Perpetrators of computer fraud tend to possess more computer knowledge, experience, and skills. Some computer fraud perpetrators are more motivated by curiosity and the challenge of beating the system; others commit fraud to gain stature among others in the computer community. Why Fraud Occurs There are three conditions necessary for fraud to occur: (1) A pressure or motive (e.g., financial pressures-living beyond means, high personal debt, inadequate income, poor credit ratings, heavy financial losses, or large gambling debts; work-related pressures-low salary, non-recognition of performance, job dissatisfaction, fear of losing job, overaggressive bonus plans; other pressures-challenge, family/peer pressure, emotional instability, need for power or control, excessive pride or ambition.) (2) An opportunity- An opportunity is the condition or situation that allows a person to commit and conceal a dishonest act. Opportunities often stem from a lack of internal controls. However, the most prevalent opportunity for fraud results from a companys failure to enforce its system of internal controls. (3) A rationalization- Most perpetrators have an excuse or a rationalization that allows them to justify their illegal behavior. Some of these rationalizations include: The perpetrator is just borrowing the stolen assets. The perpetrator is not hurting a real person, just a computer system. No one will ever know.
2. Who are the most likely perpetrators of computer fraud? Fraud perpetrators vary as much as the victims they target. Like their victims, fraud perpetrators come from every educational, geographical, racial, religious, gender, and socioeconomic background. Contrary to popular belief, most fraud perpetrators are not slinky, shady characters who perpetrate their crimes under the cover of night. Today's fraud perpetrators are often trained professionals who are good at what they do--stealing money and assets from people. Fraud criminals often do their homework by Joining professional organizations, Participating in community events (to legitimize their schemes and develop trust with potential victims), Keeping abreast of current events (to appear knowledgeable about cutting-edge technologies, legitimate financial investments, and business practices), and Assuming an "affinity" with their victims (emphasizing their common age, culture, education, race, or financial or social status). Their weapon of choice is not a gun or a knife, but slick publications, marketing materials, prospectuses, computer and communications technology, and well-rehearsed sales pitches. Many fraud perpetrators use their community and professional credibility and respectability to con, swindle, and deceive family members, friends, business colleagues, and other members of the community with whom they have formed a relationship. 3. Who are the most likely victims of computer frauds? Not all fraud victims are greedy, risk-taking, self-deceptive individuals looking to make a quick dollar. Nor are all fraud victims naive, uneducated, or elderly. Victims of fraud come from a variety of racial, age, gender, religious, socioeconomic, and educational backgrounds. And smart perpetrators prey on those differences. For example fraudulent telemarketers often target the elderly as potential victims, not because they are greedy, but because they are more likely to Have money, property, savings, and investments; Be home to receive phone solicitations; and Remain on the phone longer to hear fraudulent sales pitches (due to loneliness). Younger, educated adults may be targeted because of a Lack of maturity and experience that would help them recognize fraudulent pitches, Desire to increase their standard of living quickly, and Lack of information about financial investments or purchases. Other victims are targeted because of certain personality or character traits that may increase their risk for fraud victimization. These include Compassion, Respect for authority figures, and Unsuspicious natures. 4. What specific techniques are used to commit computer fraud? Cracking Data diddling Data leakage Denial of service attack Eavesdropping E-mail forgery and threats Hacking Internet misinformation and terrorism Logic time bomb Masquerading or impersonation Password cracking Piggybacking Round-down Salami technique Software piracy Scavenging Social engineering Super zapping Trap door Trojan horse Virus Worm 5. What do you think are the ways companies/individuals must apply to deter & detest computer fraud? PREVENTING AND DETECTING COMPUTER FRAUD
Organizations must take every precaution to protect their information systems. Certain measures can significantly decrease the potential for fraud and any resulting losses. These measures include: Make fraud less likely to occur Increase the difficulty of committing fraud Improve detection methods Reduce fraud losses Make fraud less likely to occur - By creating an ethical cultural, adopting an appropriate organizational structure, requiring active oversight, assigning authority and responsibility, assessing risk, developing security policies, implementing human resource policies, supervising employees effectively, training employees, requiring vacations, implementing development and acquisition controls, and prosecuting fraud perpetrators vigorously. Increase the difficulty of committing fraud - By designing strong internal controls, segregating duties, restricting access, requiring appropriate authorizations, utilizing documentation, safeguarding assets, requiring independent checks on performance, implementing computer-based controls, encrypting data, and fixing software vulnerabilities. Improve detection methods - By creating an audit trail, conducting periodic audits, installing fraud detection software, implementing a fraud hotline, employing a computer security officer, monitoring system activities, and using intrusion detection systems. Reduce Fraud Losses - By maintaining adequate insurance, developing disaster recovery plans, backing up data and programs, and using software to monitor system activity and recover from fraud.
Hacking With Kali Linux : A Comprehensive, Step-By-Step Beginner's Guide to Learn Ethical Hacking With Practical Examples to Computer Hacking, Wireless Network, Cybersecurity and Penetration Testing