DOCSLIB.ORG

Criminal Justice Resource Manual (Second Edition)

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Criminal Justice Resource Manual (Second Edition) DOCUMENT RESUME ED 332 671 IR 014 981 AUTHOR Parker, Donn B. TITLE Computer Crime: Criminal Justice Resource Manual (Second Edition). INSTITUTION SRI International, Menlo Park, Calif. SPONS AGENCY Abt Associates, Inc., Cambridge, Mass.; Department of Justice, Washington, D.C. National Inst. of Justice. PUB DATE Aug 89 CONTRACT OJP-86-C-002 NOTE 223p. PUB TYPE Guides - Non-Classroom Use (055) -- Legal/Legislative/Regulatory Materials (090) Reference Materials - General (130) EDRS PRICE MF01/PC09 Plus Postage. DESCRIPTORS *Crime; *Debugging (Computers); *Federal Legislation; Information Systems; Law Enforcement; Microcomputers; White Collar Occupat ons IDENTIFIERS *Computer Crimes ABSTRACT This advanced training and reference manual is designed to aid investigators and prosecutors in dealing with white collar computer crime. The first five sections follow the typical order of events for prosecutors handling a criminal case: classifying the crime, computer abuse methods and detection, experts and suspects using information systems, the computer crime environment, and computer crime prosecution. Each section contains a description of that section, how the information may be used, and its relevance. The sixth section, computer crime law, was written by an attorney and provides legal citations. It is suggested that readers begin by studying the overview of technology in the seventh section, and by reviewing the glossary of terms. Appendices A and B include representative federal legislation and itations of computer crime statutes. Appendices C through H supply information on cases in the news, data processing occupations, audit tools and techniques, computer intrusion recovery guidelines (debugging), advance preparations, and time-sharing usage examples. Appendix I contains sources of further information and contacts. An index by subject is also provided. (DB) ******************************************ttitt*Itt********************** Reproductions supplied by EDRS are the best that can be made from the original document. ***************tf.****************************************************** US. Department of Justice ofnce of Justice Provami Notiowd Institute of Antic, 111111MMINIMII111MIMMIMI111.1=1MINIMMOININNIMOIMM=10111111111 issues and :N4 alional Institute of Justicil Practices U S DEPARTMENT Of EDUCATION 0.4 F 1 AtOr)4§, POSFel, ard Im[....vomero E Pl.R.ATIONAL RE SOURCES INFORMATION CE nrIf- P +RIC, c.10, orref,t has been ,ep,c(luced as hurrt1,1. persc, Ofghnin0f.,, Chewjes have hrer, r"hacle hor qt,81,t, Computer Crime. ,', ,'' P*,,f f' rne,HSSA"dv F.1)1.5Pf, Criminal Justice 1 Resource Manual Second Edition BEST COPY AVAILABLE About the National Institute of Justice The National Institute of Justice is a research brancn Tests and demonstrates new and improved ap- of the U.S. Department of Justice. The Institute s mis- proaches to strengthen the justice system, and recom- sion is to develop knowledge about crime its causes mends actions that can be taken by Federal. State, and control. Priority is given to policy-relevant research and local governments and private organizations and that can yield approaches and information that State individuals to achieve this goal. and local agencies can use in preventing and reducing Disseminates information from research, demonstra- crime. The decisions made by criminal justice practi- tions, evaluations, and special programs to Federal. tioners and policymakers affect millions of citizens, and State, and local governments, and serves as an in- crime affects almost all our public institutions and the ternational clearinghouse of justice information. private sector as well. Thrgeting resources, assuring their Trains criminal justice practitioners in research and effective allocation, and developing new means of evaluation findings, and assists practitioners and cooperation between the public and private sector art researchers through fellowships and special seminars. some of the emerging issues in lawenforcement and criminal justice that research can help illuminate_ Authority for administering the Institute and awarding grants, contracts, and cooperative agreements is vested Carrying out the mandate assigned by Congress in the in 'he NIJ Director. In establishing its research agen- Justice Assistance Act of 1984, the National Institute iie Institute is guided by the priorities of the of Justice: Attorney General and the needs of the criminal justice field. The Institute actively solicits the views of police, Sponsors research and development to improve and courts, and corrections practitioners as well as the strengthen the criminal justice system and related private sector to idinitify the most critical problems and civil aspects, with a balanced program of basic and to plan research that can help solve them. applied research. Evaluates the effectiveness of justice improvement programs and identifies programs that promise to James K. Stewart be successful if continued or repeated. Director 3 U.S. Department of Justice National Institute of Justice Office of Justice Programs COMPUTER CRIME Criminal Justice Resource Manual by Donn B. Parker report contributors David C. Smith Geoffrey W. TUrner Dr. Sanford Sherizan August 1989 Issues and Practices in Criminal Justice is a publication series of the National Institute of Justice. Designedfor the criminal justice professional, each Issues and Practices report presents the program options andmanagement issues in a topic area, based on a review of research and evaluation findings, operational experience, and even opinion in the subject. The intent isto provide criminal justice managers and administrators with the infcrmation to make informed choices in planning, implementing andimproving programs and practice. This document was prepared by SRI International under contract to Abt Associates for the National Institute of Justice, U.S. Department of Justice, contract 8 OJP-86-C-002. Points of view and opinions stated herein are those of the authors and do not necessarilyrepresent the official position or policies of Abt Associates, the U.S. Department of Jtedce, or SRI International. The U.S. Department of Justice authorizes any person to reproduce, publish, translate, or otherwiseuse all or any pan of the copyrighted material in this publication, with the exception of those :terns indicating that they are copyrighted byor reprinted by permission of any source other than SRI International. © Copyright 1988 by SRI international. 