1. Introduction and Overview of Cyber Crime.

Cyber-crime refers to criminal activities that are committed using the internet or other
forms of digital technology. These crimes can take many forms, including hacking,
identity theft, cyberbullying, phishing scams, and the spread of malicious software
(malware).

Cyber-crime poses a significant threat to individuals, businesses, and governments

alike. For example, a hacker who gains unauthorized access to sensitive information,
such as financial data or personal identities, can cause significant harm to individuals
and organizations. Malware, on the other hand, can disrupt computer systems, steal
information, and spread to other devices.

The rise of the internet and the increasing use of digital technology has led to an
increase in the number and complexity of cyber-crimes. In response, governments and
law enforcement agencies around the world have stepped up their efforts to combat
cyber-crime and protect against digital threats. This includes the development of new
laws and regulations, as well as the deployment of advanced technologies and
techniques for tracking and prosecuting cyber criminals.

It's important for individuals and organizations to stay vigilant and take steps to
protect themselves from cyber-crime. This includes being cautious about opening
emails or attachments from unknown sources, using strong passwords, and regularly
updating software and anti-virus protection.

Overview of Cyber-crime.

Cyber-crime refers to illegal activities that are committed using the internet,
computers, or other forms of digital technology. It is a rapidly growing issue that
affects individuals, organizations, and governments around the world. Some common
types of cyber-crime include:

1. Hacking: unauthorized access to computer systems or networks with the

intent of stealing information or causing harm.

2. Identity theft: the theft of personal information, such as Social Security

numbers or credit card numbers, to commit fraud or other crimes.

3. Cyberbullying: using technology, such as social media, to harass, threaten, or

humiliate others.

4. Phishing scams: attempts to trick individuals into revealing sensitive

information, such as passwords or credit card numbers, through fake emails or
websites.
 5. Spread of malicious software (malware): intentionally spreading software
that can harm computer systems, steal information, or disrupt networks.

Cyber-crime can result in significant harm, including financial losses, identity theft,
and damage to computer systems and networks. In response, governments and law
enforcement agencies are taking steps to combat cyber-crime and protect against
digital threats, including the development of new laws and regulations, and the
deployment of advanced technologies and techniques for tracking and prosecuting
cyber criminals.

Individuals and organizations can also play a role in protecting themselves from
cyber-crime by taking steps such as using strong passwords, regularly updating
software, and being cautious about opening emails or attachments from unknown
sources.

2. History of Cyber Crime.

The history of cybercrime can be traced back to the early days of computing, with the
first recorded incident occurring in the 1970s. Here's a brief overview of the major
milestones in the history of cybercrime:

1970s: The first known incident of computer hacking occurred in 1971, when a
programmer named John Draper used a whistle from a toy to gain access to long-
distance calling features on a telephone network.

1980s: The first computer virus, called the "Morris Worm," was released in 1988 by
Robert Morris. This caused significant damage to computer systems, and Morris was
later convicted of computer fraud.

1990s: The popularity of the internet led to an increase in cybercrime, including

identity theft and online fraud. In 1995, the first online auction fraud case was
reported, and in 1998, the first case of cyberstalking was prosecuted.

2000s: The rise of social media and mobile devices brought new opportunities for
cybercriminals to exploit. In 2003, the "Slammer" worm caused widespread damage
to computer systems, and in 2005, the first major data breach occurred when
information on millions of customers was stolen from the retailer ChoicePoint.

2010s: Cybercrime continued to evolve, with new threats such as ransomware and
cryptocurrency theft emerging. In 2013, the Target data breach exposed the personal
information of over 100 million customers, and in 2017, the WannaCry ransomware
attack affected hundreds of thousands of computers in over 150 countries.

Today, cybercrime is a major concern for individuals and organizations worldwide,

with estimates suggesting that the cost of cybercrime could reach $10.5 trillion by
 2025. As technology continues to advance, it is likely that cybercrime will continue to
evolve and become an even greater threat.

3. The nature of Cyber Crime / The characteristics of Cyber Crime / Exploring the
features of Cyber Crime.

The nature of cyber-crime refers to the characteristics and features that make it
distinct from other types of crime. Some of the key features of cyber-crime include:

Borderless: cyber-crime can occur anywhere in the world, making it difficult to track
and prosecute perpetrators.

