Cyber-Vigilantism

There have been a number of scams perpetrated over the years. These have preyed on the elderly, less than tech savvy, grandparents, and others. They could steal intellectual property, money, staff member data and information, or simply be an annoyance. This could cost thousands of dollars and hours upon hours of work to correct. The effects could last years.

With all of the cost, stress, and anxiety this generally causes, people affected may think about finding the person(s) and exacting a cyber-revenge on them.

One method, not being proposed or recommended, would be to send a malicious packet to them. This could be coded to gather information regarding their system, credentials, or a picture of their surroundings. This email and file could be labeled as confirmation of the transaction to induce it being opened.

Although this may be an instant, and not well thought out response, this mode of response is not recommended. In short, this is exceptionally illegal. If the targeted deviant is in the UK, the person hacking back may be in violation of the Computer Misuse Act. If the person hacking back is in the US or the target is in the US, they may have violated the Computer Fraud and Abuse Act.

There are entities who may do this, including governments, law enforcement, military, and intelligence operatives. These instances are however approved through legal channels. It is far better to gather data and report this to the property authorities.

About the Author - Charles Parker, II has been working in the info sec field for over a decade, performing pen tests, vulnerability assessments, consulting with small- to medium-sized businesses to mitigate and remediate their issues, and preparing IT and info sec policies and procedures. Mr. Parker’s background includes work in the banking, medical, automotive, and staffing industries.