4 National Institute of Justice James K. Stewart Director Program Monitor Jonathan Budd National Institute of Justice Washington, D.C. The AssistantAttorney General. Offlee of Justice Programs, coordinates thr activities of thefollowing program Offices and Bureaus: NationalInstitute of Justice, Bureau of Justice Statistics, Bureauof Justice Assistance, Office of Juvenile Justice and Delinquency Prevention, and Office for Victims of Crime. t Foreword With the virtual explosion of technological advances in As part of its response to this need, the National the 1980's, computers and their applications have Institute of Justice has published this resource manual become an integral and indispensible part of our society for the criminal justice system. An earlier edition and its institutions. Computers were found in one home produced by the Bureau of Justice Statistics provedto in a hundred at the beginning of the decade by 1987 be an invaluable resource for criminal justice. This one in five households had them. Today they are as edition reflects the tremendous technological advances common a business tool as the ledger or the cash and statutory changes of the past decade. It is intended register. Given this dramatic increase in the use and as a training and reference guide for investigators and accessibility of computers in the home and in business, prosecutors and should prove useful to those who it is not surprising to see an increase in the use of have limited knowledge of computers as wellas to those computers in the commission of crime. who are familiar with computer operations. Law enforcement faces new challenges as it seeks to TWo companion volumes,Organizing for Computer strengthen capabilities for successfully investigating and Crime Investigation and ProsecttionandDedicated prosecuting computer crime into the 1990's. Use of Computer Crime Units,are other important parts of computers has proliferated not only in traditional crimes NIJ's effort to provide resources to law enforcement so of theft such as embezzlement and fraud; increasingly, they can meet the challenges posed by computer crime. drug rings, prostitution rings, child pornographers and These reports show how state and local jurisdications pedophiles have turned to computers to facilitate their have responded to confront the growing problem of illicit operations just as legitimate businesses do. Police computer-related crime. say they arrive at the scene of these criminal networks and discover computers in operation. The proud history of law enforcement in the United States has been marked by a remarkable capacityto Detectives and prosecutors realize that if law successfully confront and overcome new challenges. enforcement is to make greater inroads in investigating With the publication of these volumes: the National and prosecuting these types of cases, they need to Institute of Jrstice hopes to assist law enforcement awl become conversant with computer operations. In fact, prosecutorial efforts to meet the challenges they face the 1986 National
Load more

Recommended publications
  • 2020 Identity Theft Statistics | Consumeraffairs
    2020 Identity Theft Statistics | ConsumerAffairs Trending Home / Finance / Identity Theft Protection / Identity theft statistics Buyers Guides Last Updated 01/16/2020 News Write a review 2020Write a review Identity theft statistics Trends and statistics about identity theft Learn about identity theft protection by Rob Douglas Identity Theft Protection Contributing Editor In 2018, the Federal Trade Commission processed 1.4 million fraud reports totaling $1.48 billion in losses. According to the FTC’s “Consumer Sentinel Network Data Book,” the most common categories for fraud complaints were imposter scams, debt collection and identity theft. Credit card fraud was most prevalent in identity theft cases — more than 167,000 people reported a fraudulent credit card account was opened with their information. Identity theft trends in 2019 In the next year, the Identity Theft Resource Center (ITRC) predicts identity theft protection services will primarily focus on data breaches, data abuse and data privacy. ITRC also predicts that https://www.consumeraffairs.com/finance/identity-theft-statistics.html 2020 Identity Theft Statistics | ConsumerAffairs consumers will become more knowledgeable about how data breaches work and expect companies to provide more information about the specific types of data breached and demand more transparency in general in data breach reports. Cyber attacks are more ambitious According to a 2019 Internet Security Threat Report by Symantec, cybercriminals are diversifying their targets and using stealthier methods to commit identity theft and fraud. Cybercrime groups like Mealybug, Gallmaker and Necurs are opting for off-the-shelf tools and operating system features such as PowerShell to attack targets. Supply chain attacks are up 78% Malicious PowerShell scripts have increased by 1,000% Microsoft Office files make up 48% of malicious email attachments Internet of Things threats on the rise Cybercriminals attack IoT devices an average of 5,233 times per month.
