Give an elaborate account on computer fraud and abuse techniques

A Management Information System ICT Revision Questions and Answers

Computer fraud and abuse techniques:
Some of the techniques are briefly discussed below:

Technique Description
Cracking Unauthorized access to and use of computer systems, usually means

of  a  personal     computer and a telecommunications network. Crackers are hackers with malicious intentions.

Data didling Changing data before, during or, after it is entered into the system in

order to delete, alter, or add key system data.

Data leakage Unauthorized copying of company data such as computer files.
Denial     of     service attack Attacker sends e-mail bombs (hundreds of messages per second) from randomly generated false addresses; Internet service provider’s e-

mail is overloaded and shout down.

Eavesdropping Listening to private voice or data transmissions, often using a wiretap.
E-mail forgery Sending an e-mail message that looks as if it was sent some ones

else

E-mail threats Sending a threatening message to try and get recipient to do something

that would make it possible to defraud him

Hacking Unauthorised access to and use of computer systems, usually means of a personal computer and a telecommunications network.

Hackers do not intend to cause any damage.

Internet

misinformation

Using the internet to spread false or misleading information about

companies

Internet terrorism Using the internet to disrupt electronic commerce and to destroy

company and individual communications.

Logic time bomb Program that lies idle until some specified circumstances or a particular

time triggers it. Once triggered, the bomb sabotages the system destroying programs, data, or both.

Masquerading         or

impersonation

Perpetrator gains access to the system pretending to be an

authorised user. Enjoys same privileges as the legitimate user

Password cracking Intruder penetrates a system’s defenses, steals the file containing valid

passwords, decrypts them, and then users them to gain access to system resources such as programs, files, and data.

 

Piggybacking Taping into a telecommunications line and latching on to a legitimate

user before he logs into the system

Round-down Computer rounds down all interest calculations to two decimal places. Remaining fraction of a percent; increments are placed in a

dummy account controlled perpetrator.

Salami technique Tiny slices of money are stolen over a period of time. (Expenses are increased a fraction of a percent; increments are placed in a

dummy account and later pocketed the perpetrator.)

Scavenging Gaining access to confidential information searching corporate records. Scavenging methods range from searching trashcans for printouts or carbon copies of confidential information to scanning

the contents of computer memory.

Social engineering Perpetrator tricks an employee into giving out the information needed

to get into a system.

Software piracy Copying computer software without the publisher’s permission
Spamming E-mailing the same message to everyone on one or more Usenet news

groups or LISTSERV lists.

Superzapping Unauthorised use of special system programs to bypass regular system

controls and perform illegal acts.

Trap door Perpetrator enters the system using a back door that bypasses normal

system controls and perpetrates fraud.

Trojan horse Unauthorised computer instructions in an authorised and properly

functioning program.

Virus Segment of executable code that attaches itself to software, replicates itself, and spreads to other systems or files, Triggered a predefined event, a virus damages system resources or displays a

message on the monitor.

N.B. Student are required to briefly discuss any 10 of these points.



(Visited 16 times, 1 visits today)
Share this on:

Leave a Reply

Your email address will not be published. Required fields are marked *