DOCSLIB.ORG

Due Diligence Issues Essential to Be Considered by Professionals Committed to Excellence.” Richard D

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

“Burke Files has done a thorough job in presenting and analyzing due diligence issues essential to be considered by professionals committed to excellence.” Richard D. Heideman, Esq. Senior Counsel, Heideman Nudelman & Kalik, P.C. Washington, DC “Files brings a fresh, critical and frequently amusing perspective to the well plowed topic of financial due diligence, and the results are terrific. This book should be required reading for all well intentioned lawyers, accountants, bankers, investment advisors, regulators and other professionals who practice in the international financial sector and can perform a crucial gate keeping function.” F. R. Jenkins, Esq., Meridian 361 International Law Group, PLLC, Inner Temple London “This is it, this is what is missing in the world of due diligence. A well written guide to the thought process and not another book of mindless check lists.” Juan A. Benavides, FBINA, CPP, CPO, DVSA Retired Chief of State Police Nuevo Leon, Monterrey City, Mexico Principal of IPACITEFO International Training for Police and Security. Monterrey City, Mexico “Any CFO who does not read and head these lessons will make errors that could have been foreseen and miss a good read.” Thomas E Ferneau, III Esq. CFO Tarsus Trust Company Charlestown, Nevis “As a security consultant advising global corporations, investment institutions and governments on various aspects of their business, I am required from time to time to carry out due diligence procedures on behalf of my clients. The complexity of the international financial environment today and the increasing vulnerability of companies in our networked age to well-organized fraud make this is challenging task even for the well-prepared professional. In answer to this pressing problem, Burke Files has produced a concise yet comprehensive guide to the techniques, best practices and timesaving tools that help to combat and overcome the wily fraudsters inhabiting our financial environment. With this book as part of your personal armory, you are equipped to steer a confident path through the due diligence processes required in M&A planning, business partnerships, supplier agreements, key employee hires and many other forms of corporate activity. Most important of all, this book is a great read. In an area of endeavor not generally known for its entertaining nature, the author’s light and humorous touch keeps the pages turning nicely, and the colorful characters we encounter throughout the book alternately appall and intrigue us by their single-minded devotion to defrauding their partners, customers and the authorities. Bravo Mr. Files - this book will remain a permanent feature of my library for many years to come!” Jules Trocchi, Senior Consultant, Electronics & Security Practice, Frost & Sullivan London “A refreshingly comprehensive guide explaining the process of financial due diligence. Well written and presented in succinct yet humorous fashion, this book allows readers to go above and beyond the overly simplistic check-box approach that so many have unfortunately been lulled into reliance upon. This should be requisite reading by various business and risk managers, investigators and various gatekeepers associated with or serving those in the financial community, as well as anyone who has interest in this subject matter.” Shaun M. Hassett, CAMS The LUBRINCO Group Algonquin, IL Due Diligence For The Financial Professional L. Burke Files Copyrighted material Copyright © 2010 by Aegis Journal, LLC. All rights reserved. No part of this publication may be reproduced, distributed, or transmitted in any form or by any means, including photocopying, recording, or other electronic or mechanical means, without the written permission of the publisher, except in case of the brief quotations embodied in critical reviews and certain non-commercial uses permitted by copyright law. For permission requests, please write to the publisher; attention “Permission Coordinator” at the address below. Aegis Journal, LLC POB 27314 Tempe, AZ 85285 Tel (877) 4243 – Fax (877) 438-2603 e-mail: [email protected] Sales are available at: www.AegisJournal.com, Amazon and at Quality Book Stores. Special discounts are available on quantity purchases. Please contact by e-mail for details. For classroom use, please inquire about the availability of additional support materials. Orders for bookstores, please contact by e-mail Editor: John Conway Cover design: Zoe Lowney Aegis Journal, LLC, the title “Aegis Journal”, the Aegis Journal logo, and “Due Diligence for the Financial Professional” are all the property of the Aegis Journal, LLC. To book speaking engagements please contact Mr. Files through Aegis Journal, LLC. Library of Congress