CS Form No. 212 Revised Personal Data Sheet - New

C HAPTER 5
Computer Fraud and

Security
© 2006 Prentice Hall Business Publishing Accounting Information Systems, 10/e Romney/Steinbart 1 of 175
INTRODUCTION
• Include:
– Fire or exces
• Companies face four types of threats to
– Floods
their information systems: – Earthquakes
– Natural and political disasters – High winds
– War and terro
• When a natural o
strikes, many co
affected at the sa
– Example: Bo
World Trade C
• The Defense Scie
predicted that at
information syst
countries, espion
terrorists will soo
• Include:
INTRODUCTION– Hardware or
failures
– Software err
• Companies face four types of threats– toOperating sy
crashes
their information systems: – Power outag
– Natural and political disasters fluctuations
– Undetected d
– Software errors and equipment transmission
malfunction • Estimated annu
losses due to so
bugs = $60 billio
• 60% of compani
had significant s
errors in previou
INTRODUCTION • Include
– Accidents cause
• Human carele
• Companies face four types of threats to • Failure to follo
their information systems: procedures
• Poorly trained
– Natural and political disasters personnel
– Software errors and equipment malfunction
– Innocent errors o
– Lost, destroyed,
– Unintentional acts
– Logic errors
– Systems that do
are incapable of
tasks
• Information Systems
estimates 65% of se
caused by human er
INTRODUCTION
• Include:
– Sabotage
– Computer fraud
• Companies face four types of threats
– Misrepresentation, to or
false use,
their information systems:unauthorized disclosure of data
– Misappropriation of assets
– Natural and political disasters
– Financial statement fraud
– Software errors •and equipment
Information malfunction
systems are increasingly
vulnerable to these malicious attacks.
– Unintentional acts
– Intentional acts (computer crime)
INTRODUCTION
• In this chapter we’ll discuss:

– The fraud process
– Why fraud occurs
– Approaches to computer fraud
– Specific techniques used to commit computer
fraud
– Ways companies can deter and detect
computer fraud
THE FRAUD PROCESS
• Fraud is any and all means a person uses to

gain an unfair advantage over another person.
• In most cases, to be considered fraudulent, an
act must involve:
– A false statement (oral or in writing)
– About a material fact
– Knowledge that the statement was false when it was
uttered (which implies an intent to deceive)
– A victim relies on the statement
– And suffers injury or loss as a result
THE FRAUD PROCESS
• Fraud against companies may be committed by

an employee or an external party.
– Former and current employees (called
knowledgeable insiders) are much more likely than
non-employees to perpetrate frauds (and big ones)
against companies.
• Largely owing to their understanding of the company’s
systems and its weaknesses, which enables them to commit
the fraud and cover their tracks.
– Organizations must utilize controls to make it difficult
for both insiders and outsiders to steal from the
company.
THE FRAUD PROCESS
• Fraud perpetrators are often referred to as

white-collar criminals.
– Distinguishes them from violent criminals,
although some white-collar crime can
ultimately have violent outcomes, such as:
• Perpetrators or their victims committing suicide.
• Healthcare patients killed because of alteration of
information, etc., that can result in their deaths.
THE FRAUD PROCESS
• Three types of occupational fraud:

• Involves theft, embezzlement, or misuse of
company assets for personal gain.
• Examples include billing schemes, check
tampering, skimming, and theft of inventory.
• In the 2004 Report to the Nation on Occupational
Fraud and Abuse, 92.7% of occupational frauds
involved asset misappropriation at a median cost
of $93,000.
THE FRAUD PROCESS

– Corruption
• Corruption involves the wrongful use of a
position, contrary to the responsibilities of
that position, to procure a benefit.
• Examples include kickback schemes and
conflict of interest schemes.
• About 30.1% of occupational frauds include
corruption schemes at a median cost of
$250,000.
THE FRAUD PROCESS

– Corruption
– Fraudulent statements
• Financial statement fraud involves misstating the financial condition of
an entity by intentionally misstating amounts or disclosures in order to
deceive users.
• Financial statements can be misstated as a result of intentional efforts
to deceive or as a result of undetected asset misappropriations that are
so large that they cause misstatement.
• About 7.9% of occupational frauds involve fraudulent statements at a
median cost of $1 million. (The median pales in comparison to the
maximum cost.)
THE FRAUD PROCESS
• A typical employee fraud has a number of important elements or
characteristics:
– The fraud perpetrator must gain the trust or confidence of the
person or company being defrauded in order to commit and
conceal the fraud.
– Instead of using a gun, knife, or physical force, fraudsters use
weapons of deceit and misinformation.
– Frauds tend to start as the result of a perceived need on the part
of the employee and then escalate from need to greed. Most
fraudsters can’t stop once they get started, and their frauds grow
in size.
– The fraudsters often grow careless or overconfident over time.
– Fraudsters tend to spend what they steal. Very few save it.
– In time, the sheer magnitude of the frauds may lead to detection.
– The most significant contributing factor in most employee frauds
is the absence of internal controls and/or the failure to enforce
existing controls.
THE FRAUD PROCESS
• The National Commission on Fraudulent
Financial Reporting (aka, the Treadway
Commission) defined fraudulent financial
reporting as intentional or reckless conduct,
whether by act or omission, that results in
materially misleading financial statements.
• Financial statements can be falsified to:
– Deceive investors and creditors
– Cause a company’s stock price to rise
– Meet cash flow needs
– Hide company losses and problems
THE FRAUD PROCESS
• Common approaches to “cooking the

books” include:
– Recording fictitious revenues
– Recording revenues prematurely
– Recording expenses in later periods
– Overstating inventories or fixed assets
(WorldCom)
– Concealing losses and liabilities
THE FRAUD PROCESS
• The Treadway Commission recommended four
actions to reduce the possibility of fraudulent
financial reporting:
– Establish an organizational environment that
contributes to the integrity of the financial reporting
process.
– Identify and understand the factors that lead to
fraudulent financial reporting.
– Assess the risk of fraudulent financial reporting within
the company.
– Design and implement internal controls to provide
reasonable assurance that fraudulent financial
reporting is prevented.
THE FRAUD PROCESS
• A revision to SAS-82, SAS-99, was issued in

December 2002. SAS-99 requires auditors to:
– Understand fraud
• Auditors can’t effectively audit something they don’t
understand.
• SAS-99 also indicated that auditors are not lawyers and “do not
make legal determinations of whether fraud has occurred.”
• The external auditor’s interest specifically relates to acts that
result in a material misstatement of the financial statements.
• Note that SAS-99 relates to external auditors. Internal auditors
will have a more extensive interest in fraud than just those that
impact financial statements.
THE FRAUD PROCESS

