Basic of Cybersecurity and

Cyber Attacks
Dr. Ravirajsinh S. Vaghela
What Is The CIA Triad
The three letters in "CIA triad" stand for Confidentiality, Integrity, and
Availability. The CIA triad is a common model that forms the basis
for the development of security systems. They are used for finding
vulnerabilities and methods for creating solutions.

The confidentiality, integrity, and availability of information is crucial

to the operation of a business, and the CIA triad segments these
three ideas into separate focal points. This differentiation is helpful
because it helps guide security teams as they pinpoint the different
ways in which they can address each concern.

Ideally, when all three standards have been met, the security profile
of the organization is stronger and better equipped to handle threat
incidents.
Confidentiality refers to

Confidentiality refers to protecting information from unauthorized access. Maintaining

confidentiality helps achieve multiple important goals, including ensuring privacy and avoiding
ransomware attacks.
1. Confidentiality
Confidentiality involves the efforts of an organization to make sure data is kept secret or
private. To accomplish this, access to information must be controlled to prevent the
unauthorized sharing of data—whether intentional or accidental. A key component of
maintaining confidentiality is making sure that people without proper authorization are
prevented from accessing assets important to your business. Conversely, an effective
system also ensures that those who need to have access have the necessary privileges.

For example, those who work with an organization’s finances should be able to access
the spreadsheets, bank accounts, and other information related to the flow of money.
However, the vast majority of other employees—and perhaps even certain
executives—may not be granted access. To ensure these policies are followed, stringent
restrictions have to be in place to limit who can see what.
There are several ways confidentiality can be compromised

❏ This may involve direct attacks aimed at gaining

access to systems the attacker does not have the
rights to see.
❏ It can also involve an attacker making a direct
attempt to infiltrate an application or database so
they can take data or alter it.
❏ These direct attacks may use techniques such as
man-in-the-middle (MITM) attacks, where an
attacker positions themselves in the stream of
information to intercept data and then either steal
or alter it.
❏ Some attackers engage in other types of network
spying to gain access to credentials.
❏ In some cases, the attacker will try to gain more
system privileges to obtain the next level of
clearance.
Not all violations of confidentiality are intentional

However, not all violations of confidentiality are intentional. Human error or insufficient security
controls may be to blame as well.
For example, someone may fail to protect their password—either to a workstation or to log in
to a restricted area. Users may share their credentials with someone else, or they may allow
someone to see their login while they enter it.
In other situations, a user may not properly encrypt a communication, allowing an attacker to
intercept their information. Also, a thief may steal hardware, whether an entire computer or a
device used in the login process and use it to access confidential information.
To fight against confidentiality breaches, you can classify and label restricted data, enable access
control policies, encrypt data, and use multi-factor authentication (MFA) systems.
It is also advisable to ensure that all in the organization have the training and knowledge they
need to recognize the dangers and avoid them.
1. Encryption Algorithms
AES (Advanced Encryption Standard): Widely used symmetric-key encryption
standard for protecting data at rest and in transit.
RSA (Rivest-Shamir-Adleman): An asymmetric encryption algorithm used to
encrypt and securely exchange keys.
ECC (Elliptic Curve Cryptography): A more efficient alternative to RSA, offering the
same level of security with shorter keys.
Hybrid Encryption: Combines asymmetric encryption (for key exchange) with
symmetric encryption (for bulk data encryption), often used in protocols like
SSL/TLS.
2. Secure Communication Protocols
SSL/TLS (Secure Sockets Layer / Transport Layer Security): Provides
encryption for data transmitted over networks like the web (HTTPS).

VPNs (Virtual Private Networks): Encrypt internet traffic, masking users'

identities and locations while providing a secure connection to private networks.

SSH (Secure Shell): Used for secure remote access to servers, ensuring
confidentiality of the data exchanged between the client and server.
3. Data Masking and Tokenization
Involves replacing sensitive data with
fictitious, but realistic data.

