Computer Fraud Discussion

Question Description

I don’t know how to handle this Accounting question and need guidance.

computer Fraud Discussion :
Talk about any company or bank for electronic fraud??

1 attachmentsSlide 1 of 1attachment_1attachment_1

Unformatted Attachment Preview

Chapter 6
Computer Fraud and Abuse
Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall
Learning Objectives
Compare and contrast computer
attack and abuse tactics.
Explain how social engineering
techniques are used to gain physical or
logical access to computer resources.
Describe the different types of malware
used to harm computers.
Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall
Computer Attacks and Abuse
 Hacking
 Unauthorized access, modification, or use of a
computer system or other electronic device
 Social Engineering
 Techniques, usually psychological tricks, to gain
access to sensitive data or information
 Used to gain access to secure systems or locations
 Malware
 Any software which can be used to do harm
Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall
Types of Computer Attacks
 Botnet—Robot Network
 Network of hijacked computers
 Hijacked computers carry out processes without users
 Zombie—hijacked computer
 Denial-of-Service (DoS) Attack
 Constant stream of requests made to a Web-server
(usually via a Botnet) that overwhelms and shuts down
 Spoofing
 Making an electronic communication look as if it
comes from a trusted official source to lure the
recipient into providing information
Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall
Types of Spoofing
 E-mail
 E-mail sender appears
as if it comes from a
different source
 Caller-ID
 Incorrect number is
 IP address
 Forged IP address to
conceal identity of
sender of data over the
Internet or to
impersonate another
computer system
 Address Resolution
Protocol (ARP)
 Allows a computer on a
LAN to intercept traffic
meant for any other
computer on the LAN
 Web page
 Phishing (see below)
 Intercepting a request
for a Web service and
sending the request to
a false service
 Incorrect number or
name appears, similar
to caller-ID but for text
Hacking Attacks
 Cross-Site Scripting (XSS)
 Unwanted code is sent via dynamic Web pages
disguised as user input.
 Buffer Overflow
 Data is sent that exceeds computer capacity causing
program instructions to be lost and replaced with
attacker instructions.
 SQL Injection (Insertion)
 Malicious code is inserted in the place of query to a
database system.
 Man-in-the-Middle
 Hacker places themselves between client and host.
Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall
Additional Hacking Attacks
 Password Cracking
 Penetrating system security to steal passwords
 War Dialing
 Computer automatically dials phone numbers looking
for modems.
 Phreaking
 Attacks on phone systems to obtain free phone
 Data Diddling
 Making changes to data before, during, or after it is
entered into a system.
 Data Leakage
 Unauthorized copying of company data.
Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall
Hacking Embezzlement Schemes
 Salami Technique
 Taking small amounts from many different accounts.
 Economic Espionage
 Theft of information, trade secrets, and intellectual
 Cyber-Bullying
 Internet, cell phones, or other communication
technologies to support deliberate, repeated, and
hostile behavior that torments, threatens, harasses,
humiliates, embarrasses, or otherwise harms another
 Internet Terrorism
 Act of disrupting electronic commerce and harming
computers and communications.
Hacking for Fraud
 Internet Misinformation
 Using the Internet to spread false or misleading
 Internet Auction
 Using an Internet auction site to defraud another
 Unfairly drive up bidding
 Seller delivers inferior merchandise or fails to deliver at all
 Buyer fails to make payment
 Internet Pump-and-Dump
 Using the Internet to pump up the price of a stock and
then selling it
Social Engineering Techniques
 Identity Theft
 Assuming someone else’s identity
 Pretexting
 Inventing a scenario that will lull
someone into divulging sensitive
 Posing
 Using a fake business to acquire
sensitive information
 Phishing
 Posing as a legitimate company
asking for verification type
information: passwords, accounts,
 Typesquatting
 Typographical errors when
entering a Web site name cause
an invalid site to be accessed
 Tabnapping
 Changing an already open
browser tab
 Scavenging
 Looking for sensitive information in
items thrown away
 Shoulder Surfing
 Snooping over someone’s
shoulder for sensitive information
 Pharming
 Redirecting Web site traffic to a
spoofed Web site.
Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall
More Social Engineering
 Lebanese Loping
 Capturing ATM pin and card numbers
 Skimming
 Double-swiping a credit card
 Chipping
 Planting a device to read credit card information in a
credit card reader
 Eavesdropping
 Listening to private communications
Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall
Type of Malware
 Virus
 Executable code that attaches itself to software,
replicates itself, and spreads to other systems or files
 Worm
 Similar to a virus; a program rather than o code
segment hidden in a host program. Actively transmits
itself to other systems
 Spyware
 Secretly monitors and collects
personal information about users
and sends it to someone else
 Adware
 Pops banner ads on a monitor, collects information
about the user’s Web-surfing, and spending habits,
and forward it to the adware creator
More Malware
 Key logging
 Records computer activity, such as a user’s keystrokes,
e-mails sent and received, Web sites visited, and chat
session participation
 Trojan Horse
 Malicious computer instructions in an authorized and
otherwise properly functioning program
 Time bombs/logic bombs
 Idle until triggered by a specified date or time, by a
change in the system, by a message sent to the
system, or by an event that does not occur
 Trap Door/Back Door
 A way into a system that bypasses normal
authorization and authentication controls
Copyright 2012 © Pearson Education, Inc. publishing as Prentice Hall
More Malware
 Packet Sniffers
 Capture data from information packets as they travel
over networks
 Rootkit
 Used to hide the presence of trap doors, sniffers, and key
loggers; conceal software that originates a denial-ofservice or an e-mail spam attack; and access user names
and log-in information
 Superzapping
 Unauthorized use of special system programs to
bypass regular system controls and perform illegal
acts, all without leaving an audit trail
Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall

Purchase answer to see full

Student has agreed that all tutoring, explanations, and answers provided by the tutor will be used to help in the learning process and in accordance with Studypool’s honor code & terms of service.

Reviews, comments, and love from our customers and community:

This page is having a slideshow that uses Javascript. Your browser either doesn't support Javascript or you have it turned off. To see this page as it is meant to appear please use a Javascript enabled browser.

Peter M.
Peter M.
So far so good! It's safe and legit. My paper was finished on time...very excited!
Sean O.N.
Sean O.N.
Experience was easy, prompt and timely. Awesome first experience with a site like this. Worked out well.Thank you.
Angela M.J.
Angela M.J.
Good easy. I like the bidding because you can choose the writer and read reviews from other students
Lee Y.
Lee Y.
My writer had to change some ideas that she misunderstood. She was really nice and kind.
Kelvin J.
Kelvin J.
I have used other writing websites and this by far as been way better thus far! =)
Antony B.
Antony B.
I received an, "A". Definitely will reach out to her again and I highly recommend her. Thank you very much.
Khadija P.
Khadija P.
I have been searching for a custom book report help services for a while, and finally, I found the best of the best.
Regina Smith
Regina Smith
So amazed at how quickly they did my work!! very happy♥.