December 07, 2010

II - Cyber crimes – issues, problems and perspectives

6. Email related crime:  Email has fast emerged as the world’s most preferred form of communication. Billions of email messages traverse the globe daily. Like any other form of communication, email is also misused by criminal elements.
The ease, speed and relative anonymity of email has made it a powerful tool for criminals. Some of the major email related crimes are:
6.1 Email spoofing: Email spoofing is very often used to commit financial crimes. It becomes a simple thing not just to assume someone else’s identity but also to hide one’s own. The person committing the crime understands that there is very little chance of his actually being identified.
A spoofed email is one that appears to originate from one source but has actually emerged from another source. Email spoofing is usually done by falsifying the name and or email address of the originator of the email.  Email spoofing can be used to spread misinformation, and even to secure unauthorized access to computers.2
6.2 Spreading Trojans, viruses and worms: Viruses are programs that attach themselves to a computer or a file and then circulate themselves to other files and to other computers on a network. They usually affect the data on a computer, either by altering or deleting it. Worms, unlike viruses do not need the host to attach themselves to. They merely make functional copies of themselves and do this repeatedly till they eat up all the available space on a computer's memory.
The Love Bug virus, for instance, reached millions of computers within 36 hours of its release from the Philippines thanks to email. The VBS_LOVELETTER virus (better known as the Love Bug or the ILOVEYOU virus) was reportedly written by a Filipino undergraduate.  Losses incurred during this virus attack were pegged at US $ 10 billion. 
Hackers often bind Trojans, viruses, worms and other computer contaminants with e-greeting cards and then email them to unsuspecting persons. Such contaminants can also be bound with software that appears to be an anti-virus patch. E.g. a person receives an email from  information@mcaffee.com (this is a spoofed email but the victim does not know this). The email informs him that the attachment contained with the email is a security patch that must be downloaded to detect a certain new virus. Most unsuspecting users would succumb to such an email (if they are using a registered copy of the McAffee anti-virus software) and would download the attachment, which actually could be a Trojan or a virus itself!
6.3 Email bombing: Email bombing refers to sending a large amount of emails to the victim resulting in the victim’s email account (in case of an individual) or servers (in case of a company or an email service provider) crashing.

No comments:

Post a Comment