    [Show full text]
  • Cyber Threats to Mobile Phones Paul Ruggiero and Jon Foote
    Cyber Threats to Mobile Phones Paul Ruggiero and Jon Foote Mobile Threats Are Increasing Smartphones, or mobile phones with advanced capabilities like those of personal computers (PCs), are appearing in more people’s pockets, purses, and briefcases. Smartphones’ popularity and relatively lax security have made them attractive targets for attackers. According to a report published earlier this year, smartphones recently outsold PCs for the first time, and attackers have been exploiting this expanding market by using old techniques along with new ones.1 One example is this year’s Valentine’s Day attack, in which attackers distributed a mobile picture- sharing application that secretly sent premium-rate text messages from the user’s mobile phone. One study found that, from 2009 to 2010, the number of new vulnerabilities in mobile operating systems jumped 42 percent.2 The number and sophistication of attacks on mobile phones is increasing, and countermeasures are slow to catch up. Smartphones and personal digital assistants (PDAs) give users mobile access to email, the internet, GPS navigation, and many other applications. However, smartphone security has not kept pace with traditional computer security. Technical security measures, such as firewalls, antivirus, and encryption, are uncommon on mobile phones, and mobile phone operating systems are not updated as frequently as those on personal computers.3 Mobile social networking applications sometimes lack the detailed privacy controls of their PC counterparts. Unfortunately, many smartphone users do not recognize these security shortcomings. Many users fail to enable the security software that comes with their phones, and they believe that surfing the internet on their phones is as safe as or safer than surfing on their computers.4 Meanwhile, mobile phones are becoming more and more valuable as targets for attack.
    [Show full text]
  • We Are All Rwandans”
    UNIVERSITY OF CALIFORNIA Los Angeles “We are all Rwandans”: Imagining the Post-Genocidal Nation Across Media A dissertation submitted in partial satisfaction of the requirements for the degree Doctor of Philosophy in Film and Television by Andrew Phillip Young 2016 ABSTRACT OF DISSERTATION “We are all Rwandans”: Imagining the Post-Genocidal Nation Across Media by Andrew Phillip Young Doctor of Philosophy in Film and Television University of California, Los Angeles, 2016 Professor Chon A. Noriega, Chair There is little doubt of the fundamental impact of the 1994 Rwanda genocide on the country's social structure and cultural production, but the form that these changes have taken remains ignored by contemporary media scholars. Since this time, the need to identify the the particular industrial structure, political economy, and discursive slant of Rwandan “post- genocidal” media has become vital. The Rwandan government has gone to great lengths to construct and promote reconciliatory discourse to maintain order over a country divided along ethnic lines. Such a task, though, relies on far more than the simple state control of media message systems (particularly in the current period of media deregulation). Instead, it requires a more complex engagement with issues of self-censorship, speech law, public/private industrial regulation, national/transnational production/consumption paradigms, and post-traumatic media theory. This project examines the interrelationships between radio, television, newspapers, the ii Internet, and film in the contemporary Rwandan mediascape (which all merge through their relationships with governmental, regulatory, and funding agencies, such as the Rwanda Media High Council - RMHC) to investigate how they endorse national reconciliatory discourse.
