Embed Size (px)
Citation preview
KAPP EDGE SOLUTIONS
Your Knowledge Partner
FINANCIAL TRANSACTIONS AND FRAUD SCHEMES
Computer and Internet Fraud
Computer Fraud
Perpetrator uses/ access the computer to execute the fraudulent activity.
These frauds can be difficult to identify as:
Lack of traditional audit trail
Understanding of technology is required-victim’s computer as well as technology to commit crime.
Requires specialist
©KAPP Edge Solutions Pvt. Ltd.
Use of computer in Crime
As an object- as a target of crime. physical sabotage, theft.
As a subject-subject to crime related to technology. Virus attack.
As a tool-tool to commit crime such as embezzlement , theft of proprietary information .
As a symbol-gives an air of credibility.
©KAPP Edge Solutions Pvt. Ltd.
Computer Hacking
Hacking is an unauthorized access of the computer system.
Unauthorized access can be done from remote location.
Most common way of hacking is to use someone else’s password or generate new password.
Methods of unauthorized access :
1. Social engineering-attackers convince the victim to disclose the personal details by guises.
2. Reverse social engineering-attacker poses as someone who can help victim .
3. Password Cracking-attackers attempts to guess a user’s password . It is easier for the users who keep easy passwords such as date of birth, spouse name etc.
©KAPP Edge Solutions Pvt. Ltd.
Phishing
It happens when attackers duped the victim into disclosing confidential information such as- bank details, pin NO’S ETC.
Generally it is being done through mails.
In order to prevent this attack-computers should be armed with spam filters, anti virus, anti spy ware etc.
©KAPP Edge Solutions Pvt. Ltd.
Vishing
Voice phishing or vishing- it uses Voice of internet protocol-VOIP to commit crime.
Confidential information is being taken over telephone.
Smishing/ Tishing- it is hybrid of phishing and text messaging.
SMS’s are used for getting sensitive information.
©KAPP Edge Solutions Pvt. Ltd.
Other Schemes:
Rock phishing-phisers uses botnet to send massive emails in huge volume to internet users. They act as a financial institute and give a false URL in the mail.
Pharming- a user is fooled into giving the sensitive information into malicious website which looks like a legitimate site.
Keystroke Logging-process of monitoring the key pressings on keyboard.
Backdoor- it let the attacker bypass the system’s security through the use of undocumented operating system.
©KAPP Edge Solutions Pvt. Ltd.
Data Manipulation and Destruction
Data Manipulation-use of computer to perpetrate the crime.
Data Destruction-unauthorized modification, suppression or erasure of computer data or functions with the intent to hinder normal operations.
©KAPP Edge Solutions Pvt. Ltd.
Methods of Data Manipulation and Destruction
Malware
Salami Techniques
Data Leakage
Wire Tapping
Input Manipulation
Buffer overflow
Privilege Escalation Exploits
©KAPP Edge Solutions Pvt. Ltd.
Malware
Viruses
Worms
Trojan Horse
Spyware
Adware
Botnets
Logic bombs
©KAPP Edge Solutions Pvt. Ltd.
Measures to prevent Infection
Use of Antivirus
Regular updation of anti virus
Use protection while opening e mails
Use of firewall
Keep a backup copy of production files.
Regular updation of operating system,
©KAPP Edge Solutions Pvt. Ltd.
Internet Fraud
These frauds are widely spread as there is no international laws applicable on internet.
According to 2012 internet crime report-total dollar loss form internet fraud was more than $525 million with average dollar loss of $600 per complaint.
Some of internet fraud includes:
Real estate fraud
Lotteries
Investment schemes
Romance scams
©KAPP Edge Solutions Pvt. Ltd.
Insider Threats
Input Alteration
Output Alteration
Data file manipulation
Computer Operations
Operating System
Communication System
©KAPP Edge Solutions Pvt. Ltd.
Thank You
KAPP Edge Solutions
©KAPP Edge Solutions Pvt. Ltd.
