NOTES ON DIGITAL

EMPOWERMENT

2024-25 Digital Empowerment Page 1 of 151

 Contents

B (2024-25) Digital Empowerment

Page
Number
SECTION(S) Topics
1 Introduction to G-suite 4-32
1.1 G-mail 4
1.2 Google Drive 6
1.3 Google Docs 7
1.4 Google Sheets 9
1.5 Google Slides 11
1.6 Google Chat 13
1.7 Google Tasks 18
1.8 Google Meets 31
2 Introduction to Microsoft 365 33-48
2.1 Outlook 33
2.2 Onedrive 33
2.3 Word 36
2.4 Excel 37
2.5 Powerpoint 41
2.6 Teams 45
2.7 To-do 47
3 Digital Inclusion and Digital Empowerment 49-60
3.1 Needs and Challenges 49
3.2 Vision of Digital India 51
3.3 Public Utility Portals of Govt. 55
4 Towards Safe and Secure Cyber Space 61-80
4.1 Online Security and Privacy 61
4.2 Threats in Digital World 65
4.3 Blockchain Technology 67
4.4 Security Initiatives by Govt. of India 77
5 Ethical Issues in Digital World 81-93
5.1 Netiquettes 81
5.2 Ethics in Digital Communication 88
5.3 Ethics in Cyber Space 91
6 Introduction of Cyber Crime 94-130
6.1 Understanding cybercrime: definition, types, and 94
motivations
6.2 Impact of cybercrime on individuals, organizations, and 95

2024-25 Digital Empowerment Page 2 of 151

 Contents

B (2024-25) Digital Empowerment

Page
Number
SECTION(S) Topics
society
Cybersecurity Fundamentals
6.3 Basics of cybersecurity: principles and best practices 99
6.4 Common cyber threats: malware, phishing, ransomware, 104
etc.
6.5 Cyber Crime and its types 119
6.6 Financial Fraud, E-Commerce, Digital payments and its 126
security etc
6.7 Overview of Social Media Fraud and its security etc 128

2024-25 Digital Empowerment Page 3 of 151

Introduction to G-Suite

Gmail :- Gmail is a free email service provided by Google. In many ways, Gmail is like any
other email service: You can send and receive emails, block spam, create an address book, and
perform other basic email tasks. But it also has some more unique features that help make it one
of the most popular online email services.

In this lesson, we'll talk about some of the features and advantages of Gmail, and we'll give an
overview of the Gmail window.

Google accounts

Creating a Google account is needed to access Gmail because it is just one of the many services
offered by Google to registered users. Signing up for a Google account is free and easy, and
naming your new Gmail address will be a part of the sign-up process. This means whenever
you're signed in to Gmail, you are automatically signed in to your Google account. You'll be able
to easily access other Google services like Google Docs, Calendar, and YouTube.

Of course, you don't have to use any of these features. You may just want to focus on email for
now. However, if you'd like more information, you can review our Google account tutorial,

2024-25 Digital Empowerment Page 4 of 151

where we talk about some of the different services Google offers and show you how to change
your privacy settings.

Gmail features

Gmail offers several useful features to make your email experience as smooth as possible,
including:

​ Spam filtering. Spam is another name for junk email. Gmail uses
advanced technologies to keep spam out of your inbox. Most spam is
automatically sent to a separate spam folder, and after 30 days it is
deleted.
​ Conversation View. An email conversation occurs whenever you send
emails back and forth with another person (or a group of people), often
about a specific topic or event. Gmail groups these emails together by
default, which keeps your inbox more organized.
​ Built-in chat. Instead of sending an email, you can send someone an
instant message or use the voice and video chat feature if your computer
has a microphone and/or webcam.
​ Call Phone. This feature is similar to voice chat, except that it allows you
to dial an actual phone number to call any phone in the world. It's free to
make a call to anywhere in the United States or Canada, and you can
make calls to other countries at relatively low rates.

Get to know the Gmail interface

When you're working with Gmail, you'll primarily be using the main Gmail interface. This
window contains your inbox, and it allows you to navigate to your contacts, mail settings, and
more. Also, if you use other Google services like YouTube or Calendar, you'll be able to access
them from the top of the Gmail window.

Click the buttons in the interactive below to learn about the different parts of the Gmail interface.

2024-25 Digital Empowerment Page 5 of 151

Google Drive :-

Google Drive is a free service from Google that allows you to store files online and access them
anywhere using the cloud. Google Drive also gives you access to free web-based applications for
creating documents, spreadsheets, presentations, and more.
a) Why use Google Drive?
Google Drive is one of the most popular cloud storage services available today. If you've never
used a cloud-based storage service like Google Drive before, take a moment to consider the
advantages of keeping your files online. Because files can be accessed from any computer with
an Internet connection, Drive eliminates the need to email or save a file to a USB drive. And
because Drive allows you to share files, working with others becomes much easier.
b) Creating files on Google Drive
Google Drive doesn't just store your files; it also allows you to create, share, and manage
documents with its own productivity apps. If you've ever used a suite like Microsoft Office,
some things about Google Drive's apps might seem familiar. For instance, the types of files you
can work with are similar to files that can be created with various Microsoft Office programs.
Below are the types of files you can create and share on Google Drive:

✔ Documents: For composing letters, flyers, essays, and other text-based files (similar
to Microsoft Word documents)

✔ Spreadsheets: For storing and organizing information (similar to Microsoft Excel

workbooks)

2024-25 Digital Empowerment Page 6 of 151

 ✔ Presentations: For creating slideshows (similar to Microsoft PowerPoint
presentations)

✔ Forms: For collecting and organizing data

✔ Drawings: For creating simple vector graphics or diagrams

Google Docs :-
What is Google Docs?

Google Docs, first released in 2006, is a free web-based word processor in which documents can
be created, edited and stored as part of the Google Docs Editors suite of free web applications.
The cloud-based productivity platform also includes Google Sheets, Google Slides, Google
Drawings, Google Forms, Google Sites and Google Keep.

Google Docs users can import, create, edit and update online documents in various fonts and file
formats that can be accessed from any computer with an internet connection and web browser.

Users can also access documents from mobile devices with Android, Chrome or iOS operations
systems, and create new documents to work on from their device.

How is Google Docs used?

To use the software, users must create a free Google account. This will also give them a Gmail
email address. To begin, simply go to docs.google.com or by navigating to Google Docs from
their Gmail or Google Drive online storage account.

2024-25 Digital Empowerment Page 7 of 151

General access is free for all. However, Google's business offering, Google Workspace (formerly
G Suite), offers these apps with additional business-focused functionality as part of a monthly
subscription.

The benefits of Google Docs

One of the main benefits of using Google Docs is that collaborators can see the revision history
of any changes made to Google documents and when those alterations were done in the version
history.

Users can also control who sees their work so privacy can be maintained in a business or
personal setting. It also offers built-in commenting tools that let users discuss changes and work
together as they're being made.

Additionally, because documents are stored online and can also be stored on users' computers,
there is no risk of total data loss as a result of a localized catastrophe.

Thus, Google Docs is an ideal word processing option for businesses, blog authors or students
who use it for writing assignments.

Google Sheets :-

Google Sheets allows you to organize, edit, and analyze different types of information using
spreadsheets. In this lesson, you'll learn about the different ways you might use spreadsheets and
how to navigate the Google Sheets interface.
You'll also learn the basic ways to work with cells and cell content, including how to select cells,
insert content, and copy and paste cells.
a) All about Google Sheets
Google Sheets is a web-based spreadsheet application that allows you to store and organize

2024-25 Digital Empowerment Page 8 of 151

different types of information, much like Microsoft Excel. While Google Sheets does not offer
all of Excel's advanced features, it's easy to create and edit spreadsheets ranging from the simple
to the complex.
While you might think spreadsheets are only used by certain people to process complicated
numbers and data, they can actually be used for a variety of everyday tasks. Whether you're
starting a budget, planning a garden, or creating an invoice or just about anything else you can
think of, spreadsheets are a great way to organize information.
b) To create a new Google spreadsheet:
1. While viewing your Google Drive, click New and select Google Sheets from the
drop-down menu.

1. The spreadsheet will appear in a new browser tab.

2024-25 Digital Empowerment Page 9 of 151

 2. To name your spreadsheet, locate and select Untitled spreadsheet at the top of the page.
Type a name for your spreadsheet, then press Enter on your keyboard.

3. Your spreadsheet will be renamed.

2024-25 Digital Empowerment Page 10 of 151

 4. Whenever you need to view or edit your spreadsheet, you can access it again from your
Google Drive, where it will be saved automatically.

You may notice that there is no save button. This is because Google Drive uses autosave, which
automatically and immediately saves your files as you edit them.

Google Slides :-

a) Getting started with your presentation

Google Slides allows you to create dynamic slide presentations. These presentations can include
animation, narration, images, videos, and much more. In this lesson, you'll learn about the

2024-25 Digital Empowerment Page 11 of 151

Google Slides interface and the basics of setting up your document, including the menu and
shortcut toolbars, zoom settings, and choosing a theme.
b) The Google Slides interface
When you create a new presentation in Google Slides, the interface for Slides will appear. This
interface displays the toolbar, along with the main view of your presentation. It allows you to
create and modify slides, choose a theme, and share the presentation with others.

a) Choosing a theme
When you first create a new presentation, Google Slides will prompt you to choose a theme.
Themes give you a quick and easy way to change the overall design of your presentation. Each
theme has a unique combination of colors, fonts, and slide layouts. Select a theme from the panel
on the right side of the window, and it will be applied to your entire presentation.

2024-25 Digital Empowerment Page 12 of 151

You can choose from a variety of new themes at any time, giving your entire presentation a
consistent, professional look. If you want to change your theme, you can open the Themes panel

again by clicking the Theme command on the shortcut toolbar.

Google Chat :-

What is Google Chat?

Google Chat is a secure communications tool designed to provide easy business communications
within the Google Workspace ecosystem.

With Google Chat, teams collaborate via text, build collaborative chat rooms, share documents,
deliver presentations, and establish web conferences.

Google Chat

Google Chat was called Hangouts Chat and worked as a more business-oriented version of the
consumer Hangouts. Google Chat expands on the features of the standard version of Hangouts
by adding a plethora of team collaboration features and integrations.

2024-25 Digital Empowerment Page 13 of 151

How do I use Google Chat?

Google Chat is easily accessible in Google Workspace. To access it, use the Google app launcher
button in any Workspace application.

The app launcher appears as a gridded set of dots along the upper right-hand side of your screen.

Click this grid, and a series of apps, including Gmail, Calendar, Contacts, and Drive, will appear.

2024-25 Digital Empowerment Page 14 of 151

Once selected, a list of people that you can chat with will be populated along the left side of the
screen.

2024-25 Digital Empowerment Page 15 of 151

It’ll also provide you with data like presence information and whether specific colleagues are
online. Click on the name to begin a conversation. Type in the intended message and click the
send button, which is shaped like a triangle, to send.

Google Chat has some handy functions. The software uses predictive text options to automate
replies. For example, if a coworker says, “Good afternoon,” Google will provide you a list of
appropriate answers like, “Hello, how are you?”

Once a chat is established, you share spreadsheets and documents from Google Drive. Any
participant will then be able to access the file via Google Docs.

Additionally, adding things like video meeting links is done very quickly through the chat UI.
Once placed in chat, Google Chat will provide a clickable meeting for colleagues to use.

How do I get the Google Chat app?

If you'd like to use Google Chat on your desktop, you can also download the Google Chat app
for a native experience separate from your browser.

To install the Google Chat app, follow these instructions.

1. Sign in to Google Chat.

2. Upon first using Google Chat, a pop up will appear with an option to download the
desktop app.

Click here for additional download tips or troubleshooting.

Is Google Hangouts still working?

For those wondering if Google hangouts is still a thing, the answer is unfortunately not.

In 2022, Google announced that Google Hangouts would cease to be operational. The good
news, however, is that users can use Google Chat and Google Meet to communicate via
messaging and video.

According to Google,

2024-25 Digital Empowerment Page 16 of 151

"Google Chat is an intelligent communication app for teams that takes direct messaging in
Google Hangouts and evolves it to reflect the way modern teams talk business.”

Google Chat is the next evolution of Hangouts. It grants that same one-on-one communication
but expands on it to be more effective in a business setting.

Important features available in Hangouts like read receipts, video and audio conferencing, and
image sharing are all available through Chat.

In addition, more robust, collaboration-friendly features also come standard.

These include:

● Spaces, direct messages, and group chats: Users can collaborate on every level, from 1:1
direct messages to company or team-wide spaces (the equivalent of channels in Microsoft
Teams or Slack). Messaging features available include message threads for those looking
to delegate individual tasks to specific team members, file collaboration, emojis,
reactions, and everything else you would expect from a modern messaging platform.
● Larger Video Chat Capacities: With Hangouts, you were limited to 10 attendees, but Chat
expands this thanks to its paid structure. With Chat, you’ll have a max of 250 participants
for any video chat.
● Google Meet Integration: This is probably one of the better features of Chat. When you
want to set up a meeting, you simply tag Google Meet with the meeting attendees. After
that, you only need to mention the proposed meeting date, and the calendar appointment
is automatically created.

Google Tasks :-

Google Tasks is a fairly basic

to-do list app
—but with lists, subtasks, and mobile notifications, it has everything you need to keep track of
the most important things you need to do. And if you already do most of your work within
Google Workspace with apps like Google Calendar, Gmail, and Google Docs, the seamless
connection makes it effortless.The only downside: the app is sort of hidden. But once you find it,
it's smooth sailing. In this article, I'll show you how to find Google Tasks—and how to get the
most out of it.
Where do I find Google Tasks?

2024-25 Digital Empowerment Page 17 of 151

If you didn't know that Google Workspace had a built-in task manager, I wouldn't blame you.
Much like the undo send button in Gmail it's a hidden gem tucked away into the borders of most
Google desktop apps.

To access it, simply click the Google Tasks icon in the side panel of Gmail, Calendar, Chat,
Drive, or a file in Google Docs, Sheets, or Slides. If the icon isn't visible, click the Show side
panel icon, which looks like a left-facing arrow, in the bottom-right corner of your app.

2024-25 Digital Empowerment Page 18 of 151

How to add tasks to Google Tasks

With Google Tasks open in the side panel, click Add a task.

2024-25 Digital Empowerment Page 19 of 151

Give your task a title, add any relevant details, and set a due date. You can even click the Repeat
icon if it's a task you need to do on a regular basis. Then hit Enter.

If you set a due date, the task will also populate in your Google Calendar, which is helpful if you,
like me,

benefit from a few reminders

to complete a task.

2024-25 Digital Empowerment Page 20 of 151

If the task doesn't appear in your calendar, go to the My calendars section in the left panel of
Google Calendar, and click Tasks.

Tip: Not all tasks are created equal. Find out which tasks are better suited for your calendar—not
your to-do list

Need to edit a task? Simply click on the task in the side panel and begin editing. Or, click on the
task in Google Calendar, and then click the Edit task icon, which looks like a pencil.

2024-25 Digital Empowerment Page 21 of 151

Once you're done revising, click Save.

How to add Gmail emails to your Google Tasks

I'm a bit of a delinquent when it comes to replying to emails. (

Yes, it really is that hard

But I'm told that's not how one acts as an adult, so here I am, working on turning a new leaf.

While I could get creative with Gmail labels to

turn my inbox into a to-do list

, I prefer to add Gmail emails that need a reply or action as to-do items in my Google Tasks list
purely because there's greater visibility (i.e., fewer opportunities for tasks to get lost within
collapsed folders). There are a few ways to do this.

Drag and drop emails to Google Tasks

1. Click the Google Tasks icon in the side panel of Gmail to open the app.
2. Drag an email, or multiple emails at once, from Gmail, and drop it anywhere in the
Google Tasks panel to transform it into a task.

2024-25 Digital Empowerment Page 22 of 151

Use the Add to tasks button in Gmail

1. Select the emails from your inbox that you want to add to Google Tasks.
2. Click the Add to tasks icon, which looks like the Google Tasks icon with a plus sign
(+), from the inbox menu bar.

Use the keyboard shortcut in Gmail

1. Select the emails from your inbox that you want to add to Google Tasks.
2. Hit Shift + T, and the email will automatically populate as a task.

If this doesn't work for you, make sure you've

enabled keyboard shortcuts for Gmail

By default, any method you use will populate the email subject line as the task name and include
a link to the email for ease of reference. To add more details or to set a task due date, click the
task name to edit.

You can then archive the email to

2024-25 Digital Empowerment Page 23 of 151

If you delete the reference email, it'll still be linked in the task, but you won't be able to access it
if the email has been permanently emptied from your trash.

How to manage tasks in Google Tasks

Let's say you want to reorganize your to-do list. You can do this with just one click using three
preset sorting methods: My order, Date, and Starred recently.

To use one of these methods, click the List options icon, which looks like three dots stacked
vertically (⋮), beside Add a task. Choose your desired sorting method, and Google Tasks will
organize your to-do list accordingly.

2024-25 Digital Empowerment Page 24 of 151

Note: If you sort by date, any tasks without a due date will be grouped under a NO DATE
category.

If you'd rather reorganize your list manually, it's really straightforward. Simply click on the task
and drag it to the order you want.

If your task has subtasks, the whole task set, by default, will move when you drag the parent
task.

Want to turn a subtask into its own task? Click the task, and drag it to a blank space in the
Google Tasks panel.

2024-25 Digital Empowerment Page 25 of 151

There's one more way to organize your tasks: lists. To group tasks into a separate list, click the
Task options icon, which looks like three dots stacked vertically (⋮), beside the action item.
Choose from existing lists, or click New list to create a new list.

2024-25 Digital Empowerment Page 26 of 151

Once you've completed a task, click Mark complete beside the task to remove it from your to-do
list.

2024-25 Digital Empowerment Page 27 of 151

Need to review your completed tasks? Click Completed at the bottom of the Google Tasks panel
to see a complete list of every task you've checked off your list.

2024-25 Digital Empowerment Page 28 of 151

And to clear all completed tasks from your Google Tasks history, click the List options icon (⋮)
beside Add a task, and click Delete all completed tasks. A pop-up window will appear asking if
you want to permanently delete all completed tasks. Click Delete.

Google Meet :-

Google Meet is Google’s secure and easy-to-use video conferencing solution that is available to
schools for free through Google Workspace for Education.
Educators use Meet to connect with your child one-on-one, to facilitate remote instruction and to
hold virtual meetings and conferences with parents and guardians.
Meet works with all modern web browsers (like Chrome, Safari, etc.), meaning you don’t have to
install or download software to your desktop computer in order to use it. For those looking to
join from a mobile device like a tablet or smartphone, Meet has a dedicated mobile app that
optimizes the video conferencing experience for mobile conditions. If you are using Meet on a
Chromebook, we recently made significant performance improvements like audio and video
optimizations and the ability to handle multitasking better.

2024-25 Digital Empowerment Page 29 of 151

 E.5.1 How do I join a Google Meet?
There are a variety of ways to join a call or meeting, including joining from Google Classroom,
or via a meeting link or invitation that your teacher has shared via email or Calendar.
E.5.2 How does Meet protect my safety and privacy?
Google is committed to building products that help protect student and teacher privacy and
security. We designed Meet with industry-leading built-in protections that help keep calls safe by
default. Here are a few examples:
✔ Encryption by default: In Meet, all data is encrypted in transit by default between your
device and Google.
✔ Unique meeting IDs: Each Meeting ID is 10 characters long, with 25
✔ characters in the set, so it’s difficult to make an unauthorized attempt to join the meeting
by guessing the ID.
✔ Protection against reusing finished meetings: Students can’t rejoin meetings once the
final participant has left, unless they have meeting creation privileges to start a new
meeting. This means if the instructor is the last person to leave a meeting, students can’t
join again until an instructor restarts the meeting.
✔ No plug-ins required: To limit the attack surface and eliminate the need to push out
frequent security patches, Meet works entirely in your web browser, eliminating the need
to download and update plug-ins.
Meet also gives educators powerful controls to help keep virtual classes safe and secure.
✔ Safety locks: Educators can decide which methods of joining (via calendar invite or
phone, for example) require users to obtain explicit approval to join.
✔ Block anonymous users by default: Engaging safety locks will block all attempts to join a
meeting from anonymous users (users not logged in through a Google Account), and
enforce the requirement that the host joins first.
✔ Host moderation controls: Educators can control the level of participant interactivity in
the meeting. The chat lock and present lock will let hosts control which attendees can
chat and present content within the meeting. Educators can also access these controls on
mobile devices.
✔ End a meeting for all participants: Prevents students from staying on after the teacher has
left — including in breakout rooms.

