Computer frauds have been defined as any illegal act for which knowledge of computer technology is essential for its perpetration, investigation or prosecution. Most specifically, computer frauds include the following:
• Unauthorized theft, use, access, modification, copying and destruction of software or data
• Theft of money by altering computer records or the theft of computer time
• Theft or destruction of computer hardware
• Use or the conspiracy to use computer resources to commit a offence
• Intend to illegally obtain information or tangible property through the use of
The various types of computer frauds are as follows:
(a) Clearly recognizable frauds such as investment frauds, secret market frauds and pyramid scheme where a computer (usually via the Internet) is used as a new medium to convey an old message and the hapless victim is persuaded to part with money or credit card details. Most of the frauds that are prevalent on the Internet involve the offering of unrealistically high returns on investment. Secret market frauds are a variation on this theme. Victims are persuaded that there is a confidential and exclusive market for a particular kind of financial instrument, a “prime bank guarantee” which offers a high rate of return. Pyramid schemes again offer high returns for small contributions and invariably collapse leaving the last to join without prospect of recovering any funds.
(b) Hacking in the generally recognized sense of unauthorized access and unauthorized modification to computers. This includes the malicious introduction of a virus, the modification of email or the vandalism of web pages. This is a now a popular activity amongst hackers and considered to be a real problem for anyone doing business on the Internet.
(c) Manipulation of computer systems to obtain money from an employer or a third party. Examples of this are diversion of payments and creation of false employees/suppliers. These frauds may require access to a system or part of a system from which the perpetrator is (or is supposed to be) excluded. As we know that businesses often fail to implement even the most basic password and access controls. They thus allow access to their systems, which could easily be defined.
(d) Theft and/or destruction of confidential and sensitive information. This is an area where huge damage can be caused by employees and third parties who are able to gain access to confidential and sensitive information and pass it on to competitors or simply destroy it;
(e) Abuse of computer systems by employees. This involves an employee using the computer system for his or her own purposes. Employees can write personal letters or run businesses from their employer’s computers. Employees can use email systems and the Internet for private purposes. Of particular concern to business must be the explosive growth of and ready access to Internet pornography combined with the increasing tendency of employers to allow staff unrestricted Internet access. An equally serious risk is the increased possibility of Virus infection from unauthorized files downloaded from the Internet.
(f) Software piracy by either using counterfeit or unlicensed software or by distributing counterfeit software by risk, CD or through the Internet.