sign in sign up
<<
Home , Computer fraud

12/2/2009

COMPUTER FRAUD AND ABUSE TECHNIQUES Identity Theft  Perpetrators have devised many methods to commit Privacy and Security computer fraud and abuse. These include: • AssumingDenial of servicesomeone’s attacks identity, typically for economic gain, by illegallyEavesdropping obtaining and using confidential information such as the person’sEmail threats social security number, bank account number, or credit card number.  Email forgery (aka, spoofing) • Identity thieves benefit financially by:  Hacking – Taking funds out of the victim’s bank account.  Hijacking – Taking out mortgages or other loans under the victim’s identity.  Identity theft – Taking out credit cards and running up large balances. • If the thief is careful and ensures that bills and notices are sent to an address he controls, the scheme may be prolonged until such time as the victim attempts to buy a home or car and finds out that his credit is destroyed.

COMPUTER FRAUD AND ABUSE TECHNIQUES COMPUTER FRAUD AND ABUSE TECHNIQUES

 Perpetrators have devised many methods to commit  Perpetrators have devised many methods to commit computer fraud and abuse. These include: computer fraud and abuse. These include:   • VictimsDenial canof service usually attacks clear their credit, but the effort requires a • TheDenial U.S. Departmentof service attacks of Justice suggests the following four significantEavesdropping amount of time and expense. ways to minimize the chances of being victimized by identity theft: • IdentityEmail threats theft was made a federal offense in 1998, but it is a  Email threats growingEmail forgery crime (aka,industry. spoofing) – EmailDo not forgery give out (aka, corporate spoofing )or personal information unless there is a good reason to trust the person to whom it is • OneHacking U.S. postal inspector, whose job duties involved investigation  Hacking given. ofHijacking identity thefts, was himself a victim. The thief ran up $80,000 in  Hijacking – Check financial information regularly for what should be debtIdentity under theft the postal inspector’s identity before the inspector  Identity theft discovered the problem. there, as well as for what should not be there. – Periodically review your credit report. – Maintain careful records of banking and financial accounts.

COMPUTER FRAUD AND ABUSE TECHNIQUES COMPUTER FRAUD AND ABUSE TECHNIQUES Fraud • One newly graduated college student recently took a job in California • Sending out a spoofed email that appears to come from a legitimate and deposited his first paycheck of approximately $5,000 in the bank.   Perpetratorscompany, such have as a devisedfinancial manyinstitution. methods EBay, to PayPal, commit and banks are • PerpetratorsThat same night, have he devisedreceived manyan email methods from the to bank, commit inviting him to computercommonly spoofed.fraud and abuse. These include: computerclick on the fraud link in andthe emailabuse. to setThese up online include: banking for his new bank • The Internet recipient misinformation is advised that information or a security check is needed account. Internet misinformation on hisInternet account, terrorism and advised to click on a link to the company’s website • He Internetfollowed terrorism directions and provided the requested information to set up to provideLogic time the bombs information. online Logic banking. time bombs • The Masquerading link connects or the impersonation individual to a website that is an imitation of the • Two Masquerading hours later, he or impersonationwas nervous and called the bank—only to find out spoofed company’s actual website. These counterfeit websites appear  Packet sniffers that Packet his bank sniffers account had been cleaned out and closed. very authentic, as do the emails.  Password cracking  Password cracking  Phishing  Phishing

1 12/2/2009

• COMPUTERAs a rule of thumb, FRAUD it is a good AND idea notABUSE to click TECHNIQUESon any link provided in COMPUTER FRAUD AND ABUSE TECHNIQUES an email and to go directly to the website instead. • PayPal, whose email address is commonly spoofed for phishing scams,  Perpetratorsoffers the following have advice: devised many methods to commit . PerpetratorsIn 2004, a phishing have- relateddevised scam many took methods place in toSouth commit America with computer– If PayPal fraud ever andsends abuse. you an These email, include: they will include your first and computerrespect to three fraud large and Southabuse. American These include:banks. Once an individual  Internetlast name misinformation in the salutation of the email. opened Internet the misinformationrelated email, a script was downloaded on their computer. The script would alter the individual’s web browser so that if the user – InternetIf you need terrorism to enter PayPal’s website, type ―https:‖ in the URL entered Internet the terrorism URL of one of these three banks, the browser would redirect  Logicinstead time of bombs ―http:‖ in order to enter on the company’s secured server. them Logic to a time counterfeit bombs website for that bank. The oblivious user would – MasqueradingIf you receive ora suspiciousimpersonation email, get out of your browser and go provide Masquerading ID and password or impersonation information, and was instantly set up for a  Packetback in sniffers before proceeding directly to a company website. high Packet-tech sniffersrobbery of his bank account.  Password cracking  Password cracking  Phishing  Phishing

COMPUTER FRAUD AND ABUSE TECHNIQUES COMPUTER FRAUD AND ABUSE TECHNIQUES

 Logic time bombs  Example of a website produced for a phishing scam.  Masquerading or impersonation  Packet sniffers  Password cracking  Phishing • Consumer Reports suggests that if you have any questions about the legitimacy of a website, you should try entering the wrong password. A phishing website will typically accept an incorrect password—which cues you that it is a phishing scam.