2024-25 Digital Empowerment Page 30 of 151

Introduction to Microsoft 365
Overview-Outlook
With Outlook on your PC, Mac or mobile device, you can:

■ Organize email to let you focus on the messages that matter most.
■ Manage and share your calendar to schedule meetings with ease.
■ Share files from the cloud so recipients always have the latest version.
■ Stay connected and productive wherever you are.

Onedrive
OneDrive is an online cloud storage service from Microsoft. OneDrive integrates with Windows
11 as a default location for saving documents, giving Microsoft account users five gigabytes of
free storage space before giving upgrade options.
OneDrive allows users to save files, photos and other documents across multiple devices. A user
can also save their files in OneDrive and have it automatically sync on other devices. This means
someone can access and work on the same document in multiple locations. OneDrive provides
relatively easy access to cloud storage space, allowing options to share content with others.

How it works

OneDrive integrates with Microsoft Office so users can access Word, Excel and PowerPoint
documents from OneDrive. It doesn’t require a download and should already be a part of
Windows 11. A Microsoft account is required to use One Drive and users will need to sign in
before using it. To sign in, users will need to go to onedrive.com and select “Sign in” which
appears at the top of the page.

The system allows users to simultaneously edit Office documents, edit documents in browsers,
and create and share folders. OneDrive also offers Facebook integration, automatic camera roll
backup and the ability for users to email slide shows. Users can also scan documents and store
them in OneDrive.

Users can choose where to save data -- on OneDrive or File Explorer. Those who want to use
OneDrive as a data backup platform should have data saved in both locations. However, other
users can choose to store their files in either or.

2024-25 Digital Empowerment Page 31 of 151

OneDrive also lets users share files stored in OneDrive with anyone. In OneDrive, the user will
need to select the folder they want to share, go to the share button on the top toolbar and select to
invite people. Users then can enter the email address of those they want to share the file with. If
the recipient also has Office 365, then the user can select an option to allow the shared recipient
to edit the page. There are also additional options for choosing access privileges in the
drop-down menus. From this step, users can click the shared button. Users can also generate
links to share files by going to the same share option and choosing “Get a Link.” Additional
options include allowing the recipient to edit or not. Users then create a link, select it, and can
copy and paste it to whoever they may want to.OneDrive is also available on mobile platforms --
on Mac, iPhone and Android.Another feature, called Personal Vault, allows users to store
important files with additional protection. Personal Vault allows users to access stored files only
with a strong authentication method or adding another layer of identity verification. For example,
biometric authentication, PIN, or a code sent to the user via email or SMS.

Pricing

OneDrive comes with 5 GB of free storage. Users can add more storage space upgrading to a
different home or business plans. The home plans include the free basic 5 GB plan, a $1.99 a
month 100 GB plan, a $69.99 Microsoft 365 Personal plan with 1 TB of storage space or a
$99.99 Microsoft 365 Family plan with 1 TB for six different users -- offering a total of six
terabytes for that one plan.

For enterprise customers, Microsoft offers OneDrive for Business. OneDrive for Business is a
standalone product separate from Microsoft 365 but is included with Office Online. It includes
multifactor authentication, built-in compliance standards and auditing and reporting capabilities.
OneDrive for Business offers four plans at four different prices. Each plan, from cheapest to
most expensive, will increase the features and amount of storage space with cost. Business Plan

2024-25 Digital Empowerment Page 32 of 151

1 is available for $5 per user per month, Business Plan 2 is available for $10 per user per month,
Microsoft 365 Business Basic is available for $6 per user per month while Microsoft 365
Business Standard is available at $12.50 per user per month. The highest set range of data
storage is up to 25 TB per user in OneDrive for Business.

Word

Microsoft Word is a widely used commercial word processor designed by Microsoft. Microsoft
Word is a component of the Microsoft Office suite of productivity software, but can also be
purchased as a stand-alone product.

Microsoft Word was initially launched in 1983, and has since been revised numerous times. It is
available for both Windows and Apple operating systems.

Microsoft Word is often called simply Word or MS Word.

In 1981, Microsoft hired Charles Simonyi to develop a word-processing application. The first
version was released in 1983.

Initially, MS Word was not very popular, owing to its radically different look compared to
WordPerfect, the leading word processor at that time. However, Microsoft improved Word
continually over the years, including a 1985 version that could run on a Mac. The second major
release of Word, in 1987, included an upgrade of major features, in addition to new
functionalities such as support for rich text format (RTF).

In 1995, Microsoft increased its market share in the word processor business with the release of
Windows 95 and Office 95, which offered a bundled set of office productivity software.

Some features that have made MS Word useful include a WYSIWYG

(what-you-see-is-what-you-get) display: this design ensures that everything displayed on screen
appears the same way when printed or moved to another format or program. The ability of users
to copy and paste MS Word content into many other platforms without significant formatting
loss is one reason the software has stayed so popular in the last two decades.

In addition, MS Word has a built-in dictionary for spell checking; misspelled words are marked

2024-25 Digital Empowerment Page 33 of 151

with a red squiggly underline. MS Word offers text-level features such as bold, underline, italic
and strike-through, and page-level features such as indentation, paragraphing and justification.
Word is compatible with many other programs, the most common being the other members of
the Office suite.

In 2007, .docx became the default file format, replacing the “.doc” extension.

As Microsoft Word modernized over time, so did Microsoft operating systems. Since the
Microsoft Office suite is inherently tied to the Microsoft operating system, its use featured in
user frustrations around end-of-life for Microsoft XP and the successive Vista and Windows 7, 8
and 10 additions.

At the same time, Microsoft was getting on the cloud bandwagon. Its new offering, Microsoft
Office 365, replaces old out of the box or single machine licensing methods with a
cloud-delivered set of software applications that users can access from anywhere.

With subscription pricing, many customers are now accessing Microsoft Word and Office suites
through office 365 instead of buying it through downloads with license keys. Theoretically, the
cloud-delivered method allows for more versatile use on multiple devices, although some users
have reported trouble trying to get new devices authorized.

One other popular aspect of the cloud-delivered software is that there’s no need to load it onto
the local hard drive, leaving the end device less cluttered by drivers and other types of software
infrastructure. At the same time, Microsoft has added other complementary cloud applications
like OneNote, OneDrive and SharePoint for enterprise users, and a mobile Office suite for Apple
and Android.

Excel

What is MS Excel?

MS Excel is a spreadsheet program where one can record data in the form of tables. It is easy to
analyse data in an Excel spreadsheet. The image given below represents how an Excel
spreadsheet looks like:

2024-25 Digital Empowerment Page 34 of 151

How to open MS Excel?

To open MS Excel on your computer, follow the steps given below:

● Click on Start
● Then All Programs
● Next step is to click on MS Office
● Then finally, choose the MS-Excel option

Alternatively, you can also click on the Start button and type MS Excel in the search option
available.

What is a cell?

A spreadsheet is in the form of a table comprising rows and columns. The rectangular box at the
intersection point between rows and columns forms a cell. Given below is an image of a cell:

2024-25 Digital Empowerment Page 35 of 151

What is Cell Address?

The cell address is the name by which is cell can be addressed. For example, if row 7 is
interested in column G, then the cell address is G7.

Features of MS Excel

Various editing and formatting can be done on an Excel spreadsheet. Discussed below are the
various features of MS Excel.

The image below shows the composition of features in MS Excel:

● Home
● Comprises options like font size, font styles, font colour, background colour,
alignment, formatting options and styles, insertion and deletion of cells and
editing options
●
● Insert
● Comprises options like table format and style, inserting images and figures,

2024-25 Digital Empowerment Page 36 of 151

 adding graphs, charts and sparklines, header and footer option, equation and
symbols
● Page Layout
● Themes, orientation and page setup options are available under the page layout
option
●
● Formulas
● Since tables with a large amount of data can be created in MS excel, under this
feature, you can add formulas to your table and get quicker solutions
●
● Data
● Adding external data (from the web), filtering options and data tools are available
under this category
●
● Review
● Proofreading can be done for an excel sheet (like spell check) in the review
category and a reader can add comments in this part
●
● View
● Different views in which we want the spreadsheet to be displayed can be edited
here. Options to zoom in and out and pane arrangement are available under this
category

Benefits of Using MS Excel

MS Excel is widely used for various purposes because the data is easy to save, and information
can be added and removed without any discomfort and less hard work.

Given below are a few important benefits of using MS Excel:

● Easy To Store Data: Since there is no limit to the amount of information that can be saved
in a spreadsheet, MS Excel is widely used to save data or to analyse data. Filtering
information in Excel is easy and convenient.
● Easy To Recover Data: If the information is written on a piece of paper, finding it may
take longer, however, this is not the case with excel spreadsheets. Finding and recovering
data is easy.
● Application of Mathematical Formulas: Doing calculations has become easier and less
time-taking with the formulas option in MS excel
● More Secure: These spreadsheets can be password secured in a laptop or personal
computer and the probability of losing them is way lesser in comparison to data written in
registers or piece of paper.
● Data at One Place: Earlier, data was to be kept in different files and registers when the
paperwork was done. Now, this has become convenient as more than one worksheet can
be added in a single MS Excel file.
● Neater and Clearer Visibility of Information: When the data is saved in the form of a

2024-25 Digital Empowerment Page 37 of 151

 table, analysing it becomes easier. Thus, information is a spreadsheet that is more
readable and understandable.

Powerpoint

Question: What is MS PowerPoint?

Answer: PowerPoint (PPT) is a powerful, easy-to-use presentation graphics software program

that allows you to create professional-looking electronic slide shows.

The image given below shows the main page of MS PowerPoint, where a person lands when the
program is opened on a computer system:

Question: How to open MS PowerPoint on a personal computer?

Answer: Follow the steps below to open MS PowerPoint on a personal computer:

1. Click on the start button

2. Then choose “All Programs”
3. Next step is to select “MS Office”
4. Under MS Office, click on the “MS PowerPoint”

A blank presentation is open on the screen. According to the requirement, a person can modify
the template for a presentation and start using the program.

2024-25 Digital Empowerment Page 38 of 151

Question: What is a PowerPoint presentation or PPT?

Answer: A combination of various slides depicting a graphical and visual interpretation of data,
to present information in a more creative and interactive manner is called a PowerPoint
presentation or PPT.

Question: What is a slide show in a PowerPoint presentation?

Answer: When all the slides of a PowerPoint presentation are set in series and then presented to a
group of people, where each slide appears one after the other, is a set pattern, this is known as a
PowerPoint slide show.

Question: What all elements can be added to a slide?

Answer: The following elements can be added to a Powerpoint slide:

1. Clip Art
2. Graphs
3. Tables
4. Photographs
5. Charts
6. Media Clips
7. Videos

All these elements are mainly used to enhance presentation skills and make the slide more
interactive.

Features of MS PowerPoint

There are multiple features that are available in MS PowerPoint which can customise and
optimise a presentation. The same have been discussed below.

● Slide Layout

Multiple options and layouts are available based on which a presentation can be created. This
option is available under the “Home” section and one can select from the multiple layout options
provided.

The image below shows the different slide layout options which are available for use:

2024-25 Digital Empowerment Page 39 of 151

 ● Insert – Clipart, Video, Audio, etc.

Under the “Insert” category, multiple options are available where one can choose what feature
they want to insert in their presentation. This may include images, audio, video, header, footer,
symbols, shapes, etc.

The image below shows the features which can be inserted:

● Slide Design

MS PowerPoint has various themes using which background colour and designs or textures can
be added to a slide. This makes the presentation more colourful and attracts the attention of the
people looking at it.

This feature can be added using the “Design” category mentioned on the homepage of MS
PowerPoint. Although there are existing design templates available, in case someone wants to
add some new texture or colour, the option to customise the design is also available. Apart from
this, slide designs can also be downloaded online.

2024-25 Digital Empowerment Page 40 of 151

Refer to the below for slide design:

● Animations

During the slide show, the slides appear on the screen one after the other. In case, one wants to
add some animations to the way in which a slide presents itself, they can refer to the
“Animations” category.

The different animation styles available on PowerPoint are:

Apart from all these options; font size, font style, font colour, word art, date and time, etc. can
also be added to a PPT.

Uses of PowerPoint Presentation

PowerPoint presentations are useful for both personal and professional usage. Given below are a
few of the major fields where PPT is extremely useful:

● Education – With e-learning and smart classes being chosen as a common mode of
education today, PowerPoint presentations can help in making education more interactive
and attract students towards the modified version of studying

2024-25 Digital Empowerment Page 41 of 151

 ● Marketing – In the field of marketing, PowerPoint presentations can be extremely
important. Using graphs and charts, numbers can be shown more evidently and clearly
which may be ignored by the viewer if being read
● Business – To invite investors or to show the increase or decrease in profits, MS
PowerPoint can be used
● Creating Resumes – Digital resumes can be formed using MS PowerPoint. Different
patterns, photograph, etc. can be added to the resume
● Depicting Growth – Since both graphics and text can be added in a presentation,
depicting the growth of a company, business, student’s marks, etc. is easier using PPT

Teams

Microsoft Teams is a persistent chat-based collaboration platform complete with document

sharing, online meetings, and many more extremely useful features for business
communications.

Having an excellent team space is key to being able to make creative decisions and communicate
with one another. Shared workspace software makes this much easier to achieve, especially if a
particular team is based in a very large company, has many remote employees, or is made up of a
significant amount of team members.

Microsoft Teams features make it stand out from other collaboration software:

● Teams and channels. Teams are made up of channels, which are conversation boards
between teammates.
● Conversations within channels and teams. All team members can view and add to
different conversations in the General channel and can use an @ function to invite other
members to different conversations, not unlike Slack.
● A chat function. The basic chat function is commonly found within most collaboration
apps and can take place between teams, groups, and individuals.
● Document storage in SharePoint. Every team who uses Microsoft Teams will have a
site in SharePoint Online, which will contain a default document library folder. All files
shared across all conversations will automatically save to this folder. Permissions and
security options can also be customized for sensitive information.
● Online video calling and screen sharing. Enjoy seamless and fast video calls to
employees within your business or clients outside your business. A good video call
feature is great to have on a collaboration platform. One can also enjoy simple and fast
desktop sharing for technical assistance and multi-user real-time collaboration.
● Online meetings. This feature can help enhance your communications, company-wide
meetings, and even training with an online meetings function that can host up to 10,000
users. Online meetings can include anyone outside or inside a business. This feature also
includes a scheduling aid, a note-taking app, file uploading, and in-meeting chat
messaging.
● Audio conferencing. This is a feature you won’t find in many collaboration platforms.
With audio conferencing, anyone can join an online meeting via phone. With a dial-in

2024-25 Digital Empowerment Page 42 of 151

 number that spans hundreds of cities, even users that are on the go can participate with no
internet required. Note this requires additional licensing.
● Full telephony. That’s right! The days of seeking VoIP vendors and overspending on a
phone system are finally over. Microsoft 365 Business Voice (now called Teams Phone)
can completely replace your business’ existing phone system. Note this requires
additional licensing.

Using Microsoft Teams

Microsoft Teams is incredibly straightforward and user-friendly. There is little to no set up
required. Still, some thought should be put into how a business wants to use the platform before
rolling it out across the company.

There are two main options to consider:

● The Organic Approach. A business can choose to immediately implement Microsoft

Teams in a “complete free for all” fashion where everyone in the company can do
whatever they want with the platform, and the adoption and usage of the Microsoft
Teams platform can grow organically.
● The Controlled Approach. This more managed approach involves mandating Microsoft
Teams’ use for specific aspects of the company. It also involves tightly controlling who is
able to use it and who can do certain things within it, resulting in a phased rollout plan
across the company.

You can choose to do something involving both of these approaches or something somewhere in
between. What is right for a particular business depends on its culture and use cases. Teams can
be controlled and configured directly from the Teams admin centre.

From the user standpoint, Teams is very intuitive and the learning curve is quite small compared
to more complicated collaboration tools.

Bespoke training can be provided if needed for team members, but there are also excellent online
user training materials available from Microsoft. These materials are presented as a series of very
short videos on how to do different things and execute different functions within Microsoft
Teams. Because of how easy and simple it is to share documents within Microsoft Teams to
multiple or all members, custom training materials and business guidelines can be made
available within the platform for new users or employees to access.

Teams is a powerful and extremely useful collaboration environment that will only get more
popular. Microsoft Teams is included in Office 365 for free, so any Office user can enjoy all the
benefits of this collaboration solution. In summary, it brings simplicity to teamwork by
collaborating, sharing, communicating and doing it all under one platform.

To-do

2024-25 Digital Empowerment Page 43 of 151

Microsoft To Do is a simple and intelligent to-do list that helps you manage all your tasks in one
place. You can work through your tasks for the day in My Day and create any number of
additional lists to organize your work, groceries, travel, shopping, movies to watch - you get the
idea!

In each list you can add as many tasks as you like. Keep everything on track by setting due dates
and reminders for each task and starring your most important tasks. Use steps to break down
your larger tasks in to more manageable pieces and notes to record extra details. Since all of your
tasks are stored on Exchange Online servers, they'll also appear automatically in Outlook tasks.

Microsoft To Do is a simple and intelligent to-do list that helps you manage all your tasks in one
place. You can work through your tasks for the day in My Day and create any number of
additional lists to organize your work, groceries, travel, shopping, movies to watch - you get the
idea!

A simple but powerful to do solution

Microsoft to-do is super easy to set up and get started with. It is easy to share list with other users
and collaborate on tasks. The pricing isn't as even available for personal users for free. There is
no natural to-do input unlike competitors.

2024-25 Digital Empowerment Page 44 of 151

Digital Inclusion and Digital Empowerment-
Needs and Challenges
Needs of Digital Empowerment

Digital empowerment requires addressing several key needs to effectively enable

individuals to navigate and benefit from digital technologies. These needs include:

Access to digital infrastructure: Individuals need access to reliable and affordable internet
connectivity, computers, smartphones, and other digital devices. Access to broadband internet is
particularly important for ensuring equitable digital empowerment.

Digital literacy and skills: People need the knowledge and skills to effectively use digital tools,
platforms, and services. This includes basic digital literacy skills, such as understanding how to
use email, browse the internet, and use productivity software. It also extends to more advanced
skills like coding, data analysis, and cybersecurity.

Education and training: Providing educational opportunities and training programs that focus on
digital skills is crucial. These programs can be formal or informal and should be designed to
cater to different age groups, skill levels, and learning styles. Education and training should not
only focus on technical skills but also on critical thinking, problem-solving, and digital
citizenship.

Digital confidence and motivation: Building individuals confidence in using digital technologies
is important. Many people may feel hesitant or intimidated by new technologies, especially if
they lack prior experience or have had negative interactions. Digital empowerment efforts should
foster a positive and supportive environment that encourages individuals to explore, experiment,
and take risks with digital tools.

Content relevance and diversity: Ensuring that digital content is relevant, inclusive, and
representative of diverse perspectives is essential for digital empowerment. People should have
access to content that meets their needs and interests, promotes cultural diversity, and addresses
local and global challenges.

Collaboration and community engagement: Collaboration among stakeholders, including

governments, civil society organizations, educational institutions, and the private sector, is
crucial for digital empowerment. Creating partnerships and engaging with local communities can
help tailor digital empowerment initiatives to specific needs and contexts, ensuring they are
sustainable and impactful.

Policy and regulatory framework: A supportive policy and regulatory environment is essential
for digital empowerment. Governments should implement policies that promote affordable
access, protect digital rights and privacy, and foster innovation and digital entrepreneurship.
Adequate regulations should also be in place to address issues like cybersecurity, digital literacy
in schools, and digital inclusion for marginalized communities.