– Discuss the risks of material fraudulent
misstatements
• While planning the audit, members of the audit team
should discuss how and where the company’s financial
statements might be susceptible to fraud.
• The audit team must gather evidence about the existence of fraud
by: THE FRAUD PROCESS
– Looking for fraud risk factors
– Testing company records
• A –revision to SAS-82, SAS-99, was issued in
Asking management, the audit committee, and others if they
December 2002.
know of any past orSAS-99 requires
current fraud auditors
or of fraud to:
risks the
– Understand
organizationfraud
faces.
• –Special carethe
Discuss needs to of
risks bematerial
exercisedfraudulent
in examining revenue
misstatements
accounts, since they are particularly popular fraud targets.
– Obtain information
THE FRAUD PROCESS

– Discuss the risks of material fraudulent misstatements
– Identify, assess, and respond to risks
• Use the gathered information to identify, assess, and respond to

risks.
• Auditors can respond by varying the nature, timing, and extent
of auditing procedures they perform.
• They should also carefully evaluate risks related to management
override of controls.
THE FRAUD PROCESS

• Auditors must assess the risk of fraud throughout the
December
audit. 2002. SAS-99 requires auditors to:
– Understand
• When thefraud
audit is complete, they must evaluate whether
– any identified
Discuss the risksmisstatements indicate the
of material fraudulent presence of
misstatements
fraud.
• If so, they should determine the impact on the financial
– Identify, assess,
statements andand
the respond
audit. to risks
– Evaluate the results of their audit tests
THE FRAUD PROCESS

– Communicate findings
• Auditors communicate their fraud

findings to management, the audit
committee, and others.
THE FRAUD PROCESS

– Communicate findings
– Document their audit work
• Auditors must document their

compliance with SAS-99 requirements.
THE FRAUD PROCESS

– Evaluate• the results
SAS-99 of theirthat
recognizes audit tests impacts fraud
technology
– Communicaterisks and notes opportunities that auditors have
findings
to use technology-oriented tools and techniques
– Documenttotheir audit work
design fraud auditing procedures.
– Incorporate a technology focus
INTRODUCTION

fraud
computer fraud
WHO COMMITS FRAUD AND WHY
• Researchers have compared the psychological and

demographic characteristics of three groups of people:
– White-collar criminals
– Violent criminals
– The general public
• They found:
– Significant differences between violent and white-collar
criminals.
– Few differences between white-collar criminals and the general
public.
• White-collar criminals tend to mirror the general

public in:
– Education
– Age
– Religion
– Marriage
– Length of employment
– Psychological makeup
• Perpetrators of computer fraud tend to be

younger and possess more computer
knowledge, experience, and skills.
• Hackers and computer fraud perps tend to be
more motivated by:
– Curiosity
– A quest for knowledge
– The desire to learn how things work
– The challenge of beating the system
• They may view their actions as a game rather than

dishonest behavior.
• Another motivation may be to gain stature in the hacking
community.
• Some see themselves as revolutionaries spreading a
message of anarchy and freedom.
• But a growing number want to profit financially. To do
so, they may sell data to:
– Spammers
– Organized crime
– Other hackers
– The intelligence community
• Some fraud perpetrators are disgruntled and

unhappy with their jobs and are seeking revenge
against their employers.
• Others are regarded as ideal, hard-working
employees in positions of trust.
• Most have no prior criminal record.
• So why are they willing to risk everything?
• Criminologist Donald Cressey, interviewed 200+

convicted white-collar criminals in an attempt to
determine the common threads in their crimes.
As a result of his research, he determined that
three factors were present in the commission of
each crime. These three factors have come to
be known as the fraud triangle.
– Pressure
– Opportunity
– Rationalization
The “Fraud Triangle”
Donald Cressey
Rationalization
Donald Cressey
Rationalization
• Pressure
– Cressey referred to this pressure as a
“perceived non-shareable need.”
– The pressure could be related to
finances, emotions, lifestyle, or some
combination.
• The most common pressures were:

- Not being able to pay one’s debts, nor admit it to
one’s employer, family, or friends (which makes in
non-shareable)
• May be associated with vices, such
as drugs, gambling, mistresses, etc.

non-shareable)
- Fear of loss of status because of a personal
failure • Example would be mismanagement of
a personal investment or retirement
fund.

non-shareable)
- Fear of loss of status because of a personal failure
- Business reversals
• Not many people can walk away from
a failing business.

non-shareable)
- Physical isolation
• When an individual is isolated,
physically or psychologically, almost
any pressure becomes non-
shareable.

non-shareable)
• Many frauds are motivated by nothing
- Business reversals more than a perceived need to keep
- Physical isolation up with the Joneses.
• The problem is that there is always a
- Status gaining richer “Jones” down the street and
the pressure continues to mount, as
do the resulting thefts.

non-shareable)
• May create pressure to get revenge,
- Physical isolation take the money you feel is rightfully
owed to you, etc.
- Status gaining
- Difficulties in employer-employee relations
• What’s important here is the perception of the
pressure.
– There might be a number of people who could and would
help a tentative fraudster out of his financial woes.
– But as long as he perceives that he cannot share his
burden, the pressure is present.
– Research has also found that an individual’s propensity to
commit fraud is more related to how much he worries
about his financial position than his actual position.
– The millionaire who frets a lot about his financial condition
is more likely to commit fraud than the guy who doesn’t
have two dimes to rub together but isn’t worried about it.
• Financial statement fraud is distinct from other

types of fraud in that the individuals who commit
the fraud are not the direct beneficiaries.
– The company is the direct beneficiary.
– The perpetrators are typically indirect beneficiaries.
• In the case of financial statement frauds, common
pressures include:
– To prop up earnings or stock price so that management can:
• Receive performance-related compensation.
• Preserve or improve personal wealth held in company stock
or stock options.
• Keep their jobs.
– To cover the inability to generate cash flow.
– To obtain financing.
– To appear to comply with bond covenants or other agreements.
– May be opposite of propping up earnings in cases involving
income-tax motivations, government contracts, or regulation.
• Click here for a comprehensive list of pressures.
Pressures
Donald Cressey
Rationalization
• Opportunity is the opening or gateway that

allows an individual to:
– Commit the fraud
– Conceal the fraud
– Convert the proceeds

• Committing the fraud might involve acts

such as:
– Misappropriating assets.
– Issuing deceptive financial statements.
– Accepting a bribe in order to make an
arrangement that is not in the company’s best
interest.