Cataloging-in-Publication Data: Files, L. Burke Due Diligence for the Financial Professional Library of Congress Control Number: 2010912845 Printed in the United States of America 1 3 5 7 9 8 6 4 2 ISBN 978-0-9823723-3-3 ii Introduction “Liberation is freedom from ignorance.” Unknown The purpose of this book is to help the financial professional avoid ever being misled again. Financial professionals are challenged by the need for due diligence, not because it is a requirement but because it is not a stocked item. It is a process not a thing. Stale, regimented, check-box information is not due diligence. What’s needed is relevant information gathered in a timely manner. This is key. Properly executed, a due diligence process provides tools for informed choice and eliminates fact noise. So Why Buy This Book... This is not a book of mind-numbing irrelevant checklists, nor is it scribbled by an academic. This book will show you how to filter information and discern the noise from the substance of due diligence. It does not waste time or pages telling you what you already know about AML, SOX, risk management or how to read a balance sheet. No, this book goes into the guts of the idea – due diligence or, as I like to say, Do Diligence. So then, what’s different about this book from the many others like it? It is penned by someone who has run and or overseen thousands of investigative cases from the mundane to the outrageous, involving thousands of dollars to hundreds of millions of dollars in many countries. It is penned by someone who has done due diligence and mopped up when it has not been done. It’s about wiping the lipstick off the pigs! Like any thought experiment, which is the format of this book, the presentation leaves out many complicating details in an attempt to tease out something interesting about core issues. iii How To Use This Book The book is set up with stand-alone chapters. You can read from beginning to end or read the chapters you choose. Don’t lean on the questionnaires and lists without reading the corresponding chapters that precede them. This way you will know questionnaires and lists are not mindless forms to be followed, an end destination – rather they are a road map for journeys. If you are to read a few chapters only, please include Heuristics, Art and Due Diligence, and the Frontiers of Fraud. These take you out of routine thinking and challenge you to think laterally about due diligence and fraud. By the way, I get it – due diligence as practiced by many is so exciting you would rather water the moss garden. On the other hand if you were putting down $1,000,000 of your money on the outcome of the Super Bowl, you would know the entire personal and professional histories of every player and you could follow key players up to the hour of the bet to see who is working out and who is out on the town. Now that’s fun. Or if you are investing other people’s money, are you just going to the mean, median and mode of the Vegas and street bookies, weighing the numbers by a quant formula? It is the difference between doing your own work and relying on a ratings agency. After over 25 years in finance and 19 as an international investigator, I have seen some of the worst and best in finance. My attempt is to offer to you my experiences and encapsulate 14 more years of experience of my own and my firm’s operations conducted on six continents. This book is about change. It is about a change in the social contract that says a little fraud is OK. It is my wish that with the tools in this book you can help change the paradigm and thus the social contract. This book is not a “how to” on due diligence and fraud. Rather, the book’s purpose is to give the reader no refuge but to think about the due diligence process and how fraud attempts to circumvent the process. May we all do well as we do good. L. Burke Files – August 2010 iv Table Of Contents Preamble ................................................................................ 1 Why Are You Doing Due Diligence? ............................. 1 Due Diligence Is Much too Serious of a Matter to Be Entrusted to Your Risk Management .................... 2 Back to Our Roots ........................................................ 7 Chapter 1 Heuristics and Biases ......................................... 9 There Are Five General Categories of Heuristics ............10 Judgment ............................................................10 Representative .....................................................10 Availability ..........................................................10 Adjustment and Anchoring ..................................11 Risk and Loss Aversion ........................................11 Biases, A Sampling ...............................................11 A Thought Experiment ................................................13
Recommended publications
  • IYIR for HTML

