Computer fraud and abuse techniques:
Some of the techniques are briefly discussed below:
| Technique | Description |
| Cracking | Unauthorized access to and use of computer systems, usually means
of a personal computer and a telecommunications network. Crackers are hackers with malicious intentions. |
| Data didling | Changing data before, during or, after it is entered into the system in
order to delete, alter, or add key system data. |
| Data leakage | Unauthorized copying of company data such as computer files. |
| Denial of service attack | Attacker sends e-mail bombs (hundreds of messages per second) from randomly generated false addresses; Internet service provider’s e-
mail is overloaded and shout down. |
| Eavesdropping | Listening to private voice or data transmissions, often using a wiretap. |
| E-mail forgery | Sending an e-mail message that looks as if it was sent some ones
else |
| E-mail threats | Sending a threatening message to try and get recipient to do something
that would make it possible to defraud him |
| Hacking | Unauthorised access to and use of computer systems, usually means of a personal computer and a telecommunications network.
Hackers do not intend to cause any damage. |
| Internet
misinformation |
Using the internet to spread false or misleading information about
companies |
| Internet terrorism | Using the internet to disrupt electronic commerce and to destroy
company and individual communications. |
| Logic time bomb | Program that lies idle until some specified circumstances or a particular
time triggers it. Once triggered, the bomb sabotages the system destroying programs, data, or both. |
| Masquerading or
impersonation |
Perpetrator gains access to the system pretending to be an
authorised user. Enjoys same privileges as the legitimate user |
| Password cracking | Intruder penetrates a system’s defenses, steals the file containing valid passwords, decrypts them, and then users them to gain access to system resources such as programs, files, and data. |
| Piggybacking | Taping into a telecommunications line and latching on to a legitimate
user before he logs into the system |
| Round-down | Computer rounds down all interest calculations to two decimal places. Remaining fraction of a percent; increments are placed in a
dummy account controlled perpetrator. |
| Salami technique | Tiny slices of money are stolen over a period of time. (Expenses are increased a fraction of a percent; increments are placed in a
dummy account and later pocketed the perpetrator.) |
| Scavenging | Gaining access to confidential information searching corporate records. Scavenging methods range from searching trashcans for printouts or carbon copies of confidential information to scanning
the contents of computer memory. |
| Social engineering | Perpetrator tricks an employee into giving out the information needed
to get into a system. |
| Software piracy | Copying computer software without the publisher’s permission |
| Spamming | E-mailing the same message to everyone on one or more Usenet news
groups or LISTSERV lists. |
| Superzapping | Unauthorised use of special system programs to bypass regular system
controls and perform illegal acts. |
| Trap door | Perpetrator enters the system using a back door that bypasses normal
system controls and perpetrates fraud. |
| Trojan horse | Unauthorised computer instructions in an authorised and properly
functioning program. |
| Virus | Segment of executable code that attaches itself to software, replicates itself, and spreads to other systems or files, Triggered a predefined event, a virus damages system resources or displays a
message on the monitor. |
N.B. Student are required to briefly discuss any 10 of these points.
