NESTA Crime Online - University of Brighton Repository

More documents

Recommendations

Info

Appendix Glossary for cybercrime (The definitions in this glossary were gleamed from numerous sources including the BBC News and Wikipedia.) 1) Adware: unwanted programs that, once installed, bombard users with unwanted adverts. Often those pushing the adware programs get paid for every machine they manage to recruit. Some adware poses as fake computer security software, and it can be very hard to remove. 2) Blackhat hackers: also known as ‘Crackers’, are hackers, who use their skills for explicitly criminal or malicious ends. They penetrate systems and often modify and/or destroy data. The terms used to refer to writers of destructive viruses or those that use attacks to knock websites offline. Now it is likely to refer to those that steal credit card numbers and banking data with viruses or by phishing. 3) Botnet: the word is generally used to refer to a collection of compromised computers (called ‘zombie’ computers or ‘bots’— as abbreviation of ‘robots’) running software, usually installed via worms, Trojan horses, or backdoors, under a common command & control infrastructure, controlled by a single person. The majority of these computers are running Microsoft Windows operating systems, but other operating systems can be affected. The biggest botnets can have tens of thousands of hijacked computers in them. Recent research suggests they can be hired from as little as 4 cents per machine. 4) Botnet herder: one of the names for the controller or operator of a botnet. 5) Carder: someone who steals or trades exclusively in stolen credit card numbers and their associated information. 6) Cash-out: a euphemism for stealing money from a bank account or credit card to which someone has gained illegal access. Hackers who grab credit card data often do not possess the skills or contacts to launder the money they can steal this way. Page 92
7) Click fraud: also called pay-per-click fraud –the practice of artificially inflating traffic statistics to defraud advertisers or websites that provide venues for advertisers. Click fraud is the subject of some controversy and increasing litigation due to the advertising networks being a key beneficiary of the fraud. 8) Crackers: see definition of blackhat hackers. 9) CVV2: is a three or four digit value that is uniquely derived for each credit card and is found at the back of the card. It is a new authentication procedure established by credit card companies to further efforts towards reducing fraud for internet transactions, since it attempts to verify to the merchant that the cardholder does in fact have the card in his or her possession. 10) DDoS: abbreviation for Distributed Denial of Service. This is an attack in which thousands of separate computers, which are usually part of a botnet, bombard a target with bogus data to knock it off the net. DDoS attacks have been used by extortionists who threaten to knock a site offline unless a hefty ransom is paid. 11) Drop services: online money laundry service, where someone sets up anonymous mailboxes and has people send goods purchased with stolen card details for a certain fee, and then ship it off to the customer. 12) Exploit: a bug or vulnerability in software that malicious hackers use to compromise a computer or network. Exploit code is the snippet of programming that actually does the work of penetrating via this loophole. 13) Fast flux: is a technique used by botnets to hide phishing and malware delivery sites behind an ever-changing network of compromised hosts acting as proxies. This sophisticated technique is used to hide the location of criminal servers, complicating the process of tracking them down. The Storm worm is one of the recent malware variants to make use of this technique. Page 93
Page 1 and 2:
Research report: July 2009 Crime on
Page 3 and 4:
‘official’ statistics exist yet
Page 5 and 6:
Dynamic Capabilities The second com
Page 7 and 8:
economics (finance, micro-, macro-)
Page 9 and 10:
2.3 Cybercrime business models 73 2
Page 11 and 12:
we focus on financial cybercrime. O
Page 13 and 14:
measure all other statistical outpu
Page 15 and 16:
fraud. Their methodology is still b
Page 17 and 18:
opportunity for online theft of cre
Page 19 and 20:
However, the recent increase in fra
Page 21 and 22:
penalties for those who make fraudu
Page 23 and 24:
Source: Elaborated from CIFAS onlin
Page 25 and 26:
The rise of online and telephone ba
Page 27 and 28:
ecruitment marketplace for cybercri
Page 29 and 30:
Figure 6: Origin and destination of
Page 31 and 32:
corporate blackmail, spam attacks a
Page 33 and 34:
Nigerian criminal gangs in North Am
Page 35 and 36:
the fastest growing segments. Howev
Page 37 and 38:
2 Digital ecosystem Innovation stud
Page 39 and 40:
A digital business ecosystem is one
Page 41 and 42: actors, which are increasingly dist
Page 43 and 44: Figure 8: The cybercrime value chai
Page 45 and 46: tool is used by security and networ
Page 47 and 48: writers do not necessarily know how
Page 49 and 50: conceal this. Third, the device con
Page 51 and 52: Fraud on fraudster The most recent
Page 53 and 54: and facilitated by an explosion in
Page 55 and 56: The Storm botnet case study: the su
Page 57 and 58: accelerating on a monthly basis. Wi
Page 59 and 60: improvement and the introduction of
Page 61 and 62: that employees are more concerned a
Page 63 and 64: origin or signature or a presence o
Page 65 and 66: few simple words and a web link, wh
Page 67 and 68: web 2.0 sites (such as, social netw
Page 69 and 70: Source: John Leyden, “Trojan traw
Page 71 and 72: Cybercriminals find e-gold a conven
Page 73 and 74: ecosystem at various levels, creati
Page 75 and 76: expertise they need to perpetrate o
Page 77 and 78: are often offered for bulk purchase
Page 79 and 80: Crimeware-as-a-Service (CaaS): Para
Page 81 and 82: no dominant force. Unlike tradition
Page 83 and 84: is taken, priority is understandabl
Page 85 and 86: particularly good one, since consta
Page 87 and 88: outreach needs to be evaluated to e
Page 89 and 90: some of these firms may have adopte
Page 91: esilience must now surely be of con
Page 95 and 96: 20) Pharming: is a scamming practic
Page 97: Acknowledgements Numerous people as
show all

NESTA Crime Online - University of Brighton Repository

Create successful ePaper yourself

Delete template?

Save as template?