    IYIR for HTML

    INFOSEC UPDATE 2006 Student Workbook Norwich University June 19-20, 2006 M. E. Kabay, PhD, CISSP-ISSMP Assoc. Prof. Information Assurance Program Director, MSIA BSIA Division of Business Management Norwich University [email protected] Copyright © 2006 M. E. Kabay. All rights reserved. Page 1 INFOSEC UPDATE 2006 -- June 19-20, 2006 01 Introduction Category 01 Introduction 2006-06-12 Introduction M. E. Kabay, PhD, CISSP WELCOME Welcome to the 2005 edition of the Information Security Year in Review (IYIR) project. In 1993 and 1994, I was an adjunct professor in the Institute for Government Informatics Professionals in Ottawa, Canada under the aegis of the University of Ottawa. I taught a one-semester course introducting information security to government personnel and enjoyed the experience immensely. Many of the chapters of my 1996 textbook, _The NCSA Guide to Enterprise Security_ published by McGraw-Hill were field-tested by my students. In 1995, I was asked if I could run a seminar for graduates of my courses to bring them up to date on developments across the entire field of information security. Our course had twenty students and I so enjoyed it that I continued to develop the material and teach the course with the NCSA (National Computer Security Association; later called ICSA and then eventually renamed TruSecure Corporation and finally CyberTrust, its current name) all over the United States, Canada, Europe, Asia and the Caribbean. After a few years of working on this project, it became obvious that saving abstracts in a WordPerfect file was not going to cut it as an orderly method for organizing the increasing mass of information that I was encountering in my research.
  • General Index

    General Index

    General Index Italicized page numbers indicate figures and tables. Color plates are in- cussed; full listings of authors’ works as cited in this volume may be dicated as “pl.” Color plates 1– 40 are in part 1 and plates 41–80 are found in the bibliographical index. in part 2. Authors are listed only when their ideas or works are dis- Aa, Pieter van der (1659–1733), 1338 of military cartography, 971 934 –39; Genoa, 864 –65; Low Coun- Aa River, pl.61, 1523 of nautical charts, 1069, 1424 tries, 1257 Aachen, 1241 printing’s impact on, 607–8 of Dutch hamlets, 1264 Abate, Agostino, 857–58, 864 –65 role of sources in, 66 –67 ecclesiastical subdivisions in, 1090, 1091 Abbeys. See also Cartularies; Monasteries of Russian maps, 1873 of forests, 50 maps: property, 50–51; water system, 43 standards of, 7 German maps in context of, 1224, 1225 plans: juridical uses of, pl.61, 1523–24, studies of, 505–8, 1258 n.53 map consciousness in, 636, 661–62 1525; Wildmore Fen (in psalter), 43– 44 of surveys, 505–8, 708, 1435–36 maps in: cadastral (See Cadastral maps); Abbreviations, 1897, 1899 of town models, 489 central Italy, 909–15; characteristics of, Abreu, Lisuarte de, 1019 Acequia Imperial de Aragón, 507 874 –75, 880 –82; coloring of, 1499, Abruzzi River, 547, 570 Acerra, 951 1588; East-Central Europe, 1806, 1808; Absolutism, 831, 833, 835–36 Ackerman, James S., 427 n.2 England, 50 –51, 1595, 1599, 1603, See also Sovereigns and monarchs Aconcio, Jacopo (d. 1566), 1611 1615, 1629, 1720; France, 1497–1500, Abstraction Acosta, José de (1539–1600), 1235 1501; humanism linked to, 909–10; in- in bird’s-eye views, 688 Acquaviva, Andrea Matteo (d.
  • Download The

    Download The

    MAS Context Issue 22 / Summer ’14 Surveillance MAS Context Issue 22 / Summer ’14 Surveillance 3 MAS CONTEXT / 22 / SURVEILLANCE / 22 / CONTEXT MAS Welcome to our Surveillance issue. This issue examines the presence of surveillance around us— from the way we are being monitored in the physical and virtual world, to the potential of using the data we generate to redefine our relationship to the built environment. Organized as a sequence of our relationship with data, the contributions address monitoring, collecting, archiving, and using the traces that we leave, followed by camouflaging and deleting the traces that we leave. By exploring different meanings of surveillance, this issue seeks to generate a constructive conversation about the history, policies, tools, and applications of the information that we generate and how those aspects are manifested in our daily lives. MAS Context is a quarterly journal that addresses issues that affect the urban context. Each issue delivers a comprehensive view of a single topic through the active participation of people from different fields and different perspectives who, together, instigate the debate. MAS Context is a 501(c)(3) not for profit organization based in Chicago, Illinois. It is partially supported by a grant from the Graham Foundation for Advanced Studies in the Fine Arts. MAS Context is also supported by Wright. With printing support from Graphic Arts Studio. ISSN 2332-5046 5 “It felt more like a maximum security prison than a gated community SURVEILLANCE / 22 / CONTEXT MAS when the Chicago Housing Authority tried to beef up the safety of the neighborhood. Our privacy was invaded with police cameras Urban watching our every move.
  • Annual Report 1995