Anonymous: many cyber criminals are able to hide their identity, making it
challenging for law enforcement to bring them to justice.

Highly sophisticated: cyber criminals often use advanced technology and techniques,
such as encryption and malware, making it difficult to detect and prevent their
activities.

Rapidly evolving: the nature of cyber-crime is constantly changing as technology

advances and new threats emerge.

Impactful: cyber-crime can result in significant harm, including financial losses,

identity theft, and damage to computer systems and networks.

Given the nature of cyber-crime, it is a challenge for law enforcement and

governments to effectively combat it. It requires a coordinated approach that includes
the development of new laws and regulations, the deployment of advanced
technologies and techniques for tracking and prosecuting cyber criminals, and
increased awareness and vigilance on the part of individuals and organizations.

4. The scope of Cyber-crime.

The scope of cyber-crime refers to the range and breadth of illegal activities that are
committed using digital technology. Some of the areas where cyber-crime can occur
include:

Computer systems and networks: unauthorized access to computer systems or

networks, theft of information, or damage to computer systems and networks.

The internet: illegal activities that occur on websites, such as phishing scams,
spreading of malware, or illegal online marketplaces.

Mobile devices: cyber-crime that occurs on smartphones and other mobile devices,
such as identity theft or the spread of malware.
 Social media: cyber-crime that involves the use of social media platforms, such as
cyberbullying or the spread of false information.

Financial systems: cyber-crime that targets financial institutions and systems, such as
bank fraud or theft of credit card information.

Critical infrastructure: cyber-crime that targets critical infrastructure, such as power

grids or water treatment systems.

The scope of cyber-crime is constantly expanding as technology continues to evolve

and new threats emerge. It is important for individuals, organizations, and
governments to be aware of these threats and take steps to protect themselves from
cyber-crime.

5. What are the types of different cyber-crime?

There are different types of cybercrimes:

1. Hacking: unauthorized access to computer systems, networks, or data. For

example, a hacker gains access to a company's network and steals sensitive
information such as trade secrets or customer data.

2. Phishing: using fake emails, websites, or text messages to steal personal

information such as passwords or credit card numbers. For example, an email
that appears to be from a bank asks the recipient to provide their login
credentials, but the email is actually from a hacker trying to steal their
information.

3. Ransomware: a type of malware that encrypts a victim's files and demands

payment in exchange for the decryption key. For example, a victim's computer
is infected with ransomware and they are unable to access their files unless
they pay a ransom.

4. Fraud: using the internet to trick people into giving up money or personal
information. For example, a scammer creates a fake website that looks like a
legitimate online store, and convinces people to enter their credit card
information, which the scammer then uses for illegal purposes.

5. Identity theft: stealing someone's personal information to commit fraud or

other crimes. For example, a criminal obtains someone's Social Security
number and uses it to open credit card accounts in their name, run up debt, and
damage their credit score.

6. Cyberstalking: using the internet to harass or threaten someone. For example,

someone repeatedly sends threatening emails to an ex-partner or stalks their
social media accounts.
 7. Online sexual exploitation of children: producing, distributing, or
possessing child pornography. For example, someone creates sexually explicit
images or videos of children and shares them online.

8. Cyberbullying: using technology to harass, humiliate, or threaten someone,

particularly minors. For example, someone creates a fake social media account
to harass a classmate or posts hurtful comments on a victim's posts.

9. Crypto jacking: hijacking a computer's resources to mine cryptocurrency

without the owner's consent. For example, a hacker infects a computer with
malware that uses the computer's resources to mine cryptocurrency, which can
slow down the computer and cause other issues.

10. DDoS attacks: overwhelming a website or network with traffic to make it

unavailable. For example, a group of hackers coordinate a DDoS attack
against a website, causing it to crash and become unavailable to users.

6. What is social engineering?

Social engineering is a type of psychological manipulation used to trick people into

divulging confidential information or performing actions that may be harmful to
themselves or others. Social engineering attacks typically rely on the manipulation of
human emotions, such as fear, greed, trust, or curiosity, in order to persuade the target
to take a specific action or reveal sensitive information.

