Bez kategorii

(35): Other Cybercrimes from the series „35 Cybercrimes in Polish Criminal Law”

Judyta Kasperkiewicz

Here are the cybercrimes known to Polish criminal law, as well as other threats arising from the development of technology:

  1. Cyberattacks on organizations and individuals
    Crimes involving attacks on individuals or organizations to obtain personal data, money, or other resources. These attacks can include phishing, data fraud (e.g., credit card fraud), ransomware, and other forms of cyberattacks aimed at extorting money or blackmailing.
  2. Cybercrimes related to cryptocurrencies
    With the growing popularity of cryptocurrencies, new forms of cybercrimes related to theft or fraud involving these assets have emerged. For example, „pump and dump” scams with cryptocurrencies or the hijacking of cryptocurrency wallets.
  3. Illegal sale of personal data
    Using personal data in ways that are against the law, including selling it to third parties. This may involve selling databases, stealing personal data, or sharing it for marketing purposes or fraud.
  4. Terroristic use of technology
    Related to the use of the internet and technology for terrorist purposes, such as recruitment into terrorist organizations, organizing attacks, or propagating extremist content.
  5. Cybercrimes related to the Internet of Things (IoT)
    Breach of security on devices connected to the network, such as smart home devices, which can become targets for attacks (e.g., taking control of a house, car, or medical devices).
  6. Theft of intellectual property on the internet
    Using the internet to illegally copy, sell, or distribute works protected by copyright, such as movies, music, software, video games, etc.
  7. Illegal software (warez)
    Distributing illegal versions of software that have been copied or modified without the creator’s consent.
  8. Attacks on data management systems
    Conducting attacks aimed at manipulating data in data management systems (e.g., in public administration or the healthcare sector) for illegal benefits. Attacks on critical infrastructure.
  9. Malware such as adware and spyware
    Installing software on a victim’s computer to collect data about the user (e.g., logins, passwords, credit card numbers) or display unwanted ads (adware).
  10. Cyberbullying
    Crimes related to psychological violence, harassment, and other forms of online aggression, which can target individuals, social groups, organizations, or businesses.
  11. Malicious use of mobile device data
    Attacks involving unauthorized access to data stored on mobile devices (e.g., smartphones, tablets) to steal personal data, passwords, or access bank accounts.
  12. Use of technology for industrial espionage
    Cybercrimes related to stealing trade secrets and technologies that can be used in industrial espionage, e.g., intercepting confidential corporate documents or conducting technological research.
  13. Malicious use of surveillance systems
    Unauthorized use of surveillance systems, such as CCTV cameras, which may be installed for spying or malicious purposes.
  14. Use of advanced blackmail methods (e.g., sextortion)
    Online blackmail, including „sextortion,” which involves threatening to reveal compromising images or videos in exchange for money or other benefits.
  15. Crimes related to gaming machines (so-called „farming”)
    Using automated systems or software to manipulate results in online games or create farms within games for financial gain.
  16. Illegal use of online payment systems
    Fraud related to online payments, such as intercepting transactions, unauthorized changes to transactions, or using fake payment systems.
  17. Crimes related to blockchain
    Using blockchain technology for illegal activities, such as storing or transferring illegal assets (e.g., money laundering, terrorist financing).
  18. Use of artificial intelligence to commit crimes
    Manipulating data or taking harmful actions in cyberspace using AI technology, including automating fraud, creating deepfakes, or using algorithms for scams.
  19. Hindering access to public information
    Malicious actions aimed at blocking or manipulating access to public information on the internet, e.g., attacks on government systems to block or change public data.
  20. Malicious software actions in peer-to-peer (P2P) networks
    Sharing malicious software through P2P networks to infect other computers or steal data.
  21. Ransomware
    Malicious software that blocks access to a computer system or data and demands a ransom to unlock it. These attacks can affect individuals and organizations, including government institutions and public services.
  22. DNS Farming