    Annual Report 1995

    19 9 5 ANNUAL REPORT 1995 Annual Report Copyright © 1996, Board of Trustees, Photographic credits: Details illustrated at section openings: National Gallery of Art. All rights p. 16: photo courtesy of PaceWildenstein p. 5: Alexander Archipenko, Woman Combing Her reserved. Works of art in the National Gallery of Art's collec- Hair, 1915, Ailsa Mellon Bruce Fund, 1971.66.10 tions have been photographed by the department p. 7: Giovanni Domenico Tiepolo, Punchinello's This publication was produced by the of imaging and visual services. Other photographs Farewell to Venice, 1797/1804, Gift of Robert H. and Editors Office, National Gallery of Art, are by: Robert Shelley (pp. 12, 26, 27, 34, 37), Clarice Smith, 1979.76.4 Editor-in-chief, Frances P. Smyth Philip Charles (p. 30), Andrew Krieger (pp. 33, 59, p. 9: Jacques-Louis David, Napoleon in His Study, Editors, Tarn L. Curry, Julie Warnement 107), and William D. Wilson (p. 64). 1812, Samuel H. Kress Collection, 1961.9.15 Editorial assistance, Mariah Seagle Cover: Paul Cezanne, Boy in a Red Waistcoat (detail), p. 13: Giovanni Paolo Pannini, The Interior of the 1888-1890, Collection of Mr. and Mrs. Paul Mellon Pantheon, c. 1740, Samuel H. Kress Collection, Designed by Susan Lehmann, in Honor of the 50th Anniversary of the National 1939.1.24 Washington, DC Gallery of Art, 1995.47.5 p. 53: Jacob Jordaens, Design for a Wall Decoration (recto), 1640-1645, Ailsa Mellon Bruce Fund, Printed by Schneidereith & Sons, Title page: Jean Dubuffet, Le temps presse (Time Is 1875.13.1.a Baltimore, Maryland Running Out), 1950, The Stephen Hahn Family p.
  • University of Southampton Research Repository

    University of Southampton Research Repository

    University of Southampton Research Repository Copyright © and Moral Rights for this thesis and, where applicable, any accompanying data are retained by the author and/or other copyright owners. A copy can be downloaded for personal non- commercial research or study, without prior permission or charge. This thesis and the accompanying data cannot be reproduced or quoted extensively from without first obtaining permission in writing from the copyright holder/s. The content of the thesis and accompanying research data (where applicable) must not be changed in any way or sold commercially in any format or medium without the formal permission of the copyright holder/s. When referring to this thesis and any accompanying data, full bibliographic details must be given, e.g. Thesis: Katarzyna Kosior (2017) "Becoming and Queen in Early Modern Europe: East and West", University of Southampton, Faculty of the Humanities, History Department, PhD Thesis, 257 pages. University of Southampton FACULTY OF HUMANITIES Becoming a Queen in Early Modern Europe East and West KATARZYNA KOSIOR Doctor of Philosophy in History 2017 ~ 2 ~ UNIVERSITY OF SOUTHAMPTON ABSTRACT FACULTY OF HUMANITIES History Doctor of Philosophy BECOMING A QUEEN IN EARLY MODERN EUROPE: EAST AND WEST Katarzyna Kosior My thesis approaches sixteenth-century European queenship through an analysis of the ceremonies and rituals accompanying the marriages of Polish and French queens consort: betrothal, wedding, coronation and childbirth. The thesis explores the importance of these events for queens as both a personal and public experience, and questions the existence of distinctly Western and Eastern styles of queenship. A comparative study of ‘Eastern’ and ‘Western’ ceremony in the sixteenth century has never been attempted before and sixteenth- century Polish queens usually do not appear in any collective works about queenship, even those which claim to have a pan-European focus.
  • Cryptography