Examples of social engineering tactics include phishing scams, vishing (voice

phishing), baiting (leaving a tempting item such as a USB drive in a place where it
will be found and picked up), pretexting (creating a fake scenario to trick the target
into divulging information), and scareware (using fear-mongering tactics to get the
target to install malicious software or buy fake antivirus software).

Social engineering can be used to carry out various types of cybercrime, such as
identity theft, financial fraud, and cyber-attacks on organizations. It is a powerful tool
for attackers because it exploits human nature and the trust people have in their social
and professional relationships.

7. What are the types of social engineering?

Social engineering is a type of cyber-attack that relies on manipulating human

behaviour to gain access to sensitive information or systems. Here are some common
types of social engineering:

1. Phishing: This is one of the most common types of social engineering attacks. It
involves sending emails or messages that appear to be from a trustworthy source, such
 as a bank or a well-known company, in an attempt to trick the recipient into revealing
sensitive information or clicking on a malicious link.
2. Pretexting: This type of social engineering attack involves creating a false pretext, or
a fabricated scenario, to gain the victim's trust and convince them to share sensitive
information or perform an action they wouldn't normally do.
3. Baiting: Baiting involves offering something enticing, such as a free movie or music
download, in exchange for the victim's sensitive information or login credentials.
4. Tailgating: Also known as "piggybacking," tailgating involves following someone
into a restricted area by pretending to be authorized or by asking the victim to hold the
door open for them.
5. Spear phishing: This is a targeted form of phishing that is directed at a specific
individual or group. The attacker may gather personal information about the victim
from social media or other sources to create a more convincing message.
6. Watering hole attacks: In this type of attack, the attacker compromises a legitimate
website that the victim is likely to visit, such as a popular news site, in order to deliver
malware or other malicious content.
7. Scareware: Scareware involves using alarming messages or fake virus warnings to
convince the victim to download and install malware.

8. Vishing: Vishing (short for "voice phishing") involves using phone calls or voice
messages to deceive victims into revealing sensitive information or performing an
action, such as transferring money or installing malware.
9. Smishing: Smishing (short for "SMS phishing") is a type of phishing attack that uses
text messages to trick the victim into clicking on a link or providing sensitive
information.
10. Quid pro quo: In this type of social engineering attack, the attacker promises
something in exchange for the victim's information or help, such as offering a fake job
opportunity in exchange for the victim's login credentials.
11. Reverse social engineering: This involves the attacker convincing the victim to help
them, such as by claiming to be locked out of their account and asking for the victim's
help to reset their password.
12. Physical social engineering: This type of attack involves the attacker physically
manipulating the victim, such as by stealing their credentials, accessing their
computer or mobile device, or installing a keylogger.
13. Fake technical support: Attackers can pose as technical support representatives and
trick the victim into allowing remote access to their computer, installing malware, or
paying for unnecessary services.
14. Dumpster diving: This involves the attacker going through the victim's trash to find
sensitive information, such as passwords, account numbers, or other personal data.

These are just a few examples of the many types of social engineering attacks that can
be used by cyber criminals to exploit human weaknesses and gain unauthorized access
to sensitive information or systems

8. An example of social engineering:

 A criminal creates a fake email that appears to be from a well-known software
company and sends it to a large number of employees at a target company. The email
contains a link to a website that looks exactly like the company's login page, but is
actually controlled by the criminal. When an employee enters their login credentials
on the fake website, the criminal captures their username and password.

In this scenario, the criminal used social engineering tactics such as trust (in the
software company) and convenience (the ease of accessing the fake login page) to
manipulate the employee into entering their sensitive information. The criminal was
able to obtain the information through a process of deception, rather than through
technical means.

This example shows how social engineering can be used to trick people into divulging
confidential information or performing actions that may be harmful to themselves or
others. It highlights the importance of being cautious and skeptical when receiving
unsolicited requests for personal information or instructions to perform actions,
especially over the internet or email.

9. What are the Categories of Cyber Crime?

Cybercrime can be broadly categorized into the following categories:

Financial Crimes: include online banking fraud, credit card fraud, insurance fraud,
and other forms of financial exploitation.

Intellectual Property Crimes: include software piracy, trademark infringement, and

theft of trade secrets.