It allows you to use real-world values

without exposing sensitive
information.
Tokenization:

Replaces sensitive
information with tokens
that are meaningless to
unauthorized users but
can be mapped back to
original data when
needed.
4. Access Control Mechanisms
Role-Based Access Control (RBAC): Ensures that only authorized users can
access specific data or systems based on their roles.

Attribute-Based Access Control (ABAC): Grants access based on attributes

(e.g., user location, time of access) rather than roles.

Multifactor Authentication (MFA): Adds an extra layer of protection by requiring

more than one method of verification (something you know, something you have,
or something you are).
5. Blockchain Technology

Blockchain uses decentralized ledgers

and cryptographic techniques to secure
transactions.

It’s gaining attention in data

confidentiality because of its inherent
ability to ensure data integrity and
prevent unauthorized access.
6. Data Loss Prevention (DLP) Tools

DLP solutions monitor and

control data transfers
across endpoints, networks,
and storage to ensure that
sensitive information is not
inadvertently or maliciously
exposed.
[Link]
searchsecurity/tip/Top-7-dat
a-loss-prevention-tools
7. Zero Trust Architecture

In a Zero Trust model, no one (inside or outside the organization) is trusted by

default. Identity verification is required for every user, device, and application
trying to access a system or resource, regardless of where the request originates.
8. Homomorphic Encryption

Allows computations to be performed on encrypted data without needing to

decrypt it. This is particularly useful in cloud computing and data sharing while
maintaining confidentiality.
9. Obfuscation and Anonymous Communication

Tor (The Onion Router): Enables anonymous internet communication by routing

traffic through multiple layers of encryption, masking the user’s location.

VPN: As mentioned earlier, provides a secure and private connection to the

internet by masking the user's IP address.
10. File Integrity and Hashing

SHA (Secure Hash Algorithms): Generate a unique hash for a file or message,
ensuring its integrity. If the data is altered, the hash will change, revealing potential
tampering.

HMAC (Hash-based Message Authentication Code): Used to verify the integrity

and authenticity of a message by combining a cryptographic hash function with a
secret key.
12. Data Anonymization and Pseudonymization
Anonymization: The process of removing personally identifiable information (PII)
from data, making it impossible to trace back to an individual.

Pseudonymization: Replaces PII with artificial identifiers to ensure that data can’t
be linked to a specific person without additional information.
2. Integrity
Integrity involves making sure your data is trustworthy and free from tampering.
The integrity of your data is maintained only if the data is authentic, accurate,
and reliable.

For example, if your company provides information about senior managers on

your website, this information needs to have integrity. If it is inaccurate, those
visiting the website for information may feel your organization is not trustworthy.
Someone with a vested interest in damaging the reputation of your organization
may try to hack your website and alter the descriptions, photographs, or titles of
the executives to hurt their reputation or that of the company as a whole.
Integrity
Compromising integrity is often done intentionally.

An attacker may bypass an intrusion detection system (IDS), change file configurations to allow unauthorized access, or alter the
logs kept by the system to hide the attack. Integrity may also be violated by accident. Someone may accidentally enter the wrong
code or make another kind of careless mistake. Also, if the company’s security policies, protections, and procedures are
inadequate, integrity can be violated without any one person in the organization accountable for the blame.

To protect the integrity of your data, you can use hashing, encryption, digital certificates, or digital signatures.

For websites, you can employ trustworthy certificate authorities (CAs) that verify the authenticity of your website so visitors know
they are getting the site they intended to visit.

A method for verifying integrity is non-repudiation, which refers to when something cannot be repudiated or denied.

For example, if employees in your company use digital signatures when sending emails, the fact that the email came from them
cannot be denied. Also, the recipient cannot deny that they received the email from the sender.
Integrity
Even if data is kept confidential and its integrity maintained, it is often useless unless it is available to those in the
organization and the customers they serve.

This means that systems, networks, and applications must be functioning as they should and when they should.

Also, individuals with access to specific information must be able to consume it when they need to, and getting to the
data should not take an inordinate amount of time.

If, for example, there is a power outage and there is no disaster recovery system in place to help users regain access
to critical systems, availability will be compromised.

