Cybersecurity Learning Simulator

1. Phishing Attacks - Identification & Response

What is Phishing? Phishing is a social engineering technique where attackers send fraudulent emails, messages, or create fake websites to trick victims into revealing sensitive information (passwords, credentials, financial data).

Common Signs:

• Suspicious sender email addresses (slight variations of legitimate domains)
• Urgent calls to action ("Click immediately", "Verify account")
• Requests for passwords or personal information
• Suspicious links or attachments
• Grammar and spelling errors
• Generic greetings ("Dear User" instead of real name)

Police Response Protocol:

• Do NOT click links or download attachments
• Report to IT security team immediately
• Preserve evidence (screenshot, email header details)
• Forward to cybercrime unit for investigation
• Alert other officers about phishing attempt

2. Ransomware Threats - Detection & Mitigation

What is Ransomware? Malware that encrypts critical files/systems and demands ransom payment. It disrupts operations and compromises sensitive police data.

Warning Signs:

• Unusual file extensions (.locked, .encrypted, .ransomware)
• Ransom note appearing on screen
• Inability to access files or systems
• Unusual network activity or slow performance
• Files renamed with encrypted suffixes

Immediate Actions:

• ISOLATE affected systems from network immediately
• Do NOT attempt to decrypt or pay ransom
• Alert IT/Cybercrime unit with system details
• Preserve evidence and system logs
• Activate incident response plan
• Restore from clean backups (if available)

3. Telecom Analysis - CDR/IPDR Investigation

Standard Procedures:

• CDR (Call Detail Records): Phone calls, SMS, time, duration, cell tower location
• IPDR (Internet Protocol Detail Records): Internet sessions, IP addresses accessed, websites visited
• CAF (Customer Application Form): KYC details - Aadhaar, PAN, address, photo, alternate mobile
• CYCAPS (Cyber Crime Analysis & Profiling System): search linked FIRs, IMEI numbers, location data
• SMS Header Analysis: Identify actual telecom provider via header at smsheader.trai.gov.in
• Day/Night Location Tracking: Cell tower data shows fraudster movement patterns vs ATM withdrawal locations

4. Financial Crime Procedures - Money Trail Tracing

Key Evidence Collection:

• Bank Accounts: Request 91 CrPC - KYC, statement, debit/credit card delivery, ATM footage
• UPI Transactions: Identify payment gateway (Google Pay:okaxis/ok, PhonePe:ybl, Amazon:apl)
• E-Wallets: Transaction history, recipient wallet ID, IP logs, linked bank accounts
• Crypto Exchanges: Blockchain analysis, wallet addresses, exchange platform details
• ATM Withdrawals: CCTV footage, ATM location codes, linked card/account numbers
• Mule Account Indicators: Fake Aadhaar, recent KYC updates, e-KYC IP address mismatches