• Concealing the fraud often takes more time and

effort and leaves more evidence than the actual
theft or misrepresentation.
• Examples of concealment efforts:
– Charge a stolen asset to an expense account or to
an account receivable that is about to be written
off.

– Charge a stolen asset to an expense account or to an
account receivable that is about to be written off.
– Create a ghost employee who receives an extra
paycheck.

• Steal a payment from Customer A.
– Charge a stolen asset to an expense account or to an
• Apply Customer B’s payment to Customer A’s account so
account receivable that is about to be written off.
Customer A won’t get a late notice.
– Create a ghost
• Apply employee
Customer who receives
C’s payment an extra
to Customer B’s account,
paycheck.
so Customer B won’t get a late notice, etc.
– Lapping.

• and
effort Creates “cash”more
leaves by transferring
evidence money between
than banks.
the actual
theft• or
Requires multiple bank accounts.
misrepresentation.
• Basic scheme:
• Examples of aconcealment
– Write efforts:
check on the account of Bank A.
– Charge
– Bank A doesn’t
a stolen assethave sufficient
to an expense funds to cover
account orthe
to an
accountcheck, so writethat
receivable a check fromto
is about anbe
account in off.
written Bank B to
be deposited in Bank A.
– Create a ghost employee who receives an extra
– Bank B doesn’t have sufficient funds to cover the
paycheck.
check, so write a check from an account in Bank C to
– Lapping.
be deposited in Bank B, etc.
– Kiting.

• Unless the target of the theft is cash, then

the stolen goods must be converted to
cash or some form that is beneficial to the
perpetrator.
– Checks can be converted through alterations,
forged endorsements, check washing, etc.
– Non-cash assets can be sold (online auctions
are a favorite forum) or returned to the
company for cash.
• If the fraud is a financial statement fraud,

then the gains received may include:
– I got to keep my job.
– The value of my stock or stock options rose.
– I got a raise, promotion, or bonus.
– I got power.
• There are many opportunities that enable fraud.

Some of the most common are:
– Lack of internal controls
– Failure to enforce controls (the most prevalent
reason)
– Excessive trust in key employees
– Incompetent supervisory personnel
– Inattention to details
– Inadequate staff
• Click here for a comprehensive list of
opportunities.
Opportunities
• Internal controls that may be lacking or un-

enforced include:
– Authorization procedures
– Clear lines of authority
– Adequate supervision
– Adequate documents and records
– A system to safeguard assets
– Independent checks on performance
– Separation of duties
 One control feature that many companies lack is
a background check on all potential employees.
• Management may allow fraud by:

– Not getting involved in the design or
enforcement of internal controls;
– Inattention or carelessness;
– Overriding controls; and/or
– Using their power to compel subordinates to
carry out the fraud.
Donald Cressey
Rationalization
• How many people do you know who regard

themselves as being unprincipled or sleazy?
• It is important to understand that fraudsters do
not regard themselves as unprincipled.
– In general, they regard themselves as highly
principled individuals.
– That view of themselves is important to them.
– The only way they can commit their frauds and
maintain their self image as principled individuals is to
create rationalizations that recast their actions as
“morally acceptable” behaviors.
• These rationalizations take many forms,

including:
– I was just borrowing the money.
– It wasn’t really hurting anyone. (Corporations are
often seen as non-persons, therefore crimes against
them are not hurting “anyone.”)
– Everybody does it.
– I’ve worked for them for 35 years and been underpaid
all that time. I wasn’t stealing; I was only taking what
was owed to me.
– I didn’t take it for myself. I needed it to pay my child’s
medical bills.
• Creators of worms and viruses often use

rationalizations like:
– The malicious code helped expose security flaws, so I
did a good service.
– It was an accident.
– It was not my fault—just an experiment that went bad.
– It was the user’s fault because they didn’t keep their
security up to date.
– If the code didn’t alter or delete any of their files, then
what’s the problem?
• Fraud occurs when:
– People have perceived, non-shareable pressures;
– The opportunity gateway is left open; and
– They can rationalize their actions to reduce the moral impact in
their minds (i.e., they have low integrity).
• Fraud is much less likely to occur when
– There is low pressure, low opportunity, and high integrity.
• Unfortunately, there is usually a mixture of these forces
in play, and it can be very difficult to determine the
pressures that may apply to an individual and the
rationalizations he/she may be able to produce.
INTRODUCTION

fraud
computer fraud
APPROACHES TO COMPUTER FRAUD
• The U.S. Department of Justice defines

computer fraud as any illegal act for
which knowledge of computer technology
is essential for its:
– Perpetration;
– Investigation; or
– Prosecution.
• Computer fraud includes the following:

– Unauthorized theft, use, access, modification,
copying, and destruction of software or data.
– Theft of money by altering computer records.
– Theft of computer time.
– Theft or destruction of computer hardware.
– Use or the conspiracy to use computer
resources to commit a felony.
– Intent to illegally obtain information or tangible
property through the use of computers.
• In using a computer, fraud perpetrators

can steal:
– More of something
– In less time
– With less effort
• They may also leave very little evidence,
which can make these crimes more
difficult to detect.
• Computer systems are particularly vulnerable to

computer crimes for several reasons:
– Company databases can be huge and access
privileges can be difficult to create and enforce.
Consequently, individuals can steal, destroy, or alter
massive amounts of data in very little time.
– Organizations often want employees, customers,
suppliers, and others to have access to their system
from inside the organization and without. This access
also creates vulnerability.
– Computer programs only need to be altered once,
and they will operate that way until:
• The system is no longer in use; or
• Someone notices.
– Modern systems are accessed by PCs, which

are inherently more vulnerable to security
risks and difficult to control.
• It is hard to control physical access to each PC.
• PCs are portable, and if they are stolen, the data
and access capabilities go with them.
• PCs tend to be located in user departments, where
one person may perform multiple functions that
should be segregated.
• PC users tend to be more oblivious to security
concerns.
– Computer systems face a number of unique

challenges:
• Reliability (accuracy and completeness)
• Equipment failure
• Environmental dependency (power, water damage,
fire)
• Vulnerability to electromagnetic interference and
interruption
• Eavesdropping
• Misrouting
– Many computer frauds go undetected.

