Web-Based Criminal Activity and Malware Overview
71 Questions
0 Views

Web-Based Criminal Activity and Malware Overview

Created by
@IndebtedOwl

Podcast Beta

Play an AI-generated podcast conversation about this lesson

Questions and Answers

Which of the following is NOT a form of internet auction fraud?

  • Shill bidding
  • Nondelivery of goods
  • Phishing attempts (correct)
  • Fee-stacking
  • Online credit card fraud can only occur through traditional methods like stealing physical cards.

    False

    What is web-cramming?

    The unauthorized charging of consumers via monthly telecommunication fees.

    Shill bidding involves the seller submitting bids to __________ the price of an item.

    <p>drive up</p> Signup and view all the answers

    Which of the following are considered web-based criminal activities? (Select all that apply)

    <p>Child pornography</p> Signup and view all the answers

    Match the following terms related to online fraud with their definitions:

    <p>Skimming = Stealing information from cards via devices at ATMs ISP Jacking = Redirecting users to illegitimate servers to generate charges RFID = Taking information from 'wave and pay' devices Fee-stacking = Adding hidden charges to transactions</p> Signup and view all the answers

    Denial of Service (DoS) attacks aim to enhance server performance.

    <p>False</p> Signup and view all the answers

    What is a botnet?

    <p>A network of compromised computers used for malicious purposes.</p> Signup and view all the answers

    The ______ Era refers to the phase of malware development that used floppy disks for distribution.

    <p>Floppy</p> Signup and view all the answers

    Match the following types of malware with their description:

    <p>Viruses = Typically self-replicate and can infect programs or documents Worms = Primarily used for large-scale DoS attacks Spam = Abuse of electronic messaging systems Botnets = A network of compromised computers</p> Signup and view all the answers

    What is the primary purpose of a worm in the context of cybercrime?

    <p>To facilitate DoS attacks</p> Signup and view all the answers

    Macro viruses primarily infect programs rather than documents.

    <p>False</p> Signup and view all the answers

    What is ransomware primarily designed to do?

    <p>Make digital resources inoperable or inaccessible</p> Signup and view all the answers

    Individuals with higher levels of education are more vulnerable to ransomware attacks.

    <p>False</p> Signup and view all the answers

    What term describes the illegal distribution of offensive materials online?

    <p>Dissemination of contraband materials</p> Signup and view all the answers

    Name one method of traditional proprietary information theft.

    <p>Social engineering</p> Signup and view all the answers

    The PC Cyborg/Aids Trojan demanded a payment of $_______ to regain access to files.

    <p>378</p> Signup and view all the answers

    Which of the following is NOT a traditional method of information theft?

    <p>Encryption</p> Signup and view all the answers

    Match the forms of theft with their descriptions:

    <p>Insiders = Steal information from within an organization Social engineering = Manipulating individuals to gain confidential information Theft of equipment = Physically stealing devices that contain data Malware = Software designed to cause damage or unauthorized access to systems</p> Signup and view all the answers

    Political espionage is a concern for organizations due to the targeting of information by foreign governments.

    <p>True</p> Signup and view all the answers

    What is one major factor contributing to the vulnerability of users to ransomware?

    <p>Level of education</p> Signup and view all the answers

    What motivates cyber terrorism?

    <p>Political or religious reasons</p> Signup and view all the answers

    Child pornography is legal in some states in the U.S.

    <p>False</p> Signup and view all the answers

    Name one method commonly used in cyber terrorism.

    <p>Viruses or worms</p> Signup and view all the answers

    Online predators often exploit chat rooms to identify __________.

    <p>victims</p> Signup and view all the answers

    Match the motivations for possessing child pornography with their descriptions:

    <p>Pedophilia = To satisfy sexual fantasies about prepubescent children Sexual miscreants = To satisfy a desire for new and different sexual stimuli Curiosity-seekers = To satisfy a peculiar curiosity Criminal opportunists = To profit from its distribution</p> Signup and view all the answers

    What is the primary difficulty in prosecuting child pornography cases?

    <p>First Amendment issues</p> Signup and view all the answers

    Honeypots are used by law enforcement to catch online predators by pretending to be children.

    <p>True</p> Signup and view all the answers

    What is a common intent behind the creation of child pornography?

    <p>Enticement or exploitation of children</p> Signup and view all the answers

    Which stage of money laundering involves the return of funds to the legitimate economy?

