COMPUTER AND

INTERNET FRAUD
Computer Fraud
objectives

• Fraud and Computer fraud

• Introduction to computer attacks and abuse tactics

• How social engineering is used to commit fraud

• Describe different types of malware used to harm

computers
• Most modern businesses and governments depend on their computer systems to support their
operations
• Computers have become the mainstay of business and government processes
• Communications: communications via email, messenger systems, conferencing and
word processing.
• Research: research industry trends, patents, trademarks, potential clients and
competitors via search engines and proprietary databases.
• Media Production: types of media, including graphics, video and audio productions.
• Data Tracking and Storage: Although paper files containing hard copy documents are
still in use, organizations also store and manage their data using software and the cloud.
• Product Development: Developers use computers to create new products and services.
• Human resources: Internal HR processes and payroll systems are managed using
software and online services.
• Without today’s computers, the entire businesses and government
operations would almost cease to function.
• Imagine trying to manually process tax returns, maintain accounting
records, conduct audits compile budgets etc, without the aid of
computers
• It is critical that business owners take the time to choose the
right computers, software and peripherals for their
organization.
• Cyber criminals have devised an ever-increasing number of
ways to commit computer fraud and abuse
Definition of Fraud
• Any means a person uses to gain an unfair advantages over another
person; includes

⁻ A false statement, representation or disclosure

⁻ A material fact, which include a victim to act
⁻ An intent to deceive
⁻ Victim relied on the misrepresentation
⁻ Injury or loss was suffered by the victim

Fraud is a white-collar crime

Computer FRAUD
• Computer fraud has been defined “
• as a computer aided activity involving a deliberate misrepresentations of fact
or alteration of data to obtain or receive something of value that causes a
financial loss to some person or organization
• The perpetrator accesses or uses computer with the intent to execute
a fraudulent scheme
• Computer fraud serves to encompass new schemes that result from
development of technology
• Computer Fraud is classified as;
• Input, processor, computer instruction, Data, Output
 four- fold Crime with respect to Computer function

1. Computers and networks systems are themselves often objects or

targets of the crime, thus they are subject to physical sabotage, theft
of destruction of information
2. Computers are the direct subjects of crime “when they are in the
environment in which technologists commit crimes” (in includes
virus)
3. Computers are used as a means to commit crime such as
embezzlement or hacking
4. Computers lead fraudsters to an air of credibility and they are often
used to deceive victims into investment and pyramid schemes
 Malware
Hacking Social engineering
•Spyware
•Click Fraud •Identity theft
•Adware
•internet auction fraud •Pretexting
•Torpedo Softawafre
•cyber bullying •Posing
•Spoofing •Scareware
•cyber extortion •Phishing
•Email Spoofing •Ransomware
•economic aspionage Data •vishing
•Caller ID Spoofing •Keylogger
leakage •carding
•IP Adress Spoofing •Trojan Horse
•data Didding •Pharming
•SQl Injection •Time Bombs
•Phreaking •evil twin
•Password Cracking •trap door or back door
•PiggyBacking •URL hijacking
•Salami Techniques •packet sniffer
•Masquareding •QR Bacode replacement
•Round down Fraud •steganography
•Hijacking •Tabnapping
•Web Cramming programs
•Botnet •SCavenging
•software piracy •rootkit
•Zombies •shoulder surfing
•man in the middle •superzapping
•Bot Herders •Lebanese looping
atack •virus
•Dos Attack •skimming
zero day attack •worms
•SPlogs •chipping
•Bluesnarfing
eavesdropping
Bluedugging
Computer Hacking
• is the unauthorized access, modification, or use of an electronic device or
some element of a computer system

• Hacking refers to the use of technology to gain unauthorized access to

sensitive information on a computer system

• The motives of hacking range from simple curiosity, computer sabotage or

espionage

• Unauthorized access creates the opportunity to cause additional un intended

damage to data system crashes as impediments to legitimate system useless
Generally, Computer hacking is
• Use of a computer or any digital device to gain unauthorized access to
data

• Interruption: This is an attack on availability

• Interception: This is an attack on confidentiality

• Modification: This is an attack on integrity

• Fabrication: This is an attack on authenticity

Computer Hacking
• Hacking is motivated by profit

• Hackers use various ways to gain un authorized access to computer systems

• The perpetrator might be able to take advantage of lax security measures to

gain access of might find loopholes in the existing security system procedures

• passwords are created by users, are weak passwords

• Consequently, most passwords are not secure

Computer Hacking
2. social engineering
• techniques or psychological tricks used to get people to comply with the perpetrator’s wishes in
order to gain physical or logical access to a building, computer, server, or network—usually to get
the information needed to access a system and obtain confidential data.