    Cryptography

    Cryptography From Wikipedia, the free encyclopedia Jump to: navigation, search "Secret code" redirects here. For the Aya Kamiki album, see Secret Code. German Lorenz cipher machine, used in World War II to encrypt very-high-level general staff messages Cryptography (or cryptology; from Greek κρυπτός, kryptos, "hidden, secret"; and γράφ, gráph, "writing", or -λογία, -logia, respectively)[1] is the practice and study of hiding information. Modern cryptography intersects the disciplines of mathematics, computer science, and engineering. Applications of cryptography include ATM cards, computer passwords, and electronic commerce. Cryptology prior to the modern age was almost synonymous with encryption, the conversion of information from a readable state to nonsense. The sender retained the ability to decrypt the information and therefore avoid unwanted persons being able to read it. Since WWI and the advent of the computer, the methods used to carry out cryptology have become increasingly complex and its application more widespread. Alongside the advancement in cryptology-related technology, the practice has raised a number of legal issues, some of which remain unresolved. Contents [hide] • 1 Terminology • 2 History of cryptography and cryptanalysis o 2.1 Classic cryptography o 2.2 The computer era • 3 Modern cryptography o 3.1 Symmetric-key cryptography o 3.2 Public-key cryptography o 3.3 Cryptanalysis o 3.4 Cryptographic primitives o 3.5 Cryptosystems • 4 Legal issues o 4.1 Prohibitions o 4.2 Export controls o 4.3 NSA involvement o 4.4 Digital rights management • 5 See also • 6 References • 7 Further reading • 8 External links [edit] Terminology Until modern times cryptography referred almost exclusively to encryption, which is the process of converting ordinary information (plaintext) into unintelligible gibberish (i.e., ciphertext).[2] Decryption is the reverse, in other words, moving from the unintelligible ciphertext back to plaintext.
  • Click Fraud,' Personal, Non-Commercial Use Only

    Click Fraud,' Personal, Non-Commercial Use Only

    April 6, 2005 PAGE ONE Traffic Jam DOW JONES REPRINTS This copy is for your In 'Click Fraud,' personal, non-commercial use only. To order presentation-ready copies Web Outfits Have for distribution to your colleagues, clients or customers, use the Order A Costly Problem Reprints tool at the bottom of any article or visit: www.djreprints.com. Marketers Worry About Bills Inflated by People Gaming • See a sample reprint in PDF format . The Search-Ad System • Order a reprint of this article now. Mr. McKelvey Turns Detective RELATED ARTICLE By KEVIN J. DELANEY • Internet Firms Face Legal Test on Staff Reporter of THE WALL STREET JOURNAL Advertising Fees3 April 6, 2005; Page A1 Nathan McKelvey began to worry about foul play when Yahoo Inc. refunded him $69.28 early last year. He grew more suspicious when a $16.91 refund arrived from Google Inc. The refunds were for "unusual clicks" and "invalid click activity" and they suggested someone was sabotaging Mr. McKelvey's advertising strategy. He pitches his charter-jet brokerage the way companies increasingly do: contracting with Yahoo and Google to serve up small text ads to anyone searching the Web using certain words, such as "private jet" or "air charter." He pays the search companies a fee every time someone clicks on his ads. But Yahoo and Google determined someone was clicking on CharterAuction.com Inc.'s ads with no intention of doing business, thus unfairly driving up the company's advertising costs. Mr. McKelvey, turning detective, combed through lists of "IP" addresses, the identifying codes supplied by computers when they access Web sites.
  • Zerohack Zer0pwn Youranonnews Yevgeniy Anikin Yes Men

