets credited to the victims account and
thereby gets cheated.

"Dos and Don'ts"

Do not entertain such type of calls, verify from
your former department about any increment or
arrears.
Departments never says to pay processing fees
into personal bank account
Other Common Cyber Crimes
Cyber crimes can be categorized and listed in multiple ways,
however some of the other common cyber crimes observed
are as below but not limited to :

• Cyber stalking
• Cyber Bullying
• Installing Key loggers
• Cyber Terrorism
• Email based Frauds
• Web jacking
• Online Gambling
• DoS Attacks
CYBER CRIME UNDER IPC
Apart from punishments in IT Act, 2000,
there are certain crimes that are attracted by
IPC provisions as well. The following is the
enumeration of the IPC provisions along with
various cyber crimes that are attracted by
respective Sections and the punishment for
the same. 
Section 292 of IPC: 
Although this Section was drafted to deal with the
sale of obscene material, it has evolved in the
current digital era to be concerned with various
cybercrimes.
The publication and transmission of obscene
material or sexually explicit act or exploit acts
containing children, etc which are in electronic
form are also governed by this section. Though
the crimes mentioned above seem to be alike,
they are recognized as different crimes by the IT
Act and
The punishment imposed upon the
commission of such acts is imprisonment
and fine up to 2 years and Rs. 2000. If any
of the aforementioned crimes are committed
for the second time, the imprisonment could
be up to 5 years and the fine could be
imposed up to Rs. 5000.
Section 354C of IPC: 
The cybercrime dealt with under this
provision is capturing or publication of a
picture of private parts or acts of a woman
without such person’s consent. This section
exclusively deals with the crime of ‘voyeurism’
which also recognizes watching such acts of a
woman as a crime.
If the essentials of this Section (such as
gender) are not satisfied, Section 292 of IPC
and Section 66E of IT Act, 2000 is broad
enough to take the offenses of a similar kind
into consideration.
The punishment includes 1 to 3 years of
imprisonment for first-time offenders and 3 to
7 years for second-time offenders.
Section 354D of IPC: This section describes and
punishes ‘stalking’ including both physical and
cyberstalking. If the woman is being monitored
through electronic communication, internet, or email
or is being bothered by a person to interact or
contact despite her disinterest, it amounts to cyber-
stalking.
The latter part of the Section states the punishment
for this offense as imprisonment extending up to 3
years for the first time and 5 years for the second
time along with a fine imposed in both the instances.
Section 379 of IPC: 
If a mobile phone, the data from that mobile
or the computer hardware is stolen, Section
379 comes into the picture and the
punishment for such crime can go up to 3
years of imprisonment or fine or both. But the
attention must be given to the fact that these
provisions cannot be applied in case the
special law i.e IT Act, 2000 provisions are
attracted.
Section 411 of IPC: 
This deals with a crime that follows the offenses
committed and punished under Section 379. If anyone
receives a stolen mobile phone, computer, or data
from the same, they will be punished in accordance
with Section 411 of IPC. It is not necessary that the
thief must possess the material. Even if it is held by a
third party knowing it to be others, this provision will
be attracted. The punishment can be imposed in the
form of imprisonment which can be extended up to 3
years or fine or both.
Section 419 and Section 420 of
IPC
These are related provisions as they deal with frauds. The
crimes of password theft for the purpose of meeting
fraudulent objectives or the creation of bogus websites and
commission of cyber frauds are certain crimes that are
extensively dealt with by these two sections of IPC. On the
other hand, email phishing by assuming someone’s identity
demanding password is exclusively concerned with Section
419 of IPC. The punishments under these provisions are
different based upon the gravity of the committed
cybercrime. Section 419 carries a punishment up to 3 years
of imprisonment or fine and Section 420 carries up to 7
years of imprisonment or fine.
Section 465 of IPC: 
In the usual scenario, the punishment for forgery is
dealt with in this provision. In cyberspace, the
offenses like email spoofing and preparation of false
documents are dealt with and punished under this
Section which imbibes the imprisonment reaching up
to 2 years or fine or both.
Security Awareness
Security Awareness
• Passwords are the only and/OR the primary option to
ensure privacy of your information
• Ensure Passwords are complex in nature
•Do not write passwords
•Do Not Keep your Display Pic (DP) in Whatsapp open
to everyone
• Do Not Accept friend request from unknown person.
• Keep your photos in Facebook secured
• Log- out from all devices after completing your work.
 Security Awareness – Social Media
 Social Media (FB, twitter, etc) is now an integral part of
our daily life
 Be sensitive in what you upload on your social
networking account (status, pics, etc)
 Use security and privacy options provided by social
media sites
 SMS based second factor authentication
 Access control (who can see what)
 Browser /machine mapping to your social media profile
 Block
 Keep your personal details, personal.
Security Awareness – Smart mobile devices
• Connect to ONLY authorized wifi access
• Use auto lock features
• Download apps from authorized app stores ONLY
• Use Privacy options provided by various mobile
Operating system
• Do NOT accept calls from weird numbers OR do not
give a call back
Thank You.