Professional Documents
Culture Documents
The majority of credit card numbers used in cybercrime in the EU have historically originated
from United States data breaches, so a major focus of the EC3 has been preventing card-not-
present (CNP) fraud. Europol reports that organised crime makes 1.5 billion Euro from credit
card fraud, 900 million of which originate from CNP fraud.
In 2013, EC3 took down the largest ransomware cybercrime network in Russia, Operation
Ransom, which spanned 33 countries, including 22 in the EU. Operation Ransom infected
computers with police ransomware, which is a type of malware that blocks a computer
completely and warns the user that they have visited illegal websites, such as child pornography,
and requests payment of a fine to unblock it.
As part of its “Focal Point Terminal” division, the EC3 busted an Asian criminal network
responsible for the theft of 15,000 credit card numbers and for conducting illegal Internet
transactions and purchases of airline tickets. In July, the EC3 held ‘a day of action’ to target
criminals using stolen credit cards to buy airline tickets as part of a different ring.
(Source: Kenneth C. Laudon and Carol Guercio Traver, E-Commerce 2015 business-
technology-society 10th edition, Pearson: 2015:p.p. 235-237)
Question A1
You are required to answer the following questions based on the above article:
i. Critically analyse TWO (2) types of protections that need to be input into credit card payment
system in order to eliminate credit card fraud. Support your answer with relevant examples
Credit fraud tends to become one of the most prominent ways of online scams plaguing
companies around the world. Card-present fraud and card-not-present fraud are two key forms
of credit card fraud.
There are a few payment gateways for fraud prevention mechanisms used to mitigate losses
linked to fraud such as :
Payment gateways often use Card Verification Value, also referred to as CVV, as part of multi -
layered fraud protection. The CVV is a 3 or 4 digit code which comes with every credit card. As
CVV codes aren't ever stored in payment gateway databases, this number can only be identified
and used by cardholders through physical cards in the eyes. You can minimize the risk of card
fraud by activating a CVV fraud filter.
Transaction limit
Most payment gateways make it possible for you to restrict the amount of large transactions per
day from the same account. This move will prevent the incidence of major transaction fraud and
can help you avoid expensive chargebacks.
(20 marks)
ii. Critically discuss the type of hacker that attacks Operation Ransom in Russia. Support you
answer with relevant examples.
Ransomware is a type of malware that traps computers in order to unlock them, while hackers de
mand ransom payments. According to Charles Carmakal, the strategic services chief technology
officer at the cyber security company FireEye Inc., ransoms differ due to factors such as hospital
scale and perceived ability to pay in a most recent rash of assaults.
Garmin ransomware hack in July 27 2020.
Malware attack is one of the most methods that hackers do to cyber attack.
It is possible to define malicious software as unauthorized software that is installed on the
device without owner permission. It can connect itself and spread to legitimate code; it can
lurk or duplicate itself around the Internet in useful applications. Here are some of the most
prevalent malware types such as macro viruses,file infectors, system or boot record infectors,
polymorphic viruses stealth viruses and many more.
(10 marks)
iii. Critically discuss TWO (2) types of online measures that are implemented by banks in
identifying their online customers’ identity before they can do online banking. Support your
answer with relevant examples.
Banks are expected to comply with customer due diligence requirements according
to Finnish law, which ensures banks must recognise and know their customers.
In addition to the customer's personal data, the bank must provide adequate information on the ac
tivities of
the customer, its financial status, its banking practices and the reason for which the services are u
sed. Banks have to check their customs in reality. Bank may advice us to do several things to
keep the money safe and no one unless you can access it,
(10 marks)
(Total 40 marks)