“How to avoid crimes and being offended in the internet”
Interview about hacking to an inspector and a chief- assistant of the Italian Postal Police
Before the interview, the inspector briefly shows the tasks of the Postal Police (or Communication Police ).
The Postal Police is a special sector of the State Police, being appointed by a law of 1981.
The aim of the Police of Communication is that of protecting the citizens from the breach of the privacy and of the freedom of communication, decreed by the act n. 15 of the Italian Constitution.
The activities of the Postal Police has the objective to contrast the paedo-pornography, the telematics and phone frauds, the unlawful administrative, and the so- called hacking.
Question: What is the internet piracy?
Reply: with the term piracy we mean all those illegal activities that consist of:
• Arbitrary download of literary and artistic works, software and works protected by copyright.
• Illegal access to computer systems with the aim to verify the vulnerability (hacking).
• Breaking the rules of passwords and logins of banks and other computer systems to rustle of datas or money or to damage the information system (cracking ).
• Attacks to the information systems by virus writing.
• Another side of piracy is the phishing, that is considered a technique of the social engineering.
Question: It’s happened to us to have received strange emails from the Post Office or from
banks. Is it a matter of phishing?
Reply: Exactly. With the phishing the hackers find, using some fake e-mails perfectly imitated from banks o other authorities, to obtain information of people bank accounts. But these data go into a server used by the criminals to gather the information of the person who replied the email and through these they can have access to the bank deposit.
Then, the money illegally stolen is recycled contacting, always through the e-mails, other people who are submitted, as a work under reward, to make available their own account (usually the 7% – 8% of the amount placed ).
Therefore the account holder will send the money, in small stages, through perfectly legal organizations, such as the Western Union or the Moneygram, that don’t ask the applicant any document and so they ensure anonymity to that person who can draw, through that simple code number, the sums of money in different parts of the world.
Question: Did you investigate about cases of phishing in Sardinia?
Reply: Time ago we found out that a group of teenagers of an high school in Cagliari had accumulated a big amount of money by a phishing action. Unfortunately for them they used that money to buy drugs, alcohol and technologies for their criminal activity.
Question: How is that a minor can learn such techniques like those ones?
Reply: Online is possible to find all what is needed: first of all the basic knowledge, besides some specific chat lines are focused on keeping in touch with experts and having knowledge exchanges about it. In short, Internet can supply all necessary resources toanyone who has specific learning capacity and wants to become a hacker.
Question: Which are the methods and the means used to investigate?
Reply: We work in collaboration with people highly qualified in technologies who are also trained as investigators. In order to achieve good results these two specializations should work together. Besides we use high technologies and specific instruments. Concerning the investigation methods we have to take into consideration that on line any trace of the user can be always reached.
Every time someone is on line, a trace of its own IP address is left. If we receive a notification relating an internet crime or about paedophilia or pornography on line, we ask the provider responsible of the communication the so-called log files, that contain the information with which we trace the IP address where the communication came from. In Italy the law oblige the providers to supply the information under request of the investigators.
Question: Can criminals avoid to be traced?
Reply: Often they use methods to disguise the connections and try to prevent the traceability of their communication and this complicates our research.
In any case the Police tries to forestall the internet crimes through a continuous monitoring of the net and in the searching of information . This is an intelligence activity consisting in the analysis of the net and regards different aspects of the activity that carries out inside the net. We try, for example, to tap and discover information on activities that can cause problems of public nuisance.
Question: Let’s talk about Facebook. The majority of us teenagers use it regularly. Can be dangerous, even activating all the possible protections on our profiles?
Reply: To begin with, you always need a lot of caution. Carefulness when you release your photos, still caution on the chat. When you don’t know the person you are talking to, the risk that on the other side can be a prowler is a consideration you have to take into account.
But the most important thing is to logout your email or chat when you finish to use facebook. To the next access, it’s a good suggestion to repeat the login, better than to leave the password: it is hazardous, because someone, if appropriated your password, can hack in your profile.
Remember that you profile and your data don’t lie in your PC, but in the server of facebook.
Interview collected by Giulia Serra, Emanuele Concas, Michela Usala, Prof. Marco Pani