- Hits: 4997
The following paper discusses how cyber crime arises through social engineering and how people fall victims of the crime. Over the last twenty years, we have been having a number of brilliant minds and technological sciences that have been transforming the communication ability of man and this has been fuelled by the use of the internet, which was invented a number of years ago. The internet has hence made a very powerful means of communication around the entire globe. The internet has therefore brought about efficiency in communication by the click of a mouse. In that case, the internet has hence become the most important thing in communication utility. For instant, the internet has been used in sending emails and messaging, hence phasing out things like telephones as well as faxes. This has been a key thing in the promotion of business operations around the entire world (Kevin 46). The internet has also ensured fast communication making it very easy and quick for people from different geographical areas to connect with their relatives and friends and businesspersons with their customers around the world (Ann 36). Nevertheless, it is very true that the internet has also come with a number of complex problems and issues. Looking at it, social engineering is the main problem that has come about with the internet and its development for communication purposes (Jackson 14). In that case, social engineering has been able to define this highly growing cyber-space issues and phenomenon, and in it, crimes have occurred that are punishable.
Definition of Social Engineering: When does it become a Crime?
Social engineering has been over the years used to refer to the practices applied or used by many people in an attempt to obtain confidential data and information of different people or organizations by the use or manipulating the legitimate users (Boyington 16). Taking the social aspect of the term, we will see there is the social focus, which is mainly not aimed at the confidentiality of the information, but aimed entirely on how such unscrupulous people are able to trick other internet users in order to acquire useful information that would be used to manipulate some transactions (Boyington 21). In that case, social engineering becomes a crime when one tries to deceive people using the information to give out relevant information so that they can use such information for their own benefits. The deception may go to an extent that fraudsters may decide to commit bank frauds or attempting wire frauds and these carry a minimum of 20 years imprisonment.
Nature of social Engineering: How do we fall victims?
There are ways and methods through which a person may launch social engineering into the website or for a given individual. One way through which such a thing can happen is when we are sending files or messages though emails and chat rooms. For instance, Phishing is an example of social engineering. This method is used in attempts to convince the internet users who use emails or chats to give them online information through the submission of website forms that are nothing but stratagems to lure the people to submit their most useful data and information. In many cases, the phisers tend to create a number of fraudulent site which are designed as if they were legitimate and in such a case, they are extremely able to encourage all new users to give out sensitive information such as bank account details and so on (Kevin 77).
It is very easy to tell when you are a victim of Phishing. For example, one may start getting messages luring him to some good deals after signing in to some site or filling certain form in the internet. Such people tend to have such forms giving good deals such as relationships, scholarships and so on. In that case, there can be passive and active attacks on the e-mail and hence all internet users should be much aware of such internet traps. In order to control this, some internet experts urge people to report spam and ensure that it is activated to absorb some of these messages, which may be luring users into providing out their information that may result in blackmails (Boyington 32).
There are a number of examples of such tricks concerning social engineering. For example, there were the spread of Windows Live Hotmail for customers last year. In that case, the customers were exposed on to a 3rd party site as a means of Phishing (Jackson 46). This also affected many other users such as the e-mail services including Yahoo Mail and Google Mail. Another case was reported in U.S-Egypt Phishing whereby there was a scheme that was collecting information from a number of users and then defrauded a number of banks in the country (Ann 87). Hackers in Egypt have also captured necessary bank information and personal details and then supplied the information to their accomplices in the United States so that they would withdraw the money and after that, they were to wire a portion to Egypt. It therefore appears that the list for such schemes will continue getting longer and longer as the world continues to develop in technology and communication (Rohan 99). There are a number of ways of preventing these crimes. It would be necessary that techniques are invented that would target all tactics of cyber crime. This will ensure that personal information that pertains to a given individual is safeguarded. It is therefore necessary that we believe that education and technology would be paramount in ensuring that such effects of cyber crimes are protected from all malicious attacks. Face-book users have reported another example of Phishing as it continues to grow every day in terms of the users. This year alone, there are several times the site has been a subject of Phishing expeditions whereby there have been attempts of getting its users sharing their Bank account information so as to help crooks access their bank accounts for money transfers (Leyden 31).
Viruses have also been used as part of this strategy in the acquisition of useful information for crimes. Some of these viruses are very effective in providing mechanisms necessary for cyber crime in social engineering (Boyington 45). An example of such viruses was the I Love You Virus, also known as the Love Bug was used as a catalyst for Phishing, since it was activated in such a way that it would relay information stored in the internet (Leyden 56). We have been having many cyber-crimes, and a good example is the cyber attacks of Feb 2000 when commercials websites such as CNN, Yahoo, eBay and Amazon were hacked resulting in detail for customer services. There were also the RIAA and Napster litigations of Dec 1999, which are examples of Cyber Crime (Jackson 76).
When Does Social Engineering Become A Crime?
Social Engineering will pass a given threshold whereby it will be considered to be a crime. This is especially when one gets people vital information and aims to use the information to carry out transaction such as getting money from people’s accounts and making cash transfers. These are serious crimes and are highly punishable in the country and all other countries around the world. There have been a legislation to deal with cyber crime. The Department of Justice has been continually providing guidance to all prosecutors as well as investigators for working with complex strategies, practical as well as procedural elements for all computer crime issues and cases. The legislations being needed should provide legal rights as well as obligations that would be helpful to have law enforcements in the procedures of the law.
