Professional Documents
Culture Documents
INTERNET FRAUD
Computer Fraud
objectives
• Social engineering the attacker deceives victims into disdaining personal information to facilitate
the attackers intended scheme
• The hacks might assume a number of different guises to accomplish this deception
• Often, the perpetrator has a conversation with someone to trick, lie to, or otherwise deceive the
victim. Often the perpetrator has information, knowledge, authority, or confidence that makes it
appear that he belongs or knows what he is doing
Reverse social Engineering
• A reverse social engineering attack is a person-to-person attack in
which an attacker convinces the target that he or she has a problem or
might have a certain problem in the future and that he, the attacker, is
ready to help solve the problem
• While in most social engineering attacks, the attacker goes to the
victim to obtain information. In reverse social engineering, however,
the victim unwittingly goes to the attacker.
• 3 steps of reverse social engineering;
• Stage one is called sabotage where initial damage is made.
• Stage two or advertise is where attacker gains trust of victim and pursue
him/her he is the one who can solve problem they have (made in stage 1).
• Stage three (assist) is where the attacker gains information/property he needs
Malware
• Spyware software secretly monitors and collects personal information about users and sends it
to someone else
• Adware is spyware that can pop banner ads on a monitor, collect information about the user’s
web-surfing and spending habits, and forward it to the adware creator.
• Scareware is software that is often malicious, is of little or no benefit, and is sold using scare
tactics. Some scareware even warns that a user’s job, career, or marriage is at risk
• torpedo software – Software that destroys competing malware. this sometimes results in
“malware warfare” between competing malware developers
• Like scareware, ransomware often comes in the form of fake antivirus software. When
activated, well-written ransomware locks you out of all your programs and data by encrypting
them. That means you can’t run your installed security programs and, if it disables your USB
ports and DVD drives, you can’t load new security programs to combat it
• keylogger - Software that records computer activity, such as a user’s keystrokes, e-mails sent
and received, websites visited, and chat session participation.
Who is responsible to take action ?
• Includes:
• Networks (Network Forensics)
• Code Analysis
Common activities include
2. Upon seizing digital evidence, actions taken should not change that evidence.
3. When it is necessary for a person to access original digital evidence, that person should
be trained for the purpose.
4. All activities relating to the seizure, access, storage or transfer of digital evidence must be
fully documented, preserved and available for review.
5. An Individual is responsible for all actions taken with respect to digital evidence whilst
the digital evidence is in their possession.
6. Any agency, which is responsible for seizing, accessing, storing or transferring digital
evidence is responsible for compliance with these principles.
Typical investigation phases
1. Acquisition
2. Recovery
3. Analysis
4. Presentation
Scenario 1: Bank
• The controller of a small business received the following e-mail with an authentic-looking e-mail address and logo:
From: CRDB[antifraud@crdb.com]
To: Frank Baguma, Controller, Small Business USA
Subject: Official Notice for all users of CRDB Bank!
Due to the increased incidence of fraud and identity theft, we are asking all bank customers to verify their account
information on the following Web page: www.antifraudcrdb.com Please confirm your account information as soon
as possible. Failure to confirm your account information will require us to suspend your account until confirmation
is made.
A week later, the following e-mail was delivered to the controller: