Organized Crime 4

Download as txt, pdf, or txt
Download as txt, pdf, or txt
You are on page 1of 5

COMPUTER CRIME

- any crime accomplished through special knowledge of computer technology.


- any crime where computer is used as a tool or as a target or incidental to
the commission of a crime.
- Also known as Cybercrime.
- Any illegal act in which knowledge of computer technology is used to commit
the offense. (L. E. Quaratiello)
- All illegal activities that are committed by or with the aid of computer or
information technology or in which the computers are the target of the criminal
enterprise. (Martin L. Forst)

CYBER CRIME IN THE PHILIPPINES

The LOVE BUG

By far the most popular incidence of cyber crime in the Philippines is the
�ILOVEYOU Virus� or the LOVE BUG. The suspect in the case, a 23-year old student
from a popular computer university in the Philippines drafted the virus with the
vision of creating a program that is capable of stealing passwords in computers,
ultimately to have free access to the internet.

During the height of the LOVE BUG incident, Reuters has reported: "The
Philippines has yet to arrest the suspected creator of the 'Love Bug' computer
virus because it lacks laws that deal with computer crime, a senior police officer
said". The fact of the matter is that there are no laws relating to Cybercrime in
the Philippines. The National Bureau of Investigation is finding it difficult to
legally arrest the suspect behind the 'Love Bug' computer virus.

As such, the need for countries to legislate Cyberlaws relating to Cybercrime


arises on an urgent priority basis. Due to the incident, the Philippines have seen
the necessity for the passage of a law to penalize cyber crimes, thus the enactment
of Republic Act 8792 otherwise known as the Electronic Commerce Act.

RA 8792
- legislated because of I love you virus

- This Act shall be known and cited as the "Electronic Commerce Act.�

- Approved June 14, 2000

Common Types of Cyber Crimes already handled by NBI

1. HACKING / CRACKING
2. MALICIOUS EMAIL SENDING
3. INTERNET PORNOGRAPHY
4. LAUNCHING OF HARMFUL COMPUTER VIRUSES
5. DISTRIBUTED DENIAL OF SERVICE ATTACKS (DOS)
6. WEBSITE DEFACEMENT
7. ACQUIRING CREDIT CARD INFORMATION FROM AN E-COMMERCE WEBSITE
8. INTERNET SHOPPING USING FRAUDULENTLY ACQUIRED CREDIT CARDS
9. WIRE TRANSFER OF FUNDS FROM A FRAUDULENTLY ACQUIRED CREDIT CARD
10. ON-LINE AUCTION FRAUD

WHAT ARE COMMON METHODS AND STANDARD TERMS USED TO DESCRIBE CYBER CRIME?
Hacking
- is the act of illegally accessing the computer system/network of an
individual, group or business enterprise without the consent or approval of the
owner of the system

Cracking
- is a higher form of hacking in which the unauthorized access culminates with
the process of defeating the security system for the purpose of acquiring money or
information and/or availing of free services

Malicious Sending of E-mails


- the sending of malicious and defamatory electronic mails for the purpose of
extorting money, or threatening prospective victims

Internet Pornography
- The trafficking, distribution, posting, and dissemination of obscene material
including children�s nude pictures, indecent exposure, and child sex slavery posted
into the internet, live streaming videos aired through the internet

A computer virus
- is a computer program that can copy itself and infect a computer without
permission or knowledge of the user

Launching of Harmful Computer Virus

1. Virus
2. Worm
3. Trojan Horse

Worm
- spread itself to other computers without needing
to be transferred as part of a host

Trojan horse
- is a file that appears harmless until executed. Trojan horses do not insert
their code into other computer files

Logic bomb
- a set of instructions secretly inserted into a program that is designed to
execute if a particular program is satisfied
- the bomb lies dormant until a particular date is reached or command entered

Identity theft
- defined as the criminal act of assuming person�s name, address, social
security number, and date of birth in order to commit fraud

Phishing
- sending fraudulent e-mails or website pop-ups, to get victims to divulge
sensitive financial information such as credit card numbers or social security
numbers

Distributed Denial of Service Attacks


- DDoS attacks can be committed by employing multiple computers controlled by a
single master computer server to target a particular server by bombarding it with
thousands of packets of data in an attempt to overwhelm the server and cause it to
crash
Website defacement
- is the unauthorized modification of a website

Acquiring Credit Card Information from a Website that offers E-Services

- When you shop online, the most convenient way to pay for the items you order
is through your credit card. When you pay thru your credit card, you need to
disclose information such as your complete name, your postal address, zip code,
state, phone number credit card account number, its expiration date and its
security code/pin. Upon entering the above-mentioned information, it will be
verified �real-time� by the site merchant. It usually takes a minute to verify
whether the credit card is valid or invalid. If valid, the information you entered
will be stored in the website�s database server. Hackers look for the file
containing the credit card information of all the customers who bought from a
certain e-commerce site. Upon acquisition thereof, it will be decrypted to make it
readable and all the information of the transactions will be made available.Hackers
prefer VISA, AMERICAN EXPRESS and MASTERCARD when filtering credit card
information. It is because VISA and MASTERCARD are widely accepted by almost ALL
Internet Shopping Sites. American Express on the other hand has no CREDIT LIMIT

- Credit card numbers of American Express start with the number 3, MasterCard
credit cards start with the number 5 while VISA Credit cards start with the number
4

- American Express credit cards have 15 digits Account Number while Visa and
Mastercard credit cards contain 16.