• Usually comes bundled with COMPUTER FRAUD AND ABUSE TECHNIQUES COMPUTER FRAUD ANDfreeware ABUSE and TECHNIQUESshareware downloaded from the Internet. • May be disclosed in the licensing  Perpetrators have devised many methods to commit  Perpetrators have devised manyagreement, methods but to commitusers are unlikely computer fraud and abuse. These include: computer fraud and abuse. Theseto read include: it. • Software Social engineering that monitors computing habits, such as  Social engineering • Reputable adware companies web Software-surfing piracy habits, and sends the data it gathers to  Software piracy claim they don’t collect sensitive or identifying data. someone Spamming else, typically without the user’s  Spamming permission. – But there is no way for users to  Spyware  Spyware – One type, called adware (for advertising- control or limit the activity. supported software) does two things: – It is not illegal, but many find it objectionable. • Causes banner ads to pop up on your monitor • Software has been developed to as you surf the net. detect and eliminate spyware, but • Collects information about your Web-surfing it may also impair the downloaded and spending habits and forwards it to a software. company gathering the data—often an – Some is intentionally difficult to advertising or large media organization. uninstall.

2 12/2/2009

COMPUTER FRAUD AND ABUSE TECHNIQUES COMPUTER FRAUD AND ABUSE TECHNIQUES

 Perpetrators have devised many methods to commit  Perpetrators have devised many methods to commit computer fraud and abuse. These include: computer fraud and• abuse.A set of These unauthorized include: computer  Social engineering  Social engineering instructions planted in an authorized and  Software piracy otherwise properly functioning program. • Perpetrators trick employees into giving them information they need to get into the system.  Spamming • Allows the creator to control the victim’s computer remotely. • A perpetrator might call an employee and indicate he is the  Spyware systems administrator and needs to get the employee’s  Keystroke loggers • The code does not try to replicate itself but performs an illegal act at some password.  Superzapping specific time or when some condition  Trap doors arises.  • Programs that launch denial of service attacks are often Trojan horses.

COMPUTER• Damage FRAUD may AND take many ABUSE forms: TECHNIQUES COMPUTER FRAUD AND ABUSE TECHNIQUES – Send email with the victim’s name as the alleged source.  Perpetrators have– Destroy devised or many alter datamethods or programs. to commit  Perpetrators have devised many methods to commit computer fraud– andTake abuse. control These of the include:computer. computer fraud• andVirus abuse. symptoms: These include:  Virus – Destroy or alter file allocation tables.  Virus – Computer will not start or – Delete or rename files or directories. execute – Reformat the hard drive. – Performs unexpected read or – Change file content. write operations – Prevent users from booting. – Unable to save files – Intercept and change transmissions. – Long time to load programs – Print disruptive images or messages on the screen. – Abnormally large file sizes – Change screen appearance. – Slow systems operation • As viruses spread, they take up much space, clog – Unusual screen activity communications, and hinder system performance. – Error messages

COMPUTER FRAUD AND ABUSE TECHNIQUES COMPUTER FRAUD AND ABUSE TECHNIQUES

 Perpetrators have devised many methods to commit  Perpetrators have devised many methods to commit computer fraud• andViruses abuse. are contagious These include: and easily spread from one computer fraud and abuse. These include:  Virus system to another.  Virus • They are usually spread by: • Viruses attack computers, but any device that is part – Opening an infected email attachment or file of the communications network is vulnerable, (most common); or including: – Running an infected program. – Cell phones • Some viruses can mutate, which makes them more – Smart phones difficult to detect and destroy. – PDAs • The emails often appear to come from sources like Microsoft and seem very convincing.