    <p>Integration</p> Signup and view all the answers

    Layering is the process of using networks to obscure the origins of funds.

    <p>True</p> Signup and view all the answers

    What are two methods used to combat money laundering?

    <p>Freezing accounts and forfeiture of funds.</p> Signup and view all the answers

    The first stage of money laundering is called ______.

    <p>Placement</p> Signup and view all the answers

    Match the following technology-related issues with their corresponding impacts on computer crime:

    <p>Storage warehouses = Facilitates data theft Increasing connectivity = Enhances criminal coordination Decreasing technical expertise = Simplifies criminal activities Government apathy = Lowers enforcement efficacy</p> Signup and view all the answers

    What is shill bidding?

    <p>A seller submitting bids to increase the price of an item</p> Signup and view all the answers

    Web-cramming refers to the unauthorized charging consumers with monthly telecommunications fees.

    <p>True</p> Signup and view all the answers

    Name one method of online credit card fraud.

    <p>Skimming</p> Signup and view all the answers

    _______ involves the unauthorized redirection of individual users to illegitimate servers.

    <p>ISP Jacking</p> Signup and view all the answers

    Match the types of online fraud with their definitions:

    <p>Online Fraud = Intentional deception to gain unwarranted compensation Internet Auction Fraud = Non-delivery of goods or misrepresentation of items Online Credit Card Fraud = Includes methods such as skimming Web-Cramming = Unauthorized charging through telecommunication fees</p> Signup and view all the answers

    Which of the following is considered a consequence of web-based criminal activity?

    <p>Financial losses</p> Signup and view all the answers

    Identity theft is a major threat related to computer crime.

    <p>True</p> Signup and view all the answers

    What is one modern context where technology is used by terrorists?

    <p>Cyber terrorism</p> Signup and view all the answers

    The term ________ refers to unauthorized use or interference with lawful use of computers.

    <p>cyber vandalism</p> Signup and view all the answers

    Match the following types of web-based criminal activities with their descriptions:

    <p>Identity Theft = Stealing personal information for fraud Eco-terrorism = Using online platforms to promote environmental sabotage Cyber Vandalism = Deliberately damaging or disrupting online systems Phishing = Fraudulently obtaining sensitive information through deceptive emails</p> Signup and view all the answers

    Which type of cybercrime includes theft of information and copyright infringement?

    <p>Industrial espionage</p> Signup and view all the answers

    Cyber terrorism involves threats to public safety exclusively.

    <p>False</p> Signup and view all the answers

    Name one method of computer intrusion pertaining to web-based crime.

    <p>Malware</p> Signup and view all the answers

    Which of the following is an example of a form of web-based criminal activity?

    <p>Online gaming</p> Signup and view all the answers

    Viruses were primarily designed for malicious purposes from their inception.

    <p>False</p> Signup and view all the answers

    What is the main objective of a botnet?

    <p>To carry out attacks such as theft or Distributed Denial of Service (DDoS) attacks.</p> Signup and view all the answers

    The ______ Era of malware involved the distribution of viruses primarily through floppy disks.

    <p>Floppy</p> Signup and view all the answers

    Match the type of malware with its description:

    <p>Worms = Used to set up large-scale DoS attacks Spam = Abuse of electronic messaging systems Malware = Software designed to harm or exploit any programmable device Viruses = Infect documents and templates</p> Signup and view all the answers

    During which era did malware become more sophisticated and often seek out vulnerable systems?

    <p>Internet Era</p> Signup and view all the answers

    Denial of Service (DoS) attacks focus on enhancing server performance.

    <p>False</p> Signup and view all the answers

    Identify one type of threat communicated via web-based platforms.

    <p>Cyber harassment</p> Signup and view all the answers

    What is a primary concern with online gambling?

    <p>Ease of access for minors</p> Signup and view all the answers

    The Internet Gambling Prohibition & Enforcement Act of 2006 makes online gambling completely illegal in the U.S.

    <p>False</p> Signup and view all the answers

    What is cyberstalking?

    <p>Willful, malicious, and repeated following or harassing another person using electronic means.</p> Signup and view all the answers

    Cyberbullying is an aggressive, intentional act carried out by a group or individual using electronic forms of contact against a __________.