Also, a natural disaster like a flood or even a severe snowstorm may prevent users from getting to the office, which
can interrupt the availability of their workstations and other devices that provide business-critical information or
applications.

Availability can also be compromised through deliberate acts of sabotage, such as the use of denial-of-service (DoS)
attacks or ransomware.
Integrity
To ensure availability, organizations can use redundant networks, servers, and
applications.
These can be programmed to become available when the primary system has
been disrupted or broken.
You can also enhance availability by staying on top of upgrades to software
packages and security systems.
In this way, you make it less likely for an application to malfunction or for a
relatively new threat to infiltrate your system.
Backups and full disaster recovery plans also help a company regain availability
soon after a negative event.
Cryptographic Hash Functions
SHA (Secure Hash Algorithms): Algorithms like SHA-256, SHA-3, and SHA-512
are widely used to create unique hashes for data. Even a small change in the
input results in a completely different hash, ensuring that data has not been
altered.

MD5 (Message Digest Algorithm 5): Historically used for hashing, though it's
now considered less secure due to vulnerabilities that allow hash collisions.

RIPEMD (RACE Integrity Primitives Evaluation Message Digest): A family of

cryptographic hash functions that provide integrity checks.
2. Message Authentication Codes (MACs)

HMAC (Hash-based Message Authentication Code): Combines a cryptographic hash function with a secret
key to ensure data integrity and authenticity. It's often used in network protocols to verify data has not
been altered.

CMAC (Cipher-based Message Authentication Code): Similar to HMAC but uses symmetric key algorithms
like AES.
3. Digital Signatures

RSA Digital Signature: Uses public-key cryptography for creating a signature that can be verified by anyone, ensuring
that the data has not been tampered with.

DSA (Digital Signature Algorithm): A Federal Information Processing Standard for creating and verifying digital
signatures.

ECDSA (Elliptic Curve Digital Signature Algorithm): A variant of DSA that uses elliptic curve cryptography for more
efficient and secure signatures.
4. Checksums

CRC (Cyclic Redundancy Check): A simple error-detecting code commonly used

in network communications and storage to detect changes in data.

Fletcher's Checksum: A more robust checksum algorithm used in situations

where higher integrity is needed, though it's slower than CRC.
5. Blockchain Technology

Blockchain's Distributed Ledger: Every transaction on a blockchain is hashed

and stored across multiple nodes, ensuring that data integrity is preserved even in
decentralized environments.

Merkle Trees: Used in blockchain to efficiently verify the integrity of data by

creating a binary tree of hashes, making it easy to detect any tampering.
6. Version Control Systems
Git: A distributed version control system that tracks changes to files, ensuring that
previous versions of the data are available and verifiable. Git hashes each commit,
providing a way to check for integrity.

Subversion (SVN): Another version control system that ensures the integrity of
files and directories in collaborative environments.
7. End-to-End Encryption (E2EE)
Transport Layer Security (TLS/SSL): Provides integrity checks along with
confidentiality during data transmission, ensuring that data has not been altered
while in transit.

PGP (Pretty Good Privacy): Used to encrypt and verify the integrity of email
messages, ensuring they have not been tampered with.

An email-related certification that signifies security against spoofing is called a DMARC (Domain-based
Message Authentication, Reporting, and Conformance) record; it essentially acts as a standard to verify
the authenticity of emails sent from a specific domain, preventing malicious actors from sending emails
appearing to be from that domain.
8. File Integrity Monitoring Tools

AIDE (Advanced Intrusion Detection Environment): A file integrity monitoring system

that checks for unauthorized changes to files and directories, ensuring system integrity.

Tripwire: A commercial software used for monitoring and ensuring file integrity by
detecting and alerting about any unauthorized modifications.

[Link]
Availability
Availability

Goal: Ensure that the data and services are always accessible and operational.

Threats: Availability can be compromised by attacks like Denial of Service (DoS),

Distributed Denial of Service (DDoS), hardware failures, or network outages.

Focus: Making sure that disruptions (like downtime) are minimized, and systems
remain accessible even under adverse conditions.
Attack on Availability
Denial of Service (DoS) Attack:

Imagine a website for an online store is being targeted by a DDoS attack, where a large number of fake traffic
requests are sent to overwhelm the server and make it unavailable to legitimate users.

In this case, the availability of the site is compromised because users can’t access the online store. The organization
may use firewalls, load balancers, or anti-DDoS technologies (like Cloudflare or AWS Shield) to mitigate such attacks
and ensure continuous availability.

Cloud Service Outage:

Cloud platforms, such as Amazon Web Services (AWS) or Microsoft Azure, are used to host applications and data. If
these services experience a downtime due to a network failure or hardware issues, the availability of applications
hosted on the platform is impacted.

To address this, businesses often implement strategies like failover systems (where backup servers or sites take over
if the primary site fails) and redundancy (where critical systems and data are duplicated in different locations to
prevent a single point of failure).
Technologies and Methods to Ensure Availability:
Load Balancing: Distributes network traffic across multiple servers to ensure that no single server is overwhelmed, helping
maintain consistent availability even during peak traffic periods.

Redundancy: Critical systems, such as servers and storage, can be duplicated (using RAID configurations, for example) to ensure
that if one component fails, the backup takes over without affecting availability.

Backup Systems: Regular backups are vital to ensure that data is not lost in case of failures, and services can be quickly restored
to full operation.

Disaster Recovery (DR) Plans: Plans and systems in place to quickly recover services in the event of a catastrophic failure (e.g., a
natural disaster or hardware crash).
Load Balancing:

Distributes incoming network traffic across multiple servers to prevent any single server from becoming a bottleneck or point of failure.

DNS-based Load Balancing (e.g., AWS Route 53) – Uses DNS to direct users to different data centers based on proximity, availability, or load.

Application Load Balancers (e.g., HAProxy, Nginx, AWS ELB) – Acts as a reverse proxy and forwards requests to multiple backend servers based
on various load-balancing algorithms.

How it Ensures Availability: If one server fails or becomes slow, the load balancer redirects traffic to healthy servers, ensuring the application remains
available.
Clustering:

Combines multiple servers (or nodes) to work together as a single system.

Database Clustering (e.g., MySQL Cluster, PostgreSQL Replication) – Databases are replicated across multiple servers
to ensure availability and scalability.

Web Server Clusters (e.g., Apache, Nginx with backend servers) – Web servers are clustered, so if one web server fails,
the others can handle the load.

How it Ensures Availability: Clusters can handle server failures by redistributing tasks to healthy nodes, ensuring service
continuity.
Failover Mechanisms:
Automatically switches to a redundant or standby
system in case the primary system fails.
Heartbeat/Corosync (for Linux clusters) – Monitors
nodes in a cluster and automatically triggers failover to
a backup node if the primary node fails.
Virtual IP Failover (e.g., Keepalived, Pacemaker) –
Virtual IPs can float between servers; if one server fails,
the IP is assigned to another server to minimize
downtime.
How it Ensures Availability: Ensures that if one
system goes down, its workload is immediately taken
over by another, maintaining service availability.
Data Replication and Mirroring:

Keeps copies of data across multiple servers or locations.

Database Replication (e.g., MySQL Replication, MongoDB Replica Sets) – Copies data to
multiple databases in different locations to provide redundancy.
Distributed File Systems (e.g., GlusterFS, Ceph) – Provides replicated file storage that
automatically copies data to multiple nodes to prevent data loss in case of node failure.
How it Ensures Availability: If one data center or server fails, the data is still available from the
replica, ensuring continuity.
Distributed Systems:

Purpose: Distributes data and application logic across multiple nodes,

making sure there's no single point of failure.

Kubernetes and Docker Swarm – These container orchestration

platforms can manage application containers and ensure that if one
container fails, a new one is automatically spun up to take its place.

Apache Kafka – A distributed event streaming platform where partitions of

data are replicated across multiple brokers, ensuring the system remains
available even if some brokers fail.