3 12/2/2009

COMPUTER FRAUD AND ABUSE TECHNIQUES COMPUTER FRAUD AND ABUSE TECHNIQUES

 • PerpetratorsA worm is similar have to devised a virus exceptmany methodsfor: to commit  Perpetrators have devised many methods to commit computer– A worm fraud is a standand abuse.-alone program, These include: while a virus is only a segment • computerYou receive fraud an email and abuse.from a friend, These apologizing include: profusely that he/she  Virusof code hidden in a host program or executable file. hasVirus previously sent you an email that was infected with a virus.  –WormsA worm will replicate itself automatically, while a virus requires a • TheWorms friend’s email gives you instructions to look for and remove the human to do something like open a file. offendingThe low -virus.tech, do-it-yourself attack • Worms often reproduce by mailing themselves to the recipient’s • You delete the file from your hard drive. The only problem is that the mailing list. file you just deleted was part of your operating system. • They are not confined to PCs and have infected cell phones in Japan. • Your friend was well-intended and has done the same thing to his/her • A worm typically has a short but very destructive life. computer. • It takes little technical knowledge to create worms or viruses; several • REMEDY: Before even considering following instructions of this sort, websites provide instructions. check the list of hoaxes that are available on any virus protection website, such as: • Most exploit known software vulnerabilities that can be corrected with a software patch, making it important to install all patches as soon as – www.norton.com they are available. – www.mcafee.com

Large Databases • Large organizations are constantly compiling information about us. Information Systems Concerns for People • The federal government alone has over 2,000 databases. • Our social security numbers have become a national identification • Privacy – What are the threats to personal privacy number. – The vast majority of forms we fill out today require our social and how can we protect our selves? security number. • Security – How can access to sensitive information • For billing purposes, telephone companies compile lists of the calls be controlled and how can we secure hardware and we make, the numbers called, and so on. software? • The reverse directory lists telephone numbers followed by subscriber names. – Government authorities and others could easily get the names, addresses, and other details about the persons we call. • Credit card companies keep similar records. • Supermarket scanners in grocery checkout counters record what we buy, when we buy it, how much we buy, and the price. • Publishers of magazines, newspapers, and mail-order catalogs have our names, addresses, phone numbers, and what we order.

10-21 • This is just a small example of data contained about us in large Page 284 databases

Cookies Types of Cookies • A cookie works as follows: • Traditional cookies monitor your activities at a single • A user opens a Web browser and selects a site to visit. site. • The user's computer sends a request for information – When you leave the site, the cookie becomes dormant. to the computer running at the Web site. • Ad network or Adware cookies monitor your activities • The Web site computer is called the server, since it across all sites you visit. allows the user's computer to display the Web site. – Once deposited on your hard drive, they are continually active collecting information on your Web activities. – At the same time it sends a cookie – a data file containing Interacts with spyware. information like an encrypted user ID and information about when the user visited and what he did on the site. – These are deposited by organizations that compile and market the information including individual personal • The user's computer receives the cookie and places it profiles, mailing lists, and e-mail addresses. in a file on the hard drive. • There are specialized programs, called cookie-cutter • Whenever the user goes back to the Web site, the programs, that allow users to selectively filter or block server running the site retrieves the cookie to help the most intrusive ad network cookies while allowing identify the user selective traditional cookies to operate.

4 12/2/2009

Spyware • Wide range of programs that are designed to secretly Why HIPAA? record and report an individual’s activities on the • The 13-year-old daughter of a hospital employee took a Internet; in addition to Internet Ad cookies, there are also list of patients’ names and phone numbers from the – Web bugs (key term) – small programs typically hidden within the HTML code for a Web page or e-mail message and can be hospital when visiting her mother at work. used to secretly read e-mail message or work with cookies to – As a joke, she contacted patients and told them they had HIV. collect and report information back to a predefined server on (The Washington Post, March 1, 1995) the Web – Computer monitoring software (key term)– invasive and • Health insurance claim forms blew out of a truck carrying dangerous type of spyware; programs record every activity and them to a recycling center. The forms scattered on a busy keystroke made on a computer system including credit card interstate highway during evening rush hour. numbers, bank account numbers, and e-mail messages • Sniffer programs (key term) and keystroke loggers (key term)– can be – The insurer quickly sent employees to scoop up forms deposited on a hard drive without detection from the Web or by containing names and personal health information. someone installing programs directly onto a computer – Category of programs known as spy removal programs – – Company policy stated that the forms should have been designed to detect Web bugs and monitoring software shredded. (The Hartford Courant, May 14, 1999)

SECURITY Security and Employees

• Attacks on information and computer • Statistics on white-collar crime resources come from inside and outside the – Costs an estimated $400 billion annually company – Average nonmanagerial embezzlement is $60,000 • Computer sabotage costs about $10 billion – Average managerial embezzlement is $250,000 per year – Two-thirds of insider fraud is not reported • In general, employee misconduct is more – Of known losses, one-quarter cost more than $1 costly than assaults from outside million

8-34 8-35 McGraw-Hill © 2007 The McGraw-Hill Companies, Inc. All rights reserved. McGraw-Hill © 2007 The McGraw-Hill Companies, Inc. All rights reserved.

