Types of Cybercrime
One of the accomplishments has been achieved by humans is the rapid development in technology. As the technologies are keep growing along the years where men are highly depended on the technologies in the daily life, people cannot deny that this technology also give the dark side. With the development of technologies, the risks of technology might be increases proportionally. The famous technology crime that occurs is cybercrime. Cybercrime also known as computer crime. Cybercrime is the use of the computers and networks to perform illegal activities such as spreading computer viruses, online bullying, performing unauthorized electronic fund transfers. Most cybercrimes are committed through the internet. Some cybercrimes can also be carried out using mobile phones via Short Message Service (SMS) and online chatting applications. The three types of cybercrimes are hacking, phishing and spamming (refer to Figure 1 in Appendix 1).
The first types of cybercrime is hacking. Hacking is one of computer criminal which is done to exploit someone critical information. It is used and accessed for unwanted purposes. Usually hacking happen when the hackers want to proof their IT skill and knowledge by hack end-user computer just want to seek for challenge and satisfaction. There are two categories in hacking behaviour which are white hat hacker and black hat hacker (Tavani, 2011). The phrase ‘white hat hacker’ is used to define a proper hacker which is do not participate in illegal activities and have authorization to break into the system. White hat hackers are mostly computer security experts that have been transformed into the valid business and consulting world as a means of differentiate proper hacker from unethical hacker. The phrase ‘black hat hacker’ describe a cracker or malicious hacker. Cracker is a person who breaks the security on a system or doing cybercrime. Illegally engage computer trespassing. This might turn negative image of hackers and hacking in society. Importantly, these term does not apply generally in the computer community. Palmer (2001) mentions that malicious hacker try to discover sensitive information, password and network by poking around. For example hacker may intrude to the targeted company to access valuable and confidential information or trade secret of company. The hacking is to disrupt the business of the company by trying to make statement with hacking and show the general disapproval of the business itself. Besides, hacker common target money is the banks. Since the professional criminals have superior skills, hackers hope to gain a financial advantages rather than seeking the technological adventure. Moreover, Palmer (2001) said that ‘They would steal passwords or account numbers by looking over someone’s shoulder, explore the system for bugs that might get them past the rules, or even take control of the whole system’ (p. 769).
The second type of the cybercrime is phishing. Phishing is very well-known and widely used by the attackers. Phishing is an attempt made by the attackers to obtain the sensitive and confidential information by masquerading as a legal and trustworthy data in the communication technology such as internet and phone call. There are three types of target victims in phishing. The first target is the potential victims. This victim is already marked by the attackers before the phishing attacks launch. The victim can be attacked via phone call or email that had been sent to them. This type of victims usually hold very confidential information and data that been wanted by the attackers. The second type of victim is the one that been attack randomly by the attackers. The intention of the attacks may be various such as to gain the personal information and to gain the steal the money from the account of the victims. The victim may be attack via the Uniform Resource Locator (URL) that had attached in the website. The third type of the victim is the criminal monetizing stolen information. This method used by the criminal to attack the random victims that are online at that time. The reason of the attack is to steal the money. There are many ways to be used to launch the phishing attack but the famous method used by the attacker are using SMS (smishing) and Voice over Internet Protocol (VoIP) which also known as vishing (Graham, Howard, Olson, 2011).
Phishing is very dangerous. This is because of act of the irresponsible individual, it is very important for the technologies user to be aware of the characteristic of the phishing in order to prevent from become the potential victim. Phishing can be spread easily. The famous method used by the attacker to attack is by installing the malicious software into the victim’s computer. This method is known as spear-phishing where the attacker targeting the victims by sniffing activity and information that are store in the computer (Hong, 2012). Spear-phishing is the method of gaining the specific knowledge or information about individuals or organisation. Other than that, phishing can be identifying by observing the grammar and spelling. The attacker does not really care about the grammar and the spelling of the phishing content. If the website is contain much grammatical and spelling error the online users have to be careful. Phishing also can be identified by checking the link of the email or URL that been provided. Move the mouse or the cursor to the link at put it the rest. The users must not click on the link. If the link given is not match with the pop-out email, the probability of the link to be phishing attack can be higher. Phishing also can be in the term of the threats message to deactivate the account if the users do not follow the instructions given.
The third type of cybercrime is spamming. Spamming can also be known as legal behaviour of cybercrime. There are two common characteristics of spamming such as through email headers and email contents. Spamming occurs when the spammers sent the same message with large number of recipient in the social network. Spammer can sent up to an infinity of spam emails in a faster period. Honestly, to prevent, detect and blacklisting the person who involved as spammer is not easy. This is because only a few spam emails can be sent by each bot. Information that related to the botnet membership can be used to protect illegal activities such as phishing and DDoS attack. The term botnet refers to a group of computer that are controlled by a small number of host referred to as Command and Control (C&C) servers (Xie, Yu, Achan, Panigrahy, Hulten, & Osipkov, 2008). Spammers often put random, legal URLs in content to improve the response validity of emails. Spammers use many confusion of URL techniques to avoid detection. Spammers usually match the URL to show the recipient email address, to achieve the goal for enter the spamming website. The ratio of the spam is calculated using the existing spam filtering system configured by Hotmail. As what Xie et al., (2008) said,
In particular, the percentage of spam campaigns that had at least 80% of dynamic IP addresses dropped significantly from 52% in November 2006 to 14% in June 2007. The absolute number of static IP based botnet hosts increased from 21,010 in November 2006 to 44,790 in July 2007 (p. 179).
In a conclusion, there are three types of cybercrime which are hacking, phishing and spamming. All the types have their own characteristic. Cybercrime may cause harm and damage to the users and technology if there is no precaution step and awareness taken by the users to avoid it. So, the users’ must be aware of this threat.
References
Tavani, H.T. (2011). Ethics and technology: controversies,
questions, and strategies for ethical computing (3rd ed.). United State, America : John Wiley & Sons, Inc.
Palmer, C.C. (2001). Ethical hacking, IBM System Journal, 40(3), 769-780. Retrieved
from http://ieeexplore.ieee.org/
Graham, J., Howard, R., & Olson, R. (2011). Cyber security essentials. Boca Raton,
FL: Auerbach Publications.
Hong, J., (2012, January). The State of Phishing Attacks. Anatomy of an Attack.
Retrieved from http://dl.acm.org/
Xie, Y., Yu, F., Achan, K., Panigrahy, R., Hulten, G., & Osipkov, I. (2008).
Spamming botnets: signatures and characteristics. ACM SIGCOMM Computer Communication Review, 38(4), 171-182. Retrieved from http://dl.acm.org/