    <p>victim</p> Signup and view all the answers

    Match the following terms with their definitions:

    <p>Cyberstalking = Repeated and malicious electronic harassment Cyberharassment = Focuses on actual harm suffered through electronic means Online Pharmacies = Used for legitimate and illegitimate purchases Cyberbullying = Aggressive acts carried out repeatedly against a victim</p> Signup and view all the answers

    Which of the following substances can be purchased through online pharmacies?

    <p>Anabolic steroids</p> Signup and view all the answers

    Cyberbullying is illegal under federal law in the United States.

    <p>False</p> Signup and view all the answers

    What is the main focus of cyberharassment?

    <p>To cause actual harm to the victim, including defacement of character.</p> Signup and view all the answers

    Which of the following describes the Salami technique in fraud?

    <p>Manipulating data representing small amounts from many accounts.</p> Signup and view all the answers

    IP Spoofing refers to the practice of impersonating a legitimate user to access restricted data.

    <p>True</p> Signup and view all the answers

    What is money laundering?

    <p>Engaging in financial transactions to conceal the identity and source of income.</p> Signup and view all the answers

    The practice of selling stolen goods through technological means is known as ______.

    <p>e-Fencing</p> Signup and view all the answers

    Match the following terms related to cybercrime with their definitions:

    <p>Data Diddling = Fraud via manipulation of data Insider Trading = Using confidential information for stock trading Fraudulent Instruments = Counterfeiting and forgery through technology Stock Manipulation = Tricking individuals into purchasing stock at inflated prices</p> Signup and view all the answers

    What is a common method used in insider trading?

    <p>Using private information unavailable to the public.</p> Signup and view all the answers

    Name one technique used in fraud via data manipulation.

    <p>IP Spoofing</p> Signup and view all the answers

    The first stage of money laundering is called 'integration'.

    <p>False</p> Signup and view all the answers

    Study Notes

    Web-Based Criminal Activity

    • Dissemination of contraband or offensive materials, such as pornography, child pornography, online gaming, and treasonous or racist material

    • Threatening communications, such as extortion, cyber stalking, cyber harassment, and cyber bullying

    • Fraud, such as auction fraud, credit card fraud, theft of services, and stock manipulation

    • Ancillary crimes, such as money laundering and conspiracy

    Malware

    • Classical Era (1960s–1970s): Involved pranks or were accidentally distributed

    • Floppy Era (1980s–1990s): Targeted DOS machines; primarily distributed via floppy disks

    • Macro Era (1990s–2000s): Infected documents and templates, rather than programs

    • Internet Era (2000–present): More sophisticated, seeking out vulnerable systems

    Malware: Worms, DoS, and Botnets

    • Worms seem primarily used to set up a large-scale DoS attack.

    • DoS (Denial of Service) and DDOS (Distributed Denial of Service) Attacks attempt to overwhelm servers, such as through mail-bombing.

    • Botnets and Zombie Armies use compromised computers linked to the Internet as an army (or botnet), for theft, extortion, or DDOS attack, for example.

    Malware : Spam

    • Abuse of electronic messaging systems, taking up resources, across multiple platforms

    Malware : Ransomware

    • Malware program that makes digital resources inoperable or inaccessible in an extortive scheme.

    • Critical factors can include the level of user's education (less educated, more vulnerable), sophistication of product (not amenable to common software remedies).

    Ransomware Example

    • PC Cyborg/Aids information Trojan distributed through ordinary mail via a floppy, so that once installed, victims had to pay $378 to regain access to all directories and to unencrypt files.

    Theft of Information, Data Manipulation, and Web Encroachment

    • Traditional methods of proprietary information theft can occur due to:
      • Insiders, on the job or through maintenance back doors
      • Social engineering, including shoulder surfing and dumpster diving
      • Theft of equipment
      • Malware

    Theft of Information, Data Manipulation, and Web Encroachment: Trade Secrets and Copyrights - Concerns

    • These forms of intellectual property have value independent of whatever owner produces, such as a razor company designing a new shaving system.

    • Theft can come from disgruntled employees, competitors, and government entities.

    Theft of Information, Data Manipulation, and Web Encroachment: Political Espionage

    • FBI estimates that over 120 foreign governments have intelligence operations targeting the U.S.

    • For example, Israeli intelligence secretly monitored Presidential communications.

    Cyber Terrorism

    • A deliberate, politically or religiously motivated attack against data compilations, computer programs, and/or information systems which is intended to disrupt and/or deny service or acquire information which disrupts the social, physical, or political infrastructure of a target.