2024-25 Digital Empowerment Page 45 of 151

1.2. Challenges in Digital Empowerment

Digital empowerment faces several challenges that can hinder its effectiveness and widespread
implementation. Some of the key challenges include:

Digital divide: The digital divide refers to the unequal distribution of access to digital
technologies and resources. Disparities in internet access, connectivity, and availability of digital
devices can prevent certain groups or regions from fully participating in digital empowerment
initiatives. Bridging the digital divide requires addressing infrastructure gaps, affordability
issues, and ensuring access for marginalized communities.

Limited digital skills and literacy: Many individuals lack the necessary digital skills and literacy
to effectively use and navigate digital technologies. This can be due to factors such as limited
educational opportunities, lack of training programs, or inadequate awareness about the benefits
of digital literacy. Closing the digital skills gap requires comprehensive educational programs
and training initiatives that cater to diverse populations and skill levels.

Technological advancements and digital literacy: Rapid advancements in technology can pose
challenges for digital empowerment efforts. As new technologies emerge, individuals need to
continually update their digital skills and adapt to changing platforms and tools. Keeping up with
technological advancements and ensuring ongoing digital literacy becomes crucial to prevent
skill obsolescence and exclusion.

Digital safety and security: Cybersecurity threats, online scams, and privacy concerns pose
significant challenges to digital empowerment. Many individuals may be hesitant to engage with
digital technologies due to fears of cybercrime or privacy breaches. Promoting digital safety and
security through education, awareness campaigns, and robust cybersecurity measures is essential
for building trust and confidence in the digital ecosystem.

Inclusion of marginalized groups: Ensuring digital empowerment for all requires particular
attention to marginalized groups, such as low-income individuals, rural communities, persons
with disabilities, and older adults. These groups may face additional barriers, including
affordability issues, lack of accessibility features, language barriers, and limited awareness of
available resources. Tailoring digital empowerment initiatives to address the specific needs and
challenges of marginalized groups is crucial for achieving true inclusivity.

Resistance to change and digital culture: Some individuals may be resistant to adopting digital
technologies due to cultural or personal preferences, lack of awareness, or fear of change.
Overcoming resistance to change and fostering a positive digital culture requires effective
communication, community engagement, and demonstrating the value and benefits of digital
empowerment.

Sustainable funding and resources: Digital empowerment initiatives require sustained funding
and resources to be effective and impactful. Securing long-term funding and resources can be a
challenge, especially for non-profit organizations and initiatives targeting marginalized
communities. Sustainable funding models, partnerships with stakeholders, and advocacy for

2024-25 Digital Empowerment Page 46 of 151

digital empowerment at policy levels are important in addressing this challenge.
Vision of Digital India
Digital India Mission
The Digital India Mission, launched by Prime Minister Narendra Modi on July 1, 2015, aims to
transform India into a digitally empowered society and knowledge economy. The mission seeks
to make government services accessible to citizens electronically by improving online
infrastructure and enhancing internet connectivity.
What is Digital India Programme?
Digital India Mission is sometimes also referred to as Digital India Programme which was
launched in July 2015 by Prime Minister Narendra Modi. Digital India Programme envisions
comprehensive digital infrastructure, increased digital literacy, and widespread digital access
across all sectors, from governance and education to health and financial services. The Digital
India initiative seeks to bridge the digital divide, promote digital inclusion, and leverage
technology to enhance the quality of life for all citizens while promoting economic growth and
innovation.

The Digital India Initiative holds the potential to reshape the very fabric of our nation, fostering
innovation, connectivity, and empowerment across every stratum of society. In this article, you
will get all about Digital India Mission, its pillars, vision, impact, advantages and challenges in
detail for your exam preparation.

Digital India for New India

Digital India for New India is a vision to create a new India where all citizens have access to the
benefits of digital technology. This includes access to education, healthcare, financial services,
and government services. It also includes the ability to participate in the digital economy and to
create new opportunities for oneself. Digital India for New India is being driven by many
initiatives, including:

Vision of Digital India Mission

The Digital India Mission envisions a comprehensive transformation of India into a digitally
empowered society and knowledge economy. This ambitious program, launched by the Indian
government, seeks to leverage the power of technology to bridge the gap between urban and
rural communities, enhance government services, and drive economic growth.

Digital Infrastructure
One of the primary visions of the Digital India initiative is to establish a robust and inclusive
digital infrastructure. This includes the expansion of high-speed internet connectivity to every
corner of the country, ensuring that even remote areas have access to the digital world. By
bridging the digital divide, the initiative aims to promote equitable access to information,
education, and opportunities, levelling the playing field for all citizens.

Governance and Services

Governance and Services on Demand is another pivotal vision of Digital India. By digitizing
government processes and services, the initiative intends to streamline administrative procedures,
reduce paperwork, and promote transparency. Citizens will have the convenience of accessing
various government services online, eliminating the need for lengthy bureaucratic procedures.

2024-25 Digital Empowerment Page 47 of 151

This transformation not only enhances the citizen experience but also contributes to efficient and
accountable governance.

Digital Empowerment
Digital empowerment of citizens is a cornerstone vision of the initiative. Through digital literacy
programs and skill development initiatives, citizens are empowered to effectively use digital
tools and technologies. This empowerment goes beyond mere access to technology; it enables
individuals to participate in the digital economy, access educational resources, and engage in
various socio-economic activities. This vision aligns with India’s aspirations to create a digitally
savvy population that can harness the opportunities offered by the digital age.

Digital Literacy
Universal digital literacy is closely linked to the initiative’s vision. By providing digital literacy
training to every citizen, regardless of age or background, Digital India aims to equip individuals
with the skills needed to navigate the digital world confidently. This becomes particularly
significant in a country as diverse as India, where digital literacy can bridge gaps and foster
social inclusion.

Digital Financial Inclusion

Digital financial inclusion is another critical vision of Digital India. By promoting digital
payment systems and enhancing access to financial services, the initiative seeks to bring the
unbanked and underbanked population into the formal financial sector. This not only empowers
individuals economically but also contributes to the growth of a cashless economy and reduces
the dependence on physical currency.

Innovation and Startups

Furthermore, Digital India envisions nurturing innovation and startups in the digital domain. By
fostering a conducive environment for startups, the initiative aims to tap into the potential of
young entrepreneurs, driving technological advancements and job creation. The focus on
electronics manufacturing supports this vision, promoting local production and reducing import
dependence.

In the pursuit of these visions, Digital India places a strong emphasis on cybersecurity. As digital
systems become more prevalent, protecting sensitive data and digital infrastructure becomes
paramount. The initiative aims to bolster the cybersecurity ecosystem, ensuring a secure digital
environment for both citizens and businesses.

Impact of Digital India Mission

The Digital India Mission has had a profound impact on various sectors of the Indian economy
and society. Here are some of the notable impacts of the Digital India Mission:

Access to Services: Digital India has significantly improved access to government services,
reducing bureaucratic hurdles and making services more transparent and efficient. Citizens can
now access a wide range of services online, such as applying for passports, licenses, and
certificates.
Financial Inclusion: Initiatives like the BHIM UPI have revolutionized digital payments,

2024-25 Digital Empowerment Page 48 of 151

enabling even those without bank accounts to engage in seamless financial transactions. This has
promoted financial inclusion and reduced the dependency on cash.
E-Governance: Digital India has transformed governance through the implementation of
e-governance systems. Online platforms have streamlined processes, reduced corruption, and
improved service delivery, ensuring better accountability and transparency.
Education and Skill Development: Digital platforms like SWAYAM and e-learning initiatives
have expanded access to quality education and skill development opportunities. It has enabled
remote learning, making education more inclusive and accessible to all.
Healthcare Services: The e-Hospital initiative has improved healthcare services by digitizing
patient records, appointment systems, and medical history. Telemedicine and digital health
platforms have connected patients to healthcare professionals, especially in remote areas.
Agriculture and Rural Development: Digital platforms such as e-NAM have empowered farmers
by providing them with an online marketplace to sell their produce directly to buyers.
Additionally, BharatNet has extended high-speed internet connectivity to rural areas, enabling
digital services and information access.
Startups and Innovation: Startup India has nurtured a vibrant startup ecosystem by offering
incentives, funding, and mentorship. This has fostered innovation, technological advancement,
and job creation in emerging sectors.
Economic Growth: Digital transformation has contributed to economic growth by enhancing
efficiency and productivity across sectors. It has also attracted foreign investment, bolstering
India’s reputation as a tech-savvy nation.
Infrastructure Development: Initiatives like BharatNet have strengthened digital infrastructure
across the country, connecting even the remotest regions to the digital world. This has paved the
way for further technological advancements.
Empowerment of Citizens: Digital India has empowered citizens by providing them with access
to information, enabling participation in governance through platforms like MyGov, and
facilitating direct communication with authorities through social media.
Environmental Impact: Digitization has led to reduced paper usage, contributing to
environmental conservation. Online services have minimized the need for physical documents
and paperwork, thus promoting sustainability.
Global Recognition: The Digital India initiative has garnered international attention and
recognition, positioning India as a frontrunner in digital transformation and technological
innovation.

Advantages of Digital India Initiative

The Digital India Initiative has brought forth a multitude of advantages that have positively
impacted various aspects of Indian society and economy. Some key advantages of Digital India
Mission include:

Empowering Rural Communities

One of the significant advantages of the Digital India initiative is its impact on rural
communities. With the availability of digital tools and internet connectivity in remote areas,
farmers can access real-time information about weather conditions, market prices, and
agricultural techniques. For instance, the Kisan Suvidha app provides farmers with valuable
insights, enabling them to make informed decisions regarding crop planning and pricing. This
digital empowerment enhances agricultural productivity and improves the livelihoods of rural

2024-25 Digital Empowerment Page 49 of 151

populations.

Financial Inclusion
Digital India has played a pivotal role in advancing financial inclusion across the country. The
Pradhan Mantri Jan Dhan Yojana (PMJDY) aimed to provide banking services to the unbanked
population. This initiative has successfully brought millions of people into the formal banking
system. For instance, Jan Dhan accounts offer access to debit cards, insurance, and overdraft
facilities. This inclusion in the formal financial sector not only facilitates secure transactions but
also fosters economic growth and poverty reduction.

E-Governance and Transparency

The digital transformation of government services through e-governance platforms has
minimized corruption and enhanced transparency. Initiatives like the Direct Benefit Transfer
(DBT) scheme ensure that subsidies and benefits reach the intended beneficiaries directly,
eliminating intermediaries. This has significantly reduced leakage and improved the
effectiveness of social welfare programs. For instance, the PDS system digitization in states like
Chhattisgarh has reduced corruption and improved the distribution of essential commodities to
the needy.

Educational Revolution
Digital India has revolutionized education by democratizing access to quality learning resources.
The SWAYAM platform offers free online courses from top institutions, enabling individuals to
pursue higher education and upskilling irrespective of their geographical location. Additionally,
initiatives like Diksha provide digital content for teachers and students, making education
interactive and engaging. This educational revolution has the potential to bridge the urban-rural
education gap and create a skilled workforce for the future.

Healthcare Accessibility
The National Digital Health Mission (NDHM) is transforming healthcare accessibility by
creating digital health records for citizens. This initiative enables seamless sharing of medical
information across healthcare providers, ensuring accurate diagnosis and treatment. Telemedicine
platforms like eSanjeevani have facilitated remote consultations, especially during the
COVID-19 pandemic. These digital healthcare solutions bridge the gap between urban and rural
healthcare services, ensuring quality medical assistance to all.

Efficiency in Governance
The adoption of digital platforms has streamlined government processes and improved the
efficiency of public services. Initiatives like Digital Locker provide citizens with a secure digital
space to store essential documents. This eliminates the need for physical copies and reduces
bureaucratic delays. Similarly, the introduction of the Goods and Services Tax Network (GSTN)
has simplified tax administration, benefiting both businesses and the government through
enhanced revenue collection.

Entrepreneurial Opportunities
Digital India has fostered a conducive environment for entrepreneurship and innovation. Startups
in sectors like fintech, e-commerce, and edtech have flourished, creating job opportunities and

2024-25 Digital Empowerment Page 50 of 151

contributing to economic growth. For example, the success of platforms like Paytm, Flipkart etc.
demonstrates how digital entrepreneurship can disrupt traditional business models and create
novel solutions to societal challenges.

Public Utility Portals of Govt.

RTI Portal :The Right to Information Act, 2005 provides citizens of India with the right to access
information held by public authorities. The RTI portal, managed by the Government of India, is
an online platform that facilitates the filing of RTI applications and appeals.

Features of the RTI Portal:

Filing RTI Applications: The RTI portal allows individuals to file RTI applications online,
making the process more convenient and accessible. Users can submit their queries, requests for
information, or seek clarification from various government departments and public authorities.

Online Payment: The portal enables users to pay the prescribed RTI application fees online
securely. This streamlines the payment process and eliminates the need for physical transactions.

Tracking Application Status: Once an RTI application is filed, the portal provides a unique
registration number that allows users to track the status of their applications. It ensures
transparency and helps individuals stay informed about the progress of their requests.

Submission of First Appeals: In case the applicant is dissatisfied with the response received or
does not receive a response within the specified time frame, the RTI portal also allows for the
online submission of first appeals. This ensures that individuals can seek further recourse if their
right to information is not adequately addressed.

Information Repository: The portal serves as a repository of frequently asked questions (FAQs),
circulars, guidelines, and other relevant information related to the Right to Information Act. It
provides users with comprehensive resources to understand and navigate the RTI process
effectively.

Benefits of the RTI Portal:

Accessibility: The online platform makes the RTI process accessible to a wider population,
eliminating the need for physical visits to government offices.

Efficiency: The portal streamlines the application filing process, reducing paperwork and
administrative burden, thereby improving efficiency and reducing response times.

Transparency: The tracking feature of the portal enhances transparency, ensuring that citizens

2024-25 Digital Empowerment Page 51 of 151

can monitor the progress of their applications and appeals.

Convenience: With the availability of online payment options and round-the-clock accessibility,
the portal offers convenience to users, allowing them to file applications at their convenience.

Digital India Portal :-

Digital India is owned company by experts who have been in the e-gov services industry since
2017. The company establishes business relationships with operators, consumers, merchants and
vendors networks, financial institutions and infrastructure providers. Digital India plays a critical
role ensuring the success of the system, allowing to all parties to maximize the benefits.

Digital India is a allied services provider company that offers e-governance services , high
successful electronic payment solutions and services for telecommunications operators, utility
operators within the region.

Digital India brings in a great opportunity for retailer to make use of various web based services
to serve their clients with a low investment cost DigitalIndia Portal.

Digital India Portal provides consumers this convenience by creating a franchise network of
conventional mom and pop stores located in the consumer's neighborhood. These franchisees are
equipped with a multifunctional terminal, which is connected to the service providers' servers
and executes transactions on a real-time basis. DigitalIndia Portal has contractual agreements
with service providers and is authorized to issue legally valid reservations and receipts to
consumers.

Mission

Connecting the middle and low-income groups and providing world-class service

Bring convenience to the consumer's doorstep, enabling them to access a diversified range of
services through a vibrant delivery mechanism

We wish to create innovative products and solutions catering to vast audience and contributing
positively to the growth of our nation "Sab Kuch DIGITAL"

2024-25 Digital Empowerment Page 52 of 151

 Vision

Empower the youth with entrepreneurial opportunities while contributing to the country's
growth.

Be India's first and largest "Fast Moving Consumer Services" company

We wish to create innovative products and solutions catering to vast audience and contributing
positively to the growth of our nation

To be the most preferred cutting-edge solution provider in the sphere of Travel and IT related
services globally.

In India, several government portals and initiatives have been launched to promote digital
empowerment and provide citizens with easy access to various public services. Here are some of
the key portals and their features:

1. DigiLocker

● Website: DigiLocker
● Description: A secure cloud-based platform for storage, sharing, and verification of
documents and certificates. It aims to eliminate the use of physical documents.
● Services: Digital document storage, sharing with government authorities, and verification
of documents.

2. UMANG (Unified Mobile Application for New-age Governance)

● Website: UMANG
● Description: A single mobile app providing access to various government services from
central, state, and local bodies.
● Services: Access to services like EPFO, PAN, Aadhaar, DigiLocker, and more.

3. e-Sign

● Website: e-Sign
● Description: An online electronic signature service that allows citizens to sign documents
digitally.

2024-25 Digital Empowerment Page 53 of 151

 ● Services: Digital signing of documents for various government and private services.

4. BharatNet

● Website: BharatNet
● Description: A project to provide high-speed broadband connectivity to rural areas,
enhancing digital inclusion.
● Services: Broadband infrastructure to facilitate e-governance, e-health, e-education, and
more.

5. CSC (Common Services Centers)

● Website: CSC
● Description: Access points for delivery of essential public utility services, social welfare
schemes, healthcare, financial, education, and agriculture services.
● Services: Aadhaar services, banking, telemedicine, education, and more.

6. Aadhaar

● Website: UIDAI
● Description: The world's largest biometric ID system, providing a unique identification
number to residents of India.
● Services: Authentication services, e-KYC, linking Aadhaar to various services like
banking, mobile numbers, etc.

7. MyGov

● Website: MyGov
● Description: A citizen engagement platform to promote participatory governance.
● Services: Opportunities to participate in discussions, tasks, and contribute to government
policies and programs.

8. e-Governance Services

● Website: National e-Governance Plan (NeGP)

● Description: Initiatives to make all government services accessible to the common man in
their locality through common service delivery outlets.
● Services: Various e-governance initiatives under NeGP like e-District, e-Office, e-Courts,
etc.

9. PMJDY (Pradhan Mantri Jan Dhan Yojana)

● Website: PMJDY
● Description: A financial inclusion program to provide affordable access to financial
services like banking, savings, deposits, remittance, credit, insurance, and pensions.
● Services: Opening of zero-balance bank accounts, issuance of debit cards, and access to
microfinance.

2024-25 Digital Empowerment Page 54 of 151

10. National Scholarship Portal (NSP)

● Website: NSP
● Description: A one-stop solution for various scholarship schemes offered by the
government.
● Services: Application, processing, sanction, and disbursal of scholarships.

These portals collectively contribute to the digital empowerment of citizens by providing them
with accessible, efficient, and transparent services.

2024-25 Digital Empowerment Page 55 of 151

Towards Safe and Secure CyberSpace
Online security and privacy
What Is Online Privacy? A Definition
The standard definition of privacy incorporates two important elements: “the state of being alone
and not being watched or interrupted by other people.”

When you are by yourself, scrolling through your go-to social media app, you are physically
alone. However, you are also “watched or interrupted by other people.” While they may not be in
the same room, you are still a number on a screen for someone. On top of that, you are constantly
interrupted by ads that interfere with your videos, articles, and browsing.

Although this situation may feel private, it is not.

That is why the definition of online privacy covers your natural (and justified) expectation to
have your personal data protected and your behavior not tracked when you are connected to the
Internet. At least not without your explicit consent.

But what exactly does “personal data” include? Let’s find out.

What Is Personal Data?

According to the General Data Protection Regulation (GDPR), “personal data is any information
that relates to an identified or identifiable living individual. Different pieces of information,
which collected together can lead to the identification of a particular person, also constitute
personal data.”

Online privacy is deeply rooted in our fundamental need for safety. If you find it natural to
protect your home and physical belongings, the same applies to your digital life. No matter what
technology you use (or do not), privacy gives you control over your identity and all the things it
is made of.

But because things are not as palpable or visible to everyone, online privacy is not on the priority
list for most people. Moreover, the complex technological, legal, commercial, and social combo
does not make online privacy easy to achieve. However, it does make it essential.

"It’s not just the way we interact with the Internet, it’s also the way the world interacts with
us. For instance, we’re shopping somewhere, maybe in a mall or at the corner shop, and our
face and voice get actively recorded by surveillance cameras. This information is also stored
and processed in a way that we cannot oppose, which makes things even worse."
Bogdan Botezatu (Director of Threat Research and Reporting, Bitdefender)

Is Online Privacy a Myth?

So if simply connecting to the Internet involves some form of tracking or surveillance, is online
privacy a myth?

Because privacy is not considered a standard in our connected world, it may appear so. But for
those who believe in this right, online privacy is achievable. Not everywhere and not all the time
but when and where it matters the most.