    Zerohack Zer0pwn Youranonnews Yevgeniy Anikin Yes Men

    Zerohack Zer0Pwn YourAnonNews Yevgeniy Anikin Yes Men YamaTough Xtreme x-Leader xenu xen0nymous www.oem.com.mx www.nytimes.com/pages/world/asia/index.html www.informador.com.mx www.futuregov.asia www.cronica.com.mx www.asiapacificsecuritymagazine.com Worm Wolfy Withdrawal* WillyFoReal Wikileaks IRC 88.80.16.13/9999 IRC Channel WikiLeaks WiiSpellWhy whitekidney Wells Fargo weed WallRoad w0rmware Vulnerability Vladislav Khorokhorin Visa Inc. Virus Virgin Islands "Viewpointe Archive Services, LLC" Versability Verizon Venezuela Vegas Vatican City USB US Trust US Bankcorp Uruguay Uran0n unusedcrayon United Kingdom UnicormCr3w unfittoprint unelected.org UndisclosedAnon Ukraine UGNazi ua_musti_1905 U.S. Bankcorp TYLER Turkey trosec113 Trojan Horse Trojan Trivette TriCk Tribalzer0 Transnistria transaction Traitor traffic court Tradecraft Trade Secrets "Total System Services, Inc." Topiary Top Secret Tom Stracener TibitXimer Thumb Drive Thomson Reuters TheWikiBoat thepeoplescause the_infecti0n The Unknowns The UnderTaker The Syrian electronic army The Jokerhack Thailand ThaCosmo th3j35t3r testeux1 TEST Telecomix TehWongZ Teddy Bigglesworth TeaMp0isoN TeamHav0k Team Ghost Shell Team Digi7al tdl4 taxes TARP tango down Tampa Tammy Shapiro Taiwan Tabu T0x1c t0wN T.A.R.P. Syrian Electronic Army syndiv Symantec Corporation Switzerland Swingers Club SWIFT Sweden Swan SwaggSec Swagg Security "SunGard Data Systems, Inc." Stuxnet Stringer Streamroller Stole* Sterlok SteelAnne st0rm SQLi Spyware Spying Spydevilz Spy Camera Sposed Spook Spoofing Splendide
  • Clickjacking: Attacks and Defenses

    Clickjacking: Attacks and Defenses

    Clickjacking: Attacks and Defenses Lin-Shung Huang Alex Moshchuk Helen J. Wang Carnegie Mellon University Microsoft Research Microsoft Research [email protected] [email protected] [email protected] Stuart Schechter Collin Jackson Microsoft Research Carnegie Mellon University [email protected] [email protected] Abstract such as a “claim your free iPad” button. Hence, when Clickjacking attacks are an emerging threat on the web. the user “claims” a free iPad, a story appears in the user’s In this paper, we design new clickjacking attack variants Facebook friends’ news feed stating that she “likes” the using existing techniques and demonstrate that existing attacker web site. For ease of exposition, our description clickjacking defenses are insufficient. Our attacks show will be in the context of web browsers. Nevertheless, the that clickjacking can cause severe damages, including concepts and techniques described are generally applica- compromising a user’s private webcam, email or other ble to all client operating systems where display is shared private data, and web surfing anonymity. by mutually distrusting principals. We observe the root cause of clickjacking is that an Several clickjacking defenses have been proposed and attacker application presents a sensitive UI element of a deployed for web browsers, but all have shortcomings. target application out of context to a user (such as hiding Today’s most widely deployed defenses rely on frame- the sensitive UI by making it transparent), and hence the busting [21, 37], which disallows a sensitive page from user is tricked to act out of context. To address this root being framed (i.e., embedded within another web page).
  • Vasemania: Neoclassical Form and Ornament