    • Typical array of methods, like viruses and worms, against U.S. government

    Neo-Traditional Crime: Dissemination of Contraband or Offensive Materials - Child Pornography

    • Difficult to define, but generally refers to any visual depiction of a lascivious exhibition of the genitals or pubic area or sexually explicit conduct of a minor

    • Difficult to prosecute as this raises First Amendment issues about freedom of speech

    • Illegal in all states, prohibited by Federal law

    • Primary reason for possession is pedophilia or hebephilia, to satisfy sexual fantasies about prepubescent children

    • Sexual miscreants: to satisfy a desire for new and different sexual stimuli

    • Curiosity-seekers: to satisfy a peculiar curiosity

    • Criminal opportunists: to profit from its distribution

    Neo-Traditional Crime: Child Enticement/Exploitation

    • A way to generate child pornography and to molest children, online predators use chat rooms to identify victims, especially confused or ostracized kids.

    • Law enforcement has had great success with sting operations or “honeypots” by using the same strategy as predators, of pretending to be a child and arranging for a meeting.

    Neo-Traditional Crime: Online Fraud

    • Intentional deception, misrepresentation, or falsehood made with the intention of receiving unwarranted compensation or gratification

    • Cuts across gender, social class, and race

    • Comes in a broad array of forms

    Neo-Traditional Crime: Online Auction Fraud

    • Nondelivery of goods

    • Misrepresentation as to condition of an item

    • Addition of hidden charges (fee-stacking)

    • Shill bidding (where seller submits bids to drive up price of item)

    Neo-Traditional Crime: Online Credit Card Fraud

    • Besides traditional fraud, can include:

      • Skimming (installing devices at ATMs, for example, to steal info from cards)

      • RFID (taking info from "wave and pay" device, like toll highway transmitters)

    Neo-Traditional Crime: Web-Cramming/ISP Jacking

    • Web-Cramming: The unauthorized charging of consumers via monthly telecommunication fees.

    • ISP Jacking: Disconnecting individual users from their selected Internet service providers and redirecting them to illegitimate servers to generate long distance charges for those using dial-up.

    Ancillary Crimes: Money Laundering

    • The process of money laundering:

      • Placement (point of entry of illicit funds)
      • Layering (using networks to obscure origins of funds)
      • Integration (return of funds to legitimate economy)

    Ancillary Crimes: Combating Money Laundering

    • Finding

    • Frozing (accounts)

    • Forfeiture (of funds)

    • This can be accomplished by:

      • Holding Internet service providers accountable for failure to maintain adequate records

      • Making financial institutions responsible for inadequate security

      • Enforcing “Know Your Customers” regulations

    Conclusions

    • Technology both enhances and threatens modern society.

    • Computer crime is increasing for a variety of reasons:

      • Computers are equivalent to storage warehouses

      • Increasing connectivity & interdependence of infrastructures

      • Technical expertise is decreasingly important

      • Increasing number of threat groups with sophisticated methodologies & advance technology

      • Government apathy

    Web-Based Crime

    • Criminal activities involve more than just internet-based activities.
    • Examples of computer crimes include financial losses, threats to personal security (e.g. Identity theft), Industrial espionage, threats to international security, and threats to public safety.
    • Online crime includes interference with the lawful use of computers such as denial of service attacks, the use of malware (e.g., viruses and worms), cyber vandalism, cyberterrorism, spam, etc.
    • Other examples of online crime include theft of information and copyright infringement, such as industrial espionage, identity theft, and identity fraud.
    • Dissemination of contraband or offensive material is another type of internet crime, such as pornography, child pornography, online gaming, and treasonous or racist material.
    • Threatening communication, such as extortion, cyber stalking, cyber harassment, and cyberbullying, are also internet crimes.
    • Examples of fraud online include auction fraud, credit card fraud, theft of services, and stock manipulation.
    • Ancillary crimes include money laundering and conspiracy.

    Malware: Viruses

    • Viruses, their design, and dissemination have gone through different phases.
    • The Classic Era (1960s-1970s) involved pranks or was accidentally distributed.
    • The Floppy Era (1980s-1990s) targeted DOS machines and was primarily distributed via floppy disks.
    • The Macro Era (1990s-2000s) infected documents and templates rather than programs.
    • The Internet Era (2000-present) features viruses that are more sophisticated and seek out vulnerable systems.

