Cybersecurity Book Notes
Chapter 3

Dr. Greg Bernstein

January 12th, 2021

Cyber Crime In General

CyBOK Categorization

From CyBOK: Adversarial Behaviors

  • Cyber-enabled crimes – “increase the reach of existing crimes”
  • Cyber-dependent crimes – “are crimes that can only be committed with the use of computers or technology devices”
  • Interpersonal offenders
  • Organized crime

Cyber-enabled Crimes 1

  1. Using the Internet, it is easier to find and contact victims. Email lists are sold on underground markets, while online social networks have search functionalities embedded in them, allowing criminals to easily identify potential victims.

  2. By using the Internet, criminal operations can be run more cheaply. Sending emails is free, while scammers previously had to pay postage to reach their victims. This also allows criminals to increase the scale of their operations to sizes that were previously unthinkable.

Cyber-enabled Crimes 2

  1. Compared to their physical counterparts, the Internet allows crimes to be performed faster. For example, emails can reach victims in a matter of seconds, without having to wait for physical letters to be delivered.

  2. Using the Internet, it is easier to operate across international boundaries, reaching victims located in other countries. In this setting, often the only limitation is language, with criminals only targeting victims who speak a language that they are familiar with.

Cyber-enabled Crimes 3

  1. By operating over the Internet, it is more difficult for criminals to get caught. This is mainly due to the transnational nature of cybercrime, and the fact that the problem of harmonizing the appropriate laws of different countries is far from being solved. In addition, research shows that online crime is often under reported, both because victims do not know whom to report it to, as well as the fact that they believe that they are unlikely to get their money back.

Chap 3: Cyber Stalking, Fraud, and Abuse

Investment Fraud

From Cyber Fraud

  • Online Investment Newsletters – While legitimate online newsletters may contain valuable information, others are tools for fraud.

  • Online Bulletin Boards – Online bulletin boards are a way for investors to share information. While some messages may be true, many turn out to be bogus – or even scams.

  • Investment Spam

  • Pump and Dump – Generally the end goal of all the above

Fraudulent Investment Newsletters

From Cyber Fraud

Some companies pay online newsletters to “tout” or recommend their stocks. Touting isn’t illegal as long as the newsletters disclose who paid them, how much they’re getting paid, and the form of the payment, usually cash or stock. But fraudsters often lie about the payments they receive and their track records in recommending stocks.

Frauds in Discussion Groups

From Cyber Fraud

Fraudsters may use online discussions to pump up a company or pretend to reveal “inside” information about upcoming announcements, new products, or lucrative contracts.

You may never know for certain who you’re dealing with, or whether they’re credible, because many sites allow users to hide their identity behind multiple aliases. People claiming to be unbiased observers may actually be insiders, large shareholders, or paid promoters. One person can easily create the illusion of widespread interest in a small, thinly traded stock by posting numerous messages under various aliases.

Investment Spam

From Cyber Fraud

With a bulk e-mail program, spammers can send personalized messages to millions of people at once for much less than the cost of cold calling or traditional mail. Many scams, including advance fee frauds, use spam to reach potential victims.

Pump and Dump Schemes 1

From Cyber Fraud

“Pump and dump” schemes have two parts. In the first, promoters try to boost the price of a stock with false or misleading statements about the company. Once the stock price has been pumped up, fraudsters move on to the second part, where they seek to profit by selling their own holdings of the stock, dumping shares into the market.

Pump and Dump Schemes 2

From Cyber Fraud

These schemes often occur on the Internet where it is common to see messages urging readers to buy a stock quickly. Often, the promoters will claim to have “inside” information about a development that will be positive for the stock. After these fraudsters dump their shares and stop hyping the stock, the price typically falls, and investors lose their money.

Online Shopping Fraud


From the text

  • Failure to send the merchandise
  • Sending something of lesser value than advertised
  • Failure to deliver in a timely manner
  • Failure to disclose all relevant information about a product or terms of the sale

Auction Fraud

  • Shill bidding: This occurs when fraudulent sellers (or their “shills”) bid on the seller’s items to drive up the price.

  • Bid shielding: This occurs when fraudulent buyers submit very high bids to discourage other bidders from competing for the same item. The fake buyers then retract their bids so that people they know can get the item at a lower price.

  • Bid siphoning: This occurs when con artists lure bidders off legitimate auction sites by offering to sell the “same” item at a lower price. Their intent is to trick consumers into sending money without proffering the item. By going offsite, buyers lose any protections the original site may provide, such as insurance, feedback forms, or guarantees.

Charity/Disaster Fraud 1

From FBI: Charity and Disaster Fraud

  • Charity fraud schemes seek donations for organizations that do little or no work—instead, the money goes to the fake charity’s creator.

  • While these scams can happen at any time, they are especially prevalent after high-profile disasters. Criminals often use tragedies to exploit you and others who want to help.