– An estimated 80-90% of frauds that are
uncovered are not reported because of fear
of:
• Adverse publicity
• Copycats
• Loss of customer confidence.
– There are a growing number of competent
computer users, and they are aided by easier
access to remote computers through the
Internet and other data networks.
• Economic espionage, the theft of

information and intellectual property, is
growing especially fast.
• This growth has led to the need for
investigative specialists or cybersleuths.
• Computer Fraud Classification

– Frauds can be categorized according to the
data processing model:
• Input
• Processor
• Computer instructions
• Stored data
• Output
COMPUTER FRAUD CLASSIFICATIONS
Data
Fraud
Input Processor Output

Fraud Fraud Fraud
Computer
Instructions
Fraud
Data
Fraud

Fraud Fraud Fraud
Computer
Instructions
Fraud
• Input Fraud
– The simplest and most common way to commit a fraud is to alter
computer input.
• Requires little computer skills.
• Perpetrator only need to understand how the system
operates
– Can take a number of forms, including:
• Disbursement frauds
• The perpetrator causes a company to:
– Pay too much for ordered goods; or
– Pay for goods never ordered.
• Input Fraud
computer input.
operates
• Inventory frauds
• The perpetrator enters data into the system to
show that stolen inventory has been scrapped.
• Input Fraud
computer input.
• Perpetrators
• Requires little computer may enter data to:
skills.
– only
• Perpetrator Increase
needtheir salaries how the system
to understand
operates – Create a fictitious employee
– Can take a number
– Retain of forms, including:
a terminated employee on the records.
• Disbursement
• In the frauds
latter two instances, the perpetrator
• Inventoryintercepts
frauds and cashes the resulting paychecks.
• Payroll frauds
• Input Fraud
computer input.
operates
• The perpetrator hides the theft by falsifying
– Can take a number
systemof forms, including:
input.
• Disbursement
• EXAMPLE: frauds Cash of $200 is received. The
• Inventoryperpetrator
frauds records a cash receipt of $150 and
pockets the $50 difference.
• Payroll frauds
• Cash receipt frauds
• Input Fraud
computer input.
operates
• Inventory frauds
• Payroll• frauds
The perpetrator files for an undeserved refund,
• Cash receipt
such as a tax refund.
frauds
• Fictitious refund fraud
Data
Fraud

Fraud Fraud Fraud
Computer
Instructions
Fraud
• Processor Fraud
– Involves computer fraud committed through
unauthorized system use.
– Includes theft of computer time and services.
– Incidents could involve employees:
• Surfing the Internet;
• Using the company computer to conduct personal business;
or
• Using the company computer to conduct a competing
business.
• In one example, an agriculture college at a major state

university was experiencing very sluggish performance from
its server.
• Upon investigating, IT personnel discovered that an individual
outside the U.S. had effectively hijacked the college’s server
to both store some of his/her research data and process it.
• The college eliminated the individual’s data and blocked
future access to the system.
• The individual subsequently contacted college personnel to
protest the destruction of the data.
• Demonstrates both:
– How a processor fraud can be committed.
– How oblivious users can sometimes be to the unethical or illegal
nature of their activities.
Data
Fraud

Fraud Fraud Fraud
Computer
Instructions
Fraud
• Computer Instructions Fraud

– Involves tampering with the software that
processes company data.
– May include:
• Modifying the software
• Making illegal copies
• Using it in an unauthorized manner
– Also might include developing a software
program or module to carry out an
unauthorized activity.
• Computer instruction fraud used to be one of the

least common types of frauds because it
required specialized knowledge about computer
programming beyond the scope of most users.
• Today these frauds are more frequent--courtesy
of web pages that instruct users on how to
create viruses and other schemes.
Data
Fraud

Fraud Fraud Fraud
Computer
Instructions
Fraud
• Data Fraud
– Involves:
• Altering or damaging a company’s data files; or
• Copying, using, or searching the data files without
authorization.
– In many cases, disgruntled employees have
scrambled, altered, or destroyed data files.
– Theft of data often occurs so that perpetrators can sell
the data.
• Most identity thefts occur when insiders in financial
institutions, credit agencies, etc., steal and sell financial
information about individuals from their employer’s database.
Data
Fraud

Fraud Fraud Fraud
Computer
Instructions
Fraud
• Output Fraud
– Involves stealing or misusing system output.
– Output is usually displayed on a screen or printed on
paper.
– Unless properly safeguarded, screen output can
easily be read from a remote location using
inexpensive electronic gear.
– This output is also subject to prying eyes and
unauthorized copying.
– Fraud perpetrators can use computers and peripheral
devices to create counterfeit outputs, such as checks.
INTRODUCTION