How it Ensures Availability: By spreading workloads across multiple nodes

and providing automatic failover, distributed systems can continue
operating even if part of the infrastructure fails.
Content Delivery Networks (CDNs):
Purpose: Distributes copies of static content (like images, videos, etc.) to multiple
geographical locations.

CDNs (e.g., Cloudflare, Akamai, AWS CloudFront) – Store copies of content at

edge servers globally. Users are directed to the nearest available server.

How it Ensures Availability: Even if one server or region goes down, users are
routed to another server, maintaining availability for static content.
Leader Election Algorithm:
Purpose: Used in distributed systems to elect a leader node that will manage
critical tasks and make decisions. If the leader fails, a new leader is elected.
Algorithm
Paxos – A consensus algorithm used for ensuring that a group of computers
agrees on a single leader and can continue functioning correctly in the event of
failure.
Raft – A simpler consensus algorithm that ensures high availability by electing a
leader to coordinate updates in a cluster of nodes.
How it Ensures Availability: It helps distributed systems make decisions about who
will be responsible for managing tasks in case of node failures.
Quorum-Based Voting Algorithm:
Purpose: Used in systems where multiple replicas are involved (such as
databases) to ensure consistency and availability.
Algorithm Examples:
Quorum-based Replication (e.g., Cassandra, MongoDB) – Requires a majority of
nodes (quorum) to agree on a transaction or change before it is considered
successful.
How it Ensures Availability: This allows systems to tolerate some node failures
while still being able to process requests as long as a majority of replicas are
available.
Consistent Hashing:
Purpose: Used for efficiently distributing data across multiple servers or nodes,
even as the number of nodes changes.
Algorithm:
Consistent Hashing (used in distributed caching systems like Memcached) –
Ensures that data is distributed evenly across servers and minimizes disruption if
a node is added or removed.
How it Ensures Availability: It helps maintain data availability and reduces the
need for rebalancing when nodes are added or removed, ensuring that user
requests are still served.
Heartbeat Algorithm:
A periodic check to determine whether a node or server is alive or has failed.

How it Ensures Availability: If a failure is detected (through missed heartbeats),

failover mechanisms are triggered to redirect the workload to another node,
ensuring that the system remains operational.
AAA in Information Security
AAA in Information Security
AAA stands for authentication,
authorization, and accounting.
AAA is a framework for intelligently
controlling access to computer
resources, enforcing policies,
auditing usage, and providing the
information necessary to bill for
services. These processes working
in concert are important for effective
network management and security.
Authentication

Authentication involves a user providing information about who they are. Users
present login credentials that affirm they are who they claim. As an identity and
access management (IAM) tool, a AAA server compares a user’s credentials with
its database of stored credentials by checking if the username, password, and
other authentication tools align with that specific user.

The three types of authentication include something you know, like a password,
something you have, like a Universal Serial Bus (USB) key; and something you
are, such as your fingerprint or other biometrics.
Authorization

Authorization follows authentication. During authorization, a user can be granted privileges to

access certain areas of a network or system.
The areas and sets of permissions granted a user are stored in a database along with the user’s
identity.
The user’s privileges can be changed by an administrator.
Authorization is different from authentication in that authentication only checks a user’s identity,
whereas authorization dictates what the user is allowed to do.
For example, a member of the IT team may not have the privileges necessary to change the
access passwords for a company-wide virtual private network (VPN). However, the network
administrator may choose to give the member access privileges, enabling them to alter the VPN
passwords of individual users. In this manner, the team member will be authorized to access an
area they were previously barred from.
Accounting

Accounting keeps track of user activity while users are logged in to a network by
tracking information such as how long they were logged in, the data they sent or
received, their Internet Protocol (IP) address, the Uniform Resource Identifier
(URI) they used, and the different services they accessed.

Accounting may be used to analyze user trends, audit user activity, and provide
more accurate billing. This can be done by leveraging the data collected during the
user’s access. For example, if the system charges users by the hour, the time logs
generated by the accounting system can report how long the user was logged in to
the router and inside the system, and then charge them accordingly.
Why Is The AAA Framework Important In Network Security?
AAA is a crucial part of network security because it limits who has access to a system and keeps track of their activity.
In this way, bad actors can be kept out, and a presumably good actor that abuses their privileges can have their
activity tracked, which gives administrators valuable intelligence about their activities.

