Types of fraud and cybercrime

Cybercrime is a priority for Cambridgeshire Constabulary with numerous incidents happening across the whole county. There are many different types of cybercrime but the types commonly seen are detailed below:

Computer virus/malware/spyware


  • A virus is a computer program that can replicate itself and spread from one computer to another by using code. It is usually sent over a network/the internet or introduced to a computer on a disk drive or memory device. Malware/spyware can also collect information or data from infected devices and pass them onto another device.

Example:

  • Phishing and spam techniques are usually heavily exploited during the Christmas period, whereby emails are sent containing details of a fake order which appears to have been sent by a legitimate company, however the email addresses for the companies are spoofs. The payment method is always described as having taken place by credit card, with details of a fake transaction number. It then states that you can find more detailed information on the purchase in the attached file - many people are falling victims to opening the attachment as they can't remember placing an order and therefore want to find out more.
  • Pop-ups and 'malvertising' (fake advertising) spread viruses when clicked on. Sometime these can be telling you that you have won a prize, that you need to install anti-virus software on your computer, or are just emails from unknown senders.

Denial of service attacks and personal hacking


  • A denial of service attack, or distributed denial of service attack is an attempt to make a website or email address unavailable to its users. These types of attacks bring these networks down by flooding them with useless traffic.
  • Computer Hacking is the unauthorised modification of the contents of any computer. It is usually committed by people unlawfully accessing the computer, but it can be committed by people with lawful access to the computer as well. It is the deliberate targeting of a specific computer by the offender.

Example:

  • A large number of victims tend to be businesses, however, political figures are also sometimes targeted by criminals who disagree with their opinions and initiatives.
  • Often victims of this type of crime will have clicked on a link or opened an attachment within an email from an unknown source. Clicking on these releases a virus which can take over your email account, website, social media accounts etc and send other spam messages or viruses to your contacts.

Server hacking


  • Computer hacking is the deliberate targeting and unauthorised modification of a specific server. It is usually committed by people illegally accessing the server, but it can be committed by people with lawful access to the server as well.

Example:

  • Significant trends this year include supermarket and retailer loyalty schemes and online accounts as well as art and photography websites.
  • A variety of attacks were seen including business websites or databases being accessed and personal or financial information being stolen or deleted as well as attempts to take intellectual property. Others resulted in the large scale deployment of spam to business contacts with some attempting to divert payments from clients to alternative bank accounts.

Hacking - social media and email


  • The deliberate targeting of a specific email or social media account by the offender in order to make unauthorised modification of its contents, irrespective of whether they have lawful or unlawful access to the computer that they use to commit the offence. It relates to all individual online accounts, irrespective of whether they are business or personal accounts, for example Hotmail, Yahoo, Twitter and Facebook. The offence is not limited to desk or laptop computers and can include any device using operating software accessible online, for example games consoles and smart phones.
Example:
  • Cases where spam emails have been distributed to contacts are most likely the result of a virus and the account is most likely under the control of a botnet, a network of 'robot' software that can be run without the need for human input. The most common type of spam email states that the victim is lost or hurt abroad and requires funds immediately.
  • Recent reports of cybercrime indicate that members of the public are being targeted through the use of email hacking. This diverts payments such as direct debits for insurance or phone bills to the criminal's bank account.

Hacking - PBX dial through


  • A private branch exchange (PBX) hack is a remote attack on telephone systems that contain features such as call forwarding, voicemail and diverts. Fraudsters target these systems to commit dial-through fraud as they can generate a significant income by calling their own premium rate numbers using the PBX systems they have compromised.

Example:

  • Attacks are made when businesses are most vulnerable - during times when the business is closed but the telephone lines are not: early mornings, evenings, weekends and bank holidays.

Hacking - extortion

  • This occurs when there is an unwarranted demand with menaces (blackmail) attached to any computer hacking or threat of a computer hacking.

Example:

  • The gaming community is the target of hacking extortion with victims subjected to a number of extortion demands which the criminal claimed would prevent continuous harassment. In other cases, games have been taken over and hackers demanded money to unblock their access.
  • Websites have also been hacked with site content altered and victims denied access until they have paid the suspect. In some cases, this has occurred as a result of failed business negotiations.

For more information about the different types of fraud visit Action Fraud's A-Z of fraud or see the Little Book of Big Scams.

Search Cambridgeshire Constabulary