– Specific techniques used to commit
computer fraud
computer fraud
COMPUTER FRAUD AND ABUSE
TECHNIQUES
 Perpetrators have devised many methods to commit
computer fraud and abuse. These include:
 Data diddling
• Changing data before, during, or after it
is entered into the system.
• Can involve adding, deleting, or altering
key system data.
TECHNIQUES
 Data diddling
 Data leakage
• Unauthorized copying of company data.
TECHNIQUES
 Data diddling
 Data leakage
 Denial of service attacks
• An attacker overloads and shuts down an Internet Service
Provider’s email system by sending email bombs at a rate
of thousands per second—often from randomly generated
email addresses.
• May also involve shutting down a web server by sending a
load of requests for the web pages.
• Carried out as follows:
COMPUTER FRAUD – The attacker
AND ABUSE
infects dozens of
computers that have broadband
TECHNIQUES
Internet access with denial-of-service
programs. These infected computers
 Perpetrators have devisedare the zombies.
many methods to commit
computer fraud and abuse. – The attacker
These then activates the
include:
denial-of-service programs, and the
 Data diddling
zombies send pings (emails or
 Data leakage requests for data) to the target server.
 Denial of service attacks The victim responds to each, not
realizing they have fictitious return
addresses, and waits for responses
that don’t come.
– While the victim waits, system
performance degrades until the
system freezes up or crashes.
– The attacker terminates the program
after an hour or two to limit the
victim’s ability to trace the source.
TECHNIQUES
 Data diddling
 Data leakage
• Experts estimate there as many as 5,000
denial-of-service attacks weekly in the
U.S.
• A denial-of-service can cause severe
economic damage to its victim or even
drive them out of business.
TECHNIQUES
 Data diddling
 Data leakage
 Eavesdropping
• Perpetrators surreptitiously observe
private communications or transmission
of data.
• Equipment to commit these “electronic
wiretaps” is readily available at
electronics stores.
• A threatening message is sent to a victim to induce the victim to
TECHNIQUES
do something that would make it possible to be defrauded.
• Several banks in the Midwest were contacted by an overseas
 Perpetrators haveindicated
perpetrator who devisedthat:
many methods to commit
computer
– He hadfraud andinto
broken abuse. These include:
their computer system and obtained
 Data
personal
diddlingand banking information about all of the bank’s
 Data
customers.
leakage
– He would
 Denial notify
of service the bank’s customers of this breach if he was
attacks
not paid a specified sum of money.
 Eavesdropping
 Email threats
• Involves sending an email message that
TECHNIQUES
appears to have come from someone
other than the actual sender.
• Email spoofers may:
– Claim to be system administrators
 Data diddling and ask users to change their
 Data leakage passwords to specific values.
 Denial of service attacks – Pretend to be management and
 Eavesdropping request a copy of some sensitive
 Email threats information.
 Email forgery (aka, spoofing)
TECHNIQUES
• Unauthorized access to and use of computer systems—usually by
means of a personal computer and a telecommunications
network.
Data diddling
• Most
Data leakagebreak into systems using known flaws in operating
hackers
systems,
Denial of service attacks
applications programs, or access controls.
• Some
Eavesdropping
are not very malevolent and mainly motivated by curiosity
and a desire
Email to overcome a challenge.
threats
• Others
Emailhave malicious
forgery intent and can do significant damage.
(aka, spoofing)
 Hacking
TECHNIQUES
 Data diddling
 Data leakage
 Eavesdropping • Hacking that attacks phone systems and
 Email threats uses phone lines to transmit viruses and
 to access,
Email forgery (aka, steal, and destroy data.
spoofing)
 Hacking • They also steal telephone services and
may break into voice mail systems.
 Phreaking
• Some hackers gain access to systems
through dial-up modem lines.
TECHNIQUES
 Data diddling
 Data leakage
 Eavesdropping
 Email threats
 Email forgery (aka, spoofing)
 Hacking • Involves gaining control of someone
 Phreaking else’s computer to carry out illicit
 Hijacking activities without the user’s knowledge.
• The illicit activity is often the
perpetuation of spam emails.
TECHNIQUES
• Assuming someone’s identity, typically for economic gain, by
 Perpetrators
illegally obtaining and using
have devised manyconfidential
methodsinformation
to commit such as
the person’s social security number, bank account number,
or credit card number.
 Data diddling
• Identity thieves benefit financially by:
 Data leakage
– Taking funds out of the victim’s bank account.
– Taking out mortgages or other loans under the victim’s
 Eavesdropping
identity.
 Email threats out credit cards and running up large balances.
– Taking
 •Email forgery
If the thief (aka, spoofing)
is careful and ensures that bills and notices are
 Hacking
sent to an address he controls, the scheme may be
 Phreaking
prolonged until such time as the victim attempts to buy a
home or car and finds out that his credit is destroyed.
 Hijacking
 Identity theft
TECHNIQUES
 Data diddling
 Data leakage
• Victims can usually clear their credit, but the effort requires a
 Denial of service
significant attacks
amount of time and expense.
 •Eavesdropping
Identity theft was made a federal offense in 1998, but it is a
 Email threats
growing crime industry.
 •Email
Oneforgery (aka, spoofing)
U.S. postal inspector, whose job duties involved
 investigation of identity thefts, was himself a victim. The thief
Hacking
 ran up $80,000 in debt under the postal inspector’s identity
Phreaking
before the inspector discovered the problem.
 Hijacking
 Identity theft
• Identity thieves can steal corporate or individual identities by:
– Shoulder
COMPUTER
surfing FRAUD AND ABUSE
• Watching people enter telephone calling card numbers or credit card
TECHNIQUES
numbers or listening to communications as they provide this
information to sales clerks or others.
 Scavenging
– or dumpster
Perpetrators divingmany methods to commit
have devised
• Searchingfraud
computer corporate
andorabuse.
personalThese
recordsinclude:
by rifling garbage cans,
communal trash bins, and city dumps for documents with confidential
 company
Data diddling
information.
• May
Dataalso
leakage
look for personal information such as checks, credit card
 statements, bank statements,
Denial of service attacks tax returns, discarded applications for
 pre-approved
Eavesdropping credit cards, or other records that contain social security
numbers, names, addresses, phone numbers, and other data that allow
 them
Emailtothreats
assume an identity.
 Email forgery
– Redirecting mail (aka, spoofing)
• Intercepting
Hacking mail and having it delivered to a location where others can
 access it.
Phreaking
– Using
 Hijacking
Internet, email, and other technology in spoofing, phishing,
eavesdropping, impersonating, social engineering, and data
 Identity theft
leakage schemes.
TECHNIQUES
• Thefraud
computer U.S. Department
and abuse.ofThese
Justiceinclude:
suggests the following four
ways to minimize the chances of being victimized by
 Data diddling
identity theft:
 Data leakage
– Do not give out corporate or personal information
 Denial of unless
service there
attacks
is a good reason to trust the person to
 Eavesdropping
whom it is given.
 – Check financial information regularly for what should
Email threats
 be there,
Email forgery (aka, as well as for what should not be there.
spoofing)
 Hacking– Periodically review your credit report.
 – Maintain careful records of banking and financial
Phreaking
 Hijackingaccounts.
 Identity theft
TECHNIQUES
 Internet misinformation
• Using the Internet to spread false or misleading information about
people or companies.
• May involve:
– Planting inflammatory messages in online chat rooms.
– Websites with misinformation.
– Pretending to be someone else online and making inflammatory
comments that will be attributed to that person.
– A “pump-and-dump” occurs when an individual spreads
misinformation, often through Internet chat rooms, to cause a run-
up in the value a stock and then sells off his shares of the stock. A
number of pump-and-dump cases have been prosecuted by the
SEC.
• Another common form of Internet misinformation is the spreading of
“urban legends”—oftenTECHNIQUES
by innocently forwarding emails.
– Urban legends may often include damaging implications about
 company products,
Perpetrators havesuch as a recent
devised many email suggesting
methods that certain
to commit
lipsticks contain lead or that using plastic cookware in the
microwave can cause cancer.
– Before forwarding any emails with negative information about
individuals, companies, or their products, it’s a good idea to check
the veracity of the information first.
– Emails with urban legends often attribute their “facts” to credible
sources, such as the federal government, Stanford University
researchers, the FBI, etc.
– There are several websites that attempt to verify the truth of emails
that are circulated. One such website is www.snopes.com. You can
easily locate the email you received on these websites, by
searching under a key term in the email, such as “lipstick.”
– You are likely to find that most emails you were getting ready to
forward are either false or only partially true.
TECHNIQUES
 Internet terrorism
• Hackers use the Internet to disrupt electronic commerce and
destroy company and individual communications.
• Viruses and worms are two main forms of Internet terrorism.
TECHNIQUES
 Logic time bombs
• A program that lies idle until triggered by some circumstance or a
particular time.
• Once triggered, it sabotages the system, destroying programs,
data, or both.
• Usually written by disgruntled programmers.
• EXAMPLE: A programmer places a logic bomb in a payroll
application that will destroy all the payroll records if the
programmer is terminated.
TECHNIQUES
 Masquerading or impersonation
• The perpetrator gains access to the system by pretending to be an
authorized user.
• The perpetrator must know the legitimate user’s ID and password.
• Once in the system, he enjoys the same privileges as the legitimate
user.
TECHNIQUES
 Packet sniffers
• Programs that capture data from information packets as they travel

