Lecture Notes on Cyber Frauds and Social Engineering

Introduction

• Discussion on personal losses due to cyber frauds.
• Emphasis on how certain events are driven by poor decision-making or lack of awareness.

Overview of Cyber Fraud

• Experience working with prime investigation agencies like the CBI.
• Trained high court justices in cyber crimes.
• Example of a significant fraud case cracked in Hyderabad involving 120 people.

Role of Technology in Fraud Detection

• Importance of technology teams in identifying and collecting incriminating evidence.
• Challenges faced by government authorities in mounting investigations and analyzing data.
• Need for experts who can handle structured and unstructured data.

Types of Cyber Frauds

• Social Engineering Attacks
  • Describe manipulation tactics used to deceive individuals.
  • Victims often targetted based on emotional vulnerabilities.
• Phishing
  • Various forms including spear phishing, which forges legitimacy to extract sensitive information.

Case Study: A Victim's Story

• Example of a housewife losing ₹10 lakh within a week due to a gambling mentality in a fake investment scheme.
  • The initial small transactions created trust, leading the victim into deeper financial loss.
  • Criminals exploited feelings of inadequacy and the desire to contribute financially.

Emotional Triggers in Fraud

• Psychology of Victims
  • Victims' need for financial contribution can lead to exploitation by fraudsters.
  • Criminals use trust, fear, and urgency to manipulate targets.
• Perpetrator's Mindset
  • Exploitation based on perceived vulnerabilities of the victims.

Spear Phishing and Other Tactics

• Personalization in attacks, such as impersonating authoritative figures (e.g., CFO).
• Importance of security protocols and training in organizations.
• The role of cyber ethics and recognizing the emergence of sophisticated attacks.

Trends in Cyber Crime

• Rising suicides linked to online loan scams, especially during COVID-19.
• Proliferation of deceptive loan apps masked as legitimate services in app stores.

Recommendations for Cyber Safety

• Education and Awareness
  • Importance of educating the public on cyber safety practices.
• Best Practices:
  • Report scams to national portals (e.g., National Cyber Crime Reporting Portal).
  • Use strong passwords and authenticate transactions.
  • Download applications only from trusted sources.

Conclusion

• Importance of vigilance and reporting suspicious activities.
• Need for continuous training and updates on cybersecurity measures for organizations and individuals alike.