    [Show full text]
  • Address Munging: the Practice of Disguising, Or Munging, an E-Mail Address to Prevent It Being Automatically Collected and Used
    Address Munging: the practice of disguising, or munging, an e-mail address to prevent it being automatically collected and used as a target for people and organizations that send unsolicited bulk e-mail address. Adware: or advertising-supported software is any software package which automatically plays, displays, or downloads advertising material to a computer after the software is installed on it or while the application is being used. Some types of adware are also spyware and can be classified as privacy-invasive software. Adware is software designed to force pre-chosen ads to display on your system. Some adware is designed to be malicious and will pop up ads with such speed and frequency that they seem to be taking over everything, slowing down your system and tying up all of your system resources. When adware is coupled with spyware, it can be a frustrating ride, to say the least. Backdoor: in a computer system (or cryptosystem or algorithm) is a method of bypassing normal authentication, securing remote access to a computer, obtaining access to plaintext, and so on, while attempting to remain undetected. The backdoor may take the form of an installed program (e.g., Back Orifice), or could be a modification to an existing program or hardware device. A back door is a point of entry that circumvents normal security and can be used by a cracker to access a network or computer system. Usually back doors are created by system developers as shortcuts to speed access through security during the development stage and then are overlooked and never properly removed during final implementation.
    [Show full text]
  • Social Engineering Exposures
    Aon Risk Solutions Financial Services Group Client Alert: Social Engineering Exposures While social engineering can refer to many things outside of a risk management context, within the insurance world, social engineering has assumed a specific, and notable, meaning. In brief, social engineering refers to the use of identity deception to gain the confidence of an employee to induce him or her to part with an organization’s money or securities. We will explore some of the most common forms of social engineering, relevant coverage interpretations, and available coverage solutions. Where Does The Threat Arise From? While a “theft” has undoubtedly occurred in a We’re here to Social engineering attacks can come in many social engineering loss, the commercial crime empower results forms, including: policy likely has not been triggered because the If you have questions employee did not “steal” the money/securities about your specific § Phishing scams are attempts by fraudsters to coverage or want more directly, and the employee certainly did not induce individuals into providing personal information, please benefit from it. Historically, crime policies did not information such as bank account numbers, contact your Aon broker. explicitly address social engineering, thus resulting passwords, and credit card numbers aon.com in varying outcomes. § Spear phishing is an electronic communications scam targeted towards a specific individual, Relevant Cases organization, or business Although a few courts have found coverage for § Vishing, or voice phishing is the criminal social engineering losses under crime policies, practice of using social engineering over the most courts have found that social engineering telephone to gain access to private personal and losses are not covered under the policy’s financial information Computer Fraud, Funds Transfer Fraud, or Forgery § SMiShing (short for “SMS phishing”) is a coverage agreements.
    [Show full text]
  • Types of Fraud
    Types of Fraud Phishing A form of identity theft in which a scammer uses an authentic-looking e-mail to trick recipients into giving out sensitive personal information, such as a credit card numbers, bank account numbers, Social Security numbers or other sensitive personal information. Vishing Voice phishing is the criminal practice of using social engineering over the telephone system, most often using features facilitated by Voice over IP (VoIP), to gain access to private personal and financial information from the public for the purpose of financial reward. The term is a combination of "voice" and phishing. Voice phishing exploits the public's trust in landline telephone services, which have traditionally terminated in physical locations known to the telephone company, and associated with a bill-payer. The victim is often unaware that VoIP makes formerly difficult-to-abuse tools/features of caller ID spoofing, complex automated systems (IVR), low cost, and anonymity for the bill-payer widely available. Voice phishing is typically used to steal credit card numbers or other information used in identity theft schemes from individuals. SMiShing In computing, SMS phishing or smishing is a form of criminal activity using social engineering techniques. Phishing is the act of attempting to acquire personal information such as passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. SMS (Short Message Service) is the technology used for text messages on cell phones. SMS phishing uses cell phone text messages to deliver the bait to induce people to divulge their personal information. The hook (the method used to actually capture people's information) in the text message may be a website URL, but it has become more common to see a telephone number that connects to an automated voice response system.
