Forms of Cyber Crime

Identity Theft

• The most common means of acquiring personal data from a computer user is through misrepresentation. The term "phishing" refers to email scams involving impersonation of legitimate individuals or organizations. As an example, a victim might receive a fraudulent email claiming to be from a bank or credit card company requesting identifying information in order for the victim to receive credit, confirm account information or obtain a benefit. More elaborate schemes offer links to fraudulent websites to apply for credit or merchandise at unbelievable prices.

Fraud Scams

• Fraudulent auction sites and other websites offering merchandise or services are a common internet fraud scam. Internet sales can be also used as a means to traffic in stolen property. Fraudulent advance fee schemes claim a loan will be negotiated for a customer after the victim pays an advance fee through an internet website. Of course, the loan never materializes following the initial payment. Fraudulent credit card offers are also common. Reports of at-home employment and business franchise opportunity scams are common on the internet. Nigerian money offers and similar scams continue to claim victims who receive email saying they can earn a large sum by letting someone use the victim's bank account number. Email enticements regarding government grants available for a fee and notices from fake charities are also common Internet scams.

Malware

• Computers are susceptible to attacks from viruses and malware used by an intruder to gain access to a user's computer and data. A compromised computer can be used to store an intruder's files without the owner's knowledge. Such data could include contraband. Malware can include software to monitor a user's computer activity and log keystrokes, or malicious code which can disable or destroy data. A compromised computer may also be used by an attacker as a "slave." Large numbers of "slave" computers have been used by attackers to bombard a network with more traffic than the network's data buffers can process. The network either shuts down due to the overflow of network traffic or available bandwidth is reduced to an extent that renders legitimate network traffic and services impossible. This type of exploit is known as a denial-of-service attack.

Cyberstalking

• Harassment, bullying and "stalking" persons on the Internet can occur on social networks. It frequently involves repeated and unwelcome contact with the victim by the perpetrator in chatrooms or other Internet social networking sites. Such conduct can involve making false accusations, threatening to post material about the victim, attempting to set up meetings or contacting friends of the victim. The conduct may include making defamatory remarks or comments. The perpetrator may also falsely claim themselves to be a "victim" of the real victim.

Sexual Predators

• The sexual enticement of minors on the Internet has been a growing problem. Predators frequently visit social networking areas that are popular with minors to interact with them on the pretext of becoming friends. The goal of the predator is to set up a meeting with the victim for the purpose of sexual contact.

Business Risks

• Businesses maintain computer networks which store company records which can include proprietary information, trade secrets and employees' personal data. The theft of such data presents a significant risk. Persons gaining illegal access to such information may attempt to extort the victim business on the threat of destruction, distribution or release of information. Malicious attacks by hackers intended to disrupt normal network service such as denial-of-service are also common threats to normal business operations.

Terrorism

• The United States Cyber Command (USCYBERCOM) is a component of the United States Strategic Command. Its purpose is to organize and synchronize the defense of US military networks from attack. The USCYBERCOM is composed of units from each of the military services. Security of federal and civilian networks from attack remains a responsibility of the Department of Homeland Security.