• Social engineering the attacker deceives victims into disdaining personal information to facilitate
the attackers intended scheme

• The hacks might assume a number of different guises to accomplish this deception

• Often, the perpetrator has a conversation with someone to trick, lie to, or otherwise deceive the
victim. Often the perpetrator has information, knowledge, authority, or confidence that makes it
appear that he belongs or knows what he is doing
Reverse social Engineering
• A reverse social engineering attack is a person-to-person attack in
which an attacker convinces the target that he or she has a problem or
might have a certain problem in the future and that he, the attacker, is
ready to help solve the problem
• While in most social engineering attacks, the attacker goes to the
victim to obtain information. In reverse social engineering, however,
the victim unwittingly goes to the attacker.
• 3 steps of reverse social engineering;
• Stage one is called sabotage where initial damage is made.
• Stage two or advertise is where attacker gains trust of victim and pursue
him/her he is the one who can solve problem they have (made in stage 1).
• Stage three (assist) is where the attacker gains information/property he needs
Malware

• is any software that is used to do harm. Malware is a constant and growing

concern, as well as an expensive one.
• Malware is an umbrella term for any kind of malicious software, including
viruses, worms, Trojans spyware, and botnets.
• Malware uses popular communication tools to spread, using worms sent
through email and instant messages, Trojan horses dropped form websites, and
virus – infected files downloaded form peer to peer connections
• Malware is not restricted to computers. The most prevalent types are fake
versions of legitimate apps in smartphones, many of which can be found in the
Google Play app store.
• Many of these apps gather information about the phone and its user and send
the information to the adware developer without giving the phone owner the
choice of opting out of the information capture
 Malware

• Spyware software secretly monitors and collects personal information about users and sends it
to someone else
• Adware is spyware that can pop banner ads on a monitor, collect information about the user’s
web-surfing and spending habits, and forward it to the adware creator.
• Scareware is software that is often malicious, is of little or no benefit, and is sold using scare
tactics. Some scareware even warns that a user’s job, career, or marriage is at risk
• torpedo software – Software that destroys competing malware. this sometimes results in
“malware warfare” between competing malware developers

• Like scareware, ransomware often comes in the form of fake antivirus software. When
activated, well-written ransomware locks you out of all your programs and data by encrypting
them. That means you can’t run your installed security programs and, if it disables your USB
ports and DVD drives, you can’t load new security programs to combat it
• keylogger - Software that records computer activity, such as a user’s keystrokes, e-mails sent
and received, websites visited, and chat session participation.
Who is responsible to take action ?

There at least 3 distinct

communities
Law Enforcement
Military
Business & Industry
Possibly a 4th –
Academia
Generally, this method can be applied to
all communities – law enforcements &
military
Types of investigations
• Determine what the incident was and get back to a
working state
• Internal investigation
• Should be based on a policy
• May lead to criminal investigation
• Criminal investigation
• Support for “real world” investigations
• The scientific examination and analysis of digital evidence in such a
way that the information can be used as evidence in a court of law.

• Includes:
• Networks (Network Forensics)

• Small Scale Digital Devices

• Storage Media (Computer forensics)

• Code Analysis
Common activities include

the secure collection of computer data

the identification of suspect data

the examination of suspect data to determine details such as origin

and content

the presentation of computer-based information to courts of law

the application of a country's laws to computer practice

Crime Scenes
Physical Crime Scenes vs. Digital Crime Scenes
Digital Evidence
Digital data that establish that a crime has been committed, can provide a
link between a crime and its victim, or can provide a link between a crime
and the perpetrator

Locard’s Principle applies

 “When a person commits a crime something is always left at the
scene of the crime that was not present when the person
arrived”
The 6 Principles are:
1. When dealing with digital evidence, all of the general forensic and procedural principles
must be applied.

2. Upon seizing digital evidence, actions taken should not change that evidence.

3. When it is necessary for a person to access original digital evidence, that person should
be trained for the purpose.

4. All activities relating to the seizure, access, storage or transfer of digital evidence must be
fully documented, preserved and available for review.

5. An Individual is responsible for all actions taken with respect to digital evidence whilst
the digital evidence is in their possession.

6. Any agency, which is responsible for seizing, accessing, storing or transferring digital
evidence is responsible for compliance with these principles.
Typical investigation phases

1. Acquisition

2. Recovery

3. Analysis

4. Presentation
Scenario 1: Bank
• The controller of a small business received the following e-mail with an authentic-looking e-mail address and logo:
From: CRDB[antifraud@crdb.com]
To: Frank Baguma, Controller, Small Business USA
Subject: Official Notice for all users of CRDB Bank!
 
Due to the increased incidence of fraud and identity theft, we are asking all bank customers to verify their account
information on the following Web page: www.antifraudcrdb.com Please confirm your account information as soon
as possible. Failure to confirm your account information will require us to suspend your account until confirmation
is made.
 
A week later, the following e-mail was delivered to the controller:

From: Big Bank [antifraud@crdb.com]

To: Frank Baguma, Controller, Small Business USA
Subject: Official Notice for all users of CRDB Bank!
 
Dear Client of CRDB,
Technical services at Crdb is currently updating our software. Therefore, we kindly ask that you access the website
shown below to confirm your data. Otherwise, your access to the system may be blocked.
 
web.da-us.bigbank.com/signin/scripts/login2/user_setup.jsp
 
We are grateful for your cooperation.
• The RUAHA CATHOLIC COMPUTER LAB was filled to capacity
when the system slowed and crashed, disrupting the lives of students
who could no longer log into the system or access data to see their
final examination from SIMS and SARES .
• Mr. Elisante initially suspected a cable break or an operating system
failure, but diagnostics revealed nothing. After several frustrating
hours, Mr. Kelvin Rutha ran a virus detection program and uncovered
a virus on the lab’s main server. The virus was eventually traced to the
computers of unsuspecting RUCU Computer Lab students.
• Later that evening, the system was brought back online after infected
files were replaced with backup copies.