    Malware: Worms, DoS, and Botnets

    • Worms are used to set up a large-scale DoS attack.
    • DoS (Denial of Service) and DDoS (Distributed Denial of Service) Attacks attempt to overwhelm servers, such as through mail-bombing.
    • Botnets and Zombie Armies use zombies, compromised computers linked to the internet as an army (or botnet), for theft, extortion, or a DDOS attack.

    Malware: Spam

    • Spam is the abuse of electronic messaging systems that takes up resources across multiple platforms.

    Neo-Traditional Crime

    • Online Pharmacies are used to make legitimate and illegitimate purchases (e.g. anabolic steroids, amphetamines, and painkillers) privately and conveniently.
    • Online Gambling is easy to access, including by minors, is open all day, and e-Banking makes it easier to play. It might generate billions in profit.
    • The Internet Gambling Prohibition & Enforcement Act of 2006 makes it illegal, but is difficult to enforce due to lack of public, international cooperation.

    Neo-Traditional Crime: Threatening and Harassing Communications

    • Cyberstalking and Harassment: Stalking is the willful, malicious, and repeated following and/or harassing another person in an effort to inflict or cause fear of actual harm through words or deeds committed via electronic means.
    • Cyberstalking is done via electronic communication.
    • Cyberharassment focuses on actual harm suffered, including defacement of character.
    • Cyberbullying: Cyberbullying is an aggressive, intentional act carried out by a group or individual, using electronic forms of contact, repeatedly and over time against a victim who cannot easily defend himself or herself.
    • Cyberbullying is only illegal in some states and not under federal law.

    Neo-Traditional Crime: Online Fraud

    • Online fraud is intentional deception, misrepresentation, or falsehood made with the intention of receiving unwarranted compensation or gratification.
    • Online fraud cuts across gender, social class, and race.
    • Online fraud comes in a broad array of forms.

    Neo-Traditional Crime: Internet Auction Fraud

    • Internet auction fraud can come in the form of non-delivery of goods, misrepresentation as to the condition of an item, addition of hidden charges (fee-stacking), and shill bidding (where the seller submits bids to drive up the price of an item).

    Neo-Traditional Crime: Online Credit Card Fraud

    • Online credit card fraud can include skimming (installing devices at ATMs, for example, to steal info from cards), and RFID (taking info from "wave and pay" devices, like toll highway transmitters).

    Neo-Traditional Crime: Web-Cramming/ISP Jacking

    • Web-Cramming is the unauthorized charging of consumers via monthly telecommunication fees.
    • ISP Jacking is disconnecting individual users from their selected Internet service providers and redirecting them to illegitimate servers to generate long-distance charges for those using dial-up.

    Neo-Traditional Crime: Fraud via Data Manipulation

    • Data Diddling: Any method of fraud via data manipulation (usually involves redirecting or rerouting data representing monies or economic exchanges).
    • Salami Technique: Stealing a fraction of a cent from millions of accounts, so as to go undetected.
    • IP Spoofing: Manipulation of data packets between computers to mimic a third party and falsely gain access to funds.

    Neo-Traditional Crime: Securities Fraud and Stock Manipulation

    • Individuals with instant access to stock values and statistics might be encouraged in day-trading, buying stock with little or no actual knowledge of the company.
    • Dissemination of false information is often used to trick individuals to purchase stock at inflated prices.
    • Insider trading is when individuals with access to confidential information unavailable to the public use it to make stock purchases/sales, for personal gain.

    Neo-Traditional Crime: e-Fencing

    • e-Fencing is the sale of stolen goods through technological means.

    Neo-Traditional Crime: Fraudulent Instruments

    • Examples of fraudulent instruments include counterfeiting and forgery through technological means.

    Ancillary Crimes: Money Laundering

    • Money laundering is an enterprise or practice of engaging in deliberate financial transactions to conceal the identity, source, and/or destination of income.
    • Money laundering is usually a critical element for organized crime to function.

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Related Documents

    Description

    Explore the various forms of web-based criminal activities, including the dissemination of offensive materials, threats, and fraud. Additionally, delve into the evolution of malware from the classical era to the modern internet challenges. Understand the implications and strategies associated with worms, DoS, and botnet attacks in today's digital landscape.

    More Like This

    Use Quizgecko on...
    Browser
    Browser