    [Show full text]
  • Counterfeit Medicines and Criminal Organisations
    Study report COUNTERFEIT MEDICINES AND CRIMINAL ORGANISATIONS - All rights reserved to IRACM - 2 Eric Przyswa, Research Fellow Mines ParisTech in the Centre for Research on Risks and Crises, wrote this report under the leadership and initiative of the Institute of Research against Counterfeit Medicines (IRACM). The author writes in many French and foreign academic reviews (Hermès, Futuribles, Tribune de la santé, Information and Society, etc.) and conducts research on the human safety. The report is available in its entirety on: www.iracm.com. Institut de Recherche Anti-Contrefaçon de Médicaments 54 avenue Hoche 75008 Paris - France [email protected] IRACM – September 2013 - All rights reserved to IRACM - 3 - All rights reserved to IRACM - 4 COUNTERFEIT MEDICINES AND CRIMINAL ORGANIZATIONS IRACM and Eric Przyswa - All rights reserved to IRACM - 5 Table of contents Foreword __________________________________________________________________________ 9 Introduction _______________________________________________________________________ 11 I. Medicine counterfeiting, criminal organisations and cybercrime __________________________ 13 I.1. Counterfeiting, falsification and medicines ___________________________________________ 13 I.2. State of play __________________________________________________________________ 16 In light of this assessment of counterfeit medicines, how can a more specific analysis be made of the criminal organisations involved in this ever-growing illicit trafficking? __________________________ 23 I.3. Criminal organisations
    [Show full text]
  • Example of Trojan Horse
    Example Of Trojan Horse Hassan fled his motherliness jumps saliently or next after Gerhardt premises and clabber heroically, unicolor and catenate. Maury usually mangling flirtingly or clamour unmeaningly when genteel Kurtis brutify lest and languishingly. Lex influencing kitty-cornered if xerophilous Lucio hocus or centrifuging. And according to experts, it remains so. As with protecting against most common cybersecurity threats, effective cybersecurity software should be your front line of protection. But what if you need to form an allegiance with this person? Another type of the virus, Mydoom. Wonder Friends to read. When first developed, Gozi used rootkit components to hide its processes. What appearsto have been correctly uninstalled or malware that i get the date, or following paper describes the horse of! Please enter your password! Adware is often known for being an aggressive advertising software that puts unwanted advertising on your computer screen. In as far as events are concerned; the central Intelligence Agency has been conducting searches for people who engage in activities such as drug trafficking and other criminal activities. If someone tries to use your computer, they have to know your password. No matter whether a company favors innovation or not, today innovation is key not only to high productivity and growth, but to the mere survival in the highly competitive environment. The fields may be disguised as added security questions that could give the criminal needed information to gain access to the account later on. It is surprising how far hackers have come to attack people, eh? Run script if the backdoor is found, it will disconnect you from the server, and write to the console the name of the backdoor that you can use later.
    [Show full text]
  • Trojans, Click Fraud, and Money Appeals Are Just a Few of the Vectors That Help Malware Writers Take Advantage of Internet Users Mcafee Security Journal Fall 2008
    Security Vision from McAfee® Avert® Labs Fall 2008 SOCIAL ENGINEERING The World’s Leading Security Threat TROJANS, click fraud, and money appeals are just a few of the vectors that help malware writers take advantage of Internet users McAfee Security Journal Fall 2008 Editor Contents Dan Sommer Contributors Anthony Bettini Hiep Dang Benjamin Edelman Elodie Grandjean 4 The Origins of Social Engineering From Odysseus’ Trojan horse to Jeff Green phishing on the Internet: Deception just won’t go away. By Hiep Dang Aditya Kapoor Rahul Kashyap Markus Jacobsson 9 Ask and You Will Receive The psychology of social engineering: Karthik Raman Why does it work? By Karthik Raman Craig Schmugar 13 Social Engineering 2.0: What’s Next Click fraud appears one of the Statistics most likely threats that we’ll face in the near future. By Markus Jakobsson Toralv Dirro Shane Keats 16 The Beijing Olympics: Prime Target for Social Engineering Malware David Marcus The five rings, and other major events, are an irresistible attraction for François Paget malware authors. By Elodie Grandjean Craig Schmugar 22 Vulnerabilities in the Equities Markets Can hackers make money Illustrator from Patch Tuesday and other company news? By Anthony Bettini Doug Ross 28 The Future of Social Networking Sites Lots of money and users make Design social sites another magnet for malware. By Craig Schmugar PAIR Design, LLC 31 The Changing Face of Vulnerabilities Social engineering tricks can Acknowledgements lead users into holes in software. By Rahul Kashyap Many people helped create this issue of the McAfee Security Journal. We would like to cite a number of the key 34 Typosquatting: Unintended Adventures in Browsing Incautious web contributors: the senior executives at browsing can lead to the unexpected.