2024-25 Digital Empowerment Page 56 of 151

Every time you sign up for a new app or make a purchase, you agree with a set of terms and
conditions. Your agreement means organizations can legally collect information about you such
as what you buy, which websites you visit, and your preferences related to a wide range of
topics. Although this type of personal data collection is legal, it does not mean you cannot take
steps to limit these privacy invasion tactics.

Online privacy exists and it is up to each and every one of us to make it the norm instead of the
exception.

Why Is Online Privacy Important?

To do something about your online privacy, you first have to believe it is worth it.

Online privacy is involved in everything from how technology evolves to how this evolution
impacts your personal safety and security. The real, “offline” dangers that poor online privacy
creates include doxing, harassment, extortion, and swatting, to name a few.

Let’s talk about how it affects you personally.

You probably do not want thieves to know you live alone or the exact time you are not home,
giving them an opportunity to break into your apartment. You do not want to give scammers a
chance to use your date and place of birth and other personal data to take out loans in your name.
You also expect cyber-criminals to be stopped before they can trick you into opening malicious
emails that install malware which records everything you type.

"We can look at our personal data as something hackers either directly exploit or use as soon as
they get a hold of it. It’s also something they can trade with other cybercriminal organizations.
So, personal data is commoditized. It has a price. Your medical data, your financial history, your
credit card data, your online shopping preferences have a price."
Liviu Arsene (Senior E-Threat Analyst, Bitdefender)

Take a moment to list your most important online accounts. They may include your online
banking account, your email address, and your favorite social media platform.

Now try to list the types of information they have about you. You don’t have to look far, just start
with your social media profiles! You probably shared your phone number and contacts, email,
your place and date of birth, where you work, where you went to school, and your relationship
status.

This is an opportunity to evaluate whether the trade-off between your privacy and the benefits
you get by using that service is still fair. Remember you can revoke their rights at any time, even
if you have been comfortable using a product or a service until now.

Internet privacy is important because it gives you control over your identity and personal
information. Without that control, anyone with the intention and means can manipulate your
identity to serve their goals, whether it is selling you a more expensive vacation or stealing your
savings.

What you post on social media, what you write about in the comments section of websites, and

2024-25 Digital Empowerment Page 57 of 151

how well you protect your data also influence the people closest to you, whether it’s family,
friends, or colleagues (your boss included!).

That is why everything you do for your own privacy also has a positive impact on others.

Examples of Threats to Your Online Privacy

The things that chip away at your privacy on the Internet are both big and small. They also add
up. Let’s review the most frequent issues that consistently reduce your safety online.

Weak, Reused Passwords

At some point or another, we all used weak passwords. Maybe you still do. It is not uncommon.
But it is, however, one the biggest threats to your privacy.

Reusing weak passwords is one of the leading causes for the massive data breaches you see in
the news. That is because it allows cyber criminals to break into multiple accounts at once and
engage in identity theft or financial fraud - often both.

Oversharing
Social media and other technology advancements have made it incredibly easy to share every
aspect of our lives to expand our social ties. Oversharing is a consequence of that which often
goes unnoticed because so many people do it.

Oversharing gives malicious onlookers more information about you than you would ever want to
divulge. Posting videos of your home gives them a full map of your belongings and how to get to
them. Pictures of your boarding passes reveal how long you will be gone and where you are
traveling. With every post, you create a clearer picture of your life, habits, key relationships, and
possessions.

IoT Devices
Another threat to your online privacy: all the Internet-connected devices that are constantly
listening, recording, and gathering data about you.

Our shopping lists, our body temperature, the contents of our fridge – we have been producing
this personal data for years, but no one has been interested in it before. Now we have connected
toothbrushes, toasters, and TVs all over the place.

IoT devices are easy to use, and they keep getting better and better, increasing the risks to your
online privacy on the way.

Unsecured Web Browsing

The browser is probably the app you use the most on your devices - consciously or not. Each
time you open a link or run an online search, your default browser is one of the main ways you
connect to the Internet. You may even have let it remember your passwords.

Cyber-criminals know that too! And they’re going after everything in it through malicious
extensions, infected ads, links that lead to scam websites, and a lot more.

2024-25 Digital Empowerment Page 58 of 151

Security and privacy risks usually come as a combo. Besides cyber-crooks and scammers,
companies can also build an accurate profile of you based on your browser history.

Security Vulnerabilities
It is not just your habits and the mechanisms of the platforms and devices you use that weaken
your privacy on the Internet. Security vulnerabilities also create massive issues. They range from
data breaches, where a set of your personal data ends up in publicly accessible places online, to
security issues that make devices… misbehave.

Security vulnerabilities leak data that hurts not only your personal privacy online but also that of
millions of users which weakens the overall security level for all of us.

“There are two ways people usually find out their information was exposed online. They either
read the news and discover that a service provider or a company they use has been breached and
some of their personal information may have been leaked online. Or, if it doesn’t make the news,
they sometimes get an email from the breached company notifying them that <Hey, there’s been a
breach. Your personal information may have been affected.>”
Liviu Arsene (Senior E-Threat Analyst, Bitdefender)

Cyber-Attacks
Your online privacy has everything to do with your security on and off the Internet.

Relying on default settings for everything and using the simplest passwords you can set makes
you an easy target for cyber criminals.

Malicious hackers combine their tech skills with psychological manipulation to exploit your
habits and preferences so that you will click, tap, download, and open their traps.

They bait you into opening deceiving emails (phishing), taping links in misleading messages on
your phone (smishing), or even provide personal data in fake phone calls (vishing). Their attacks
almost always include malicious software designed to capture everything you type on your
device (keyloggers) and collect your usernames and passwords. They will later use them against
you to steal your money, access confidential information, or simply make your life hell.

“The information we have might be trivial for us. We all know where we live, what our date of
birth is, what shopping history we have and so on. But aggregated, this information depicts a
very, very complex and accurate overview of what our lives look like. And most of the time, we
cannot revoke the access we have already granted to organizations.”
Bogdan Botezatu (Director of Threat Research and Reporting, Bitdefender)

Anyone can become a target. Most ongoing cyber-attacks are automated and simply search for
people with unprotected accounts, apps, and devices, which are easy to hack into and maliciously
exploit.

What Can You Do Next?

Now that you have a solid grasp of what online privacy is and what threatens it, you can take

2024-25 Digital Empowerment Page 59 of 151

meaningful steps to reclaim it and protect it.

One of the first things you can do is set up an early-warning system that patrols the Internet for
you. Bitdefender Digital Identity Protection helps you take control of your online privacy and
personal data so you can take decisive action when something pops up on its radar. The service
monitors your digital footprint starting with just your email address and phone number and alerts
you if your personal data is leaked in new breaches and through privacy threats, including social
media impersonators.

With this automatic and constant scanning keeping watch for you, you can now work to build
your own privacy-protecting ecosystem.

Threats in digital world

The digital world is fraught with various threats that can impact individuals, businesses, and
governments. Here are some of the key threats:

Cybersecurity Threats

1. Malware: Malicious software, such as viruses, worms, Trojans, ransomware, and

spyware, designed to damage or disrupt systems, steal data, or gain unauthorized access.
2. Phishing: Fraudulent attempts to obtain sensitive information, such as usernames,
passwords, and credit card details, by disguising as a trustworthy entity in electronic
communications.
3. Ransomware: A type of malware that encrypts a victim's files, demanding a ransom to
restore access.
4. Denial-of-Service (DoS) Attacks: Attempts to make a machine or network resource
unavailable to its intended users by overwhelming it with a flood of internet traffic.
5. Man-in-the-Middle (MitM) Attacks: When an attacker secretly intercepts and possibly
alters the communication between two parties who believe they are directly
communicating with each other.
6. SQL Injection: A code injection technique that might destroy your database. SQL
injection is one of the most common web hacking techniques.
7. Zero-Day Exploits: Attacks that occur on the same day a weakness is discovered in
software before the developer has a chance to fix it.

Data and Privacy Threats

1. Data Breaches: Unauthorized access to confidential information, leading to the exposure

of sensitive data such as personal information, financial records, and intellectual property.
2. Identity Theft: The fraudulent acquisition and use of a person's private identifying
information, usually for financial gain.
3. Data Mining and Profiling: The process of gathering vast amounts of personal data and
analyzing it to identify patterns, which can be used for marketing, surveillance, or other
purposes.

Threats to Infrastructure

2024-25 Digital Empowerment Page 60 of 151

 1. Critical Infrastructure Attacks: Cyber attacks targeting critical infrastructure, such as
power grids, water supply systems, and communication networks, can cause widespread
disruption and harm.
2. IoT Vulnerabilities: The proliferation of Internet of Things (IoT) devices introduces
numerous security vulnerabilities, as these devices often lack robust security measures.

Social Engineering Threats

1. Pretexting: An attacker creates a fabricated scenario to obtain private information from

individuals.
2. Baiting: Enticing victims with a promise (like free software) to get them to reveal
sensitive information or download malware.
3. Quid Pro Quo: Offering a benefit in exchange for information or access.

Emerging Threats

1. Artificial Intelligence (AI) Exploits: The use of AI to automate attacks, such as creating
deepfakes for fraudulent purposes or developing AI-driven malware.
2. Cryptojacking: Unauthorized use of someone’s computer to mine cryptocurrency.
3. Quantum Computing Threats: Potential future threats from quantum computing, which
could break current encryption methods, compromising data security.

Insider Threats

1. Malicious Insiders: Employees or contractors who intentionally misuse their access to

systems for malicious purposes.
2. Unintentional Insiders: Employees who unintentionally cause security breaches by
falling for phishing attacks or mishandling sensitive information.

Strategies to Mitigate Threats

1. Strong Authentication: Implementing multi-factor authentication to enhance security.

2. Regular Software Updates: Keeping systems and software up-to-date to protect against
known vulnerabilities.
3. Employee Training: Educating employees about cybersecurity best practices and how to
recognize phishing attempts.
4. Data Encryption: Encrypting sensitive data to protect it from unauthorized access.
5. Network Security: Using firewalls, intrusion detection systems, and other network
security measures to protect against attacks.
6. Incident Response Plans: Having a robust incident response plan to quickly address and
mitigate the effects of cyber incidents.
7. Security Audits: Regularly conducting security audits and assessments to identify and
address potential vulnerabilities.

By understanding and addressing these threats, individuals and organizations can better protect
themselves in the digital world.

2024-25 Digital Empowerment Page 61 of 151

 Block chain technology
What is blockchain technology?

Blockchain technology is an advanced database mechanism that allows transparent information

sharing within a business network. A blockchain database stores data in blocks that are linked
together in a chain. The data is chronologically consistent because you cannot delete or modify the
chain without consensus from the network. As a result, you can use blockchain technology to create
an unalterable or immutable ledger for tracking orders, payments, accounts, and other transactions.
The system has built-in mechanisms that prevent unauthorized transaction entries and create
consistency in the shared view of these transactions.

Why is blockchain important?

Traditional database technologies present several challenges for recording financial transactions.
For instance, consider the sale of a property. Once the money is exchanged, ownership of the
property is transferred to the buyer. Individually, both the buyer and the seller can record the
monetary transactions, but neither source can be trusted. The seller can easily claim they have not
received the money even though they have, and the buyer can equally argue that they have paid the
money even if they haven’t.

To avoid potential legal issues, a trusted third party has to supervise and validate transactions. The
presence of this central authority not only complicates the transaction but also creates a single point
of vulnerability. If the central database was compromised, both parties could suffer.

Blockchain mitigates such issues by creating a decentralized, tamper-proof system to record

transactions. In the property transaction scenario, blockchain creates one ledger each for the buyer
and the seller. All transactions must be approved by both parties and are automatically updated in
both of their ledgers in real time. Any corruption in historical transactions will corrupt the entire
ledger. These properties of blockchain technology have led to its use in various sectors, including
the creation of digital currency like Bitcoin.

2024-25 Digital Empowerment Page 62 of 151

How do different industries use blockchain?

Blockchain is an emerging technology that is being adopted in innovative manner by various

industries. We describe some use cases in different industries in the following subsections:

Energy

Energy companies use blockchain technology to create peer-to-peer energy trading platforms and
streamline access to renewable energy. For example, consider these uses:

● Blockchain-based energy companies have created a trading platform for the sale of
electricity between individuals. Homeowners with solar panels use this platform to sell their
excess solar energy to neighbors. The process is largely automated: smart meters create
transactions, and blockchain records them.
● With blockchain-based crowd funding initiatives, users can sponsor and own solar panels in
communities that lack energy access. Sponsors might also receive rent for these
communities once the solar panels are constructed.

Finance

Traditional financial systems, like banks and stock exchanges, use blockchain services to manage
online payments, accounts, and market trading. For example, Singapore Exchange Limited, an
investment holding company that provides financial trading services throughout Asia, uses
blockchain technology to build a more efficient interbank payment account. By adopting
blockchain, they solved several challenges, including batch processing and manual reconciliation of
several thousand financial transactions.

Media and entertainment

Companies in media and entertainment use blockchain systems to manage copyright data.
Copyright verification is critical for the fair compensation of artists. It takes multiple transactions to
record the sale or transfer of copyright content. Sony Music Entertainment Japan uses blockchain
services to make digital rights management more efficient. They have successfully used blockchain

2024-25 Digital Empowerment Page 63 of 151

strategy to improve productivity and reduce costs in copyright processing.

Retail

Retail companies use blockchain to track the movement of goods between suppliers and buyers. For
example, Amazon retail has filed a patent for a distributed ledger technology system that will use
blockchain technology to verify that all goods sold on the platform are authentic. Amazon sellers
can map their global supply chains by allowing participants such as manufacturers, couriers,
distributors, end users, and secondary users to add events to the ledger after registering with a
certificate authority.

What are the features of blockchain technology?

Blockchain technology has the following main features:

Decentralization

Decentralization in blockchain refers to transferring control and decision making from a centralized
entity (individual, organization, or group) to a distributed network. Decentralized blockchain
networks use transparency to reduce the need for trust among participants. These networks also
deter participants from exerting authority or control over one another in ways that degrade the
functionality of the network.

Immutability

Immutability means something cannot be changed or altered. No participant can tamper with a
transaction once someone has recorded it to the shared ledger. If a transaction record includes an
error, you must add a new transaction to reverse the mistake, and both transactions are visible to the
network.

2024-25 Digital Empowerment Page 64 of 151

Consensus

A blockchain system establishes rules about participant consent for recording transactions. You can
record new transactions only when the majority of participants in the network give their consent.

What are the key components of blockchain technology?

Blockchain architecture has the following main components:

A distributed ledger

A distributed ledger is the shared database in the blockchain network that stores the transactions,
such as a shared file that everyone in the team can edit. In most shared text editors, anyone with
editing rights can delete the entire file. However, distributed ledger technologies have strict rules
about who can edit and how to edit. You cannot delete entries once they have been recorded.

Smart contracts

Companies use smart contracts to self-manage business contracts without the need for an assisting
third party. They are programs stored on the blockchain system that run automatically when
predetermined conditions are met. They run if-then checks so that transactions can be completed
confidently. For example, a logistics company can have a smart contract that automatically makes
payment once goods have arrived at the port.

Public key cryptography

Public key cryptography is a security feature to uniquely identify participants in the blockchain
network. This mechanism generates two sets of keys for network members. One key is a public key
that is common to everyone in the network. The other is a private key that is unique to every
member. The private and public keys work together to unlock the data in the ledger.

2024-25 Digital Empowerment Page 65 of 151

For example, John and Jill are two members of the network. John records a transaction that is
encrypted with his private key. Jill can decrypt it with her public key. This way, Jill is confident that
John made the transaction. Jill's public key wouldn't have worked if John's private key had been
tampered with.

How does blockchain work?

While underlying blockchain mechanisms are complex, we give a brief overview in the following
steps. Blockchain software can automate most of these steps:

Step 1 – Record the transaction

A blockchain transaction shows the movement of physical or digital assets from one party to
another in the blockchain network. It is recorded as a data block and can include details like these:

● Who was involved in the transaction?

● What happened during the transaction?
● When did the transaction occur?
● Where did the transaction occur?
● Why did the transaction occur?
● How much of the asset was exchanged?
● How many pre-conditions were met during the transaction?

Step 2 – Gain consensus

Most participants on the distributed blockchain network must agree that the recorded transaction is
valid. Depending on the type of network, rules of agreement can vary but are typically established
at the start of the network.

Step 3 – Link the blocks

Once the participants have reached a consensus, transactions on the blockchain are written into
blocks equivalent to the pages of a ledger book. Along with the transactions, a cryptographic hash is

2024-25 Digital Empowerment Page 66 of 151

also appended to the new block. The hash acts as a chain that links the blocks together. If the
contents of the block are intentionally or unintentionally modified, the hash value changes,
providing a way to detect data tampering.

Thus, the blocks and chains link securely, and you cannot edit them. Each additional block
strengthens the verification of the previous block and therefore the entire blockchain. This is like
stacking wooden blocks to make a tower. You can only stack blocks on top, and if you remove a
block from the middle of the tower, the whole tower breaks.

Step 4 – Share the ledger

The system distributes the latest copy of the central ledger to all participants.

What are the types of blockchain networks?

There are four main types of decentralized or distributed networks in the blockchain:

Public blockchain networks

Public blockchains are permissionless and allow everyone to join them. All members of the
blockchain have equal rights to read, edit, and validate the blockchain. People primarily use public
blockchains to exchange and mine cryptocurrencies like Bitcoin, Ethereum, and Litecoin.

Private blockchain networks

A single organization controls private blockchains, also called managed blockchains. The authority
determines who can be a member and what rights they have in the network. Private blockchains are
only partially decentralized because they have access restrictions. Ripple, a digital currency
exchange network for businesses, is an example of a private blockchain.

2024-25 Digital Empowerment Page 67 of 151

Hybrid blockchain networks

Hybrid blockchains combine elements from both private and public networks. Companies can set
up private, permission-based systems alongside a public system. In this way, they control access to
specific data stored in the blockchain while keeping the rest of the data public. They use smart
contracts to allow public members to check if private transactions have been completed. For
example, hybrid blockchains can grant public access to digital currency while keeping bank-owned
currency private.

Consortium blockchain networks

A group of organizations governs consortium blockchain networks. Preselected organizations share

the responsibility of maintaining the blockchain and determining data access rights. Industries in
which many organizations have common goals and benefit from shared responsibility often prefer
consortium blockchain networks. For example, the Global Shipping Business Network Consortium
is a not-for-profit blockchain consortium that aims to digitize the shipping industry and increase
collaboration between maritime industry operators.

What are blockchain protocols?

The term blockchain protocol refers to different types of blockchain platforms that are available for
application development. Each blockchain protocol adapts the basic blockchain principles to suit
specific industries or applications. Some examples of blockchain protocols are provided in the
following subsections:

Hyperledger fabric

Hyperledger Fabric is an open-source project with a suite of tools and libraries. Enterprises can use
it to build private blockchain applications quickly and effectively. It is a modular, general-purpose
framework that offers unique identity management and access control features. These features make

2024-25 Digital Empowerment Page 68 of 151

it suitable for various applications, such as track-and-trace of supply chains, trade finance, loyalty
and rewards, and clearing settlement of financial assets.

Ethereum

Ethereum is a decentralized open-source blockchain platform that people can use to build public
blockchain applications. Ethereum Enterprise is designed for business use cases.

Corda

Corda is an open-source blockchain project designed for business. With Corda, you can build
interoperable blockchain networks that transact in strict privacy. Businesses can use Corda's smart
contract technology to transact directly, with value. Most of its users are financial institutions.

Quorum

Quorum is an open-source blockchain protocol that is derived from Ethereum. It is specially

designed for use in a private blockchain network, where only a single member owns all the nodes,
or in a consortium blockchain network, where multiple members each own a portion of the
network.

How did blockchain technology evolve?

Blockchain technology has its roots in the late 1970s when a computer scientist named Ralph
Merkle patented Hash trees or Merkle trees. These trees are a computer science structure for storing
data by linking blocks using cryptography. In the late 1990s, Stuart Haber and W. Scott Stornetta
used Merkle trees to implement a system in which document timestamps could not be tampered
with. This was the first instance in the history of blockchain.

