Professional Documents
Culture Documents
FRAUD AND
ABUSE
TECHNIQUES
Ester Sabatini
8312419007 1
Computer Attacks and Abuse
3
Spoofing is making an electronic communication look as if someone else
sent it to gain the trust of the recipient. Spoofing can take various forms,
including the following:
5
Social Engineering
Social engineering refers to techniques or psychological tricks used to get people
to comply with the perpetrator’s wishes in order to gain physical or logical access
to a building, computer, server, or network—usually to get the information
needed to access a system and obtain confidential data.
Pretexting is using an invented scenario (the pretext) to increase the likelihood
that a victim will divulge information or do something. The pretext is more than
just a simple lie; it usually involves creating legitimacy in the target’s mind that
makes impersonation possible.
Posing is creating a seemingly legitimate business (often selling new and exciting
products), collecting personal information while making a sale, and never
delivering the product.Fraudsters also create Internet job listing sites to collect
confidential information.
Phishing is sending an electronic message pretending to be a legitimate company,
usu ally a financial institution, and requesting information or verification of
information and often warning of some negative consequence if it is not
provided. 6
Carding refers to activities performed on stolen credit cards, including making a
small online purchase to determine whether the card is still valid and buying and
selling stolen credit card numbers. Scores of underground websites facilitate
carding, with some rating the reliability of sellers the same way eBay does.
Tabnapping is secretly changing an already open browser tab. Tabnapping begins
when a victim is tricked into opening an e-mail link or visiting an infected website.
Scavenging, or dumpster diving, is searching documents and records to gain access
to confidential information. Some identity thieves search garbage cans, communal
trash bins, and city dumps to find information.
7
MALWARE
MM.DD.20XX
8
ADD A FOOTER
Spyware software secretly monitors and collects
personal information about users and sends it to
someone else. The information is gathered by
logging keystrokes, monitoring websites visited, and
scanning documents on the computer’s hard drive.
Spyware can also hijack a browser, replacing a KEYLOGGER
computer’s home page with a page the spyware Keylogger software records computer activity, such as a user’s
creator wants you to visit. keystrokes, e-mails sent and received, websites visited, and chat
session participation.
11