美文网首页
C5 Computer Fraud & Abuse

C5 Computer Fraud & Abuse

作者: Scrummble | 来源:发表于2013-07-01 08:49 被阅读0次
  • AIS Threats

  • Natural & political disasters

  • Software errors & equipment malfunctions

  • Unintentional acts

  • Intentional computer crimes

  • Fraud: gaining unfair advantage over others

  • Perpetrators: white-collar criminals

  • Misappropriation of assets: theft of company assets (employee fraud)

    • Gains the trust or confidence of the victim
    • Uses trickery, cunning, misleading information
    • Hides tracks by falsifying records
    • Cannot self-terminate, because of need, greed or anti-detection
    • Extravagant lifestyle, rather than savings
    • Becomes greedy
    • Grows careless and gets caught
    • Sheer magnitude leads to detection
    • Most factor: absence of internal controls
  • Fraudulent financial reporting: intentional or reckless conduct resulting in materially misleading financial statements

  • Fraud triangle:

    • Pressure (incentive, motivation)
    • Opportunity: condition or situation to allow to: commit and conceal the fraud, and to convert it to personal gain
    • Rationalization: to allow perpetrators to justify illegal behaviors
  • Computer fraud: any illegal act for which computer technology is essential for its perpetration, investigation or prosecution

  1. Not everyone agrees on what constitutes computer fraud
  2. Many go undetected
  3. Many uncovered frauds is not reported
  4. Networks lack of security
  5. Internet provides instructions
  6. Law enforcement falls behind
  7. Total loss difficult to value
  • Computer fraud classifications

  • Input fraud

  • Processor fraud

  • Computer instruction fraud

  • Data fraud

  • Output fraud

  • Computer attacks

  • Hacking: unauthorized access and use of computer systems

    • War dialing, driving, chalking, rocketing
    • Botnet, hijacking, bot herders, zombies, denial-of-service attack
    • Spamming, dictionary attacks, splogs, spoofing, zero-day attack
    • Password cracking, masquerading / impersonation, piggybacking
    • Data diddling, data leakage, phreaking
    • Economic espionage, cyber-extortion, Internet terrorism, Internet misinformation, e-mail threats
    • Click fraud, software piracy
  • Social engineering: tech to obtain confidential information, often by tricking people

    • Identity theft, pretexting, posing, phishing, vishing, carding, pharming
    • Evil twin, typosquatting, scavenging / dumpster diving,
    • Shoulder surfing, skimming, chipping, eavesdropping
  • Malware

    • Spyware, adware, key logger, trojan horse, time bombs, trap door, packet sniffers
    • Steganography programs, rootkit, superzapping, virus, bluesnarfing, bluebugging, worm

相关文章

网友评论

      本文标题:C5 Computer Fraud & Abuse

      本文链接:https://www.haomeiwen.com/subject/lcgxtttx.html