  • Charity fraud scams can come to you in many forms: emails, social media posts, crowdfunding platforms, cold calls, etc. Always use caution and do your research when you’re looking to donate to charitable causes.

Charity Fraud 2

From FBI: Charity and Disaster Fraud

After a natural disaster or other emergency, unethical contractors and other scammers may commit insurance fraud, re-victimizing people whose homes or businesses have been damaged. Sometimes these fraudsters even pretend to be affiliated with the government, when they are not. If you need any post-disaster repairs, do your research before hiring any contractor.

Identity Theft

Identity Theft/Fraud

From DOJ: Identity Theft

Identity theft and identity fraud are terms used to refer to all types of crime in which someone wrongfully obtains and uses another person’s personal data in some way that involves fraud or deception, typically for economic gain.

Why Steal an Identity?

  • Run up debts under someone elses name/id
  • Commit crimes, such as automobile violations, in someone elses name
  • Gain benefits due to someone else

New or Old?

  • New or old?
  • Cyber enabled or cyber dependent?

Cyber attack: Phishing

From Wikipedia: Phishing

Phishing is the fraudulent attempt to obtain sensitive information or data, such as usernames, passwords and credit card details or other sensitive details, by impersonating oneself as a trustworthy entity in a digital communication.[1][2] Typically carried out by email spoofing,[3] instant messaging,[4] and text messaging, phishing often directs users to enter personal information at a fake website which matches the look and feel of the legitimate site.

Types of Phishing

From Wikipedia: Phishing

  • Spear phishing – Targeting specific individuals
  • Whaling – targeting high value individuals
  • Catphishing and catfishing – related to fraud in social networks and romance
  • Voice phishing (vishing) – via voice technologies
  • SMS phishing (Smishing) – via texts

Phishing Resources

Interpersonal Crimes


From CyBOK: Adversarial Behaviors

These crimes include targeted violence and harassment, directed at either close connections or strangers. While these crimes have always existed, the Internet has made the reach of harassers and criminals much longer, effectively removing the need for physical contact for the offence to be committed. As such, these crimes fall into the cyber-enabled category.

Cyberbullying: Definition

From CyBOK: Adversarial Behaviors

cyberbullying is defined as ‘sending or posting harmful material or engaging in other forms of social aggression using the Internet or other digital technologies’. While not always illegal1, cyberbullying often occupies a grey area between what is considered a harmful act and a criminal offence.

Cyberbullying: Implications

From CyBOK: Adversarial Behaviors

While the practice of bullying is nothing new, the Internet has changed the dynamics of these harassment practices signi€cantly. What used to be a harmful practice limited to school hours now can be perpetrated at any time, effectively exposing victims to non-stop harassment.

Cyberbullying: Exacerbation

From CyBOK: Adversarial Behaviors

One aspect that makes cyberbullying different from traditional, physical harassment is that people online can be anonymous, and do not have their name or face attached to the abusive activity that they are carrying out. Researchers found that interacting with people online creates a disinhibition effect wherby personal traits are accentuated (i.e., negative people become meaner and positive people become nicer).


From CyBOK: Adversarial Behaviors

doxing is an attack where the victim’s private information is publicly released online. This operation is usually part of a larger harassment campaign, where the release of sensitive information is used as a way of embarrassing the victim or facilitating further harassment, even in the physical world.

The practice of doxing has become increasingly popular in recent years as a way of polarising online discussion and silencing people.


From CyBOK: Adversarial Behaviors

Cyberstalking is the practice of using electronic means to stalk another person. Broadly speaking, we can identify two types of cyberstalkers: those who use the information that they find online to help them stalk their victim in real life, and those who use the means offered by online services to stalk their victim purely online.

Further, the stalkers who operate online are divided into those who act purely passively, without any interaction with the victim, and those who perform interactions, for example, by sending their messages on a social network platform.


An emerging crime that has risen to relevance is sextortion, where a criminal lures victims to perform sexual acts in front of a camera (e.g., a webcam in a chatroom), records those acts, and later asks for a monetary payment in order not to release the footage.

Child predation 1

Online services are a fertile ground for criminals to find victims, whether on chats, online social networks, or online gaming platforms. The offender will then groom their victims to either perform physical or online abuse. Compared to the corresponding offline offence, online sexual predation has two main differences: first, the victim and the perpetrator almost never know each other in real life. Second, the victim demographics are more skewed towards adolescents than young children, because the age at which kids start going online is slightly higher.

Child predation 2

Offenders use a range of tactics, including pretending to be young people and children in order to groom their victims and research has shown the potential vulnerability of children of all ages to such online identity deception.

Child predation 3

Other offenders do not interact with children directly, but download and share child pornography on the Internet. In such cases hands-on abusers often know their victims and disseminate child abuse material to these “users” of such material. This has been facilitated by peer-to-peer sharing platforms [38, 39] as well as anonymising technologies such as Tor.

// reveal.js plugins