    Attacks involving the manipulation of DNS (Domain Name System) records to redirect users to fake websites for stealing login credentials, passwords, credit card numbers, etc.
  23. Zombie Networks (Botnets)
    Creating a network of infected computers (zombies) to carry out various illegal activities, such as DDoS attacks, sending spam, stealing data, spreading malware, etc.
  24. Spoofing
    Impersonating another person, institution, or system to gain access to sensitive information, e.g., by falsifying an email address, phone number, or IP address. Common in phishing and fraud.
  25. Fake News (spreading misinformation, internet trolling)
    Intentionally creating and spreading false information to deceive the public, manipulate elections, create panic, or gain material or political benefits.
  26. Social Engineering
    Attacks that manipulate individuals into revealing confidential information or performing specific actions. It may include techniques such as phishing, vishing (phone scams), or pretexting (impersonating an authentic person to gather information).
  27. Theft of biometric data
    Stealing biometric data (e.g., fingerprints, retina scans, voice patterns) from security systems, databases, or mobile devices. Such data is harder to reset than traditional passwords, making it a valuable target for cybercriminals.
  28. Cyberattacks on medical devices
    Attacks aimed at gaining access to medical devices (e.g., patient monitoring devices, pacemakers, insulin pumps) to manipulate them or steal sensitive medical data.
  29. Deepfakes
    Creating fake images, videos, or sounds that attribute actions or words to people who did not say or do them. Often used in crimes such as financial fraud, blackmail, or spreading misinformation.
  30. Crimes related to online black market platforms
    Trade of illegal goods and services (e.g., drugs, weapons, fake documents, personal data) on anonymous networks (e.g., Dark Web). Criminals use these markets to exchange goods that are illegal in many countries.
  31. Abusing location data
    Using apps and devices to track users’ locations without authorization. This may include illegal collection of location data from mobile phones or GPS devices to access private location information.
  32. Attacks on facial recognition systems
    Manipulating or bypassing facial recognition technology used to gain access to restricted systems or private data without the owner’s consent.
  33. Manipulating search engine results
    Conducting activities to manipulate search results in search engines to gain financial benefits or deceive users on the internet.
  34. Violation of personal data confidentiality rules (GDPR)
    Breaking data protection laws, including sharing or selling personal data without the consent of the individual concerned or leaking it from the data protection system. This includes theft of sensitive data (e.g., health, financial data).
  35. Violation of privacy in mobile apps
    Illegally obtaining user data from mobile apps, such as personal data, browsing history, location, etc., by apps that do not adhere to proper privacy protection standards.
  36. Malicious use of metadata
    Extracting information from file metadata (e.g., photos, documents), which may include data about location, time, author, which could be used to violate privacy.
  37. Illegal use of P2P (peer-to-peer) apps
    Using P2P networks to distribute illegal files, including pirated copies of movies, music, software, video games, or other materials illegal under the law.
  38. Using cloud services to commit crimes
    Storing, sharing, and using data in the cloud (e.g., files, documents, videos) for illegal purposes, such as distributing illegal materials or storing data obtained through crimes.
  39. Illegal collection or manipulation of social media data
    Crimes related to using social media to steal personal data, create fake profiles, or conduct disinformation campaigns.
  40. Attacks on artificial intelligence systems
    Manipulating or carrying out attacks on AI systems, including autonomous vehicles or recommendation systems, to gain illegal benefits, such as fraud or sabotage.
  41. Using e-learning platforms for criminal purposes
    Using online educational platforms to spread illegal content, manipulate student data, or extort money from people seeking education.
  42. Cryptojacking (malicious cryptocurrency mining)
    Cybercriminals using victims’ devices (computers, servers, phones) to illegally mine cryptocurrencies. This type of attack may occur without the victim’s knowledge, causing high resource usage and significant device strain.
  43. Selling fake reviews or online opinions (opinion fraud)