Cyberstalking and Harassment: include online threats, cyberbullying, and hate

crimes committed using technology.

Computer and Network Intrusions: include hacking, unauthorized access to

computer systems, and theft of confidential information.

Online Child Sexual Exploitation: include the production, distribution, and

possession of child pornography.

Cyber Extortion: include ransomware attacks, DDoS attacks, and other forms of
cyber extortion.

Identity Theft and Fraud: include the unauthorized use of personal information for
criminal purposes, such as opening false accounts or filing false tax returns.

Sale of Illegal Goods: include the sale of illegal drugs, weapons, and stolen personal
information.
 Electronic Espionage: include unauthorized access to and theft of sensitive or
confidential information belonging to governments, corporations, or individuals.

These categories are not exhaustive, and some forms of cybercrime may overlap
multiple categories. It's important to note that cybercrime continues to evolve and new
forms of cybercrime may emerge as technology advances.

10. What is property cyber-crime?

Property cybercrime refers to a type of cybercrime where the target is physical

property, such as buildings, vehicles, or equipment, that are controlled or monitored
using technology. The crime may involve unauthorized access to control systems or
networks, manipulation of control systems to cause physical damage or disruption, or
theft of physical assets.

Examples of property cybercrime include:

Hacking into building control systems to cause structural damage, such as damaging
heating and cooling systems, elevators, or electrical systems.

Manipulating traffic control systems to cause accidents, traffic jams, or road closures.

Tampering with medical equipment, such as heart monitors or infusion pumps,

causing harm to patients.

Stealing high-value physical assets, such as vehicles or equipment, by hacking into

the control systems that track their location.

Destroying or stealing industrial control systems or equipment, causing disruptions to

critical infrastructure or production processes.

Property cybercrime is a growing concern as more and more physical systems are
connected to the internet and become vulnerable to attack. It is important for
organizations to adopt proper security measures, such as network segmentation,
firewalls, and encryption, to protect their control systems and networks from
unauthorized access.

11. Differences between cyber stalking and cyberbullying.

Cyber stalking and cyberbullying are two distinct forms of online harassment, but
they share some similarities. Here are the key differences between cyber stalking and
cyberbullying:

1. Definition and Scope: Cyber stalking refers to the repeated and unwanted harassment
or threatening behaviour towards a person that causes fear or distress. Cyberbullying
 is defined as the use of technology to harass, humiliate, or intimidate someone
repeatedly.
2. Target: In cyber stalking, the victim is usually a specific person or group of people.
The stalker may know the victim personally or have developed an obsession with
them. In cyberbullying, the victim can be anyone, including a stranger.
3. Intention: Cyber stalkers have the intention to intimidate, harass, or threaten their
victim. Cyberbullies, on the other hand, intend to harm or humiliate their victim.
4. Frequency: Cyber stalking involves repeated and persistent unwanted behaviour
towards a person, while cyberbullying can be a one-time incident or a series of
incidents.
5. Tactics: Cyber stalkers often use a variety of tactics, such as sending threatening
messages or emails, spreading false rumours, and monitoring the victim's online
activity. Cyberbullies may use similar tactics, but they often use public platforms such
as social media to humiliate or embarrass their victim.
6. Legal consequences: Both cyber stalking and cyberbullying are illegal in many
jurisdictions, and perpetrators can face serious legal consequences. However, the legal
consequences for cyber stalking can be more severe, as it is often considered a form
of harassment or stalking.

Using electronic
communication devices,
such as the internet or
social media, to stalk or Using technology to bully
Definition harass someone. or harass someone.

Intent to harm, embarrass,

Persistent and repeated, or humiliate the victim,
causing the victim to feel causing significant
Behavior threatened or in danger. emotional distress.

Personal information, such

as a victim's name, address,
phone number, or email
address, may be used to
track and monitor the
Personal Information victim's activities online. N/A

Sending threatening Sending hurtful messages,

messages or engaging in spreading rumors, or
other forms of posting embarrassing or
Methods intimidation. humiliating content online.
 A serious offense with
A criminal offense with potential long-term
serious legal psychological effects on
Consequences consequences. the victim.