    Vasemania: Neoclassical Form and Ornament

    VOLUME: 4 WINTER, 2004 Vasemania: Neoclassical Form and Ornament: Selections from The Metropolitan Museum of Art at the Bard Graduate Center for Studies in the Decorative Arts, Design, and Culture Review by Nancy H. Ramage 1) is a copy of a vase that belonged to Ithaca College Hamilton, painted in Wedgwood’s “encaustic” technique that imitated red-figure with red, An unusual and worthwhile exhibit on the orange, and white painted on top of the “black passion for vases in the 18th century has been basalt” body, as he called it. But here, assembled at the Bard Graduate Center in Wedgwood’s artist has taken all the figures New York City. The show, entitled that encircle the entire vessel on the original, Vasemania: Neoclassical Form and and put them on the front of the pot, just as Ornament: Selections from The Metropolitan they appear in a plate in Hamilton’s first vol- Museum of Art, was curated by a group of ume in the publication of his first collection, graduate students, together with Stefanie sold to the British Museum in 1772. On the Walker at Bard and William Rieder at the Met. original Greek pot, the last two figures on the It aims to set out the different kinds of taste — left and right goût grec, goût étrusque, goût empire — that sides were Fig. 1 Wedgwood Hydria, developed over a period of decades across painted on the Etruria Works, Staffordshire, Britain, France, Italy, Spain, and Germany. back of the ves- ca. 1780. Black basalt with “encaustic” painting. The at the Bard Graduate Center.
  • Online Advertising Security: Issues, Taxonomy, and Future Directions

    Online Advertising Security: Issues, Taxonomy, and Future Directions

    IEEE COMMUNICATIONS SURVEYS & TUTORIALS, VOL. XX, NO. NN, XX 2021 1 Online Advertising Security: Issues, Taxonomy, and Future Directions Zahra Pooranian, Senior Member, IEEE, Mauro Conti, Senior Member, IEEE, Hamed Haddadi, Member, IEEE and Rahim Tafazolli, Senior Member, IEEE Abstract—Online advertising has become the backbone of over time. Also, mobile advertising has become one of the the Internet economy by revolutionizing business marketing. It fastest-growing industries with the advent of smartphones [6]. provides a simple and efficient way for advertisers to display Millions of mobile applications are registered in various ap- their advertisements to specific individual users, and over the last couple of years has contributed to an explosion in the plication platforms such as Google Play Store, Apps Store, income stream for several web-based businesses. For example, etc., which contain at least one advertising library that allows Google’s income from advertising grew 51.6% between 2016 and mobile advertising [7]. According to [8], in 2019, total mobile 2018, to $136.8 billion. This exponential growth in advertising advertising spending worldwide has reached $189 billion and revenue has motivated fraudsters to exploit the weaknesses of will surpass $240 billion by 2022. the online advertising model to make money, and researchers to discover new security vulnerabilities in the model, to propose Online advertising uses the same mechanisms that are countermeasures and to forecast future trends in research. applied to manage other “traditional” advertising channels, Motivated by these considerations, this paper presents a such as newspapers, radio or TV, but is much more creative in comprehensive review of the security threats to online advertising providing targeted and personalized advertisements [9], [10].
  • UI Redressing and Clickjacking: About Click Fraud and Data Theft

    UI Redressing and Clickjacking: About Click Fraud and Data Theft

    Introduction Attack vectors Counteractive measures Conclusion and outlook UI Redressing and Clickjacking: About click fraud and data theft Marcus Niemietz [email protected] Ruhr-University Bochum Chair for Network and Data Security 25th of November 2011 Marcus Niemietz, RUB @Zeronights UI Redressing and Clickjacking Introduction Attack vectors Counteractive measures Conclusion and outlook Short and crisp details about me Studying \IT-Security/Information Technology", RUB \Computer Science", Distance University Hagen B.Sc. in \IT-Security/Information Technology" Books Authentication Web Pages with Selenium ≥Feb. 2012: Clickjacking und UI-Redressing International speaker Work: RUB, Pixelboxx, ISP and IT-Security, Freelancer (trainings, penetration tests) Twitter: @mniemietz Marcus Niemietz, RUB @Zeronights UI Redressing and Clickjacking Introduction Attack vectors Counteractive measures Conclusion and outlook Contents 1 Introduction UI redressing Clickjacking 2 Attack vectors UI redressing Round up Clickjacking Tool 3 Counteractive measures Frame busting Busting frame busting Clickjacking statistics 4 Conclusion and outlook Marcus Niemietz, RUB @Zeronights UI Redressing and Clickjacking Introduction Attack vectors UI redressing Counteractive measures Clickjacking Conclusion and outlook Introduction Google Inc. can generate a profit of over $8.5 billion in 2010 Interesting for commercial companies to offer web applications shopping banking share status messages New attacks available that can bypass existing protection mechanisms CSRF