There are two main types of AAA for networking: network access and device administration.

Network access

Network access involves blocking, granting, or limiting access based on the credentials of a user. AAA verifies the
identity of a device or user by comparing the information presented or entered against a database of approved
credentials. If the information matches, access to the network is granted.

Device administration

Device administration involves the control of access to sessions, network device consoles, secure shell (SSH), and
more. This type of access is different from network access because it does not limit who is allowed into the network
but rather which devices they can have access to.
Types Of AAA Protocols
There are several protocols that incorporate the elements of AAA to ensure identity security.

Remote authentication dial-In user service (RADIUS)

RADIUS is a networking protocol that performs AAA functions for users on a remote network using a client/server model. RADIUS simultaneously provides authentication and
authorization to users trying to access the network. RADIUS also takes all AAA data packets and encrypts them, providing an extra level of security.

RADIUS works in three phases: the user sends a request to a network access server (NAS), the NAS then sends a request for access to the RADIUS server, which responds
to the request by either accepting it, rejecting it, or challenging it by asking for more information.

Diameter

The Diameter protocol is a AAA protocol that works with Long-Term Evolution (LTE) and multimedia networks. Diameter is an evolution of RADIUS, which has long been used
for telecommunications. However, Diameter is custom-designed to optimize LTE connections and other kinds of mobile networks.

Terminal access controller access-control system plus (TACACS+)

Similar to RADIUS, TACACS+ uses the client/server model to connect users. However, TACACS+ enables more control regarding the ways in which commands get
authorized. TACACS+ works by providing a secret key known by the client and the TACACS+ system. When a valid key is presented, the connection is allowed to proceed.

TACACS+ separates the authentication and authorization processes, and this differentiates it from RADIUS, which combines them. Also, TACACS+, like RADIUS, encrypts its
AAA packets.
 Financial Fraud with Various type of Ponzi
Schemes
[Link]
[Link]
[Link]

[Link]

[Link]
CloneJournalsGroupIINew

[Link]
m-tracker/

[Link]
currency-scams
Investment Scams - Pyramid Schemes

Pyramid schemes require participants to recruit new investors

and earn commissions based on the investments made by their
recruits. The focus is on recruiting new members rather than
selling legitimate products or services. As the pyramid grows
larger, it becomes unsustainable, and the majority of participants
end up losing their money.

Modus Operandi

❏ Promise of easy money and quick profits

❏ Focus on recruiting new participants
❏ Entry fees or product purchases required for entry
❏ Emphasis on recruitment rather than genuine product
sales
❏ Illusion of legitimacy with deceptive marketing techniques
❏ Participants earn commissions based on recruitment
levels
❏ Reliance on continuous recruitment for sustainability
❏ Collapse when recruitment slows down, causing financial
losses
 [Link]

Differential aspect Ponzi Scheme Pyramid Scheme

Structure and Operation A single person or entity (the "Ponzi operator") Participants are encouraged to recruit
convinces investors to invest their money by new members into the scheme.
promising high returns.

Focus of Recruitment The primary focus is on attracting new investors The emphasis is on recruitment and
and convincing them to invest their money expanding the participant base.

Returns on investment/ It does not involve any legitimate The funds collected from new
Revenue generation revenue-generating activity. The funds collected participants are used to pay
from new investors are used to pay returns to commissions & bonuses to existing
earlier investors, creating the illusion of profits. participants. The products or services
offered are often of little value or merely
a front to legitimize the scheme.
Romance Scams & “Pig-Butchering” Operations
In romance scams, the scammer forms a romantic relationship with the victim, typically through dating or
social media apps. These relationships often develop extremely quickly, with the scammer professing love
early in the relationship. Scammers use various manipulative techniques to build trust. Once the scammer
has developed a hold on the victim, they claim to need money for any number of reasons, including to visit
the victim, assist a sick family member, or help with another financial hardship. The scammer claims they
need the funds urgently, convinces the victim to send funds using cryptocurrency, and upon receiving
them, is never heard from again.

In pig butchering scams, victims are approached on dating, social media, or messaging apps and lured
into making larger and larger investments. The term “pig-butchering” is based on the practice of fattening a
hog before slaughter. At first, the scammer will make sure to post what looks like a gain on the investment.
The scammer may even allow the victim to withdraw money once or twice to convince them the
investment is safe and induce them to invest more additional funds—sometimes hundreds of thousands of
dollars. At that point, the victim’s funds have been stolen by the scammer. The victim’s pleas for the return
of their funds result only in demands for more money, often in fabricated taxes and fees.
How to Spot and Avoid a Romance or “Pig-Butchering” Scam:

❏ Tell the person that you don’t have any money to invest right now; if they
disappear, they were probably trying to scam you.
❏ Relationships that develop quickly are a scam warning sign, especially if the
person asks for money or refuses to video chat.
❏ Try using a reverse image search to see if the person is using someone else’s
photo.
❏ If you’re asked to pay taxes and fees to withdraw your money, it is likely a
scam.
❏ Use extreme caution when considering large cryptocurrency investments.
❏ If an investment seems too good to be true, it probably is.
Impersonation Scams
In an impersonation scam, scammers pose as law enforcement, the IRS, pension
agencies, utility companies, established businesses, financial institutions, or
similar organizations. Under these guises, scammers create a false sense of
urgency by claiming that the victim needs to settle debts (e.g., pay taxes or an
outstanding bill).
How to Spot and Avoid an Impersonation Scam:

Remember, no company, government agency, or other entity will demand payment

in cryptocurrency.
If someone tells you that the only accepted payment method is cryptocurrency,
they are almost certainly a scammer.
If you get a call from someone who claims you owe a debt, contact the published
customer service phone number of the agency or business to confirm the identity
of the caller and whether there is in fact an outstanding debt.
It’s risky to send cryptocurrency using a kiosk and can be expensive. Think twice
before doing it.
Chit Fund Scams

Chit funds are a popular savings scheme in India, but many fraudulent chit funds
have surfaced where organizers disappear with the pooled money, leaving
investors with huge losses.
Banking Fraud (Phishing/ Vishing)

Scammers impersonate banking officials or send fake emails/messages to obtain

sensitive banking information, such as account numbers, OTPs, or credit/debit
card details. Fake emails or SMS claiming to be from a bank asking customers to
verify their account information, which is then used for unauthorized transactions.
Credit/Debit Card Skimming

Fraudsters use skimming devices at ATMs or card-swiping machines to steal card

details. This information is then used to make fraudulent purchases or
withdrawals. Instances of ATM fraud across cities where people lost money after
their card information was cloned using skimming devices.
 Investment Scams - Fake Investment Funds
Fake Investment Funds:

Scammers may create fictitious investment funds, claiming to have professional fund
managers and promising high returns. They may use fake testimonials, impressive
websites, and fabricated performance reports to convince individuals to invest. Once
funds are deposited, the scammers disappear or make it difficult for investors to
withdraw their money.

Modus Operandi

Contact: Scammers reach out to potential victims through unsolicited emails, social
media messages, or online ads.

Trust Building: They establish credibility by impersonating reputable professionals or

companies and using false credentials or testimonials.

Promises: Scammers offer unrealistic returns on investments to entice victims,

playing on their desire for quick and substantial profits.

Investment Request: They persuade victims to invest money, often through large
initial deposits or encouraging recruitment of others.

Illusion of Success: Scammers provide falsified account statements to create the

impression of profitable investments.

Delaying Withdrawals: When victims try to withdraw funds, scammers use various
tactics to delay or refuse withdrawals.

Disappearance: Eventually, the scammers vanish with the collected funds or shut
down the scheme to avoid detection.
Cryptocurrency Scams:

With the growing popularity of cryptocurrencies, scammers take advantage of

individuals' interests and lack of knowledge in the field. Common cryptocurrency
scams include fake Initial Coin Offerings (ICOs), Ponzi schemes disguised as
cryptocurrency investments, fraudulent cryptocurrency exchanges, and phishing
attacks targeting.

Blockara Company, based in Rajkot, Gujarat, orchestrated a massive cryptocurrency scam,

defrauding over 8,000 investors of approximately Rs 300 crore. The company lured individuals by
launching a cryptocurrency called TABC and promising daily returns of Rs 4,000 on an investment
of Rs 4.25 lakh, with a maturity payout exceeding Rs 12 lakh. They further enticed investors by
claiming that TABC's value would surge to $300, leading to potential profits in crores. To gain trust,
the perpetrators organized meetings and Zoom calls across multiple locations, including Mumbai
and various five-star hotels. After two years of false assurances, the company's founders and
associates have absconded, leaving investors devastated.
Crypto and Online Trading Scams

With the rise of cryptocurrencies, many fraudulent schemes have emerged where
scammers promise high returns on crypto investments or run fake exchanges to
steal users’ funds.
Loan App Scams

Fraudulent loan apps offer quick loans at high interest rates. These apps then
harass borrowers for repayment, using abusive tactics, or steal personal data.
Employment and Online Job Scams

Scammers offer fake job opportunities that require the payment of registration fees or upfront training costs. After the

payment is made, the job offer never materializes.

Online Shopping Scams

Fraudulent online shopping websites or platforms take payments but do not deliver
the goods or services as promised. These scams often occur on lesser-known
websites or via social media advertisements.
Insurance Scams

Scammers sell fake insurance policies, particularly life or health insurance, to

unsuspecting individuals. These policies are worthless, and no payout is received
when a claim is made.
Fake Loan Schemes

Fraudsters offer attractive loan schemes with low interest rates, particularly
targeting people with poor credit histories. They demand an advance fee or
processing charges but never provide the loan.
Charity and Donation Scams

Fraudsters pose as representatives of charitable organizations, particularly during

natural disasters or crises, to solicit donations that they pocket instead of using
them for the stated cause. Fake charitable organizations that collect funds during
natural calamities like floods or cyclones.
Lottery and Prize Scams

Victims receive calls, emails, or messages stating they have won a lottery or prize
and are asked to pay taxes or processing fees before receiving the winnings. In
reality, there is no prize.

The “KBC Lottery” scam, where people receive fake calls claiming to have won a
large sum from Kaun Banega Crorepati, but are asked to pay a processing fee.
Real Estate Scams

Fraudsters sell property that either doesn’t exist or isn’t legally owned by them.
Buyers invest large sums in such projects, only to find out later that they have
been duped. The Adarsh Housing Society scam in Mumbai, where flats meant for
war widows were sold to politicians and bureaucrats through fraudulent means.
Pension Scams

Fraudsters target retirees and pensioners, offering fake pension schemes or

asking them to provide sensitive details under the guise of pension verification,
which are then used for identity theft or unauthorized transactions.
Telecom and SIM Swap Scams

Fraudsters obtain a duplicate SIM card by impersonating the victim, allowing them
to intercept OTPs and gain access to the victim’s bank accounts.
Initial Coin Offerings (“ICOs”) are the cryptocurrency equivalent of an initial public offering
for stocks. Investors in an ICO are invited to buy a new cryptocurrency from, or get a
stake in, a company representing a project. This, on its face, is not necessarily a scam.
However, scammers may use ICOs as an opportunity.
One type of ICO scam, commonly referred to as a “pump and dump” scheme, involves a
scammer convincing many people to invest in an ICO to drive up the price of the coin.
The scammer then quickly sells off all their own holdings, thereby destroying the value of
the coin and leaving the rest of the investors with nothing.
Investing in a new coin is inherently risky as most coins have no real value. Investment
fraud involving cryptocurrency, such as ICOs, rose by nearly 200% from $907 million in
2021 to $2.57 billion in 2022, according to the FBI’s annual Internet Crime Report.
[Link]

[Link]
n-and-accounting/

[Link]
L/Content/802.1X%20Authentication/About_AAA.htm
[Link]

[Link]