over the Internet or company networks.
• Confidential information and access information can be gleaned
from the captured data—some of which is later sold.
TECHNIQUES
 Packet sniffers
 Password cracking
• An intruder penetrates a system’s defenses, steals the file of valid
passwords, decrypts them, and then uses them to gain access to
almost any system resources.
TECHNIQUES
• Sending out a spoofed email that appears to come from a
 Perpetrators have such
legitimate company, devised
as amany methods
financial to commit
institution. EBay, PayPal,
computer fraud
and banks are and abuse.
commonly These include:
spoofed.
 Internet
• The misinformation
recipient is advised that information or a security check is
 Internet
needed on terrorism
his account, and advised to click on a link to the
company’s
 Logic timewebsite
bombs to provide the information.
• The link connectsorthe
 Masquerading individual to a website that is an imitation of
impersonation
the spoofed company’s actual website. These counterfeit websites
 Packet sniffers
appear very authentic, as do the emails.
 Phishing
•
TECHNIQUES
One newly graduated college student recently took a job in
California and deposited his first paycheck of approximately $5,000
 Perpetrators
in the bank. have devised many methods to commit
• computer fraud he
That same night, and abuse.anThese
received include:
email from the bank, inviting him
 click
to Internet
on misinformation
the link in the email to set up online banking for his new
 Internet
bank account.
terrorism
•  Logic
He followed
timedirections
bombs and provided the requested information to
set up online banking.
• Two hourssniffers
 Packet later, he was nervous and called the bank—only to find
out that his bank account had been cleaned out and closed.
 Phishing
• As a rule of thumb, it is a good idea not to click on any link
provided in an emailTECHNIQUES
and to go directly to the website instead.
• PayPal, whose email address is commonly spoofed for phishing
 Perpetrators
scams, offers the have devised
following many methods to commit
advice:
computer
– If PayPalfraud and abuse.
ever sends you an These include:
email, they will include your first
 Internet
and lastmisinformation
name in the salutation of the email.
– Internet
If you need to enter PayPal’s website, type “https:” in the URL
terrorism
instead
 Logic timeof bombs
“http:” in order to enter on the company’s secured
server.
– Packet
If you receive
sniffers a suspicious email, get out of your browser and
go back in before proceeding directly to a company website.
 Phishing
TECHNIQUES
 Perpetrators have devised
In 2004, a phishing-related many
scam tookmethods to commit
place in South America with
respect to three
computer fraudlarge
and South
abuse.American
Thesebanks.
include:Once an individual
opened themisinformation
 Internet related email, a script was downloaded on their
computer. The script would alter the individual’s web browser so
 Internet
that terrorism
if the user entered the URL of one of these three banks, the
 Logic would
browser time bombs
redirect them to a counterfeit website for that bank.
 Masquerading
The oblivious user or would provide ID and password information,
impersonation
 Packet
and was instantly
sniffers set up for a high-tech robbery of his bank
account.
 Phishing
TECHNIQUES
 Logic time
• Consumer bombssuggests that if you have any questions about
Reports
 Masquerading
the legitimacy of or impersonation
a website, you should try entering the wrong
 Packet sniffers
password. A phishing website will typically accept an incorrect
password—which
 Password cracking cues you that it is a phishing scam.
 Phishing
TECHNIQUES
 Packet sniffers
 Password cracking • Tapping into a telecommunications line and
 Phishing latching onto a legitimate user before that
 Piggybacking user logs into a system.
• The legitimate user unknowingly carries the
perpetrator into the system.
TECHNIQUES
 • Made famous in the movie,
Masquerading or impersonation
 Packet sniffers Office Space.
 Password cracking • The programmer instructs the
 Phishing computer to round interest
calculations down to two
 Piggybacking
decimal places and deposits
 Round-down technique the remaining fraction into the
account of a programmer or an
accomplice.
TECHNIQUES
 Packet sniffers
 Password cracking • Involves the theft of tiny
 Phishing slices of money over a
 Piggybacking period of time.
 Round-down technique• The round-down is just a
special form of a salami
 Salami technique
technique.
TECHNIQUES
 Social engineering
• Perpetrators trick employees into giving them information
they need to get into the system.
• A perpetrator might call an employee and indicate he is
the systems administrator and needs to get the
employee’s password.
TECHNIQUES
 Software piracy
• Copying software without the publisher’s permission.
• In the U.S., it’s estimated that 26% of software in use is pirated.
• Fines for individuals and corporations are stiff, and individuals
convicted of software piracy can serve jail terms of up to 5 years.
TECHNIQUES
 Software piracy
 Spamming
• Emailing an unsolicited message to multitudes of
people, often in an attempt to sell a product.
• Many times the product offers are fraudulent.
TECHNIQUES
 Software piracy
 Spamming
• Spammers use creative means to find valid email addresses:
– Scanning the Internet for addresses posted online.
– Hacking into company databases and stealing mailing lists.
– Staging dictionary (aka direct harvesting) attacks.
• These attacks use special software to guess addresses at a
particular company and send blank emails.
• Messages not returned are usually valid.
• These attacks are very burdensome to corporate email
systems.
• Companies may use filtering software to
detect dictionary attacks, search mail for
competitive leaks, and block inappropriate
TECHNIQUES
attachments, such as pornography and
illegal MP3 files.
 Perpetrators have devised
• Filtering is not
many always viable.
methods The director
to commit
of internal
computer fraud and abuse. auditinclude:
These at a major healthcare
company changes email addresses
 Social engineering frequently because of the volume of spam
 Software piracy email in his inbox. When asked why his
 Spamming company did not filter the spam, he
replied, “Because we’re a healthcare
company, we cannot filter out any
references to body parts or prescription
medications.”
• There is increasing public clamor for laws
to clamp down on spamming. In
December 2004, a federal judge awarded
over $1 billion to a small Midwestern
Internet service provider in an action
against three spammers.
TECHNIQUES
computer fraud
• and abuse.
Software that These include:
monitors computing habits, such
as web-surfing habits, and sends the data it
 Software piracygathers to someone else, typically without the
 Spamming user’s permission.
 Spyware – One type, called adware (for advertising-
supported software) does two things:
• Causes banner ads to pop up on your
monitor as you surf the net.
• Collects information about your Web-
surfing and spending habits and forwards
it to a company gathering the data—often
an advertising or large media organization.
COMPUTER FRAUD AND
• Usually comesABUSE
bundled with
freeware and shareware
TECHNIQUES
downloaded from the Internet.
• May be disclosed in the
 Perpetrators have devised many methods
licensing to commit
agreement, but users
computer fraud and abuse. are
These include:
unlikely to read it.
 Social engineering • Reputable adware companies
 Software piracy claim they don’t collect
sensitive or identifying data.
 Spamming
– But there is no way for users to
 Spyware control or limit the activity.
– It is not illegal, but many find it
objectionable.
• Software has been developed to
detect and eliminate spyware,
but it may also impair the
downloaded software.
– Some is intentionally difficult to
uninstall.
• A keystroke logger records a user’s
TECHNIQUES
keystrokes and emails them to or
saves them for the party that planted
 Perpetrators have devisedthe
many methods
logger. These to
arecommit
sometimes
computer fraud and abuse.used
These
by: include:
 Social engineering – Parents to monitor their children’s
 Software piracy computer usage.
 Spamming – Businesses to monitor employee
 Spyware activity.
 Keystroke loggers – Fraudsters to capture passwords,
credit card numbers, etc.
– A keystroke logger can be a
hardware device attached to a
computer or can be downloaded
on an individual’s computer in the
same way that any Trojan horse
might be downloaded.
TECHNIQUES
 Software piracy • Spyware and keystroke loggers are
very problematic for companies with
 Spamming
employees who telecommute or
 Spyware contact the company’s computer from
 Keystroke loggers remote locations.
• Spyware on those computers makes
the company’s systems vulnerable.
• Individuals are also exposed when
they use wireless networks, such as
those that may be available in coffee
shops.
TECHNIQUES
 Software piracy
 Spamming
• Unauthorized use of special system
 Spyware
programs to bypass regular system
 Keystroke loggers controls and perform illegal acts.
 Superzapping • The name is derived from an IBM
software utility called Superzap that
was used to restored crashed
systems.
TECHNIQUES
 Software piracy• Also called back doors.
 Spamming • Programmers create trap doors to
modify programs.
 Spyware
• The trap door is a way into the system
 Keystroke loggersthat bypasses normal controls.
 Superzapping • The trap door should be removed
 Trap doors before the program is implemented.
• If it is not, the programmer or others
may later gain unauthorized access to
the system.
TECHNIQUES
computer fraud and abuse.
• A These include:
set of unauthorized computer
 Social engineering instructions planted in an authorized
 Software piracy and otherwise properly functioning
 Spamming program.
 Spyware • Allows the creator to control the
victim’s computer remotely.
 Keystroke loggers
• The code does not try to replicate
 Superzapping
itself but performs an illegal act at
 Trap doors some specific time or when some
 Trojan horse condition arises.
• Programs that launch denial of
service attacks are often Trojan
horses.
TECHNIQUES
 Software piracy
 Spamming
 Spyware
 Superzapping
• Hackers search for an idle modem by
 Trap doors
programming their computers to dial
 Trojan horse thousands of phone lines.
 War dialing • Hackers enter through the idle modem
and gain access to the connected
network.
TECHNIQUES
 Software piracy
 Spamming
 Spyware
 Superzapping
 Trap doors • Driving around in cars looking for
 Trojan horse unprotected home or corporate
wireless networks.
 War dialing
• If the hackers mark the sidewalk of
 War driving
the susceptible wireless network, the
practice is referred to as warchalking.
TECHNIQUES
 Virus
• Many viruses have two phases:
– First, when some predefined event occurs, the
virus replicates itself and spreads to other
systems or files.
– Another event triggers the attack phase in which
the virus carries out its mission.
– A virus may lay dormant or propagate itself
without causing damage for an extended period.
COMPUTER FRAUD AND
• Damage may take many forms:
ABUSE
TECHNIQUES
– Send email with the victim’s name as the alleged
source.
 Perpetrators have devised
– Destroy many
or alter methods
data to commit
or programs.
computer fraud– and
Takeabuse. These
control of include:
the computer.
 Virus – Destroy or alter file allocation tables.
– Delete or rename files or directories.
– Reformat the hard drive.
– Change file content.
– Prevent users from booting.
– Intercept and change transmissions.
– Print disruptive images or messages on the
screen.
– Change screen appearance.
• As viruses spread, they take up much space, clog
communications, and hinder system performance.
TECHNIQUES
computer fraud and symptoms:
• Virus abuse. These include:
 Virus – Computer will not start or
execute
– Performs unexpected read or
write operations
– Unable to save files
– Long time to load programs
– Abnormally large file sizes
– Slow systems operation
– Unusual screen activity
– Error messages
TECHNIQUES
computer fraud and abuse.
• Viruses These include:
are contagious and easily spread from
 Virus one system to another.
• They are usually spread by:
– Opening an infected email attachment or file
(most common); or
– Running an infected program.
• Some viruses can mutate, which makes them
more difficult to detect and destroy.
• The emails often appear to come from sources
like Microsoft and seem very convincing.
• Virus protections include:
COMPUTER FRAUD
– Install AND
reliable virus ABUSE
software that scans for,
TECHNIQUES
identifies, and destroys viruses.
– Keep the antivus program up to date.
– Scan
 Perpetrators have incoming
devised manyemail at the to
methods server level,
commit
rather than when it hits the desktops.
– Certify all software as virus-free before
 Virus
loading it.
• Software from unknown sources may be
virus bait, especially if it seems too good
to be true.
– Deal with trusted software retailers.
– Use electronic techniques to make tampering
evident.
– Check new software on an isolated machine.
– Have two backups of all files.
– Do not put diskettes or CDs in strange
machines, or let others put unscanned disks
in your machine.
TECHNIQUES
 Virus
• Viruses attack computers, but any device that is
part of the communications network is
vulnerable, including:
– Cell phones
– Smart phones
– PDAs
TECHNIQUES
 • Perpetrators havetodevised
A worm is similar many for:
a virus except methods to commit
computer
– A wormfraud and abuse.program,
is a stand-alone These while
include:
a virus is only a
 Virussegment of code hidden in a host program or executable file.
 –Worms
A worm will replicate itself automatically, while a virus
requires a human to do something like open a file.
• Worms often reproduce by mailing themselves to the recipient’s
mailing list.
• They are not confined to PCs and have infected cell phones in
Japan.
• A worm typically has a short but very destructive life.
• It takes little technical knowledge to create worms or viruses;
several websites provide instructions.
• Most exploit known software vulnerabilities that can be corrected
with a software patch, making it important to install all patches as
soon
© 2006 Prentice as they
Hall Business are available.
Publishing Accounting Information Systems, 10/e Romney/Steinbart 148 of 175
TECHNIQUES
• computer fraud
You receive and abuse.
an email These
from a friend, include: profusely that
apologizing
he/she
Virus has previously sent you an email that was infected with a
virus.
Worms
• The
Thefriend’s email
low-tech, gives you instructions
do-it-yourself attack to look for and remove
the offending virus.
• You delete the file from your hard drive. The only problem is that
the file you just deleted was part of your operating system.
• Your friend was well-intended and has done the same thing to
his/her computer.
• REMEDY: Before even considering following instructions of this
sort, check the list of hoaxes that are available on any virus
protection website, such as:
– www.norton.com
– www.mcafee.com
INTRODUCTION

