Crime Branch Advisory
The Nigerian Scam
Frequently Used Cyber Crimes
Unauthorized access to computer systems
This activity is commonly referred
to as hacking. The Indian law has however given a different connotation
to the term hacking, so we will not use the term "unauthorized
access" interchangeably with the term "hacking".
Theft of information contained in electronic
This includes information stored
in computer hard disks, removable storage media etc.
bombing refers to sending a large number of emails to the victim
resulting in the victim's email account (in case of an individual)
or mail servers (in case of a company or an email service provider)
crashing. In one case, a foreigner who had been residing in Simla,
India for almost thirty years wanted to avail of a scheme introduced
by the Simla Housing Board to buy land at lower rates. When he made
an application it was rejected on the grounds that the 169 schemes
was available only for citizens of India. He decided to take his
revenge. Consequently he sent thousands of mails to the Simla Housing
Board and repeatedly kept sending e-mails till their servers crashed.
This kind of an attack involves
altering raw data just before it is processed by a computer and
then changing it back after the processing is completed. Electricity
Boards in India have been victims to data diddling programs inserted
when private parties were computerizing their systems.
These attacks are used for the commission
of financial crimes. The key here is to make the alteration so insignificant
that in a single case it would go completely unnoticed. E.g. a bank
employee inserts a program, into the bank's servers, that deducts
a small amount of money (say Rs. 5 a month) from the account of
every customer. No account holder will probably notice this unauthorized
debit, but the bank employee will make a sizable amount of money
To cite an example, an employee of
a bank in USA was dismissed from his job. Disgruntled at having
been supposedly mistreated by his employers the man first introduced
a logic bomb into the bank's systems.
Logic bombs are programmes, which
are activated on the occurrence of a particular predefined event.
The logic bomb was programmed to take ten cents from all the accounts
in the bank and put them into the account of the person whose name
was alphabetically the last in the bank's rosters. Then he went
and opened an account in the name of Ziegler. The amount being withdrawn
from each of the accounts in the bank was so insignificant that
neither any of the account holders nor the bank officials noticed
It was brought to their notice when
a person by the name of Zygler opened his account in that bank.
He was surprised to find a sizable amount of money being transferred
into his account every Saturday.
Denial of Service attack
This involves flooding a computer
resource with more requests than it can handle. This causes the
resource (e.g. a web server) to crash thereby denying authorized
users the service offered by the resource. Another variation to
a typical denial of service attack is known as a Distributed Denial
of Service (DDoS) attack wherein the perpetrators are many and are
geographically widespread. It is very difficult to control such
attacks. The attack is initiated by sending excessive demands to
the victim's computer(s), exceeding the limit that the victim's
servers can support and making the servers crash. Denial-of-service
attacks have had an impressive history having, in the past, brought
down websites like Amazon, CNN, Yahoo and eBay!
Virus / worm attacks
Viruses are programs that attach
themselves to a computer or a file and then circulate themselves
to other files and to other computers on a network. They usually
affect the data on a computer, either by altering or deleting it.
Worms, unlike viruses do not need the host to attach themselves
to. They merely make functional copies of themselves and do this
repeatedly till they eat up all the available space on a computer's
memory. 170 The VBS_LOVELETTER virus (better known as the Love Bug
or the ILOVEYOU virus) was reportedly written by a Filipino undergraduate.
In May 2000, this deadly virus beat
the Melissa virus hollow - it became the world's most prevalent
virus. It struck one in every five personal computers in the world.
When the virus was brought under check the true magnitude of the
losses was incomprehensible. Losses incurred during this virus attack
were pegged at US $ 10 billion.
The original VBS_LOVELETTER utilized
the addresses in Microsoft Outlook and emailed itself to those addresses.
The e-mail, which was sent out, had "ILOVEYOU" in its
subject line. The attachment file was named "LOVE-LETTER-FORYOU.
TXT.vbs". The subject line and those who had some knowledge
of viruses, did not notice the tiny .vbs extension and believed
the file to be a text file conquered people wary of opening e-mail
attachments. The message in the e-mail was "kindly check the
attached LOVELETTER coming from me".
Since the initial outbreak over thirty
variants of the virus have been developed many of them following
the original by just a few weeks. In addition, the Love Bug also
uses the Internet Relay Chat (IRC) for its propagation. It e-mails
itself to users in the same channel as the infected user. Unlike
the Melissa virus this virus does have a destructive effect. Whereas
the Melissa, once installed, merely inserts some text into the affected
documents at a particular instant during the day, VBS_LOVELETTER
first selects certain files and then inserts its own code in lieu
of the original data contained in the file. This way it creates
ever-increasing versions of itself. Probably the world's most famous
worm was the Internet worm let loose on the Internet by Robert Morris
sometime in 1988. The Internet was, then, still in its developing
years and this worm, which affected thousands of computers, almost
brought its development to a complete halt. It took a team of experts
almost three days to get rid of the worm and in the meantime many
of the computers had to be disconnected from the network.