The technology has continued to evolve over these three generations:

2024-25 Digital Empowerment Page 69 of 151

First generation – Bitcoin and other virtual currencies

In 2008, an anonymous individual or group of individuals known only by the name Satoshi
Nakamoto outlined blockchain technology in its modern form. Satoshi's idea of the Bitcoin
blockchain used 1 MB blocks of information for Bitcoin transactions. Many of the features of
Bitcoin blockchain systems remain central to blockchain technology even today.

Second generation – smart contracts

A few years after first-generation currencies emerged, developers began to consider blockchain
applications beyond cryptocurrency. For instance, the inventors of Ethereum decided to use
blockchain technology in asset transfer transactions. Their significant contribution was the smart
contracts feature.

Third generation – the future

As companies discover and implement new applications, blockchain technology continues to evolve
and grow. Companies are solving limitations of scale and computation, and potential opportunities
are limitless in the ongoing blockchain revolution.

What are the benefits of blockchain technology?

Blockchain technology brings many benefits to asset transaction management. We list a few of
them in the following subsections:

Advanced security

Blockchain systems provide the high level of security and trust that modern digital transactions
require. There is always a fear that someone will manipulate underlying software to generate fake
money for themselves. But blockchain uses the three principles of cryptography, decentralization,
and consensus to create a highly secure underlying software system that is nearly impossible to

2024-25 Digital Empowerment Page 70 of 151

tamper with. There is no single point of failure, and a single user cannot change the transaction
records.

Improved efficiency

Business-to-business transactions can take a lot of time and create operational bottlenecks,
especially when compliance and third-party regulatory bodies are involved. Transparency and smart
contracts in blockchain make such business transactions faster and more efficient.

Faster auditing

Enterprises must be able to securely generate, exchange, archive, and reconstruct e-transactions in
an auditable manner. Blockchain records are chronologically immutable, which means that all
records are always ordered by time. This data transparency makes audit processing much faster.

Security initiatives by Govt of India

Initiatives taken by The Indian Government on Cyber Security

1. The Indian Computer Emergency Response Team (CERT-In)

● The advancement in the Indian Computer Emergency Response Team (CERT-In), which
operates as the national agency to address the country’s cyber security, has helped reduce
the rate of cyber attacks on government networks

2. Cyber Surakshit Bharat

● Aiming to strengthen the cybersecurity ecosystem in India and following the

Government’s vision of a “digital India,” the Ministry of Electronics and Information
Technology (MeitY) has launched the Cyber ​Surakshit Bharat initiative
● The program was in partnership with the National Electronic Governance Division

2024-25 Digital Empowerment Page 71 of 151

 (NeGD)

3. National Critical Information Infrastructure Protection Center (NCIIPC)

● NCIIPC is a central government establishment, formed to protect critical information

about our country, which has an enormous impact on national security, economic growth,
and public health care

NCIIPC has mainly identified the following as “critical sectors”-

● Power & Energy

● Banking, Financial Services & Insurance
● Telecom Transport
● Government
● Strategic & Public Enterprises

4. Appointment of Chief Information Security Officers

● The Indian Government has published a written guideline for CISOs of government
organizations, outlining best practices for safeguarding apps, infrastructure, and
compliance
● Chief Information Security Officers (CISOs) can identify and document the security
requirements that may arise with each technical innovation

5. Personal Data Protection Bill

● The most important one for Indian citizens is the approval of the Personal Data Protection
Bill by the Union Government to protect Indian users from global breaches, which
focuses on data localization
● The bill involves the storage and processing of any critical information related to people

2024-25 Digital Empowerment Page 72 of 151

 only in India
● It strictly states that individuals’ sensitive personal data is to be stored locally; however, it
can be processed abroad under certain conditions
● The bill also aims to make social media companies more accountable and push them to
solve the spread of offensive content

6. Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Center)

● The “Digital Swachhta Kendra” (Botnet Cleaning and Malware Analysis Center) is a part
of the Government of India’s Digital India drive, overseen by the Ministry of Electronics
and Information Technology (MeitY), determined to make secure cyberspace all through
India by distinguishing botnet contaminations and advising, empowering cleaning, and
end-client security systems to forestall new diseases
● The “Cyber Swachhta Kendra” (Botnet Cleaning and Malware Analysis Center) is
intended to address the goals of the “National Cybersecurity Policy,” which calls for the
development of a secure cybernetic ecosystem in the country
● The centre works in close coordination and collaboration with Internet service providers
and antivirus/product companies
● The website provides users with information and tools to help them protect their
systems/devices. Following Section 70B of the Information Technology Act 2000, this
centre is run by the Indian Computer Emergency Response Team (CERT-In)

7. National Cyber Security Policy, 2013

● The Policy’s goal is to create safe and resilient cyberspace for citizens, businesses, and
the Government
● The mission is to provide protection to cyberspace information and infrastructure,
develop capabilities to prevent and respond to cyberattacks, and minimize damage
through coordinated efforts of institutional structures, people, processes, and technology

2024-25 Digital Empowerment Page 73 of 151

 ● To create a workforce of 500,000 trained cybersecurity professionals in the next 5 years
through capacity building, skills development and training
● Through appropriate legislative intervention, enable effective cybercrime prevention,
investigation, and prosecution, as well as the enhancement of law enforcement
capabilities

2024-25 Digital Empowerment Page 74 of 151

Ethical issues in digital world

Ethical issues in digital world - Netiquettes

Netiquette is a combination of the words network and etiquette and is defined as a set of rules for
acceptable online behavior. Similarly, online ethics focuses on the acceptable use of online
resources in an online social environment.

Both phrases are frequently interchanged and are often combined with the concept of a ’netizen’
which itself is a contraction of the words internet and citizen and refers to both a person who
uses the internet to participate in society, and an individual who has accepted the responsibility
of using the internet in productive and socially responsible ways.

What Does Good Web Etiquette Look Like?

Underlying this overall concept of socially responsible internet use are a few core pillars, though
the details underneath each pillar are still subject to debate.

For Society:

● Recognizing that the internet is an extension of society. The internet isn’t a new world in
which anything goes, but rather, a new dimension of the world around us.
● Applying the same standards online as we do in public. In simple terms, this means that
the values society has in place against hate speech and bigotry, child exploitation, and
child pornography, copyright violations and other forms of theft, remain intact. Values
around courtesy, kindness, openness, and treating others with the same respect we wish to
receive should also be adhered to.
● Refusing to empower abuse and harassment while online. Accepting that the laws which
are currently in place to protect the rights and dignity of citizens apply online and that
where needed, laws are updated to reflect these rights in the extended environment. Theft,
harassment, and bullying while online is still theft, harassment, and bullying, period.
● Acknowledging cultural differences. Even when national boundaries no longer apply,
cultural respect and tolerance should remain. This requires finding a way to accept that
the social values and norms of some netizens will not be the social values and norms of
all netizens.

2024-25 Digital Empowerment Page 75 of 151

For Businesses:

For companies, being a good netizen, applying online ethics, and using netiquette include:

● Respecting rights of privacy for offline employees. Information possessed by citizens in

their offline interactions should be respected.
● Maintaining transparency in information policies. By taking action so that consumers can
easily and quickly understand how that company is using their information and protecting
them from harm, companies can provide users with a clear means of ownership and
self-determination as to what is, and isn’t shared about them, which strengthens the
consumer relationship.

Most internet users automatically apply the same responsible respectful behavior online as they
do in every other environment and by nature apply netiquette and online ethics, and are good
netizens. The minority that fails to apply societal values in some or any environment- including
the internet- are quickly identified as exceptions to be dealt with on a social, or criminal level.
When you choose to partner with technology companies, especially for something as important
as internet security, it’s imperative you ensure that the partner shares your understanding of what
it means to act ethically online.

Netiquette: General rules of conduct

Below you will find 20 general recommendations for conduct on the internet that you should
follow when communicating online.

1. Stick to the rules of conduct online that you follow in real life

When communicating online, remember the rules of etiquette that you follow in your everyday
life. Refrain from insulting, provoking, threatening or insulting others. Respect the opinions of
your chat counterparts and express constructive criticism. Remember that you can be prosecuted
for insulting people online.

2. Netiquette: Think of the person

Think of the person behind the computer when you compose your messages. You are not
communicating with a machine, but with real people. Also, consider what and how you write.
Because the internet doesn't forget anything! A screenshot or a copy of your messages is quickly
made and still exists even if you delete your messages afterward.

2024-25 Digital Empowerment Page 76 of 151

3. Present your best side online

Communication on the internet comes with a certain anonymity that does not exist in real life
when you are talking to someone face to face. Often this anonymity leads to a lower inhibition
threshold for many users and they behave rudely online if, for example, you disagree with them.

Make sure that you show your best side online. Remain friendly and respectful, even if you
disagree. Good netiquette is characterized by respect, politeness and professionalism.

A tip: You should generally refrain from writing messages or individual words entirely in capital
letters – even if you want to give these sections more expression. After all, capital letters on the
internet mean shouting and are generally considered impolite.

4. Read first, then ask

Do you have a question about something? Then take the time to carefully read the answers in the
previous discussion posts first. There is a good chance that someone has already answered your
question. If you write an answer similar to someone else's, it shows the other chat participants
that you have paid little attention to the conversation so far.

Remember that conversations online can happen very quickly. It is therefore important to gather
all the information before responding or asking questions.

5. Netiquette: Pay attention to grammar and punctuation

Take time to read through your answers again. Check them for grammar, punctuation and correct
spelling. It can be very frustrating for the other person if they have to decipher poorly written
sentences in order grasp the meaning behind them. In addition, faulty grammar distracts from the
goal of your message.

Grammar, spelling and punctuation become especially important when composing emails or
other correspondence that you submit to colleagues or superiors. If you have a weakness in
grammar and spelling, don't be discouraged. Use spelling aids before you send messages.

Another tip: When composing emails, always remember to use the appropriate salutation and
parting formula as well. These are also part of netiquette.

6. Respect the privacy of others

This rule should be followed not only in everyday use of online communication, but also at
work. Do not simply forward information that has been sent to you without first obtaining
permission from the original sender. When sending private emails to multiple recipients, use
BCC (blind carbon copy) instead of CC (carbon copy). Many people do not like their names and
email addresses being passed on to people they do not know themselves.

This rule on the internet also applies to uploading and sharing photos or videos that show other
people. Before circulating such private files, be sure to check with the people concerned before

2024-25 Digital Empowerment Page 77 of 151

doing so.

Last but not least: Respect the privacy of others and do not sign up for newsletters, forums or the
like with someone else's name or email address.

7. Respect the time and bandwidth of others

We live in a much faster world than our parents or grandparents are used to. Information can be
sent to different people around the world in a matter of seconds – and without much effort.
Nevertheless, the bandwidth, that is to say the information capacity of wires and channels, is
limited. It is similar with humans. Think of this limited receptivity of information when you send
messages to your friends, colleagues or superiors.

Do you get to the point quickly enough in your emails? Are your arguments formulated correctly
and clearly recognizable? No one wants to waste time unnecessarily on an email whose core
message is only at the end of the email. That consumes time and effort, and is simply annoying.
Also, consider who really needs to be on the list of recipients. After all, respect for other people's
time and bandwidth is also part of netiquette.

8. Forgive the mistakes of others

Everyone who goes online to forums and networks was once a beginner. As in any other field,
you can make mistakes as a beginner. In online communication, these can be a lack of etiquette
or manners.

Often these are spelling mistakes, superfluous questions or answers that are too long. With this in
mind, it's important to forgive your counterparts' mistakes. If they are only minor mistakes, it is
best not to react to them at all. In the event of a major error, for example a wrong quote,
messages written only in capital letters or missing grammar and punctuation, then it is best to
point it out to the person in a private message.

A tip: Sarcasm in written form is not always recognizable to everyone on the internet. It is
therefore better to remain objective. If you still want to express sarcasm among friends or close
colleagues, use emojis such as smileys or GIFs. Carefully chosen, emojis can reinforce your
message.

9. Netiquette: Don't abuse your power

On the internet, as in real life, some people have more power than others. Moderators in a forum,
experts in companies or system administrators. If you have more power than others, you do not
have the right to exploit this power.

Don't spy on colleagues or chat participants just because you have the technical means to do so.
For example, system administrators should never read private emails or find out about the salary
structure in the company.

10. Help keep flame wars under control

2024-25 Digital Empowerment Page 78 of 151

Flame wars are messages that contain aggressive personal criticism or attacks on a person. In
group chats, heated discussions often degenerate into so-called flame wars. If you get into such a
discussion, you should stay out of it. Always remember that you should treat others as you would
like to be treated. Profanity is not part of netiquette.

Also remember that insults and threats on the internet can have legal consequences for you. For
this reason, do not be tempted to make such comments, even in heated discussions. Instead,
demonstrate exemplary conduct on the internet.

11. Know where you are in cyberspace

Netiquette is interpreted differently in different places on the internet. For example, it is perfectly
normal to spread gossip in a TV discussion group. However, if you do this in a serious discussion
group, you will quickly make yourself unpopular. It is therefore important that you know where
you are on the internet.

This also means that if you are in a new area that is unfamiliar to you, you need to look around
and learn the ropes. Get an idea of how other people in this area of cyberspace communicate with
each other and adapt to them.

12. Hate speech and netiquette

So-called hate speech on the internet is an increasing problem, especially in social media. It is
often found in offensive comments under photos or posts. However, time and again there are
coordinated actions by specific actors who join forces for the sole purpose of spreading hate
comments. Not infrequently, social or religious fringe groups, foreigners or black people become
victims of such actions.

What can you do against hate speech? If you come across such statements on the internet, you
should report them to the provider of the website. Often you will find the option to report a post
directly underneath it on social media. The providers are legally obliged to delete content which
is evidently illegal within 24 hours.

In addition, you can actively approach the spreaders of hate speech and try to invalidate their
statements and subsequently educate theperpetrators. It is advisable to ask for the alleged "facts"
and take a clear position against hate. Steer the discussion in a more positive direction. However,
under no circumstances should you react with hate or insults. You could also be held accountable
for this.

Netiquette: Safety rules for children

The internet is an enrichment for everyone – in everyday life, at school and at work. However, it
brings with it some risks and downsides, such as the dark net. Talk to your child and explain the
possible risks of the internet. Respect your child's privacy and explain the following rules for
children on the internet:

2024-25 Digital Empowerment Page 79 of 151

13. Children on the internet: Do not give out personal information

In these times of social media, identity theft and social engineering, keeping personal
information secret is essential! Under no circumstances should your child share passwords or
personal information such as their name, address or telephone number online. The name of the
school or clubs should also be kept secret.

14. Use a neutral nickname

Make sure that your child uses a neutral nickname in chat rooms. This should under no
circumstances reveal your child's identity. In addition, a neutral nickname ensures that other
people do not feel insulted or ridiculed.

15. Netiquette and bots/troll posts

So-called bots are computer programs that usually automatically follow up on a task without
requiring any interaction with humans. In social media channels, bots often post comments or
even their own posts.

They often spam in forums or in the comments under posts. This is annoying and
time-consuming, as these responses have to be identified and removed. Bots are therefore not
part of netiquette and should be avoided if at all possible.

16. Rules for children on the internet: Do not trust chat participants

Your child should always approach strangers with a healthy skepticism. You never know who is
really hiding behind the funny profile name and picture. For example, your child should never
meet a stranger just because they got along well in a chat conversation. It could be an adult with
bad intentions.

Similarly, you should explain to your child that they should not add strangers as friends on social
media such as Facebook or Instagram. Your child should also not simply open emails and other
messages and download attachments. In doing so, your child could accidentally download a
Trojan or other malware.

17. Fairness first: Do not exclude anyone

If your child is communicating in a private group, they should refrain from making insider jokes
that not everyone in the group will understand. It is better to send a private message to this
person. Other chat participants should not feel excluded. Netiquette includes values such as
tolerance, respect and helpfulness. This also means that only the language used by everyone
should be used.

In a school group chat, your child should always make sure that all chat members are on the
same level, for example during a review or presentation. When your child is explaining a topic
that may not be clear to everyone, it is a good idea to answer questions about the topic.

2024-25 Digital Empowerment Page 80 of 151

18. Netiquette for children: Keep it short and clear

Posts, answers and even questions should be kept as short and clear as possible. No one wants to
read an unnecessary amount of text that does not contribute to answering the issue.

Cumbersome language and repetitions only clog up chats and forums; in addition, spelling
mistakes can make it more difficult to read and understand what is being said. Forwarding chain
letters also has no place in respectful online communication.

19. Netiquette and online learning (tips for pupils)

In the wake of the COVID-19 pandemic, most teaching in schools was done online. So-called
homeschooling – teaching from home – was a new challenge that pupils, teachers and parents
had to overcome together. Here are some tips for teaching from home:

​ Children should support one another, for example by responding to classmates' questions
on a chat thread.
​ Instruct your children not to digitally record or take screenshots of lessons without first
getting the teacher's permission.
​ A polite and respectful tone is an absolute must in homeschooling.
​ Passwords and credentials given by the school must not be passed on by children to third
parties under any circumstances.
​ Children should be ready a few minutes before class starts in order to start on time.
Teaching materials should be ready and the camera for the video conference should
always be switched on. You should also make sure that your child dresses as they would
appear at school.
​ Pupils should speak up if they have any questions or comments. Afterwards, they should
mute their microphone again so as not to disturb the lesson with any background noise.

20. Trust your child

Last but not least, the most important rule for children's use of the internet: Trust your child.
After all, you cannot permanently look over their shoulder, whether your child is learning via
computer, smartphone or tablet. Your child learns best through their own experiences. Trust in
your offspring's abilities, and refrain from constantly monitoring their internet activities. It is
usually enough to know that your child can ask you for help if the worst happens.

ethics in digital communication

2024-25 Digital Empowerment Page 81 of 151

Digital ethics is the branch of ethics concerning the set of rules and moral guidelines that govern
interpersonal behaviour between individuals and/or companies that is mediated by computer
technology, either inside a company or, more broadly, in markets and society.

1. Transparency and truthfulness are key to ethical communication

Most PR experts seem to agree that the key to ethical communication is to prioritize transparency
and truthfulness.
Blair Huddy, a PR expert with more than 15+ years of industry experience, says, “With
technology the way it is, brands can’t hide anything anymore, so it’s always best to be open.
Otherwise, you’ll be found out, and it’ll cause a worse PR situation for your brand.”
Other experts, like Stefanie Magness, the PR agent at Elevate U PR, say you have to cultivate
and nurture every interaction with transparency and truth to build credibility with your audience
over time.
So, what’s the one practical way to prioritize transparency?
Michelle Mackel (publicist at Plugstar Entertainment) provides a simple tip: Communicate with
your clients and network without resorting to exaggeration.
By using the best practices of effective communication, such as accuracy, preciseness, and
politeness, you can effectively build and maintain trust with your clients.
For divorce mediator firms, this includes clear communication of processes, fees, and
expectations, as well as ensuring the confidentiality of client information in all digital
interactions.
As divorce mediation involves highly personal and sensitive matters, upholding ethical
communication standards is key for fostering trust and credibility in the digital age.
Remember, honest communication is the best policy and prevents unethical behavior.

2. Protect your client’s privacy by asking for the necessary permissions

Another thing most PR experts agree on? Respecting user privacy and asking for the necessary
permissions to use and share data. This is especially important at a time when you can buy large
sheets of customer data for only a few dollars.

2024-25 Digital Empowerment Page 82 of 151

To see how this practice would translate in the real business world, we got in touch with Uku
Tomikas, the CEO of Messente Communications, and he said:
“[To communicate ethically], consent is a key factor—respect user privacy by getting explicit
consent before sending communications. Inclusivity is also a must—I recommend tailoring
messages that are accessible and respectful for all audiences. At Messente, we’ve firsthand seen
transparency and privacy reinforce brand loyalty and trust.”

3. Reconsider your partnerships with those who don’t have the same ethos

Michael Toebe, the communications specialist and consultant at Reputation Quality, says
executives and middle managers should ideally model ethical communication to those they lead
and with whom they collaborate and serve.
To them, he recommends taking a stand that shows ethical communication is the non-negotiable
standard and you won’t pay trust taxes in the long run.
Adding to this insight, he said, “Disinvest from those, including leadership, that won’t engage
and communicate in this manner. It will save you a flimsy standard, risk, embarrassment, and
inevitable, costly consequences for shortcomings or failure.”