Internet Shopping Using Fraudulently Acquired Credit Card

Hackers, upon acquiring the desired credit card information now conducts
�window shopping�, hopping from one shop site to another, looking for cellphones,
gadgets, apparels, computer peripherals, softwares etc. When he finds what he wants
to buy, he then add/s his desired item/s to the shopping cart and checkouts. He
will then supply the Credit Card information of the fraudulently acquired credit
card such as the Complete name of the cardholder, address, zip code, state, email
address, credit card number and expiration date. Other pertinent information such
as shipping address of the items ordered will have to be supplied too.

Wire Transfer of Funds from Fraudulently Acquired Credit Card

When a hacker knows your complete credit card information, he can extract CASH from
the acquired credit/debit card online. By signing up with Western Union Money
Transfer (http://www.westernunion.com) using the fraudulently acquired credit card
information, he can pretend that he will just send money to his relative and
western union will directly debit the credit card and it will reflect on the
billing statement of the original credit card holder. Wire transfer of funds using
credit cards require the credit card security number.

Online Auction Fraud

- First, the fraudster should sign up for an account at an online auction site
such as e-bay, yahoo auctions or U-Bid
- The fraudster falsifies all information that he enters on the signup page.
The only true information is his email address, for he will be contacted by
interested bidders by means of email.He will be asked to provide a credit card.
This is where he will need the fraudulently acquired credit card. When all of the
required fields are signed up, his application will be approved and he will be a
registered member of the said auction site. He is now then allowed to bid, and
auction any item. A fraudster will auction expensive items such as laptops,
cellphones, PDA�s (handheld devices), desktop computers, camcorders and hard to
find memorabilias. He will then sell it at a lower price for legitimate bidders to
bid immediately. An online fraudster only accepts payments thru personal checks,
money order, wire transfer and western union money transfer. It is bluntly
stipulated in his auction page.

TECHNICAL TERMS

ISP � stands for Internet Service Provider. It provides internet service to


internet users.

IP Address � series of numbers assigned by an Internet Service Provider to an


internet user when it connects to the Internet

Dynamic IP Address � a type of IP Address that changes everytime the internet user
accesses his Internet Service Provider. It is usually assigned to dial-up or base
speed broadband service subscribers (eg. ISP Bonanza, Surfmaxx, PLDT myDSL 128kbps
service etc.)

Static IP Address � a type of IP Address that is constant regardless of the time or


number of attempts the internet user accesses the internet. It is usually assigned
to High-Speed Internet Users or Corporate Accounts (eg. ADSL (Asymetric Digital
Subscriber Line) connections, E1 Internet Connections, OC3 Internet Connections, T1
Internet Connections, Leased Line Internet Connections)

Website � a portfolio of a person / organization / entity / company which is posted


on the Internet for accessibility worldwide.

The INTERNET PROTOCOL (IP) ADDRESS is the anchor of the investigation of all crimes
committed via the internet. The identification of the IP Address leads to the
identity of the Internet Service Provider (ISP) used to access the internet and
eventually the subscriber of the account where the internet activity was performed.

The IP Address as given by the ISP depends on the type of internet account a
subscriber maintains, whether it is a DYNAMIC IP or STATIC IP.

If Static:
Subscriber information (name, billing address, installation address, type of
internet account, usage and costs etc.) if applicable

If Dynamic
log reports indicating telephone number used to make �dial-up� access

VERY IMPORTANT:

The address of the subscriber as given by the ISP or Phone Company should be
analyzed to determine whether it is a Billing Address or an Installation Address.
For purposes of a search warrant application, the Installation Address is the
more important matter to consider. The purpose of a Search Warrant application/
implementation in a cyber crime investigation, as with any other offense is to
confiscate and seize the instruments/implements, tools used in the commission of
the offense. Since the crime was committed with the aid of a computer, the same and
its peripherals are the instruments used in its commission.
TOP TEN SECURITY TIPS FOR COMPUTER USERS

1. Never send an e-mail that you wouldn't let your wife or boss to read.

2. Turn off your computer when you are not using it. It is the only sure way to
keep the hackers out.

3. Use a password to log onto your computer. Most operating system let you set a
password and to change it regularly.

4. Don�t accept cookies. If you have to, delete them when you are finished surfing.

5. Use the latest versions and software patches for your e-mail and your browser.
New security loopholes are constantly being discovered.

6. Keep your antivirus up to date. Hackers never rest. Every email attachment can
contain a virus, so scan it before you open it.

7. Watch your laptop at the airport. Be specially careful at X-ray security


machines, which is where most laptop theft occur.

8. Don�t use the same password over and over. Make new variations.

9. Use a paper shredder. Don�t just throw out unsolicited credit card application.
Shred them.

10. Never give out your social security number, online or off. This information in
a wrong hand is license to steal.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy