Cybercrime: Mobile

and
Wireless Devices
Ms. Padmavati E Gundgurti
Assistant Professor
CSE
BVRIT HYDERABAD
Contents
 Introduction
 Proliferation of Mobile and Wireless Devices
 Trends in Mobility
 Credit card Frauds in Mobile and Wireless Computing Era
 Security Challenges Posed by Mobile Devices
 Registry Settings for Mobile Devices
 Authentication service Security
 Attacks on Mobile/Cell Phones.

22
Contents
 Mobile Devices:
 Security Implications for Organizations,
 Organizational Measures for Handling Mobile,
 Organizational Security Policies and Measures in Mobile Computing Era,
 Laptops.

3
Introduction
 Understand the security challenges presented by
mobile devices and information systems access in the
cybercrime world.
 Understand challenges faced by the mobile workforce
and implication under the cybercrime era
 Mitigation strategy – credit card users.

 Security issues due to use of media players

 Organizational security implications with electronic gadgets
 Organizational measures for protecting information systems from threats in mobile
computing area.
 Smishing, vishing attacks in mobile world.
 Security issues arising due to use of removable media- pen drives
Proliferation of mobile and wireless devices
 You see them everywhere: people hunched over their smartphones or tablets
in cafes, airports, supermarkets and even at bus stops, seemingly oblivious
to anything or anyone around them.

 They play games, download , go shopping or check their bank balances on

the go.

 They might even access corporate networks and pull up a document or two
on their mobile gadgets.

5
Mobile computing
• Mobile computing is “taking a computer and all necessary files and software
out into the field.” Many types of mobile computers have been introduced
since 1990s.

• They are as follows:

1. Portable computer: It is a general-purpose computer that can be easily
moved from one place to another, but cannot be used while in transit,
usually because it requires some “setting-up” and an AC power source.

6
2. Tablet PC: It lacks a keyboard, is shaped like a
slate or a paper notebook and has features of a
touch screen with a stylus and handwriting
recognition software.

3. Internet tablet: It is the Internet appliance in tablet

form. Unlike a Tablet PC, the Internet tablet does
not have much computing power and its
applications suite is limited. Also it cannot replace a
general-purpose computer. The Internet tablets
typically feature an MP3 and video player, a Web
browser, a chat application and a picture viewer.
7
4. Personal digital assistant (PDA): It is a small, usually
pocket-sized, computer with limited functionality. It is
intended to supplement and synchronize with a desktop
computer, giving access to contacts, address book, notes, E-
Mail and other features.

5. Ultramobile PC: It is a full-featured, PDA-sized

computer running a general-purpose operating
system (OS).

6. Smartphone: It is a PDA with integrated cell phone

functionality. Current Smartphones have a wide range of
features and installable applications.
8
7. Carputer: It is a computing device installed in
an automobile. It operates as a wireless
computer, sound system, global positioning
system (GPS) and DVD player. It also
contains word processing software and is
Bluetooth compatible.

8. Fly Fusion Pen top computer: It is a

computing device with the size and shape of a
pen. It functions as a writing utensil, MP3
player, language translator, digital storage
device and calculator
9
Trends in Mobility
 To be successful in the future, mobility manufacturers must stay on top of
technological advances and trends.
 As vehicles become smarter and more automated, vast amounts of
technology will be needed to upshift user experience.
 Big Data and IoT
 Decentralized Computing Models
 Connected Apps
 Artificial Intelligence in automotive
 Digital Factory

10
Popular types of attacks against 4G mobile
networks
1. Malwares, viruses and worms: Although many users are still in the
transient process of switching from 2G to 3G, 3G to 4G it is a growing
need to educate the community people and provide awareness of such
threats that exist while using mobile devices.

 Skull Trojan: It targets Series 60 phones equipped with the Symbian

mobile OS.

 Mosquito Trojan: It affects the Series 60 Smart phones and is a cracked

version of “Mosquitos” mobile phone game.

11
 Cabir Worm: It is the first dedicated mobile-phone worm; infects
phones running on Symbian OS and scans other mobile devices to send a
copy of itself to the first vulnerable phone it finds through Bluetooth
Wireless technology. The worst thing about this worm is that the source
code for the Cabir-H and Cabir-I viruses is available online.

 Brador Trojan: It affects the Windows CE OS by creating a svchost.exe

file in the Windows start-up folder which allows full control of the
device. This executable file is conductive to traditional worm
propagation vector such as E-Mail file attachments (refer to Appendix
C).

12
 Lasco Worm: It was released first in 2005 to target PDAs and mobile
phones running the Symbian OS. Lasco is based on Cabir’s source code
and replicates over Bluetooth connection.
2. Denial-of-service (DoS): The main objective behind this attack is to make
the system unavailable to the intended users. Virus attacks can be used to
damage the system to make the system unavailable.
3. Overbilling attack: Overbilling involves an attacker hijacking a
subscriber’s IP address and then using it (i.e., the connection) to initiate
downloads that are not “Free downloads” or simply use it for his/her own
purposes. In either case, the legitimate user is charged for the activity
which the user did not conduct.

13
4. Spoofed policy development process (PDP): These types of attacks
exploit the vulnerabilities in the GTP [General Packet Radio Service
(GPRS) Tunneling Protocol].

5. Signaling-level attacks: The Session Initiation Protocol (SIP) is a

signaling protocol used in IP multimedia subsystem (IMS) networks to
provide Voice Over Internet Protocol (VoIP) services. There are several
vulnerabilities with SIP-based VoIP systems.

14
Credit card Frauds in Mobile and Wireless
Computing Era
 In this modern era, the rising importance of electronic gadgets – which
became an integral part of business, providing connectivity with the internet
outside the office – brings many challenges to secure these devices from
being a victim of cyber crime.
 These Credit card frauds and all are the new trends in cybercrime that are
coming up with mobile computing – mobile commerce (M- COMMERCE)
and mobile banking ( M-Banking).
 Today belongs to ” Mobile computing” that is anywhere any time computing.

15
 The developments in wireless
technology have fueled this new mode
of working for white collar workers.
This is true for credit card processing
too.

 Credit card (or debit card) fraud is a

form of identity theft that involves an
unauthorized taking of another’s credit
card information for the purpose of
charging purchases to the account or
removing funds from it.
16
• Debit/credit card fraud is thus committed when a person fraudulently
obtains, takes, signs, uses, sells, buys, or forges someone else’s credit or
debit card or card information;
• uses his or her own card with the knowledge that it is revoked or expired or
that the account lacks enough money to pay for the items charged; and

• sells goods or services to

someone else with knowledge
that the credit or debit card
being used was illegally
obtained or is being used
without authorization.

17
Types of Credit Card Fraud:
• The first category, lost or stolen cards, is a relatively common one, and
should be reported immediately to minimize any damages.

• The second is called “account takeover” — when a cardholder unwittingly

gives personal information (such as home address, mother’s maiden name,
etc.) to a fraudster, who then contacts the cardholder’s bank, reports a lost
card and change of address, and obtains a new card in the soon-to-be victim’s
name.

• The third is counterfeit cards — when a card is “cloned” from another and
then used to make purchases.
18
In Asia Pacific, 10% to 15% of fraud results from malpractices such as card
skimming but this number has significantly dropped from what it was a couple
of years prior, largely due to the many safety features put in place for payment
cards, such as EMV chip.
• The fourth is called “never received” — when a new or replacement card
is stolen from the mail, never reaching its rightful owner.
• The fifth is fraudulent application— when a fraudster uses another
person’s name and information to apply for and obtain a credit card.
• The sixth is called “multiple imprint”— when a single transaction is
recorded multiple times on old-fashioned credit card imprint machines
known as “knuckle busters”.

19
• The seventh is collusive merchants — when merchant employees work with
fraudsters to defraud banks.

• The eighth is mail order/telephone order (MO/TO) fraud, which now

includes e-commerce, and is the largest category of total payment card fraud
in Asia-Pacific, amounting to nearly three-quarters of all fraud cases.
The payments industry is working tirelessly to improve card verification and
security programs to prevent fraud in so-called “card-not-present” transactions
online or via mail order and telephone transactions.

20
Precaution:
• Incorporating a few practices into your daily routine can help keep your
cards and account numbers safe.

• For example, keep a record of your account numbers, their expiration dates
and the phone number to report fraud for each company in a secure place.

• Don’t lend your card to anyone — even your kids or roommates — and
don’t leave your cards, receipts, or statements around your home or office.
When you no longer need them, shred them before throwing them away.

21
Other fraud protection practices include:
• Don’t give your account number to anyone on the phone unless you’ve made
the call to a company you know to be reputable. If you’ve never done
business with them before, do an online search first for reviews or
complaints.

• Carry your cards separately from your wallet. It can minimize your losses if
someone steals your wallet or purse. And carry only the card you need for
that outing.

• During a transaction, keep your eye on your card. Make sure you get it back
before you walk away.
22
• Never sign a blank receipt. Draw a line through any blank spaces above
the total.
• Save your receipts to compare with your statement.
• Open your bills promptly — or check them online often — and reconcile
them with the purchases you’ve made.
• Report any questionable charges to the card issuer.
• Notify your card issuer if your address
changes or if you will be traveling.
• Don’t write your account number on the
outside of an envelope.

23
Security
Challeng
es Posed
by
Mobile
Devices

24
 Some well-known technical challenges in mobile security are:
 managing the registry settings and configurations,
 authentication service security,
 cryptography security,
 Lightweight Directory Access Protocol (LDAP) security,
 remote access server (RAS) security,
 media player control security,
 networking application program interface (API),
 security etc.

25
Registry Settings for Mobile Devices
• Microsoft ActiveSync is meant for synchronization with Windows-
powered personal computers (PCs) and Microsoft Outlook.
• ActiveSync acts as the gateway between Windows-powered PC and
Windows mobile powered device, enabling the transfer of applications such
as Outlook information, Microsoft Office documents, pictures, music,
videos and applications from a user’s desktop to his/her device.
• In addition to synchronizing with a PC, ActiveSync can synchronize
directly with the Microsoft exchange server so that the users can keep their
E-Mails, calendar, notes and contacts updated wirelessly when they are
away from their PCs.

26
• Registry setting becomes an important issue given the ease with which
various applications allow a free flow of information.

• Thus, establishing trusted groups through appropriate registry settings

becomes crucial.

• One of the most prevalent areas where this attention to security is

applicable is within “group policy.” Group policy is one of the core
operations that are performed by Windows Active Directory.

27
Authentication Service Security
• There are two components of security in mobile computing: security of
devices and security in networks.
• A secure network access involves mutual authentication between the
device and the base stations or Web servers.
• This is to ensure that only authenticated devices can be connected to the
network for obtaining the requested services.
• No Malicious Code can impersonate (imitate) the service provider to trick
the device into doing something it does not mean to. Thus, the networks
also play a crucial role in security of mobile devices.

28
• Some eminent kinds of attacks to which mobile devices are subjected to are:
push attacks, pull attacks and crash attacks.
• Authentication services security is important given the typical attacks on
mobile devices through wireless networks: DoS attacks, traffic analysis,
eavesdropping, man-in-the- middle attacks and session hijacking.

29
Pull
Attac
k
30
Push
Attack

31
Crash
Attack
Attacks on Mobile/Cell
Phones

33
• Mobile phones have become an integral part of everybody's life and the
mobile phone has transformed from being a luxury to a bare necessity. 
• Theft of mobile phones has risen dramatically over the past few years. 
• Since huge section of working population in India use public transport,
major locations where theft occurs are bus stops, railway stations and
traffic signals. 
• Many Insurance Companies have stopped offering Mobile Theft Insurance
due to a large number of false claims.
• When anyone looses his/her mobile phone, more than anything “Contact
List” and “Personally Identifiable Information (PII)”, that really matter, are
lost
• One might have just thought that his/her cell phone is much safer than a
PC that is very often attacked by viruses; however, criminals made this
thought as false statement. 

• After PC, the criminals’ (i.e., attackers’) new playground has been cell
phones, reason being the increasing usage of cell phones and availability
of Internet using cell phones. 

• Another reason is increasing demand for Wi-Fi zones in the metropolitans

and extensive usage of cell phones in the youths with lack of
awareness/knowledge about the vulnerabilities of the technology.
Mobile Viruses
• A mobile virus is similar to a
computer virus that targets mobile
phone data or applications/ software
installed in it. 
• Virus attacks on mobile devices are
no longer an exception or proof-of-
concept nowadays.
• In total, 40 mobile virus families and
more than 300(+) mobile viruses
have been identified. 

36
• First mobile virus was identified in 2004 and it was the beginning to
understand that mobile devices can act as vectors to enter the computer
network.
• Mobile viruses get spread through two dominant communication protocols
– Bluetooth and MMS. 
• Bluetooth virus can easily spread within a distance of 10–30 m, through
Bluetooth- activated phones 
• MMS virus can send a copy of itself to all mobile users whose numbers
are available in the infected mobile phone’s address book.

37
How to Protect from Mobile Malwares
Attacks
• Download or accept programs and content (including ring tones, games,
video clips and photos) only from a trusted source.
• If a mobile is equipped with Bluetooth, turn it OFF or set it to non-
discoverable mode when it is not in use and/or not required to use.
• If a mobile is equipped with beam (i.e., IR), allow it to receive incoming
beams, only from the trusted source.
• Download and install antivirus software for mobile devices.

38
Mishing
• Mishing is a combination of mobile and Phishing. 
• Mishing attacks are attempted using mobile phone technology.
• M-Commerce is fast becoming a part of everyday life. If you use your
mobile phone for purchasing goods/services and for banking, you could be
more vulnerable to a Mishing scam. 
• A typical Mishing attacker uses call termed as Vishing or message (SMS)
known as Smishing. 
• Attacker will pretend to be an employee from your bank or another
organization and will claim a need for your personal details. 
• Attackers are very creative and they would try to convince you with different
reasons why they need this information from you.
Vishing
• Vishing is the criminal practice of using social engineering over the
telephone system, most often using features facilitated by VoIP, to gain
access to personal and financial information from the public for the purpose
of financial reward. 

• The term is a combination of V – voice and Phishing. 

• Vishing is usually used to steal credit card numbers or other related data
used in ID theft schemes from individuals. 

40
• The most profitable uses of the information gained through a Vishing
attack include:
• ID theft;
• purchasing luxury goods and services;
• transferring money/funds;
• monitoring the victims’ bank accounts;
• making applications for loans and credit cards.

41
42
Smishing
• Smishing is a criminal offense conducted by using social engineering
techniques similar to Phishing. 
• The name is derived from “SMS PhISHING.” 
• SMS can be abused by using different methods and techniques other than
information gathering under cybercrime. 
• Smishing uses cell phone text messages to deliver a lure message to get the
victim to reveal his/her PI. 
• Smishing works in the similar pattern as Vishing.

43
• The popular technique to “hook” (method used to actually “capture” your information)
the victim is either provide a phone number to force the victim to call or provide a
website URL to force the victim to access the URL, wherein, the victim gets connected
with bogus website (i.e., duplicate but fake site created by the criminal) and submits
his/her PI.


44
45
Hacking Bluetooth
• Bluetooth is an open wireless technology standard used for
communication (i.e., exchanging data) over short distances (i.e., using
short length radio waves) between fixed and/or mobile device. 
• Bluetooth is a short-range wireless communication service/technology
that uses the 2.4- GHz frequency range for its
transmission/communication. 
• The older standard – Bluetooth 1.0 has a maximum transfer speed of 1
Mbps (megabit per second) compared with 3 Mbps by Bluetooth 2.0. 

46
• When Bluetooth is enabled on a device, it essentially broadcasts “I’m here, and
I’m able to connect” to any other Bluetooth-based device within range.

• This makes Bluetooth use

simple and straightforward, and
it also makes easier to identify
the target for attackers.

• The attacker installs special

software [Bluetooth hacking
tools] on a laptop and then
installs a Bluetooth antenna.

47
• Whenever an attacker moves around public places, the software installed
on laptop constantly scans the nearby surroundings of the hacker for
active Bluetooth connections.

• Once the software tool used by the attacker finds and connects to a
vulnerable Bluetooth- enabled cell phone, it can do things like download
address book information, photos, calendars, SIM card details, make long-
distance phone calls using the hacked device, bug phone calls and much
more.

48
Mobile Devices: Security Implications for
Organizations
Managing Diversity and Proliferation of Hand-Held Devices
• Cybersecurity is always a primary concern to Most organizations
• Most organizations fail to see the long-term significance of keeping track of
who owns what kind of mobile devices.
• Mobile devices of employees should be registered to the organization.
• When an employee leaves, it is important to remove logical and physical
access to organization networks.
• Thus, mobile devices that belong to the company should be returned to the IT
department and, at the very least, should be deactivated and cleansed.

49
Unconventional/Stealth Storage
Devices
• Compact disks (CDs) and Universal Serial Bus (USB) drives (also called
zip drive, memory sticks) used by employees are the key factors for cyber
attacks.
• As the technology is advancing, the devices continue to decrease in size
and emerge in new shapes and sizes –storage devices available nowadays
are difficult to detect and have become a prime challenge for organizational
security.
• It is advisable to prohibit the employees in using these devices.
• Not only can viruses, worms and Trojans get into the organization network,
but can also destroy valuable data in the organization network.

50
• Organization has to have a policy in place to block these ports while
issuing the asset to the employee.
• Employees can connect a USB/small digital camera/MP3 player to the
USB port of any unattended computer and will be able to download
confidential data or upload harmful viruses.
• As the malicious attack is launched from within the organization, firewalls
and antivirus software are not alerted.
• Using “DeviceLock” software solution, one can have control over
unauthorized access to plug and play devices

51
Threats through Lost and Stolen Devices
• This is a new emerging issue for cybersecurity.
• Often mobile hand-held devices are lost while people are on the move.
• Lost mobile devices are becoming even a larger security risk to
corporations.
• A report based on a survey of London’s 24,000 licensed cab drivers quotes
that 2,900 laptops, 1,300 PDAs and over 62,000 mobile phones were left in
London in cabs in the year 2001 over the last 6-month period.
• Today this figure (lost mobile devices) could be far larger given the greatly
increased sales and usage of mobile devices.

52
• The cybersecurity threat under this scenario is scary; owing to a general
lack of security in mobile devices, it is often not the value of the hand-
held device that is important but rather the content that, if lost or stolen,
can put a company at a serious risk of sabotage, exploitation or damage
to its professional integrity, as most of the times the mobile hand-held
devices are provided by the organization.

• Most of these lost devices have wireless access to a corporate network

and have potentially very little security, making them a weak link and a
major headache for security administrators.

53
Protecting Data on Lost Devices
• There are two reasons why cybersecurity needs to protect the data when
device is lost :
1. data that are persistently stored on the device and
2. always running applications.
• For protecting data, there are two precautions to prevent disclosure of the
data stored on a mobile device:
1. encrypting sensitive data and
2. encrypting the entire file system

54
Organizational Measures for Handling Mobile
Encrypting Organizational Databases
• Critical and sensitive data reside on databases and with the advances in
technology, access to these data is possible through mobiles.
• Through encryption we can protect organization data.
• Two algorithms that are typically used to implement strong encryption of
database files: Rijndael (pronounced rain-dahl or Rhine-doll), a block
encryption algorithm, chosen as the new
• Advanced Encryption Standard (AES) for block ciphers by the National
Institute of Standards and Technology (NIST).

55
• The other algorithm used to implement strong encryption of database
files is the Multi Dimensional Space Rotation (MDSR) algorithm
developed by Casio.

• The term “strong encryption” is used here to describe these

technologies in contrast to the simple encryption.

• Strong encryption means that it is much harder to break, but it also has
a significant impact on performance.

56
Organizational Security Policies and
Measures in Mobile Computing Era
Importance of Security Policies relating to Mobile Computing Devices
• Growth of mobile devices used makes the cybersecurity issue harder than
what we would tend to think.
• People (especially, the youth) have grown so used to their mobiles that
they are treating them like wallets!
• For example, people are storing more types of confidential information on
mobile computing devices than their employers or they themselves know;
they listen to music using their hand-held devices

57
• One should think about not to keep credit card and bank account
numbers, passwords, confidential E-Mails and strategic information
about organization.

• Imagine the business impact if mobile or laptop was lost or stolen,

revealing sensitive customer data such as credit reports, social
security numbers (SSNs) and contact information.

58
Organizational Policies for the Use of Mobile
Hand-Held Devices

There are many ways to handle the matter of creating policy for mobile
devices.
• One way is creating a distinct mobile computing policy.
• Another way is including such devices under existing policy.

59
Laptops
• Laptops, like other mobile devices, enhance the business functions.
• Their mobile access to information anytime and anywhere, they also pose a
large threat as they are portable.
• Wireless capability in these devices has also raised cybersecurity concerns
when the information being transmitted over other, which makes it hard to
detect.
• The thefts of laptops have always been a major issue, according to the
cybersecurity industry and insurance company statistics

60
• Cybercriminals are targeting laptops that are
expensive, to enable them to fetch a quick
profit in the black market.
• Most laptops contain personal and corporate
information that could be sensitive.
• Such information can be misused if found by
a malicious user.
• The following section provides some
countermeasures against the theft of laptops,
thereby avoiding cybersecurity exposures.

61
Physical security countermeasures
• Cables and hardwired locks: The most cost-efficient and ideal solution to
safeguard any mobile device is securing with cables and locks, specially
designed for laptops.
• Laptop safes: Safes made of polycarbonate – the same material that is
used in bulletproof windows, police riot shields and bank security screens
– can be used to carry and safeguard the laptops
• Motion sensors and alarms: Alarms and motion sensors are very efficient
in securing laptops.

62
4. Warning labels and stamps: Warning labels containing tracking
information and identification details can be fixed onto the laptop to deter
aspiring thieves. These labels cannot be removed easily and are a low-cost
solution to a laptop theft.
5. Other measures for Protecting laptops are as follows:
• keeping the laptop close to oneself wherever possible;
• carrying the laptop in a different and unobvious bag
• creating the awareness among the employees about the sensitive
information contained in the laptop;
• making a copy of the purchase receipt of laptop
• installing encryption software to protect information stored on the
laptop; 63
• using personal firewall software to block unwanted access and intrusion;
• updating the antivirus software regularly;
• tight office security using security guards and securing the laptop by locking
it down in lockers when not in use;
• never leaving the laptop unattended in public places
• disabling IR ports and wireless cards when not in use.
• Choosing a secure OS
• Registering the laptop with the laptop manufacturer to track down the laptop
in case of theft.
• Disabling unnecessary user accounts and renaming the administrator
account.
• Backing up data on a regular basis.
64
How to secure
Laptop

65
Thanks!
Any questions?

66