    Criminals buying or selling fake reviews of products or services to manipulate the market or reputation of companies, products, and individuals online.
  44. Attacks on banking and financial systems (cyberbanking)
    Using techniques such as phishing, skimming, or man-in-the-middle attacks to gain access to victims’ bank accounts and carry out unauthorized transactions or steal funds.
  45. Political surveillance online
    Collecting data on political opponents, activists, or journalists to track their activities, manipulate public opinion, or exert pressure.
  46. Hacking to alter election results
    Using cyberattacks to manipulate election or referendum results, including attacks on electronic voting systems or manipulating results online.
  47. Criminal activities on crowdfunding platforms
    Frauds related to raising funds through crowdfunding platforms, where criminals scam money for fake projects or services.
  48. Illegal collection of biometric data
    Cybercriminals may acquire, use, or sell biometric data such as fingerprints, facial scans, or retina patterns used to secure devices or accounts.
  49. Illegal monitoring of online activity (keylogging)
    Malicious software (keyloggers) allowing cybercriminals to monitor and record text entered by users (e.g., logins, passwords, messages), which can then be used for identity theft.
  50. Crimes related to cyberwarfare
    State actions aimed at destabilizing another state through cyberattacks on its critical infrastructure, e.g., government systems, banking systems, energy networks, law enforcement.
  51. Attacks on cryptographic algorithms
    Cybercriminals may attempt to break or weaken cryptographic algorithms used to secure data, giving them access to encrypted information (e.g., breaking the AES algorithm).
  52. Cyberattacks on healthcare systems
    Attacks on healthcare infrastructure can lead to theft of sensitive patient data, manipulation of test results, or extortion for regaining access to data.
  53. Attacks on air traffic control systems (ATC)
    Cyberattacks on systems controlling air traffic could disrupt aviation operations, steal flight data, or attempt to manipulate navigation systems.
  54. Crimes related to „clickbait” Creating content that deliberately misleads users, encouraging them to click on links that lead to unwanted or malicious websites, which may contain viruses, trojans, or tracking software.
  55. Cyberbullying and cyberharassment Online violence and harassment, which can take the form of spreading compromising information, mocking, defaming individuals or groups on social media, forums, and other online platforms.
  56. Malicious scripts for Cross-Site Scripting (XSS) attacks Injecting harmful JavaScript code onto websites that is executed in users’ browsers. These types of attacks can lead to account hijacking, theft of login credentials, or manipulation of website content.
  57. Crimes related to fake online job offers Fraud in which cybercriminals offer fake job positions in exchange for payment for training, purchasing materials, or advance payments, then disappear after receiving the money without providing any work.
  58. Revenge Porn Distributing intimate photos or videos that were previously obtained with the consent of the victim, with the intention of defaming, intimidating, or blackmailing them.
  59. Advanced Persistent Threats (APT) APT are long-term, well-planned attacks aimed at infiltrating networks or information systems to steal data or sabotage an organization’s operations. APTs are characterized by attackers remaining undetected for long periods, allowing them to gather information, spy, or even sabotage critical operations. These types of attacks are often used by state actors or sophisticated criminal groups.

Increase in Cybercrime Related to the Pandemic

During the COVID-19 pandemic, cybercriminals exploited the crisis to spread false information, phishing schemes, or scams related to COVID-19 tests, vaccines, as well as financial support or government aid.

    Increase in Crimes Related to the Use of Artificial Intelligence

    The use of artificial intelligence to conduct cyberattacks, such as generating false data, fraud, mimicking conversations using deepfakes, or automatically creating malicious software.

    Summary

    The development of technology brings not only benefits but also new challenges in the field of cybercrime. As the internet becomes increasingly complex, new forms of crime become possible. In response to these threats, the Polish legal system is trying to adjust criminal laws to ensure adequate protection for citizens, businesses, and institutions.

    Status as of: May 12, 2022

      Dodaj komentarz