Security and Computer Criminals Computer Crime Computer Crimes have tripled in the past two years • Threats to are criminals, computer crime, and hazards • Malicious Programs • Theft – – • Computer criminals are of five types: Viruses Hardware or software – Worms – Data – Employees – Trojan horse – Computer time – Outside users • Denial of service (DoS) • Data Manipulation – Hackers and crackers • Internet Scams – Computer Fraud and – Organized crime Abuse Act of 1986 – Terrorists

10-36 Return 10-37 Page 395 Page 296

5 12/2/2009

Crimes in Which Computers Usually Examples of Computer Crimes Play a Part

Outside the Organization Types of

• Malware – software designed to harm you • In 2008 the greatest financial loss stemmed computer or computer security from – Viruses – Virus and worm attacks – Worms – Unauthorized access – Misleading e-mail – Theft of hardware • Types of Malware – Theft of information – Denial-of-service attacks – Malware – Web defacing – Malware bots

Viruses The Love Bug Worm

In 2000, a worm shut the Massachusetts • (virus) – software that was state written with malicious intent to cause government's e-mail system annoyance or damage and caused problems for • Worm – a computer virus that replicates and Capitol Hill and Parliament. It spreads itself from computer to computer cost approximately $8.7M to fix. What

6 12/2/2009

Stand-Alone Viruses Trojan Horse Viruses

• Trojan horse virus – hides inside other • Spoofing – forging of return address on e-mail software, usually an attachment or download so that it appears to come from someone • Examples: other than sender of record – Key logger (key trapper) software – program that, • Klez family of worms when installed on a computer, records every – Introduced spoofing of sender and recipient keystroke and mouse click – Ping-of-Death DoS attack designed to crash Web sites

Misleading E-mail: Virus Hoax Denial-of-Service Attacks

• Objective is to cause damage to your system • Denial-of-Service (DoS) attack – floods a Web site with so • Virus hoax is an e-mail telling you of a non- many requests for service that it slows down or crashes • Objective is to prevent legitimate customers from using existent virus Web site – Makes recipients believe that they already have a virus and gives instructions on removal which actually delete a Windows file – Often purports to come from Microsoft -Microsoft always sends you to a Web site to find the solution to such a problem

Distributed DoS COMPUTER FRAUD AND ABUSE TECHNIQUES

 Perpetrators have devised many methods to commit • Distributed denial-of-service attack (DDoS) – computer fraud and abuse. These include: attacks from multiple computers that flood a Web  Denial of service attacks site with so many requests for service that it slows down or crashes. • An attacker overloads and shuts down an Internet Service Provider’s email system by sending email bombs at a rate of thousands per second—often from randomly generated email addresses. • May also involve shutting down a web server by sending a load of requests for the web pages.

7 12/2/2009

• Carried out as follows: – The attacker infects dozens of COMPUTER FRAUD ANDcomputers ABUSE that TECHNIQUEShave broadband Internet COMPUTER FRAUD AND ABUSE TECHNIQUES access with denial-of-service programs. These infected computers are the  Perpetrators have devised manyzombies methods. to commit  Perpetrators have devised many methods to commit computer fraud and abuse.– TheseThe attacker include: then activates the denial- computer fraud and abuse. These include: of-service programs, and the zombies  Denial of service attacks send pings (emails or requests for data) to the target server. The victim responds  Denial of service attacks to each, not realizing they have fictitious return addresses, and waits for • Experts estimate there as many as 5,000 responses that don’t come. denial-of-service attacks weekly in the U.S. – While the victim waits, system • A denial-of-service can cause severe performance degrades until the system economic damage to its victim or even drive freezes up or crashes. them out of business. – The attacker terminates the program after an hour or two to limit the victim’s ability to trace the source.

Malware Bots Botnets and Rootkits

• Bot – a computer program that runs • Botnet – a network of malware-bot infected automatically. computers • Malware bots – bots that are used for fraud, • Rootkit – software that gives you administrator sabotage, denial-of-service attacks, or some rights to a computer or network and whose other malicious purpose purpose is to allow you to conceal processes, • Zombies (or drones) – malware-bot-infected files, or system data from the operating system computers

Web Defacing Other Hazards • Natural hazards • Civil strife and terrorism • Web defacing – maliciously changing – Fires & floods – Wars, riots and terrorist another’s Web site – Winds acts • Electronic equivalent of graffiti – Hurricanes • Technological failures – Tornadoes – Voltage surge – Earthquakes • Use surge protector • Hard disk crashes • Human errors

10-57 Page300

8 12/2/2009

Measures to Protect Computer How to Dispose of Your Computer Security • Encrypting messages • If you are disposing of your computer along • Restricting access with its hard drive: • Anticipating disasters – delete personal files, – defrag your computer, • Backing up data – and run a disk cleanup

10-58 Page 301

9