Major Categories of Cyber Crime – Phishing, Hacking, Malware
"You've won ₹25 lakh! Click here!" - Sound familiar? You almost became a phishing victim! Let's understand major cyber crime types.
1. Phishing
Definition: Fraudulently obtaining sensitive information (passwords, OTPs, card details) by disguising as a trustworthy entity.
Loading stats…
Types of Phishing
A. Email Phishing
From: sbi-bank@support.com (FAKE!)
Subject: Your account will be locked
Click here to verify: http://sbi-verify[.]tk
→ Fake website steals your password!
B. SMS Phishing (Smishing)
"Your ATM card blocked. Call 9876543210 to reactivate"
→ Scammer asks for card CVV, OTP
C. Voice Phishing (Vishing)
- Call from "bank manager"
- "There's suspicious activity, please share OTP"
- Remember: Banks NEVER ask for OTP!
D. Spear Phishing
- Targeted attack on specific person/company
- Example: Email to CEO's secretary: "Boss needs you to transfer ₹50 lakh urgently"
Real Case
Loading case study…
Punishment: Section 66D - Up to 3 years + fine
2. Hacking
Definition: Unauthorized access to computer systems, networks, or data.
Types of Hackers
Loading comparison…
Common Hacking Methods
A. Brute Force Attack
- Try millions of password combinations
- Example: Password = "12345" → Cracked in 1 second!
- Strong password (A$9kL@3p) → Takes 200 years
B. SQL Injection
- Insert malicious code in website forms
- Access entire database
- Example: 2017 - Equifax breach (147 million users)
C. Man-in-the-Middle (MITM)
- Intercept communication between two parties
- Example: Public WiFi at café → Hacker sees your passwords
D. Zero-Day Exploit
- Attack using unknown software vulnerability
- Example: Pegasus spyware (2021) - exploited WhatsApp bug
Famous Hacking Cases
1. Air India Breach (2021)
- 4.5 million passengers data leaked
- Names, passport numbers, credit cards
- Cause: Third-party vendor (SITA) hacked
2. Domino's India (2021)
- 18 crore orders leaked on dark web
- Phone numbers, addresses, payment info
- Hacker demanded ₹10 crore ransom
Punishment: Section 66 - Up to 3 years + ₹5 lakh fine
3. Malware
Definition: Malicious software - programs designed to damage, disrupt, or gain unauthorized access.
Types of Malware
A. Virus
- Attaches to files, spreads when file is shared
- Example: ILOVEYOU virus (2000) - infected 50 million computers
B. Worm
- Self-replicating, spreads without human action
- Example: WannaCry (2017) - spread to 300,000 computers in 150 countries
C. Trojan Horse
- Disguised as legitimate software
- Example: Free movie download → Installs keylogger
D. Spyware
- Secretly monitors user activity
- Steals passwords, browsing history
- Example: Pegasus on journalists' phones
E. Adware
- Shows unwanted ads
- Slows down device
- Example: Browser hijacker changing homepage
F. Ransomware (Most dangerous!)
- Encrypts all files
- Demands ransom to decrypt
- Amount: ₹1-50 lakh in Bitcoin
4. Ransomware
How it Works:
1. Victim clicks infected email attachment
2. Ransomware encrypts ALL files (photos, documents)
3. Screen shows: "Your files are encrypted. Pay ₹10 lakh in Bitcoin within 48 hours or files deleted forever!"
4. Even if paid, no guarantee files will be recovered
Loading stats…
Famous Ransomware Attacks
1. WannaCry (2017)
- Exploited Windows vulnerability
- Affected: UK's NHS, FedEx, Renault, Nissan
- India: Andhra Pradesh police, Gujarat electricity
- Ransom: $300-600 in Bitcoin
- Total damage: $4 billion globally
2. Petya/NotPetya (2017)
- Targeted Ukraine (power plants, banks)
- Spread to Maersk (shipping), Merck (pharma)
- Damage: $10 billion
3. AIIMS Ransomware (2022)
- All India Institute of Medical Sciences servers locked
- Patient data, appointments inaccessible for weeks
- Refused to pay ransom
- Rebuilt systems from scratch
Prevention:
- Regular backups (offline!)
- Don't open suspicious emails
- Update software regularly
- Antivirus with ransomware protection
Punishment: Section 66 + Extortion laws - Up to 10 years
5. DDoS Attacks
Distributed Denial of Service
How it Works:
- Botnet (network of 100,000+ infected devices)
- Floods website with fake traffic
- Website crashes due to overload
Example: 2016 DynDNS attack
- Reddit, Netflix, Twitter down for hours
- Botnet: 100,000 IoT devices (cameras, DVRs)
Motivation:
- Extortion ("Pay ₹1 crore or we'll keep your site down")
- Competition (attack rival's e-commerce site during sale)
- Hacktivism (protest against government)
6. Identity Theft
Definition: Stealing someone's personal information to impersonate them.
Stolen Data:
- Aadhaar, PAN, passport
- Bank account, credit card
- Social media accounts
Uses:
- Open bank accounts in victim's name
- Take loans
- File fake ITR for refunds
- Commit crimes under victim's identity
Example: ₹2,000 crore tax refund fraud
- Scammers used stolen PANs
- Filed fake returns claiming refunds
- Money transferred to mule accounts
Punishment: Section 66C - Up to 3 years + ₹1 lakh
7. Online Financial Fraud
Methods:
A. UPI Scams
Scammer: "I sent you money by mistake, please return"
Victim gets: COLLECT REQUEST (not money!)
Victim approves → Money goes to scammer
B. OLX/Quikr Fraud
- Buyer: "I'm sending delivery person with cash"
- Sends fake UPI QR code link
- Victim scans → Money debited
C. Fake Investment Schemes
- "Invest ₹10,000, get ₹1 lakh in 30 days!"
- Ponzi schemes, cryptocurrency frauds
Statistics
India (2023):
- ₹1,750 crore lost to financial cyber fraud
- Average: ₹48,000 per victim
- Recovery rate: Only 15%
Summary
- Phishing: Fake emails/SMS to steal data - 3.4B emails daily, 30% success rate
- Hacking: Unauthorized access - Air India (4.5M users), Domino's (18 crore orders)
- Malware: Virus, worm, trojan, spyware, adware
- Ransomware: Encrypts files, demands ransom - WannaCry, AIIMS attack
- DDoS: Flood website to crash it
- Identity Theft: Steal Aadhaar/PAN for fraud
- Financial Fraud: UPI scams, fake investments - ₹1,750 crore/year losses
Quiz Time! 🎯
Loading quiz…
Next Chapter: Cyber Stalking – Methods & Legal Actions! 👁️