fraud
computer fraud
PREVENTING AND DETECTING
COMPUTER FRAUD
• Organizations must take every precaution to
protect their information systems.
• Certain measures can significantly decrease the
potential for fraud and any resulting losses.
• These measures include:
– Make fraud less likely to occur
– Increase the difficulty of committing fraud
– Improve detection methods
– Reduce fraud losses
COMPUTER FRAUD
COMPUTER FRAUD
COMPUTER FRAUD
• Increase the difficulty of committing
fraud
– Develop a strong system of internal controls
– Segregate the accounting functions of:
• Authorization
• Recording
• Custody
– Implement a program segregation of duties
between systems functions
– Restrict physical and remote access to
system resources to authorized personnel
COMPUTER FRAUD
– Require transactions and activities to be authorized
by appropriate supervisory personnel. Have the
system authenticate the person and their right to
perform the transaction before allowing the
transaction to take place.
– Use properly designed documents and records to
capture and process transactions.
– Safeguard all assets, records, and data.
– Require independent checks on performance, such
as reconciliation of two independent sets of records,
where possible and appropriate.
COMPUTER FRAUD
– Implement computer-based controls over data input,
computer processing, data storage, data
transmission, and information output.
– Encrypt stored and transmitted data and programs to
protect them from unauthorized access and use.
– Fix known software vulnerabilities by installing the
latest updates to operating systems, security, and
applications programs.
COMPUTER FRAUD
COMPUTER FRAUD
• Improve detection methods.
– Create an audit trail so individual transactions
can be traced through the system to the
financial statements and vice versa.
– Conduct periodic external and internal audits,
as well as special network security audits.
– Install fraud detection software.
– Implement a fraud hotline.
COMPUTER FRAUD
– Employ a computer security officer, as well as
computer consultants and forensic specialists
as needed.
– Monitor system activities, including computer
and network security efforts, usage and error
logs, and all malicious actions.
– Use intrusion detection systems to help
automate the monitoring process.
COMPUTER FRAUD
COMPUTER FRAUD
• Reduce Fraud Losses
– Maintain adequate insurance.
– Develop comprehensive fraud contingency,
disaster recovery, and business continuity
plans.
– Store backup copies of program and data files
in a secure, off-site location.
– Use software to monitor system activity and
recover from fraud.