4. Think about not only your clients but also the end user

Oftentimes, when we communicate with our audience, we only consider our direct audience.
However, our focus should be on our audience (aka our customers) as well as the customers’
audience‌— and that’s the argument of Vicki Bohlsen, the founder of Bohlsen Group, a marketing
and PR firm.
She recommends finding the end audience for all communications and crafting your content
accordingly. For example, if they’re members of the media, consider how your story will connect
with their audiences.
In her own words, “The single most important factor in all communications is emotional
intelligence—aim for honest, vulnerable, open communication geared individually to each
stakeholder audience.”

2024-25 Digital Empowerment Page 83 of 151

5. Lean towards using authentic content, even with AI on the rise

Emily Bergh, the founder of R Public Relations, says that it’s time for the PR industry to bring
back the practice of meeting people in real life and building those connections organically, as
opposed to leaning on AI tools to create communication scripts on our behalf.
She also highly recommends:

● Going back to ‌basics, developing connections over phone calls, and building brand trust
through the traditional route.
● Relying on authentic content and not using solutions like ChatGPT.
Media communications might look easy, but we all know a lot goes behind building and
nurturing those relationships

For example, battling challenges like communication ethics is a big one. But you might also go
through challenges like:

● Not having critical contacts or not being able to identify the right stakeholders
● Difficulty in assessing brand insights, reputation, real-time crisis, etc.
● Not knowing all the potential risks associated with all media actions
● Being unsure about audience sentiments regarding your clients
● Constantly staying updated (and monitoring) brand mentions

ethics in cyber space

Cyberethics is a branch of computer technology behavior that defines the best practices that must
be adopted by a user when he uses the computer system. In simple terms, cyberethics refers to
the basic ethics and etiquette that must be followed while using a computer system. Ethics, in
general, refers to propagating good behavior, similarly by cyber ethics we refer to propagating
good behavior online that is not harsh or rude. Cyberethics governs rules that individuals must be
polite and responsible when they use the internet. Cyberethics aim to protect the moral, financial,
social behavior of individuals. Cyberethics engages the users to use the internet safely and use
technology responsibly and sensibly. Cyberethics empathizes the behavior that must be adopted
while using cyber technology.
Some of the breaches of cyberethics are listed below:
● Cyber Bullying: Cyberbullying is a form of bullying carried out via internet
technology such as social media where individuals are mocked on their physical

2024-25 Digital Empowerment Page 84 of 151

 appearance, lifestyle, preferences, etc. The teenage generation or say youngsters are
the major victims of this form of cyber ethic breach. Cyberbullying affects the
emotional ethics of individuals and can cause mental disturbance to individuals.
● Hacking: Stealing a user’s personal or organizational information without authorized
permission is not considered a good practice. It is one of the riskiest cyber breaches to
data leak. Data leak includes passing of sensitive information such as passwords,
bank details of the user to a third-party user who is not authorized to access the
information.
● Copywriting: Claiming of another individual as one’s own is another type of cyber
ethic breach that must be eradicated. Never engage in copywriting another person’s
content or document and claim as it is your own. It leads to a serious problem called
plagiarism, which is a punishable offense and considered a legal crime. It is always
advisable to follow general cyberethics, while using the internet or say any kind of
technology. A proper code of conduct must be followed while using cyber
technology. Cyberethics if not used wisely can lead to serious situations. Social and
legal laws are defined to use cyber technology wisely. In extreme cases, legal action
can be taken if there is a violation of cyber ethics.

Cyber Ethics focuses on the following:

1. Privacy:
● The content that is available on the internet should not hurt any moral, emotional, or
personal ethics of individuals.
● Users should have the right to protect any information which they don’t want to share
openly.
● Private information like user’s contact details, address, security-related information
like bank details, credit card/debit card details, are all included in basic cyber ethics
of user privacy and must not be breached in any case.
● Any breach of privacy is theft/fraud of user identity and user personal information,
which is punishable as per the rules of law.

2024-25 Digital Empowerment Page 85 of 151

2. IPR:
● IPR stands for Intellectual Property Rights.
● IPR defines that the owners have the complete right to the content that is posted on
the internet.
● The entire content is solely a belonging of the originator and no individual is allowed
to claim that content published by the original creator as its own.
● Unauthorized distribution of someone else’s work should never be adopted as it’s
ethically incorrect to not give creation and monetary benefits to the creator of the
work.

3. Security:
● Security on the internet is the most basic ethical right that every user must be
accessible.
● Users of the internet should feel safe while they surf the net.
● Security, in general means only authorized users to have access to the content on the
computer.
● And confidential information is safe, without any risk of loss of information/content.

4. Accuracy:
● The content available on the internet is accessed by billions of users.
● If there is no reliability of the information that is posted online, then it would mislead
the masses.
● Cyberethics assert the importance of posting content on the internet that is correct in
all aspects.
● Users trust the content of the internet and rely heavily on the internet for facts,
therefore it is highly needed that the asked information is correct and reliable.

Best policies that individuals must adopt while using the internet or any kind of technology
should include the following:
● Being Polite and not using harsh words.

2024-25 Digital Empowerment Page 86 of 151

 ● Avoid clicking on unknown links.
● Wisely opening Emails from known senders only.
● Not mocking anyone on Social Media.
● Not copying any individual’s work and claiming it as their own. Always cite that you
have used someone else’s work.
● Be careful and research before installing any free software.
● Never intrude on another person’s privacy.
● Don’t contribute to any malpractice that can lead to the leak of data of an individual
or organization.
● Never engage in Cyberbullying.

2024-25 Digital Empowerment Page 87 of 151

 Cybersecurity:Unit- Introduction to Cybercrime

Understanding cybercrime: definition, types, and motivations

Cybercrime is any criminal activity that uses or targets a computer, network, or networked
device. Cybercriminals may be motivated by profit, politics, or personal reasons. Some types of
cybercrime include:

​ Identity theft
​ Criminals gain access to a user's personal information to steal funds, access confidential
information, or commit fraud.
​
​ Phishing
​ Cybercriminals trick users into revealing sensitive information by manipulating their
emotions and psyche.
​
​ Cyberstalking
​ Cybercriminals harass and remain in contact with their victims to fulfill a goal or fantasy.
​
​ Banking fraud
​ Cybercriminals target financial institutions or their customers and stakeholders to steal
money or identities.
​
​ DDoS attacks
​ Cybercriminals may be motivated by financial gain, political agendas, or a desire to make a
name for themselves.
​
​ Cyber terrorism
​ Cybercriminals use the internet or computers to cause destruction, steal confidential
information, or spread propaganda.
​
​ Malware

2024-25 Digital Empowerment Page 88 of 151

​ Malicious software is distributed to a computer or network to steal information or damage
data.
​
​ Cyberextortion
​ Cybercriminals attack or threaten to attack, and then demand money to stop the attack.
Ransomware is a type of cyberextortion that encrypts a victim's files and demands a ransom
to decrypt them.

Impact of cybercrime on individuals, organizations, and society

Cybercrime can have a negative impact on individuals, organizations, and society in many ways,
including:

● Individuals: Cybercrime can lead to financial losses, identity theft, emotional trauma,
and damage to reputation. Cybercriminals can use various methods, such as phishing,
hacking, and malware, to steal personal data and financial information, and post
damaging content online.
● Organizations: Cybercrime can impact organizations in several ways, including:
● Increased costs: Businesses may need to hire experts and lawyers to stay
compliant with cybersecurity regulations.
● Insider threats: Insider threats can lead to the destruction of an organization's
internal network system and information leakage.
● Society: Cybercrime can have a negative impact on society as a whole.

Impact of cybercrime on Individuals:

Cybercrime has negative impacts on individuals, resulting in financial losses, identity theft,

emotional trauma, and reputation damage. Cybercriminals use multiple approaches like phishing,

hacking, and malware to access financial information, steal personal data, and post damaging

content online.

As a result, individuals should understand the negative impact of cybercrimes and must take all

2024-25 Digital Empowerment Page 89 of 151

necessary measures to protect themselves from these threats in the digital age.

Karpagam College of Engineering (KCE) is one of the top-notch engineering colleges in

Coimbatore that offers specialized programs in cybersecurity.

Impact of cybercrimes on businesses:

Cybercrimes can have a drastic financial impact on businesses, resulting in financial loss,

reputation damage, legal repercussions, and intellectual property loss. The financial

consequences can be devastating, resulting in the depletion of funds, compromise of intellectual

property, and exposure of confidential customer data.

Cybercrimes can expose confidential customer information and cause permanent damage to the

reputation of businesses, resulting in loss of loyal customers, decreased revenue, and reduced

market share.

Data breaches can lead to legal action, fines, and penalties, especially in heavily regulated

industries. Cybercriminals target businesses to steal intellectual property, including trade secrets

and patents, delivering a severe blow to businesses, especially those that rely on research and

creativity to remain competitive.

Impact of cybercrimes on society:

Cybercrime can have disastrous effects on the economy, resulting in the depletion of financial

assets for individuals, businesses, and governments, which can further lessen consumer

2024-25 Digital Empowerment Page 90 of 151

confidence in online transactions, and negatively affect industry innovation and competitiveness.

Cybercrime can severely harm national security by compromising confidential information and

disrupting critical infrastructure.

It can also harm healthcare and public safety by compromising sensitive patient data and

disrupting medical services, as well as destabilizing emergency response processes and

transportation networks. Cybercrime can increase cyberbullying and harassment, leading to

emotional and psychological harm; and spread misinformation causing severe social and political

repercussions. Social media platforms are used to influence, deceive, or manipulate people and is

a form of cybercrime employed by criminals for political, financial, or personal gain.

Prevention and mitigation approaches for cybercrime:

Cybersecurity threats are evolving becoming more intricate and widespread in the digital age and

individuals, businesses, and society can employ multiple prevention and mitigation approaches

to protect themselves from the negative effects of cybercrime

1) Cybersecurity measures for individuals:

Some of the protective measures that individuals can take include creating strong passwords,

implementing two-factor authentication, regularly updating software and systems, and being

cautious of suspicious emails and messages. Additionally, it’s essential to back up important data

regularly and educate themselves about cybersecurity risks and best practices.

2024-25 Digital Empowerment Page 91 of 151

2) Cybersecurity measures for businesses:

Some of the best practices for businesses to protect themselves from cybercrime include

conducting frequent security risk inspections, implementing access controls and continual

monitoring for security breaches, providing cybersecurity training for employees, using strong

passwords, employing two-factor authentication, and encrypting sensitive data, establishing an

effective backup and recovery framework, and keeping software and hardware systems

up-to-date.

3) Secure your creative assets with insurance:

Content creators can secure their creative assets with creator insurance and protect themselves

from financial loss due to legal disputes and other threats. Creator insurance offers

comprehensive coverage which includes legal fees, reimbursements and other costs associated

with legal claims, protects intellectual property, and covers injuries or damage to property or

equipment. It helps content creators dedicate themselves to their work without the anxiety of

potential financial losses or legal disputes.

Increased awareness and preventive measures are the need-of-the-hour to combat cybercrime

which is a growing threat, causing devastating financial and reputational losses. They include

cybersecurity best practices, cyber insurance, prioritizing cybersecurity and training, and

establishing policies to hold perpetrators accountable. Individuals, businesses and governments

can work in collaboration to minimize risks associated with cybercrime.

2024-25 Digital Empowerment Page 92 of 151

Cybersecurity Fundamentals

Basics of cybersecurity: principles and best practices

1. Keep software up-to-date

Software companies typically provide software updates for 3 reasons: to add new features, fix
known bugs, and upgrade security.

Always update to the latest version of your software to protect yourself from new or existing
security vulnerabilities.

2. Avoid opening suspicious emails

If an email looks suspicious, don’t open it because it might be a phishing scam.

Someone might be impersonating another individual or company to gain access to your personal
information. Sometimes the emails may also include attachments or links that can infect your
devices.

3. Keep hardware up-to-date

Outdated computer hardware may not support the most recent software security upgrades.
Additionally, old hardware makes it slower to respond to cyber-attacks if they happen. Make sure
to use computer hardware that’s more up-to-date.

4. Use a secure file-sharing solution to encrypt data

If you regularly share confidential information, you absolutely need to start using a secure
file-sharing solution. Regular email is not meant for exchanging sensitive documents, because if
the emails are intercepted, unauthorized users will have access to your precious data.

On the other hand, using a secure file-sharing solution like TitanFile will automatically encrypt
sensitive files so that you don’t have to worry about a data breach. Remember, your files are only
as secure as the tools you chose to share them with.

5. Use anti-virus and anti-malware

As long as you’re connected to the web, it’s impossible to have complete and total protection
from malware. However, you can significantly reduce your vulnerability by ensuring you have
an anti-virus and at least one anti-malware installed on your computers.

2024-25 Digital Empowerment Page 93 of 151

6. Use a VPN to privatize your connections

For a more secure and privatized network, use a virtual private network (VPN). It’ll encrypt your
connection and protect your private information, even from your internet service provider.

7. Check links before you click

Links can easily be disguised as something they’re not so it’s best to double check before you
click on a hyperlink. On most browsers, you can see the target URL by hovering over the link.
Do this to check links before you click on them.

8. Don’t be lazy with your passwords!

Put more effort into creating your passwords. You can use a tool like
howsecureismypassword.net to find out how secure your passwords are.

9. Disable Bluetooth when you don’t need it

Devices can be hacked via Bluetooth and subsequently your private information can be stolen. If
there’s no reason to have your Bluetooth on, turn it off!

10. Enable 2-Factor Authentication

Many platforms now allow you to enable 2-factor authentication to keep your accounts more
secure. It’s another layer of protection that helps verify that it’s actually you who is accessing
your account and not someone who’s unauthorized. Enable this security feature when you can.

11. Remove adware from your machines

Adware collects information about you to serve you more targeted ads. It’s best to rid your
computer of all forms of adware to maintain your privacy. Use AdwCleaner to clean adware and
unwanted programs from your computer.

12. Double-check for HTTPS on websites

When you’re on a website that isn’t using HTTPS, there’s no guarantee that the transfer of
information between you and the site’s server is secure. Double-check that a site’s using HTTPS
before you give away personal or private information.

13. Don’t store important information in non-secure places

2024-25 Digital Empowerment Page 94 of 151

When storing information online, you want to keep it in a location that can’t be accessed by
unauthorized users.

14. Scan external storage devices for viruses

External storage devices are just as prone to malware as internal storage devices. If you connect
an infected external device to your computer, the malware can spread. Always scan external
devices for malware before accessing them.

15. Avoid using public networks

When you connect to a public network, you’re sharing the network with everyone who is also
connected. Any information you send or retrieve on the network is vulnerable. Stay away from
public networks or use a VPN when you’re connected to one.

16. Avoid the “secure enough” mentality

Unless you’re completely isolated from the rest of the world, there’s no such thing as being
“secure enough.” Big companies like Facebook invest a fortune into security every year but are
still affected by cyber attacks.

17. Invest in security upgrades

Following the previous tip, try to invest in security upgrades when they’re available. It’s better to
eat the costs of security than pay for the consequences of a security breach!

18. Back up important data

Important data can be lost as a result of a security breach. To make sure you’re prepared to
restore data once it’s lost, you should ensure your important information is backed up frequently
on the cloud or a local storage device.

19. Train employees

The key to making cybersecurity work is to make sure your employees well trained, in sync, and
consistently exercising security practices. Sometimes, one mistake from an improperly trained
employee can cause an entire security system to crumble.

20. Use HTTPS on your website

2024-25 Digital Empowerment Page 95 of 151

Having an SSL certificate installed and HTTPS enabled on your website will help encrypt all
information that travels between a visitor’s browser and your web server.

21. Employ a “White Hat” hacker

Not all hackers are bad. Some hackers expose security risks for the sake of helping others
improve their cybersecurity by keeping them aware of security flaws and patching them. These
hackers are known as “white hat” hackers. It might benefit you to hire one to help you find risks
you never knew you had.

The cyber security principles

Purpose of the cyber security principles

The purpose of the cyber security principles is to provide strategic guidance on how an
organisation can protect their information technology and operational technology systems,
applications and data from cyber threats. These cyber security principles are grouped into five
functions:

● GOVERN: Develop a strong cyber security culture.

● IDENTIFY: Identify assets and associated security risks.
● PROTECT: Implement controls to manage security risks.
● DETECT: Detect and analyse cyber security events to identify cyber security incidents.
● RESPOND: Respond to and recover from cyber security incidents.

Govern principles

The govern principles are:

● GOVERN-1: A Chief Information Security Officer provides leadership and oversight of

cyber security.
● GOVERN-2: Security risk management activities for systems, applications and data are
embedded into organisational risk management frameworks.
● GOVERN-3: Security risks for systems, applications and data are accepted before they
are authorised for use and continuously throughout their operational life.

Identify principles

The identify principles are:

● IDENTIFY-1: The business criticality of systems, applications and data is determined and
documented.

2024-25 Digital Empowerment Page 96 of 151

 ● IDENTIFY-2: The confidentiality, integrity and availability requirements for systems,
applications and data are determined and documented.
● IDENTIFY-3: Security risks for systems, applications and data are identified and
documented.

Protect principles

The protect principles are:

● PROTECT-1: Systems and applications are designed, deployed, maintained and

decommissioned according to their business criticality and their confidentiality, integrity
and availability requirements.
● PROTECT-2: Systems and applications are delivered and supported by trusted suppliers.
● PROTECT-3: Systems and applications are designed and configured to reduce their
attack surface.
● PROTECT-4: Systems, applications and data are administered in a secure and
accountable manner.
● PROTECT-5: Vulnerabilities in systems and applications are identified and mitigated in a
timely manner.
● PROTECT-6: Only trusted and supported operating systems, applications and code can
execute on systems.
● PROTECT-7: Data is encrypted at rest and in transit between different systems.
● PROTECT-8: Data communicated between different systems is controlled and
inspectable.
● PROTECT-9: Applications, settings and data are backed up in a secure and proven
manner on a regular basis.
● PROTECT-10: Only trusted and vetted personnel are granted access to systems,
applications and data.
● PROTECT-11: Personnel are granted the minimum access to systems, applications and
data required to undertake their duties.
● PROTECT-12: Robust and secure identity and access management is used to control
access to systems, applications and data.
● PROTECT-13: Personnel are provided with ongoing cyber security awareness training.
● PROTECT-14: Physical access to systems, supporting infrastructure and facilities is
restricted to authorised personnel.

Detect principles

The detect principles are:

● DETECT-1: Event logs are collected and analysed in a timely manner to detect cyber
security events.
● DETECT-2: Cyber security events are analysed in a timely manner to identify cyber
security incidents.

Respond principles

2024-25 Digital Empowerment Page 97 of 151

The respond principles are:

● RESPOND-1: Cyber security incidents are reported internally and externally to relevant
bodies and stakeholders in a timely manner.
● RESPOND-2: Cyber security incidents are analysed, contained, eradicated and recovered
from in a timely manner.
● RESPOND-3: Incident response, business continuity and disaster recovery plans support
the recovery of normal business operations during and following cyber security incidents.

Maturity modelling

When implementing the cyber security principles, an organisation can use the following maturity
model to assess the implementation of individual principles, individual functions or the cyber
security principles as a whole. The five levels of the maturity model are:

● Incomplete: The cyber security principles are partially implemented or not implemented.
● Initial: The cyber security principles are implemented, but in a poor or ad hoc manner.
● Developing: The cyber security principles are sufficiently implemented, but on a
project-by-project basis.
● Managing: The cyber security principles are established as standard business practices
and robustly implemented throughout the organisation.
● Optimising: A deliberate focus on optimisation and continual improvement exists for the
implementation of the cyber security principles throughout the organisation.

Common cyber threats: malware, phishing, ransomware, etc.

What is a Cyber Attack?

Before heading to the different types of cyber attacks, we will first walk you through a cyber
attack. When there is an unauthorized system/network access by a third party, we term it as a
cyber attack. The person who carries out a cyberattack is termed as a hacker/attacker.

Cyber-attacks have several negative effects. When an attack is carried out, it can lead to data
breaches, resulting in data loss or data manipulation. Organizations incur financial losses,
customer trust gets hampered, and there is reputational damage. To put a curb on cyberattacks,

2024-25 Digital Empowerment Page 98 of 151

we implement cybersecurity. Cybersecurity is the method of safeguarding networks, computer
systems, and their components from unauthorized digital access.

The COVID-19 situation has also had an adverse impact on cybersecurity. According to Interpol
and WHO, there has been a notable increase in the number of cyberattacks during the COVID-19
pandemic.

Now that you know what a cyber attack is, let look at the different types of cyberattacks.

Types of Cyber Attacks

There are many varieties of cyber attacks that happen in the world today. If we know the various
types of cyberattacks, it becomes easier for us to protect our networks and systems against them.
Here, we will closely examine the top ten cyber-attacks that can affect an individual, or a large
business, depending on the scale.

Elevate your cybersecurity acumen with our intensive Cyber security Bootcamp, where you'll
delve into the diverse landscape of cyber attacks. From phishing to malware, ransomware to
DDoS attacks, our comprehensive program equips you with the skills to anticipate, prevent, and
mitigate a wide range of threats.

Let’s start with the different types of cyberattacks on our list:

1. Malware Attack

This is one of the most common types of cyberattacks. “Malware” refers to malicious software
viruses including worms, spyware, ransomware, adware, and trojans.

The trojan virus disguises itself as legitimate software. Ransomware blocks access to the

2024-25 Digital Empowerment Page 99 of 151

network's key components, whereas Spyware is software that steals all your confidential data
without your knowledge. Adware is software that displays advertising content such as banners on
a user's screen.

Malware breaches a network through a vulnerability. When the user clicks a dangerous link, it
downloads an email attachment or when an infected pen drive is used.

Let’s now look at how we can prevent a malware attack:

● Use antivirus software. It can protect your computer against malware. Avast Antivirus,
Norton Antivirus, and McAfee Antivirus are a few of the popular antivirus software.
● Use firewalls. Firewalls filter the traffic that may enter your device. Windows and
Mac OS X have their default built-in firewalls, named Windows Firewall and Mac
Firewall.
● Stay alert and avoid clicking on suspicious links.
● Update your OS and browsers, regularly.

2. Phishing Attack

Phishing attacks are one of the most prominent widespread types of cyberattacks. It is a type of
social engineering attack wherein an attacker impersonates to be a trusted contact and sends the
victim fake mails.

Unaware of this, the victim opens the mail and clicks on the malicious link or opens the mail's
attachment. By doing so, attackers gain access to confidential information and account
credentials. They can also install malware through a phishing attack.

Phishing attacks can be prevented by following the below-mentioned steps:

● Scrutinize the emails you receive. Most phishing emails have significant errors like

2024-25 Digital Empowerment Page 100 of 151

 spelling mistakes and format changes from that of legitimate sources.
● Make use of an anti-phishing toolbar.
● Update your passwords regularly.

3. Password Attack

It is a form of attack wherein a hacker cracks your password with various programs and
password cracking tools like Aircrack, Cain, Abel, John the Ripper, Hashcat, etc. There are
different types of password attacks like brute force attacks, dictionary attacks, and keylogger
attacks.

Listed below are a few ways to prevent password attacks:

● Use strong alphanumeric passwords with special characters.

● Abstain from using the same password for multiple websites or accounts.
● Update your passwords; this will limit your exposure to a password attack.
● Do not have any password hints in the open.

4. Man-in-the-Middle Attack

A Man-in-the-Middle Attack (MITM) is also known as an eavesdropping attack. In this attack,

an attacker comes in between a two-party communication, i.e., the attacker hijacks the session
between a client and host. By doing so, hackers steal and manipulate data.

As seen below, the client-server communication has been cut off, and instead, the
communication line goes through the hacker.

MITM attacks can be prevented by following the below-mentioned steps:

● Be mindful of the security of the website you are using. Use encryption on your
devices.

2024-25 Digital Empowerment Page 101 of 151

 ● Refrain from using public Wi-Fi networks.

5. SQL Injection Attack

A Structured Query Language (SQL) injection attack occurs on a database-driven website when
the hacker manipulates a standard SQL query. It is carried by injecting a malicious code into a
vulnerable website search box, thereby making the server reveal crucial information.

This results in the attacker being able to view, edit, and delete tables in the databases. Attackers
can also get administrative rights through this.

To prevent a SQL injection attack:

● Use an Intrusion detection system, as they design it to detect unauthorized access to a

network.
● Carry out a validation of the user-supplied data. With a validation process, it keeps the
user input in check.

6. Denial-of-Service Attack

A Denial-of-Service Attack is a significant threat to companies. Here, attackers target systems,

servers, or networks and flood them with traffic to exhaust their resources and bandwidth.

When this happens, catering to the incoming requests becomes overwhelming for the servers,
resulting in the website it hosts either shut down or slow down. This leaves the legitimate service
requests unattended.

It is also known as a DDoS (Distributed Denial-of-Service) attack when attackers use multiple
compromised systems to launch this attack.

Let’s now look at how to prevent a DDoS attack:

2024-25 Digital Empowerment Page 102 of 151

 ● Run a traffic analysis to identify malicious traffic.
● Understand the warning signs like network slowdown, intermittent website
shutdowns, etc. At such times, the organization must take the necessary steps without
delay.
● Formulate an incident response plan, have a checklist and make sure your team and
data center can handle a DDoS attack.
● Outsource DDoS prevention to cloud-based service providers.

7. Insider Threat

As the name suggests, an insider threat does not involve a third party but an insider. In such a
case; it could be an individual from within the organization who knows everything about the
organization. Insider threats have the potential to cause tremendous damages.

Insider threats are rampant in small businesses, as the staff there hold access to multiple accounts
with data. Reasons for this form of an attack are many, it can be greed, malice, or even
carelessness. Insider threats are hard to predict and hence tricky.

To prevent the insider threat attack:

● Organizations should have a good culture of security awareness.

● Companies must limit the IT resources staff can have access to depending on their job
roles.
● Organizations must train employees to spot insider threats. This will help employees
understand when a hacker has manipulated or is attempting to misuse the
organization's data.

8. Cryptojacking

The term Cryptojacking is closely related to cryptocurrency. Cryptojacking takes place when
attackers access someone else’s computer for mining cryptocurrency.

2024-25 Digital Empowerment Page 103 of 151

The access is gained by infecting a website or manipulating the victim to click on a malicious
link. They also use online ads with JavaScript code for this. Victims are unaware of this as the
Crypto mining code works in the background; a delay in the execution is the only sign they
might witness.

Cryptojacking can be prevented by following the below-mentioned steps:

● Update your software and all the security apps as cryptojacking can infect the most
unprotected systems.
● Have cryptojacking awareness training for the employees; this will help them detect
crypotjacking threats.
● Install an ad blocker as ads are a primary source of cryptojacking scripts. Also have
extensions like MinerBlock, which is used to identify and block crypto mining scripts.

9. Zero-Day Exploit

A Zero-Day Exploit happens after the announcement of a network vulnerability; there is no

solution for the vulnerability in most cases. Hence the vendor notifies the vulnerability so that
the users are aware; however, this news also reaches the attackers.

Depending on the vulnerability, the vendor or the developer could take any amount of time to fix
the issue. Meanwhile, the attackers target the disclosed vulnerability. They make sure to exploit
the vulnerability even before a patch or solution is implemented for it.

Zero-day exploits can be prevented by:

● Organizations should have well-communicated patch management processes. Use

management solutions to automate the procedures. Thus it avoids delays in
deployment.
● Have an incident response plan to help you deal with a cyberattack. Keep a strategy
focussing on zero-day attacks. By doing so, the damage can be reduced or completely

2024-25 Digital Empowerment Page 104 of 151

 avoided.

10. Watering Hole Attack

The victim here is a particular group of an organization, region, etc. In such an attack, the
attacker targets websites which are frequently used by the targeted group. Websites are identified
either by closely monitoring the group or by guessing.

After this, the attackers infect these websites with malware, which infects the victims' systems.
The malware in such an attack targets the user's personal information. Here, it is also possible for
the hacker to take remote access to the infected computer.

Let's now see how we can prevent the watering hole attack:

● Update your software and reduce the risk of an attacker exploiting vulnerabilities.
Make sure to check for security patches regularly.
● Use your network security tools to spot watering hole attacks. Intrusion prevention
systems(IPS) work well when it comes to detecting such suspicious activities.
● To prevent a watering hole attack, it is advised to conceal your online activities. For
this, use a VPN and also make use of your browser’s private browsing feature. A VPN
delivers a secure connection to another network over the Internet. It acts as a shield for
your browsing activity. NordVPN is a good example of a VPN.

11. Spoofing

An attacker impersonates someone or something else to access sensitive information and do

malicious activities. For example, they can spoof an email address or a network address.

12. Identity-Based Attacks

Perform to steal or manipulate others' personal information, like login someone's PINs to steal

2024-25 Digital Empowerment Page 105 of 151

unauthorized access to their systems.

13. Code Injection Attacks

Performed by inserting malicious code into a software application to manipulate data. For
example, the attacker puts malicious code into a SQL database to steal data.

14. Supply Chain Attacks

Exploit software or hardware supply chain vulnerabilities to collect sensitive information.

15. DNS Tunneling

Attacker uses the Domain Name System (DNS) to bypass security measures and communicate
with a remote server.

16. DNS Spoofing

Cyberattack in which an attacker manipulates the DNS records from a website to control its
traffic.

17. IoT-Based Attacks

Exploit vulnerabilities in the Internet of Things (IoT), like smart thermostats and security
cameras, to steal data.

18. Ransomware

Encrypt the victim's data and demands payment in exchange.

19. Distributed Denial of Service (DDos) Attacks

2024-25 Digital Empowerment Page 106 of 151

Flood a website with traffic to make it unavailable to legitimate users and to exploit
vulnerabilities in the specific network.

20. Spamming

Send unauthentic emails to spread phishing scams.

21. Corporate Account Takeover (CATO)

Hackers use stolen login credentials to access others' bank accounts.

22. Automated Teller Machine (ATM) Cash Out

Hackers get close to a bank's computer systems to withdraw large amounts of cash from ATMs.

23. Whale-Phishing Attacks

Target high-profile individuals like executives or celebrities using sophisticated social

engineering techniques to get sensitive information.

24. Spear-Phishing Attacks:

Target specific individuals or groups under an organization. Attackers use social engineering
techniques to get sensitive information.

25. URL Interpretation

A web browser interprets a URL (Uniform Resource Locator) and requests the corresponding
web page to exploit vulnerabilities in the URL interpretation.

26. Session Hijacking

2024-25 Digital Empowerment Page 107 of 151

The hacker gets access to a user's session ID to authenticate the user's session with a web
application and take control of the user's session.

27. Brute Force Attack

An attacker gets unauthorized access to a system by trying various passwords until the correct
one is found. It can be highly effective against weak passwords.

28. Web Attacks

Targets websites and can insert SQL injection, cross-site scripting (XSS) and file inclusion.

29. Trojan Horses

Malware that appears to be a legitimate program but which contains malicious code. Once
installed, it can perform malicious actions like stealing data and controlling the system.

30. Drive-by Attacks

The user's system is flooded with malware by visiting its compromised website to exploit
vulnerabilities in other software to insert the malware without the user's knowledge.

31. Cross-Site Scripting (XSS) Attacks

An attacker inserts unauthorized code into a legitimate website to access the user's information to
steal sensitive information like the user's passwords and credit card details.

32. Eavesdropping Attacks

An attacker intercepts communication between two parties to access sensitive information.

2024-25 Digital Empowerment Page 108 of 151

33. Birthday Attack

A cryptographic attack exploits the birthday paradox to access a collision in a hash function. The
attacker successfully generates two inputs to get the same output hash value. This can be used to
compromise to bypass access controls.

34. Volume-Based Attacks

The attacker floods a system with heavy data to make it inaccessible to legitimate users. For
instance, DDoS attacks in which various compromised computers flood a specific website with
traffic to crash it.

35. Protocol Attacks:

Exploits vulnerabilities in network protocols to gain unauthorized access to a system or disrupt

its regular operation. Examples include the Transmission Control Protocol (TCP) SYN Flood
attack and the Internet Control Message Protocol (ICMP) Flood attack.

36. Application Layer Attacks

Targets the application layer of a system, aiming to exploit vulnerabilities in applications or web
servers.

37. Dictionary Attacks

An attacker attempts to guess a user's password by trying a list of common words. This attack
becomes successful because many users use weak or easy passwords.

38. Virus

Malicious software can replicate itself and spread to other computers. Viruses can cause
significant damage to systems, corrupt files, steal information, and more.

2024-25 Digital Empowerment Page 109 of 151

39. Worm

Replicates itself and spreads to other computers, but unlike viruses, worms don't require human
interaction.

40. Backdoors

This vulnerability allows attackers to bypass standard authentication procedures and gain
unauthorized access to a system or network.

41. Bots

These software programs automate network or internet tasks. They can be used for malicious
purposes, such as Distributed Denial of Service (DDoS) attacks.

42. Business Email Compromise (BEC)

Targets businesses and organizations by using email. The attackers impersonate a trusted source
to trick the victim into transferring funds or sensitive information to the attacker.

43. Cross-Site Scripting (XSS) Attacks

Targets web applications by injecting malicious code into a vulnerable website to steal sensitive
information or to perform unauthorized attacks.

44. AI-Powered Attacks

Use artificial intelligence and machine learning to bypass traditional security measures.

45. Rootkits

Provide attackers privileged access to a victim's computer system. Rootkits can be used to hide

2024-25 Digital Empowerment Page 110 of 151

other types of malware, such as spyware or keyloggers, and can be challenging to detect and
remove.

46. Spyware

Is malware designed to collect sensitive information from a victim's computer system. This can
include passwords, credit card numbers, and other sensitive data.

47. Social Engineering

is a technique cybercriminals use to manipulate users to make them divulge sensitive information
or perform actions that are not in their best interest.

48. Keylogger

Is a malware designed to capture keystrokes a victim enters on their computer system. This can
include passwords, credit card numbers, and other sensitive data.

49. Botnets

Are networks of compromised computers controlled by a single attacker. Botnets can launch
distributed denial of service (DDoS) attacks, steal sensitive information, or perform other
malicious activities.

50. Emotet

Is malware designed to steal sensitive information and spread it to other computers on a network.
Emotet is often spread through phishing emails and can be very difficult to detect and remove.

51. Adware

Is malware that displays unwanted advertisements on a victim's computer system. Adware can be

2024-25 Digital Empowerment Page 111 of 151

annoying and disruptive, but it's generally less harmful than other types of malware.

52. Fileless Malware

Doesn’t rely on files to infect a victim's computer system. Instead, fileless malware executes
malicious code using existing system resources, such as memory or registry keys.

53. Angler Phishing Attacks

Target individuals or organizations using highly targeted and personalized emails. Angler
phishing attacks can be difficult to detect and are often successful in stealing sensitive
information.

54. Advanced Persistent Threat (APT)

Is a cyberattack characterized by long-term, persistent access to a victim's computer system. APT

attacks are highly sophisticated and difficult to detect and remove.

How to Prevent Cyber Attacks?

Although we had a look at several ways to prevent the different types of cyberattacks we
discussed, let's summarize and look at a few personal tips which you can adopt to avoid a
cyberattack on the whole.

1. Change your passwords regularly and use strong alphanumeric passwords which are
difficult to crack. Refrain from using too complicated passwords that you would tend
to forget. Do not use the same password twice.
2. Update both your operating system and applications regularly. This is a primary
prevention method for any cyber attack. This will remove vulnerabilities that hackers
tend to exploit. Use trusted and legitimate Anti-virus protection software.

2024-25 Digital Empowerment Page 112 of 151

 3. Use a firewall and other network security tools such as Intrusion prevention systems,
Access control, Application security, etc.
4. Avoid opening emails from unknown senders. Scrutinize the emails you receive for
loopholes and significant errors.
5. Make use of a VPN. This makes sure that it encrypts the traffic between the VPN
server and your device.
6. Regularly back up your data. According to many security professionals, it is ideal to
have three copies of your data on two different media types and another copy in an
off-site location (cloud storage). Hence, even in the course of a cyber attack, you can
erase your system’s data and restore it with a recently performed backup.
7. Employees should be aware of cybersecurity principles. They must know the various
types of cyberattacks and ways to tackle them.
8. Use Two-Factor or Multi-Factor Authentication. With two-factor authentication, it
requires users to provide two different authentication factors to verify themselves.
When you are asked for over two additional authentication methods apart from your
username and password, we term it as multi-factor authentication. This proves to be a
vital step to secure your account.
9. Secure your Wi-Fi networks and avoid using public Wi-Fi without using a VPN.
10. Safeguard your mobile, as mobiles are also a cyberattack target. Install apps from only
legitimate and trusted sources, make sure to keep your device updated.

These are the tips you must implement to protect your systems and networks from a cyber attack.

Cyber Crime and its types

The term "cybercrime" was introduced after the latest evolution in the computer industry and
networks.

Cybercrimes are considered a major risk because they can have devastating effects like financial

2024-25 Digital Empowerment Page 113 of 151

losses, breaches of sensitive data, failure of systems, and also, it can affect an organization's
reputation.

What is Cybercrime?

Cybercrime can be defined as “The illegal usage of any communication device to commit or
facilitate in committing any illegal act”.

A cybercrime is explained as a type of crime that targets or uses a computer or a group of

computers under one network for the purpose of harm.

Cybercrimes are committed using computers and computer networks. They can be targeting
individuals, business groups, or even governments.

Investigators tend to use various ways to investigate devices suspected to be used or to be a

target of a cybercrime.

Who are The Cybercriminals?

A cybercriminal is a person who uses his skills in technology to do malicious acts and illegal
activities known as cybercrimes. They can be individuals or teams.

Cybercriminals are widely available in what is called the “Dark Web” where they mostly provide
their illegal services or products.

Not every hacker is a cybercriminal because hacking itself is not considered a crime as it can be
used to reveal vulnerabilities to report and batch them which is called a “white hat hacker”.

However, hacking is considered a cybercrime when it has a malicious purpose of conducting any
harmful activities and we call this one “black hat hacker” or a cyber-criminal.

It is not necessary for cybercriminals to have any hacking skills as not all cyber crimes include
hacking.

Cybercriminals can be individuals who are trading in illegal online content or scammers or even
drug dealers. So here are some examples of cybercriminals:

2024-25 Digital Empowerment Page 114 of 151

- Black hat hackers
- Cyberstalkers
- Cyber terrorists
- Scammers

Cybercriminals who conduct targeted attacks are better to be named Threat Actors.

How do Cybercrimes happen?

Cybercriminals take advantage of security holes and vulnerabilities found in systems and exploit
them in order to take a foothold inside the targeted environment.

The security holes can be a form of using weak authentication methods and passwords, it can
also happen for the lack of strict security models and policies.

Why are Cybercrimes Increasing?

The world is constantly developing new technologies, so now, it has a big reliance on
technology. Most smart devices are connected to the internet. There are benefits and there are
also risks.

One of the risks is the big rise in the number of cybercrimes committed, there are not enough
security measures and operations to help protect these technologies.

Computer networks allow people in cyberspace to reach any connected part of the world in
seconds.

Cybercrimes can have different laws and regulations from one country to another, mentioning
also that covering tracks is much easier when committing a cybercrime rather than real crimes.

We are listing different below reasons for the big increase in cybercrimes:

- Vulnerable devices:
As we mentioned before, the lack of efficient security measures and solutions introduces a wide
range of vulnerable devices which is an easy target for cybercriminals.

2024-25 Digital Empowerment Page 115 of 151

- Personal motivation:
Cybercriminals sometimes commit cybercrimes as a kind of revenge against someone they hate
or have any problem with.

- Financial motivation:
The most common motivation of cybercriminals and hacker groups, most attacks nowadays are
committed to profit from it.

Two Main Types of Cyber Crimes

- Targeting computers

This type of cybercrimes includes every possible way that can lead to harm to computer devices
for example malware or denial of service attacks.

- Using computers
This type includes the usage of computers to do all the classifications of computer crimes.

Classifications of Cybercrimes

Cybercrimes in general can be classified into four categories:

1. Individual Cyber Crimes:

This type is targeting individuals. It includes phishing, spoofing, spam, cyberstalking, and more.

