Академический Документы
Профессиональный Документы
Культура Документы
E-COMMERCE
SY BAF 2010-2011
IT PROJECT
PRESENTED BY
SHEEMA ANSARI 910458
MAHENOOR CHASMAWALA 910435
SAYALI NATEKAR 910422
NIKITA TAMKER 910430
SAYLEE GOREGONKAR 910408
HUMA ANSARI 910402
CERTIFICATE
This is to certify that group no.1 of division SY.BAF
has satisfactorily completed the required assignment
in Information technology as per the course,during the
year 2010-2011
Date :_______________________
Signature:_____________________
ACKNOWLEDGEMENT
we wish to express are sincere gratitude to PROF.MUNAVOR for providing
us an opportunity to do the project work on ”threats to e-commerce” This
project bears on imprint of many peoples. we also wish to express are
gratitude to are friends who rendered their help during the period of the
project work and for their kind co-operation to the completion of the project
work. Last but not least we wish to avail our self of this opportunity, express
a sense of gratitude and love to our beloved parents for their manual
support, strength, help and for everything.
E-COMMERCE
Electronic commerce, commonly known as e-commerce or eCommerce,
consists of the buying and selling of products or services over electronic
systems such as the Internet and other computer networks. The amount of
trade conducted electronically has grown extraordinarily with widespread
Internet usage. The use of commerce is conducted in this way, spurring and
drawing on innovations in electronic funds transfer, supply chain
management, Internet marketing, online transaction processing, electronic
data interchange (EDI), inventory management systems, and automated data
collection systems. Modern electronic commerce typically uses the World
Wide Web at least at some point in the transaction's lifecycle, although it can
encompass a wider range of technologies such as e-mail as well.
A person connects to the any online shopping website via the internet .He
then has to create an account with the respective site .He is then allowed to
use various facilities that the website has to provide.
• Step 3: Details
The customer is asked to fill in the billing (and shipping if different) details,
reply to any check out questions, provide any additional information,
optionally subscribe for the newsletter and select a payment method.
• Step 4: Confirmation
The customer is asked to carefully review the details of her order and click
the "Proceed" button if all appears correct or the back button to return to the
previous page for corrections.
• Step 5 : Payment
Details of the selected payment method are provided. If one of the credit card
options is selected as a payment method, the customer is automatically
transferred to the respective service provider in order to complete this step.
All ecommerce transactions take place on the bank servers used by the service
providers and we/you do not keep any credit card numbers or private
information about customers.
Once the order is completed, an email is sent to the customer and the
merchant, informing them about the details of the order: products, quantity,
price, billing/shipping details and any additional information.
The goods purchased by a customer is then send to the warehouse for safe
keeping until shipping order takes place. Finally the goods are then delivered
to the customer.
eCommerce services are about transactions, and transactions are very largely
driven by money. This attracts hackers, crackers and everyone with the
knowledge of exploiting loopholes in a system. Once a kink in the armor is
discovered, they feed the system(and users) with numerous bits of dubious
information to extract confidential data(phishing). This is particularly
dangerous as the data extracted may be that of credit card numbers, security
passwords, transaction details etc.
Hackers often gain access to sensitive information like user accounts, user
details, addresses, confidential personal information etc. It is a significant
threat in view of the privileges one can avail with a false identity.
For instance, one can effortlessly login to an online shopping mart under a
stolen identity and make purchases worth thousands of dollars. He/she can
then have the order delivered to an address other than the one listed on the
records. One can easily see how those orders could be received by the
impostor without arousing suspicion. While the fraudsters gains, the original
account holder continues to pay the price until the offender is nabbed.
3> Modification
The altering of incoming or outgoing data for a particular Web site, whether
intentional or not. A particularly pernicious hazard since modification is
difficult to detect in large transmissions.
4>Unauthorized transactions
Any use of a Web site by someone without approval AND Unauthorized
disclosure - The viewing of data without the appropriate permissions.
The Internet presents a tempting target for intellectual property threats.It has
become Very easy to reproduce an exact copy of anything found on the
Internet and as such pose threats to individual property.People are unaware
of copyright restrictions, and unwittingly infringe on them because Fair use
allows limited use of copyright material when certain conditions are met.
6>Cybersquatting
For eg ->> .Hasbro is the famous game producer of the Monopoly board game,
which has been played by approximately 750 million people worldwide.
Habsro maintains to relevant web site, namely www.monopoly.com
and www.hasbro.com. However you can find sites with the
domain www.monopolybingo.com.
Another eg ->> Ford is the well known longstanding car company which needs
no introduction. Ford maintains a website atwww.ford.com. Ford owns
numerous trademark registrations for its FIESTA vehicle. Respondent is an
official Ford approved vendor. Respondent claims that it registered and
developed the domain name www.fiesta-armrest.com, www.fiesta-
armrest.net,www.fiestaarmrest.com, www.fiestaarmrest.net etc. Ultimately,
the Panel was not swayed by arguments presented by Respondent, and the
domains were ordered to be TRANSFERRED.
8>Interference
9>Repudiation
The denial on the part of a consumer or customer that an on-line order was
ever placed or the goods ever received.
10> Spam
Additional info<<
What are Hackers?
Technically, a hacker is someone who is enthusiastic about computer
programming and all things relating to the technical workings of a computer.
Under such a definition, I would gladly brand myself a hacker. However, most
people understand a hacker to be what is more accurately known as a
'cracker'
A DoS attack can be perpetrated in a number of ways. The five basic types of
attack are:[citation needed]
13> IP spoofing
14>Hacking
15>Trojan
16>Virus
17>worm
A computer program that can run independently, can propagate a complete
working version of itself onto other host on a network, and may consume
computer resources destructively.
18> Phishing
For eg>> 1) Like any phishing e-mail, this tries to manipulate the recipient.
Because this message insists on the fact that this very attractive offer is only
available for a limited period of time, the victim is urged to log on to the site as
quickly as possible, by clicking on the link in the e-mail. In phishing e-mails,
the hypertext links are always rigged to redirect the victim to a fake Web site.
Here the links seems to be correct on first sight; in reality, it redirects the
victim to the site pinacle.co.uk and not to pinnacle.co.uk
>Authentication
>Intrusion Check
The issue of tackling viruses and their like has also seen rapid development
with anti-virus vendors releasing strong anti-viruses. These are developed by
expert programmers who are a notch above the hackers and crackers
themselves.
>Educating Users
>Trademarks
DRM is built on a technology to authorize and track the use of digital files,
whereverthey are used.>
CASE STUDY
1
Facts :
Two BPO employee gained illegal access to their company’s computer system
by hacking with the passwords. They conspired with the son of a credit card
holder and illegally increased the credit limit of the card and changed the
communication address so that credit statement never reach the original card
holder. The credit card company was cheated by Rs.7.2 lakhs.
Investigation by police:
The computer system of the BPO company were examined along with the
computer logs showing the access to the computer system by the accused. The
presence of accused was also verified with the attendance register.
Action :
Charges framed u/s 120(B), 420,467,468,471 IPC and sec.66 of IT act
{imprisonment upto six months, or with fine or with both}
2
Facts :
Action :
A case has been registered under sec. 66 and sec.72 of the IT Act and 408, 420
of the indian penal code.{shall be punished with imprisonment of either
description for a term which may extend to seven years, and shall also be
liable to fine}