Credit car fraudsters mislead cyber crime investigators

By U Sudhakar Reddy
Credit card fraudsters are adopting newest methods to dupe the card holders to the tune of lakhs of rupees and to
mislead the cyber crime investigators. After stealing the card details by using wireless skimmers the online
criminals are using spoofing technique to produce proxy Internet Protocol address. This makes the job of cyber crime police tough and
the fraudsters are untraced. Cyber forensic expert of State Crime Investigation Department Mr U Ram Mohan says ,"there are several cases of credit card are reported with us. Out of around 50 cyber crime cases most of them are either credit card fraud or Nigerian cheating cases. At petrol pumps, restaurant, shopping malls and during online use of cards the details of
the card are stolen. They are using skimmers to copy the date when the card is handed over to them,"
The data is then used to for online shopping and online purchase of tickets. The cyber criminals are using blue tooth for transferring the
stolen card numbers.
Cyber crime police station inspector of police Mr Ravi Kumar Reddy said ,"In most cases registered with us the accused are using the credit card details for buying the air tickets. They are using spoofing technique so that the IP address is not traced,"
In one of the cases registered with the CID cyber crime police station the accused used IP spoofing. Though it is suspected that he had
purchased the tickets locally the IP address traced to Malaysia.
"when they buy domestic air tickets it is very difficult to trace. In the international tickets cases at least passport number help us to track the user of the ticket. In one of the case it tracked to a gulf unskilled
employee who said the agent had given him. We are yet to trace the person who actually stolen the credit card details and using spoofing," said an investigator. Cyber crime officials say that credit card holders shall always stay near when they are swiped.

Pak Cyber Army hacks Andhra Pradesh Sainik webstie

By U Sudhakar Reddy
The "Pakistan Cyber Army" which defaced the Central Bureau of Investigation’s website, also hacked into
the website of the Department of Sainik Welfare of government of Andhra Pradesh.
The website, www.apsainikwelfare.gov.in was hacked on December 5, the day after Pakistani cyber miscreants hacked into the CBI website. The web page related to financial grant report to retired army officials was defaced.
The Pakistan Cyber Army also posted the defaced web pages of the Sainik Welfare Department on social networking site, Facebook. It read that cyber security of Indian government’s websites was a myth and  claimed that it was done in retaliation to the hacking of Pakistani websites by Indian hackers.
On the defaced web page of the Sainik Welfare Department, the hacker left a message: "Hacked by Innocent Hacker". Government officials, however, retrieved the defaced web pages by evening.
Sainik Welfare Department director, Brigadier (retired) C.S. Vidyasagar told this correspondent: "The AP Sainikwelfare site is non classified. Anyone can access it from any part of the world. No classified information is put on the website. We are going to lodge a complaint with the Cyber Crime Police regarding defacing of the pages."
He added that the website is maintained by the Centre For Good Governance. "We are paying CGG for maintenance of the website as the department has no technical experts. After this incident we are definitely going to ask them to strengthen security," he said.
CBI, on the other hand, has failed to restore its website since it was hacked. Andhra Hackers, a group that takes up "ethical hacking", has been assisting the cyber police of the state to tackle the Pakistani hackers.
Meanwhile, the Crime Investigation Department, Cyber Crime Police, is currently being trained by Federal Bureau of Investigation (FBI) on various aspects of cyber security and investigation in the Ghaziabad CBI Academy. Additional superintendent of police, Mr U. Ram Mohan, and inspector of police, Mr Ravi Kumar Reddy, are being trained by the FBI along with other officers across the country.
The FBI training module began on Monday, two days after the CBI website was hacked into.

IP spoofing by Indian Mujahideen Terrorists

By U Sudhakar Reddy

Terrorists are spoofing Internet Protocol addresses to mask their true identity and to befuddle the police.
Pranksters and eve-teasers are also resorting to spoofing of IP address as well as email.
Police find it very difficult to crack such cases. For instance, Cyber Crime cops believe that the Indian Mujahideen mail, which landed after the recent blasts in Bengaluru and Ahmedabad may have been sent from a spoofed IP address.
The Commissioner of Police, Mr B. Prasada Rao, asked the public to be cautious about such mischief by cyber criminals.
“IP spoofing is one form of online camouflage,” said a cyber forensic expert. “An attacker gains unauthorised access to a computer or a network and sends the message by spoofing the IP address of that machine. It is like impersonation.” Sleuths have noted that fired employees, rivals, pranksters, hackers and junk mailers mostly use the spoof technique.
A senior police officer said that terrorists were using the new method since sleuths had traced them when they used internet cafes for chatting and mailing.
“Now they are spoofing IP address in addition to email spoofing to mislead the police,” he said.
Experts say IP spoofing attacks can be limited through network filtering at the router. Encryption and authentication will also reduce spoofing threats.
“In email spoofing falsified headers are used to mislead the recipient on the origin of message,” said an expert.
“This is mostly done by spammers. Sometimes users receive undelivered messages which they had never sent. This shows that the email was spoofed and a message was sent to others,” the expert said.