CS Form No. 212 Revised Personal Data Sheet - New

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

CS Form No. 212 Revised Personal Data Sheet - New

Загружено:

Авторское право:

Доступные форматы

C HAPTER 5

Computer Fraud and

• In this chapter we’ll discuss:

• Fraud is any and all means a person uses to

• Fraud against companies may be committed by

• Fraud perpetrators are often referred to as

• Three types of occupational fraud:

• Three types of occupational fraud:

• Three types of occupational fraud:

• Common approaches to “cooking the

• A revision to SAS-82, SAS-99, was issued in

• A revision to SAS-82, SAS-99, was issued in

• A revision to SAS-82, SAS-99, was issued in

• Use the gathered information to identify, assess, and respond to

• A revision to SAS-82, SAS-99, was issued in

• A revision to SAS-82, SAS-99, was issued in

• Auditors communicate their fraud

• A revision to SAS-82, SAS-99, was issued in

• Auditors must document their

• A revision to SAS-82, SAS-99, was issued in

• In this chapter we’ll discuss:

• Researchers have compared the psychological and

• White-collar criminals tend to mirror the general

• Perpetrators of computer fraud tend to be

• They may view their actions as a game rather than

• Some fraud perpetrators are disgruntled and

• Criminologist Donald Cressey, interviewed 200+

• The most common pressures were:

• The most common pressures were:

• The most common pressures were:

• The most common pressures were:

• The most common pressures were:

• The most common pressures were:

• Financial statement fraud is distinct from other

• Opportunity is the opening or gateway that

• Opportunity is the opening or gateway that

• Committing the fraud might involve acts

• Opportunity is the opening or gateway that

• Concealing the fraud often takes more time and

• Concealing the fraud often takes more time and

• Concealing the fraud often takes more time and

• Concealing the fraud often takes more time and

• Opportunity is the opening or gateway that

• Unless the target of the theft is cash, then

• If the fraud is a financial statement fraud,

• There are many opportunities that enable fraud.

• Internal controls that may be lacking or un-

• Management may allow fraud by:

• How many people do you know who regard

• These rationalizations take many forms,

• Creators of worms and viruses often use

• In this chapter we’ll discuss:

• The U.S. Department of Justice defines

• Computer fraud includes the following:

• In using a computer, fraud perpetrators

• Computer systems are particularly vulnerable to

– Modern systems are accessed by PCs, which

– Computer systems face a number of unique

– Many computer frauds go undetected.

• Economic espionage, the theft of

• Computer Fraud Classification

Input Processor Output

Input Processor Output