More focused on the

More focused on the bully's intent to cause harm
stalker's obsession with the or embarrassment to the
Focus victim. victim.

12. A
13. A
14. A
15. A

16. What is the most common form of cybercrime?

a. Hacking
b. Phishing
c. Cyberstalking
d. Cyber extortion
Answer: b. Phishing

17. What is the main goal of social engineering in cybercrime?

a. To exploit technical vulnerabilities in computer systems
b. To manipulate people into divulging confidential information or performing
actions that may be harmful
c. To create malware that can infect computer systems
d. To steal physical assets using technology
Answer: b. To manipulate people into divulging confidential information or
performing actions that may be harmful

18. What type of cybercrime involves the unauthorized use of personal information for
criminal purposes?
a. Cyberstalking and harassment
b. Identity theft and fraud
c. Online child sexual exploitation
d. Electronic espionage
 Answer: b. Identity theft and fraud

19. What type of cybercrime involves the sale of illegal goods over the internet?
a. Cyber extortion
b. Sale of illegal goods
c. Intellectual property crimes
d. Computer and network intrusions
Answer: b. Sale of illegal goods

20. What type of cybercrime involves the unauthorized access to and theft of sensitive or
confidential information belonging to governments, corporations, or individuals?
a. Electronic espionage
b. Sale of illegal goods
c. Intellectual property crimes
d. Computer and network intrusions
Answer: a. Electronic espionage
21. What is the most common form of cybercrime?
a. Hacking
b. Phishing
c. Cyberstalking
d. Cyber extortion
Answer: b. Phishing

22. What is the main goal of social engineering in cybercrime?

a. To exploit technical vulnerabilities in computer systems
b. To manipulate people into divulging confidential information or performing actions that
may be harmful
c. To create malware that can infect computer systems
d. To steal physical assets using technology
Answer: b. To manipulate people into divulging confidential information or performing
actions that may be harmful

23. What type of cybercrime involves the unauthorized use of personal information for
criminal purposes?
a. Cyberstalking and harassment
b. Identity theft and fraud
c. Online child sexual exploitation
d. Electronic espionage
Answer: b. Identity theft and fraud

24. What type of cybercrime involves the sale of illegal goods over the internet?
a. Cyber extortion
b. Sale of illegal goods
c. Intellectual property crimes
d. Computer and network intrusions
Answer: b. Sale of illegal goods

25. What type of cybercrime involves the unauthorized access to and theft of sensitive or
confidential information belonging to governments, corporations, or individuals?
a. Electronic espionage
b. Sale of illegal goods
c. Intellectual property crimes
d. Computer and network intrusions
Answer: a. Electronic espionage

26. What type of cybercrime involves the unauthorized alteration of data or programs on a
computer system?
a. Tampering
b. Hacking
c. Cyberstalking
d. Cyber extortion
Answer: a. Tampering

27. What type of cybercrime involves the use of malicious software to infect computer
systems and cause harm?
a. Malware
b. Phishing
c. Cyberstalking
d. Cyber extortion
Answer: a. Malware

28. What type of cybercrime involves the use of email or other electronic communications to
make false claims or demands for money or other forms of payment?
a. Phishing
b. Cyber extortion
c. Online child sexual exploitation
d. Electronic espionage
Answer: b. Cyber extortion

29. What type of cybercrime involves the unauthorized access to computer systems or
networks?
a. Hacking
b. Phishing
c. Cyberstalking
d. Cyber extortion
Answer: a. Hacking

30. What type of cybercrime involves the use of digital devices to harass or intimidate
someone?
a. Cyberstalking
b. Hacking
c. Phishing
d. Cyber extortion
Answer: a. Cyberstalking

31. What type of cybercrime involves the unauthorized use of another person's identity for
criminal purposes?
a. Identity theft
b. Phishing
c. Cyberstalking
d. Cyber extortion
Answer: a. Identity theft

32. What type of cybercrime involves the sale of counterfeit goods over the internet?
a. Sale of illegal goods
b. Intellectual property crimes
c. Electronic espionage
d. Computer and network intrusions
Answer: b. Intellectual property crimes

33. What type of cybercrime involves the use of spyware to monitor a person's online
activities?
a. Cyberstalking
b. Spying
c. Phishing
d. Cyber extortion
Answer: b. Spying