The major legislations that have been put in place are: Prosecutorial Remedies and Tools against Exploitation of Children Today Act, PRTAECTA, aimed in ensuring that children are not exploited through internet information (Boyington 36). The other one is the Homeland Security Act, and was passed in 2002. There is also the Cyber Security Enhancement Act of 2002 (Leyden 76). The other one is the Patriot Act, which gives guidance upon any computer crime as well as any electronic evidence in the USA Patriot Act (Leyden 78). These legislations are more or less similar to those in other countries around the globe aimed at dealing with cyber crimes. In that case, Cyber Crime is punishable just like other crime that has been committed without the use of computer technologies. The culprits can face similar years in prison as well as attracting very high fines.
There are a number of pending cases in the country concerning Cyber Crime. In terms of companies, we will see that such companies can get an arbitration or litigation. This would include the sourcing of other independent means whereby a third party is sourced to help in the arbitration. The third party is usually the arbitrator and will help in solving the case in the event there is a something concerning cyber crime that should be solved. This is so because companies should be able to provide means of securing their data and information. Such companies have to be excessively vigilant in protecting sensitive data that may be accessed by hackers (Ann 56).
Social Engineering and the Media
For years, there has not been much reporting of Cyber Crime in the media houses. Such reports are only given out in case of a malicious virus that has been spread, and this is done to ensure that many people are informed about its effects. Although, it will also be noted that there are a number of media that report such crimes and issues related to Cyber Crimes like magazines and journals. Once such information reaches the people, it would be necessary in making many people aware of social engineering as a major problem that need the attention of the entire global community. The Face book representatives reported an event whereby people were being lured into providing information about their accounts so that the information would be used in accessing their Bank Accounts (Roth 76).
There are other cases of such crimes like the one between the U.S. and Egypt already mentioned in this paper. Several crimes have been reported and hence this has played a key role in keeping all people informed about social engineering. Generally, it will be agreed that the media will be needed to play a grand role in educating people on the issues of social engineering so that no one falls a victim of cyber crime. For now, the media is not doing much, only some Discovery Channels and some journals, which have been giving such information. This should be a duty that should be done to curb such crimes around the globe.
It would be appropriate that we were come up with key measures that would be extremely useful in containing Phishing and cyberspace crimes. These can be used by anyone in ensuring that no one fall a victim. In order to deal with social engineering, it would be necessary that we are keen whenever we are to provide any kind of information on a site. This is so because this is where many people fall victims. The most important should also be the use of anti-viruses that are updated regularly because such hackers and cyber criminals have been known to use viruses and malicious files in their operations. It would also be necessary that some messages in emails are not opened if their sources are doubtable. That way we will be able to curb such crimes. Again, once the fraudsters are noted, it should be important that necessary legal actions are taken on them so that they can be example to others. There are groups using the internet who fall victims of social engineering. We may begin with such people who have registered in some Chat rooms via the internet. This is so because such sites may require detailed information about an individual and hence such information may be used otherwise. Also, some people who have been in search for scholarships and lovers in the internet tend to be conned into deals, which see them exploited later.
In summary, this paper has discussed some of the ways through which people fall victims of cyber crime. There is also a keen analysis on what rate such a cyber crime can be a crime which is punishable by law. The paper also gives the legislation put in place to deal with cyber crime and how such legislations vary around the globe. There is also a discussion of some of the crimes and cases that have been reported and how the law has handled them. There is also a discussion of cyber crime and its relationship with the media and the duties of the media in creating awareness to the people about social engineering.
Finally, this research will be useful if all people understand some of these issues and some of the key measures they should put in place so that they would never become victims of social engineering. This means that the information of this research will be quite useful to all internet users as well as the government and other key players such as business people and any other social groups using the internet. In that case, if I were to undertake this study once again, I would make sure I investigate keenly on the viruses, how they lead to deception in giving out information and how they can be easily prevented so that people do not become victims of cyber crimes.
I also feel that the government will have to enact a law that would ensure that any crime concerning Cyber Crime is highly punishable and highly fined. This is so because the issues of cyber crime have been very immense and many people and organization have lost billions of cash and earnings due to the same. This will be also put in place due to the increasing effects of cyber crimes being met. The other thing is that technology should be embraced so that new security mechanisms are used in computing systems and internet provision, which would help in curbing social engineering as a source of cyber crime.
Ann, M. The Social Work Experience: The Internet. New Jersey: Prentice Hall, 2009.
Benard, K. The Future of Technology and Communication. Oxford: Oxford University Press, 2008.
Boyington, G. Computer Viruses: Human Threat. New York: Bantam Books, 2001.
Jackson, J. Nobody Is Safe: Internet Use and Business Operations. Cambridge: Cambridge University Press, 2006.
Kevin, L. Internet: Secure Usage. California: Mitnick Security Publishing, 2004.
Knetzger, M. Investigating High-Tech Crime. New Jersey: Prentice Hall, 2008.
12 Dec, 2001. 17 June, 2008. <http://www.msnbc.msn.com/id/33831349/ns/technology_and_science-security/?>
Long, J. No Tech Hacking – A Guide to Social Engineering, Dumpster Diving. New York: Syngress Publishing Inc, 2009.
Mann, I. Hacking the Human: Social Engineering Techniques and Security Countermeasures. New York: Gower Publishing Ltd, 2008.
Roth, M. Organized Crime. New Jersey: Prentice Hall, 2001.