    [Show full text]
  • The Trojan Horse Defense in Cybercrime Cases, 21 Santa Clara High Tech
    Santa Clara High Technology Law Journal Volume 21 | Issue 1 Article 1 2004 The rT ojan Horse Defense in Cybercrime Cases Susan W. Brenner Brian Carrier Jef Henninger Follow this and additional works at: http://digitalcommons.law.scu.edu/chtlj Part of the Law Commons Recommended Citation Susan W. Brenner, Brian Carrier, and Jef Henninger, The Trojan Horse Defense in Cybercrime Cases, 21 Santa Clara High Tech. L.J. 1 (2004). Available at: http://digitalcommons.law.scu.edu/chtlj/vol21/iss1/1 This Article is brought to you for free and open access by the Journals at Santa Clara Law Digital Commons. It has been accepted for inclusion in Santa Clara High Technology Law Journal by an authorized administrator of Santa Clara Law Digital Commons. For more information, please contact [email protected]. ARTICLES THE TROJAN HORSE DEFENSE IN CYBERCRIME CASES Susan W. Brennert & Brian Carrier with Jef Henninger* TABLE OF CONTENTS I. INTRODUCTION ............................................................. 3 II. LEGAL ISSUES ............................................................ 14 A. How the Trojan Horse Defense Is Used ...................... 16 1. Raise Reasonable Doubt ............................................ 16 2. Negate Mens Rea ..................................................... 18 3. Establishing the Defense .......................................... 18 B. How Can the Prosecution Respond? ............. .......... 21 1. Establish Defendant's Computer Expertise .............. 22 2. "Character" Evidence ..............................................
    [Show full text]
  • Financial Influenza Cyber Crime Check Fraud
    Financial Influenza: This file contains 114 slides on Cyber Crime and Check Fraud. Cyber Crime and Check Fraud Cyber Crime begins with Slide 3 Check Fraud begins with Slide 55 - Vaccines For Your Organization A longer version of this presentation that includes ATM Fraud can be downloaded at: www.safechecks.com/services/fraudprevention.html Greg Litster SAFEChecks (800) 949-2265 Cyber Crime Internet Spam 350 300 250 200 2007 119.6 billion 150 2008 349.6 billion 100 50 0 Spam Detected Symantec observed a 192% increase in spam Download this presentation at: across the Internet, from 119 billion messages in 2007 to 349 billion in 2008. www.safechecks.com/services/fraudprevention.html Bot networks were responsible for 90% of all spam. Malicious Code Threats Malicious Code Threats 500,000 450,000 400,000 1,500,000 350,000 2005 113,025 300,000 New 1,000,000 250,000 Malicious 2006 140,690 200,000 Code 500,000 150,000 Threats 2007 624,267 100,000 2008 1,656,227 50,000 0 0 New Malicious Jan- Jul-Dec Jan- Jul-Dec Jan- Jul-Dec Jan- Jul-Dec Jun 2004 Jun 2005 Jun 2006 Jun 2007 Code Threats 2004 2005 2006 2007 2/3 of ALL malicious code thru 2007 was created in 2007 The trend today is to “customize” code to target a specific organization or industry 1 1 Data Breach: Cost Data Breach: Compromise to Discovery 50 Minutes 0% In 2008 the average cost per data breach 40 Hours 8% incident in the United States was $6.7 million.
    [Show full text]
  • Identity Theft Glossary
    Identity Theft Glossary •Account takeover: An account takeover is when a fraudster uses personal information to ​ ​ obtain products and services. Credit card fraud is the most rampant, but skimming and phishing are also common types of account takeovers. •Anti-virus: Anti-virus software runs continuously in the background of a computer and ​ ​ scans for viruses, worms and malware every time the user accesses a website or downloads anything. •Bait and switch: A bait and switch attack is when a hacker buys advertising space on a ​ ​ webpage and then links the advertisement to a page infected with malware. •Black hat hacker: All hackers are capable of compromising computer systems and creating ​ ​ malware, but black hat hackers use these skills to commit cybercrimes. •Blockchain: A blockchain is a string of time-stamped digital records shared between ​ ​ multiple computers. If the data in one block changes, all subsequent blocks in the blockchain reflect the alteration and become invalid. Blockchains help prevent identity theft and fraud by making it difficult to tamper with the data in a block. •Bot: Short for “robot,” a bot is an autonomous program that interacts with computer ​ ​ systems in a way that appears or attempts to appear human. Hackers can use bots to mine for usernames and passwords used to commit identity fraud. •Cookie theft: Cookie theft is when a cybercriminal makes copies of unencrypted session ​ ​ data and then uses that data to impersonate someone else. •Credential cracking: Credential cracking describes the various methods — word lists, ​ ​ guessing and brute-force — cybercriminals use to obtain passwords. Credential cracking threats are why it’s important to create varied and complicated passwords for all accounts.
    [Show full text]