34. What is the definition of malware?

a. Software that monitors user activity on a computer or network
b. Software that is used to harm a computer or steal data from it
c. A type of social engineering attack that involves tricking people into revealing
sensitive information
d. A network of computers or devices that have been infected with malware and can
be controlled remotely by a hacker
Answer: b
35. What is the definition of phishing?
a. The use of electronic communications to harass, intimidate, or threaten someone
b. The process of encoding data in such a way that it can only be accessed by
authorized parties
c. Gaining unauthorized access to computer systems or networks with the intention of
stealing data or causing damage
 d. A type of social engineering attack that involves tricking people into revealing
sensitive information
Answer: d

36. What is a DDoS attack?

a. A type of malware that encrypts files or systems and demands payment in exchange
for the decryption key
b. A network of computers or devices that have been infected with malware and can
be controlled remotely by a hacker
c. Flooding a target system or network with traffic in order to make it unavailable to
legitimate users
Answer: c
37. What is ransomware?
a. A type of social engineering attack that involves tricking people into revealing
sensitive information
b. A network of computers or devices that have been infected with malware and can
be controlled remotely by a hacker
c. Software that is used to harm a computer or steal data from it and demands
payment in exchange for the decryption key
d. A type of electronic fraud that involves impersonating a legitimate entity in order to
obtain sensitive information
Answer: c
38. What is identity theft?
a. The use of electronic communications to harass, intimidate, or threaten someone
b. A type of social engineering attack that involves tricking people into revealing
sensitive information
c. Gaining unauthorized access to computer systems or networks with the intention of
stealing data or causing damage
d. Stealing personal information, such as social security numbers or credit card
numbers, in order to commit fraud or other crimes
Answer: d

39. When was the first recorded instance of computer hacking?

a. 1955
b. 1965
c. 1975
d. 1985
Answer: c (1975)

40. Which of the following was the first computer virus?

a. Creeper
b. Elk Cloner
c. Brain
d. Melissa
Answer: a (Creeper)

41. What was the first large-scale cyber-attack?

a. The Morris Worm
b. The ILOVEYOU virus
c. The Code Red worm
d. The Stuxnet virus
Answer: a (The Morris Worm)

42. When was the term "cybercrime" first coined?

a. 1970s
b. 1980s
c. 1990s
d. 2000s
Answer: c (1990s)

43. What was the first case of online identity theft?

a. The AOL phishing scam
b. The eBay database hack
c. The TJX data breach
d. The CardSystems Solutions data breach
Answer: a (The AOL phishing scam)

1. What is a white hat hacker?

a. A hacker who uses their skills for personal gain or to cause harm
b. A hacker who works for a company or organization to identify security
vulnerabilities
c. A hacker who hacks into computer systems or networks for political or ideological
reasons
d. A hacker who uses social engineering to trick people into revealing sensitive
information
Answer: b
2. What is a black hat hacker?
a. A hacker who uses their skills for personal gain or to cause harm
b. A hacker who works for a company or organization to identify security
vulnerabilities
c. A hacker who hacks into computer systems or networks for political or ideological
reasons
d. A hacker who uses social engineering to trick people into revealing sensitive
information
Answer: a
3. What is a grey hat hacker?
a. A hacker who uses their skills for personal gain or to cause harm
b. A hacker who works for a company or organization to identify security
vulnerabilities
c. A hacker who hacks into computer systems or networks for political or ideological
reasons
d. A hacker who uses social engineering to trick people into revealing sensitive
information
Answer: c
4. What is a script kiddie?
a. A hacker who uses their skills for personal gain or to cause harm
b. A hacker who works for a company or organization to identify security
vulnerabilities
 c. A hacker who is new to hacking and uses pre-made scripts or tools to launch
attacks d. A hacker who uses social engineering to trick people into revealing
sensitive information
Answer: c
5. What is a hacktivist?
a. A hacker who uses their skills for personal gain or to cause harm
b. A hacker who works for a company or organization to identify security
vulnerabilities
c. A hacker who hacks into computer systems or networks for political or ideological
reasons
d. A hacker who uses social engineering to trick people into revealing sensitive
information
Answer: c