2. Organisation Cyber Crimes:

The main target here is organizations. Usually, this type of crime is done by teams of criminals
including malware attacks and denial of service attacks.

3. Property Cybercrimes:

This type targets property like credit cards or even intellectual property rights.

4. Society Cybercrimes:

This is the most dangerous form of cybercrime as it includes cyber-terrorism.

2024-25 Digital Empowerment Page 116 of 151

Most Common Cyber Crimes

Now that you understand what cybercrimes are, let’s discuss some common cybercrimes.

1. Phishing and Scam:

Phishing is a type of social engineering attack that targets the user and tricks them by sending
fake messages and emails to get sensitive information about the user or trying to download
malicious software and exploit it on the target system.

2. Identity Theft

Identity theft occurs when a cybercriminal uses another person’s personal data like credit card
numbers or personal pictures without their permission to commit a fraud or a crime.

3. Ransomware Attack

Ransomware attacks are a very common type of cybercrime. It is a type of malware that has the
capability to prevent users from accessing all of their personal data on the system by encrypting
them and then asking for a ransom in order to give access to the encrypted data.

4. Hacking/Misusing Computer Networks

This term refers to the crime of unauthorized access to private computers or networks and misuse
of it either by shutting it down or tampering with the data stored or other illegal approaches.

5. Internet Fraud

Internet fraud is a type of cybercrimes that makes use of the internet and it can be considered a
general term that groups all of the crimes that happen over the internet like spam, banking frauds,
theft of service, etc.

Other Types of Cybercrime

Here are another 9 types of cybercrimes:

1. Cyber Bullying

It is also known as online or internet bullying. It includes sending or sharing harmful and

2024-25 Digital Empowerment Page 117 of 151

humiliating content about someone else which causes embarrassment and can be a reason for the
occurrence of psychological problems. It became very common lately, especially among
teenagers.

2. Cyber Stalking

Cyberstalking can be defined as unwanted persistent content from someone targeting other
individuals online with the aim of controlling and intimidating like unwanted continued calls and
messages.

3. Software Piracy

Software piracy is the illegal use or copy of paid software with violation of copyrights or license
restrictions.

An example of software piracy is when you download a fresh non-activated copy of windows
and use what is known as “Cracks” to obtain a valid license for windows activation. This is
considered software piracy.

Not only software can be pirated but also music, movies, or pictures.

4. Social Media Frauds

The use of social media fake accounts to perform any kind of harmful activities like
impersonating other users or sending intimidating or threatening messages. And one of the
easiest and most common social media frauds is Email spam.

5. Online Drug Trafficking

With the big rise of cryptocurrency technology, it became easy to transfer money in a secured
private way and complete drug deals without drawing the attention of law enforcement. This led
to a rise in drug marketing on the internet.

Illegal drugs such as cocaine, heroin, or marijuana are commonly sold and traded online,
especially on what is known as the "Dark Web".

2024-25 Digital Empowerment Page 118 of 151

6. Electronic Money Laundering

Also known as transaction laundering. It is based on unknown companies or online business that
makes approvable payment methods and credit card transactions but with incomplete or
inconsistent payment information for buying unknown products.

It is by far one of the most common and easy money laundering methods.

8. Cyber Extortion

Cyber extortion is the demand for money by cybercriminals to give back some important data
they've stolen or stop doing malicious activities such as denial of service attacks.

9. Intellectual-property Infringements

It is the violation or breach of any protected intellectual-property rights such as copyrights and
industrial design.

9. Online Recruitment Fraud

One of the less common cybercrimes that are also growing to become more popular is the fake
job opportunities released by fake companies for the purpose of obtaining a financial benefit
from applicants or even making use of their personal data.

Cyber Crimes Examples

- REvil and Kaseya Ransomware

REvil is a Russian or Russian-speaking hacking group and it is known as a

ransomware-as-a-service operation. The Kaseya incident took place in July - 2021.

The incident happened when one of the Kaseya's company's products was deploying the famous
SODINOKIBI REvil ransomware to endpoints of Kaseya's customer network that attack surface
was over 1000 Kaseya's customers worldwide.

A few hours later REvil took credit for the attack by posting on their Happy Blog website on the
dark web and demanded a $70 million ransom to release a public decryptor that they claim can

2024-25 Digital Empowerment Page 119 of 151

decrypt all the damaged devices.

The attack was so impactful that the United States government offered $10 million bounties to
anyone that can give any information for arresting REvil members.
Yaroslav Vasinskyi, a 22 years Ukrainian, was charged with conducting the attack and
unleashing the ransomware against Kaseya and other companies.

- Stuxnet
The Stuxnet incident is a famous incident that happened in 2010. Stuxnet is the name of a
computer worm (type of malware) that targets SCADA (supervisory control and data acquisition)
systems.

Stuxnet malware left devastating damage to Iran’s nuclear power program. It was spreading
through USB drives and affected mainly Microsoft Windows operating systems.

The malware functionality was to search for machines that are working as PLCs (programmable
logic controllers) and if it was found the malware updates its code over the internet through the
attackers.

- Marriott Hotels

In November 2018, Marriott hotels group suffered from a massive data breach that affected more
than 500 million customers.

The compromise happened for the guest reservation database by an unknown party. The
information that was leaked contained payment information, mailing addresses, passport
numbers, and phone numbers for customers.

Marriott Group has immediately conducted incident investigations with a group of security
experts plus setting up a website and a call center.

They also sent emails to the affected customers and gave them free access to monitoring tools
that monitor the internet and give an alert if any evidence of sharing personal information is
found.

2024-25 Digital Empowerment Page 120 of 151

- RockYou Data Breach

RockYou is a company that works in the game field and was founded in 2005 by Lance Tokuda
and Jia Shen. The company was working well until December 2009 when what is called “the
biggest data breach of all time” happened.

The data breach exposed and leaked more than 32 million user account information from
RockYou database.

The company was storing passwords in an unencrypted plain text format which made it easier for
the hacker to have access to all passwords stored. The hacker used a very old and popular SQL
vulnerability to leak all data from the database.

After this major breach, the total set of passwords that were leaked became a very helpful
resource in penetration testing as hackers use this wordlist of passwords to test the security and
password strength of accounts and products.

You can read more about top data breaches in this article.

How to Prevent Cybercrimes?

There are many tips and guidelines to protect yourself and your environment from the risk of
cybercrimes such as:

1. Be sure that you are using up-to-date security software like antivirus and firewalls.

2. Implement the best possible security settings and implementations for your environment.

3. Don't browse untrusted websites and be careful when downloading unknown files, and also be
careful when viewing Email attachments.

4. Use strong authentication methods and keep your passwords as strong as possible.

5. Don’t share sensitive information online or on your social media accounts.

6. Educate your children about the risks of internet usage and keep monitoring their activities.

2024-25 Digital Empowerment Page 121 of 151

7. Always be ready to make an immediate reaction when falling victim to cybercrimes by
referring to the police.

Financial Fraud, E-Commerce, Digital payments and its security etc

E-commerce Fraud: Securing the Entire Customer Journey

Cybersecurity threats have become prevalent in all online transactions. Topping the list of the
most vulnerable areas for online fraud are e-commerce stores.
As customers move from brick-and-mortar stores to e-commerce platforms for their buying
needs, securing customer journeys from online frauds is imperative for e-commerce stores.
E-commerce frauds are illicit online transactions by cyber criminals. These crimes directly
impact merchants and customers. Frauds like illicit and illegal activities cause heavy losses.
Besides, online fraud can have a deep impact on a business’s reputation and customer
relationships. One of the worst consequences of e-commerce fraud is the loss of customer trust
and loyalty.

Some Common Types of E-commerce Fraud

Account Takeover (ATO):
ATO, also known as identity theft, is a cybercrime where hackers access personal and financial
details to make illicit purchases.
Triangulation Frauds:
Fraudsters create fake websites and lure buyers to make purchases on the site and never deliver
the products.
Credit Card Frauds:
Credit card fraud is when hackers use credit cards owned by someone else to make purchases on
an e-commerce platform.
Friendly Fraud:
Fraudsters make false claims to merchants that the product was not delivered and demand money
back for their purchases.
Denial of Inventory:
In this case, scammers add items to their shopping carts without purchasing them just to prevent
genuine customers from buying them.
Besides these, there are several other ways in which cybercriminals illegally access the
confidential data of customers and cause financial losses for both the buyer and the seller. Hence,
comprehensive fraud detection and management strategies are required not just to provide a safe

2024-25 Digital Empowerment Page 122 of 151

and secure shopping experience for buyers but also to prevent loss to the business.
In order to prevent fraudulent activity, e-commerce retailers need to assess potential risks to
different online transactions on the website. Emerging technologies help in assessing risks and
preventing fraud.

Technologies used for E-commerce Fraud Prevention

Leveraging Machine Learning (ML)
ML, a subset of Artificial Intelligence (AI), is a self-learning technology where algorithms learn
decision-making based on training data. ML algorithms can easily distinguish between legitimate
transactions and illicit ones. These algorithms study the transaction patterns on different
e-commerce platforms and detect fraudulent activities based on this knowledge. ML bots are
highly effective in preventing e-commerce fraud.
Predictive Analysis
Predictive analysis is a technique that leverages data, past trends, and other functional variables
to predict fraud. The software studies data such as customer behaviour, buying patterns,
browsing patterns, transaction history and more, to accurately predict cybercrimes. Predictive
analytics enable cybersecurity professionals to take preventive measures to secure the platform.
Graph Technology
Graph technology is an intuitive approach that provides insights into multiple layers of data
breaches. In graph technology, data such as consumer behaviour, transaction history, channel
related information are all represented in a graphical manner. Specific data points are depicted as
nodes in the graph. Information related to fraud and illicit transactions can be accessed by firing
queries on these data points. Graph technology also provides alerts to data analysts when fraud is
detected. This facilitates the analysis of real-time data to prevent fraud.
The onus of preventing e-commerce fraud lies with online merchants and they must take the
necessary steps to prevent fraudulent activities.

Preventive Measures for E-commerce Frauds

1. Secure Vulnerabilities
2. The website must be checked to find out the vulnerabilities in the existing website and
secure them.Website Audits
3. E-commerce merchants must perform regular website audits to ensure that the website is
safe from fraudulent activities.Implement Multi-layered Security
4. Multi-layered security is implemented by using more than one method of fraud detection
such as biometric identification, OTPs, etc. Multi-layer security strengthens the security
of an e-commerce store.Keep Track of Customers’ Journeys
5. One of the most effective methods of fraud prevention is maintaining a record of
customer touchpoints such as orders shipped, received, accepted and returned, etc.Ensure
Authorised Transactions

2024-25 Digital Empowerment Page 123 of 151

 6. Online merchants can ensure authorised transactions by asking for the CVV (Card
Verification Value) code on the credit/debit card of the customer.Ensure that the Address
is Genuine
Scammers usually provide anonymous addresses that are fake. Online merchants should ensure
that the address is authentic to allow the transaction.

Understanding Digital Payment Frauds

Digital payment frauds are a growing concern in today's digital world. They can be categorized
into various types, including phishing, identity theft, card skimming, account takeover, payment
interference, and friendly fraud.

To prevent these, individuals should educate themselves on common fraud tactics, use secure
devices, verify transactions, use reputable platforms, monitor accounts regularly, and be cautious
online.

If they suspect fraud, they should report it immediately, document all communication, and file a
police report. Many countries have laws and regulations to protect consumers from digital
payment fraud.

Additionally, individuals should stay vigilant and adapt to new security measures and best
practices. By understanding these types of frauds, implementing preventive measures, and
staying informed about legal protections, individuals can better protect themselves from financial
losses and other online fraud consequences.

Types of Digital Payment Frauds

● Phishing: Phishing is a common form of cybercrime where scammers pose as
legitimate entities to obtain sensitive information. It can be done through email,
spear phishing, pharmacy, SMS/text phishing, and voice phishing. Identifying
phishing involves recognizing requests for sensitive information, urgency,
suspicious links, poor grammar, and unusual sender addresses. Preventive
measures include educating employees, using email filters, implementing
multi-factor authentication, conducting regular training, staying informed, and
reporting phishing attempts.

2024-25 Digital Empowerment Page 124 of 151

 ● Identity theft: Identity theft involves stealing personal information for fraud or
other crimes. It can occur through various methods, such as data breaches,
phishing, social engineering, mail theft, and trash diving. The consequences
include financial losses, damage to credit scores, emotional distress, and legal
issues. Preventive measures include regularly reviewing financial accounts,
shredding sensitive documents, storing information securely, using strong
passwords, being cautious online, enabling fraud alerts, and reporting theft
immediately.
● Merchant fraud: Merchant fraud involves fraudulent activities by merchants or
businesses, often involving false representation, card-present fraud,
card-not-present fraud, chargeback fraud, and account takeover. Indicators of
fraud include unusual transaction patterns, high chargeback rates, poor customer
reviews, and lack of transparency. Preventive measures include enhanced due
diligence, transaction monitoring, fraud detection tools, education, secure
payment processing, and legal action. By implementing these measures,
businesses can safeguard their financial interests, protect customers, and uphold
trust in the marketplace.

How does each type affect consumers and businesses?

Merchant fraud affects consumers and businesses in various ways. False representation can lead
to dissatisfaction, financial losses, and potential harm, while legitimate businesses may suffer
reputational damage and lose customers' trust.

Card-present fraud can result in unauthorized charges, financial losses, and identity theft, while
card-not-present fraud can result in unauthorized transactions and identity theft. Merchants may
also face financial losses from chargebacks, reputational damage, and increased costs associated
with fraud prevention measures.

To prevent and address merchant fraud, collaboration between consumers, businesses, financial
institutions, and regulatory authorities is essential. Effective fraud detection, prevention, and
enforcement measures are crucial for preventing and addressing these types of fraud.

Common Targets for Fraudsters

2024-25 Digital Empowerment Page 125 of 151

 ● Elderly Individuals: Vulnerable to scams involving fraudulent investment schemes, fake
lottery winnings, or requests for financial assistance.
● Small Businesses: Lack of robust cybersecurity measures and resources make them
attractive targets for fraud.
● Financial Institutions: Handled vast amounts of money and sensitive data, making them
prime targets for fraud.
● Online Retailers: Frequent targets due to high volume of transactions online.
● Government Agencies: Targeted due to valuable information and services they provide.

Digital Wallets and Apps: Benefits, Risks, and Best Practices

Benefits:

● Convenience: Stores payment information, loyalty cards, and other documents in

one place.
● Speed: Transactions are faster than traditional methods, reducing wait times.
● Security: Uses encryption and tokenization to secure user's payment information.
● Integration: Provides a seamless experience across different platforms.
● Contactless Payments: Enhances convenience and hygiene, especially during the
COVID-19 pandemic.
Risks and Vulnerabilities:

● Cybersecurity Threats: Vulnerable to hacking, malware, phishing, and social

engineering.
● Data Privacy Concerns: Susceptible to unauthorized access, misuse, or
exploitation.
● Device Theft or Loss: Risk of unauthorized access to payment information and
accounts.
● Technical Glitches and System Failures: Can disrupt transactions, cause delays,
or result in erroneous charges.
Best Practices:

● Choose Reputable Providers: Providers with strong security measures, encryption

protocols, and reliability.

2024-25 Digital Empowerment Page 126 of 151

 ● Secure Your Devices: Use strong passwords, biometric authentication, and device
encryption.
● Update Regularly: Keep app, operating system, and security software updated.
● Monitor Transactions: Review transaction history, account statements, and
notifications for unauthorized activity.
● Be Cautious: Exercise caution when downloading apps, clicking on links, or
providing personal information online.

eCommerce platforms
Types of eCommerce Platforms:

● Hosted Platforms: All-in-one solutions with a monthly subscription fee.

Examples include Shopify, BigCommerce, and Squarespace.
● Self-Hosted Platforms: Provide more flexibility and control as businesses host
and manage their online stores on their own servers. Examples include
WooCommerce, Magento, and OpenCart.
● Marketplace Platforms: Connect buyers and sellers on a single platform.
Examples include Amazon, eBay, and Etsy.
Key Features and Functionality:

● Product Management: Enables businesses to add, edit, and organize product

listings.
● Shopping Cart and Checkout: Enables secure transactions through integrated
payment gateways.
● Payment Processing: Supports various payment methods and ensures the
protection of sensitive financial information.
● Order Management: Streamlines operations and improves efficiency.
● Customer Relationship Management (CRM): Captures customer information and
personalizes marketing campaigns.
● Analytics and Reporting: Provides insights into sales performance, customer
behavior, website traffic, and marketing effectiveness.
Benefits of eCommerce Platforms:

2024-25 Digital Empowerment Page 127 of 151

 ● Global Reach: Enables businesses to reach customers worldwide.
● Cost-Effectiveness: Offers lower overhead costs, reduced infrastructure expenses,
and scalability.
● Flexibility and Customization: Businesses can customize their online stores.
● Convenience: Offers 24/7 accessibility, easy navigation, and flexible payment
options.
● Data-Driven Insights: Provides valuable data and analytics for continuous
optimization.

Direct bank transfers

Direct bank transfers are a secure and convenient way to transfer money between bank accounts.
They involve the sender providing necessary information, verifying the transaction details, and
authorizing the transfer. The recipient's bank receives the instructions and credits the specified
amount within a few business days. However, fees may apply, processing time may be longer,
and security is crucial.

Preventative Measures
To reduce risks in direct bank transfers, use secure channels, verify recipient and merchant
account details, enable two-factor authentication, monitor account activity, set transaction limits,
update security software, be cautious of wire transfer scams, educate yourself about fraud trends,
and report suspicious activity. Regularly monitor account activity and update security software.

Tips and tricks for consumers to protect themselves

To protect consumers from financial risks, use strong passwords, secure devices and networks,
monitor account activity, protect personal information, shop safely online, verify contacts and
requests, limit exposure on social media, be vigilant offline, stay informed about scams, fraud
tactics, and cybersecurity threats, and report suspicious activity to banks, credit card companies,
or authorities.

Keep devices and software updated with the latest security patches, use antivirus software,
firewalls, and secure Wi-Fi networks. Avoid sharing sensitive information over email, phone, or
social media unless necessary, and shop safely online with secure websites and reputable

2024-25 Digital Empowerment Page 128 of 151

payment methods.

Stay informed about common scams, fraud tactics, and cybersecurity threats, and report
suspicious activity immediately.

Best practices for businesses to secure transactions

Implementing strong encryption protocols, secure payment gateways, adopting tokenization and
encryption, requiring strong authentication, updating software and systems regularly, monitoring
transactions, educating staff members and clients on cybersecurity best practices, securing
physical infrastructure, carrying out frequent security audits, and having a thorough incident
response plan in place are all important steps in safeguarding your website and payment gateway.

To find vulnerabilities and uphold a safe online payment terminal environment, do security
checks and audits, monitor transactions, analyze transaction data, and update software regularly.

Overview of Social Media Fraud and its security etc

Social media fraud can include a variety of scams, such as:

● Identity theft: Scammers can use publicly available information to steal someone's
identity.
● False information: People can spread disinformation quickly on social media.
● Malware: Social media platforms can be used to deliver malware, which can steal
sensitive data.
● Impersonation: Scammers can impersonate brands or other people.
● Fake ads: Scammers can use fake ads to defraud people.
● False job offerings: Scammers can offer fake jobs to defraud people.
● Honey traps: Scammers can use honey traps to defraud people.
● Phishing: Scammers can use phishing to defraud people.
● Pumping up a company: Scammers can use online discussions to pump up a company.
● Pretending to reveal "inside" information: Scammers can pretend to reveal "inside"
information about upcoming announcements, new products, or lucrative contracts.

To protect yourself from social media fraud, you can:

2024-25 Digital Empowerment Page 129 of 151

 ● Use strong, unique passwords for each of your online accounts
● Limit personal information posts
● Block or ignore unwanted people
● Don't reply to suspicious messages
● Verify the authenticity of senders before making financial or property transactions
● Review access permissions and account holder information
● Limit app access
● Enable 2FA/MFA
● Implement effective business antivirus and security software on your network

2024-25 Digital Empowerment Page 130 of 151