Advertisement Upgrade to remove ads

Computer Fraud and Abuse

sabotage

an intentional act where the intent is to destroy a system or some of its components

cookie

a text file created by a web site and stored on a visitor's hard drive. They store information about who the user is and what the user has done on the site

fraud

any and all means a person uses to gain an unfair advantage over another person

white-collar criminal

typically businesspeople who commit fraud. They usually resort to trickery or cunning and their crimes usually involve a violation of trust or confidence

misappropriation of assets/ employee fraud

an internal fraud in which an employee or group of employees use or steal company resources for personal gain

fraudulent financial reporting

intentional or reckless conduct, whether by act or ommision, that results in materially misleading financial statements

pressure

a person's incentive or motivation for commiting fraud

opportunity

the condition or situation that allows a person or organization to commit and conceal a dishonest act and convert it to personal gain

lapping

concealing the theft of cash by means of a series of delays in posting collections to accounts. For example, a perpetrator steals customer A's accounts receivable payment. Fund received at a later date from customer B are used to pay off customer A's balance. Funds from customer C are used to pay off B's balance, and so forth.

kiting

a fraud scheme where the perpetrator conceals a theft of cash by creating cash through the transfer of maney between banks. For example, suppose a fraud perpetrator opens checking accounts in banks A, B, and C. Then the perpetrator "creates" cash by depositing a $1000 check from bank A into bank B and then withdraws the $1000 from bank B. Since there are insufficient funds in bank A to cover the $1000 check, the perpetator deposits a $1000 check from bank C to bank A before his check to bank B clears the bank A. Since bank C also has insufficient funds, $1000 must be deposited to bank C before the check to bank A clears. The check to bank C is written from bank B, which also has insufficient funds. The scheme contines, with checks and deposits occuring as needed to keep the checks from bouncing.

rationalization

the excuse tht fraud perpetrators use to justify their illegal behavior

computer fraud

any illegal act for which knowledge of a computer is essential for the crime's perptration, investigation, or prosecution

hacking

unauthorized access and use of computer systems, usually by mean of a personal computer and telecommunications networks

war dialing

searching for an idle modem by programming a computer to dial thousands of phone lines. Finding an idle modem often enables a hacker to gain access to the network to which it is connected

war driving

the practice of driving around in cars looking for unprotected home or corporate wireless networks

war chalking

the practice of drawing chalk symbols on sidewalks to mark unprotected wireless networks

hijacking

gaining control of someone else's computer to carry out illicit activities, such as sending spam without the computer user's knowledge

denial-of-service attack

an attacker sends so many e-mail bombs often from randomly generated false addresses, that the internet service provider's email server is overloaded and shuts down. Another example is sending so many requests for web pages that the web server crashes.

spamming

simultaneously e-mailing the same unsolicited message to many people, often in an attempt to sell them some product

dictionary attack

using special software to guess company addresses and send them blank e-mail messages. unreturned messages are usually valid e-mail addresses that can be added to spammer e-mail lists

spoofing

altering an e-mail message to make it look as if someone else sent it

patch

code released by software developers that fixes a particular vulnerability

password cracking

occurs when an intruder penetrates a system's defenses, steals the file containing valid passwords, decrypts them, and uses them to gain access to system resources such as programs, files, and data

masquerading/ impersonation

when a perpetrator gains access to a system by pretending to be an authorized user. This approach requires that the perprator know the legitmate user's identification numbers and passwords

piggybacking

when a perpetrator latches on to a legitmate user who is logging in to a system. The legitimate user unknowingly carries the perpetrator with himn as he is allowed into the system

data diddling

changing data before, during, and after it is entered into the system. The change can be made to add, delete, or alter system data

data leakage

the unauthorized copying of company data, often without leaving any indication that is was copied

salami technique

a fraud technique in which tiny slices of money are stolen from many different accounts

round-down fraud

a fraud technique used in financial institutions that pay interest. The programmer instructs the computer to round down all interest calculations to two decimal places. The fraction of a cent rounded dound on each calculation is put into the programmer's own account.

phreaker

a hacker who attacks phone systems

economic espionage

the theft of information and intellectual property

Internet terrorism

hackers using the internet to disrupt economic commerce and destroy company or individual communications

Internet misinformation

using the internet to spread false or misleading information. This can be done in a number of ways, including inflammatory messages in online chats, setting up web sites, and spreading urban legends

e-mail threats

threats sent to victims by e-mail. The threats usually require some follow-up action, often at great expense to the victim

software piracy

the unauthorized copying of software

social engineering

using deception to obtain unauthorized access to information resources. Access is usually obtained by fooling an employee

identity theft

assuming someone's identity, almost always for economic gain, by illegally obtaining confidential information such as a social security number

phishing

sending an e-mail pretending to be a legitimate company, usually a financial institution, and requesting information. The recipient is asked to either respond to the e-mail request or visit a web page and submit the data. The request is bogus, and the information gathered is used to commit identity theft or to steal funds from the victim's account

scavenging/ dumpster diving

searching for corporate or personal records to gain unauthorized access to confidential information. These methods include searching garbage cans, communal trash bins, and city dumps to find documents or printouts with confidential personal or company information

shoulder surfing

watching people enter telephone calling card or credit card numbers or listen as they give credit card numbers over the telephone or to a clerk

eavesdropping

observing data transmissions intended for someone else. One way unauthorized individuals can intercept signals is by setting up a wiretap

spyware

software that monitors computing habits and sends the data to someone else, often without the computer user's permission

adware

a type of spyware that 1)causes banner ads to pop up on your monitor as you surf the Net and 2)collects information about the user's web-surfing and spending habits and forwards it to the compnay gathering the data, often an advertising or media organization. It usually comes bundled with freeware and shareware downloaded form the internet.

key logger

using spyware to record a user's keystrokes, e-mails sent and received, web sites visited, and chat session participation

Trojan horse

a set of unauthorized computer instructions in an authorized and otherwise properly functioning program. It performs some illegal act at a preappointed time or under a predetermined set of conditions

logic time bomb

a program that lies idel until some specified circumstance or a particular time triggers it. Once triggered, the program sabotages the system by destroying programs or data

trap door

a set of computer instructions that allows a user to bypass the system's normal controls

packet sniffers

programs that capture data from information packets as they travel over the internet or company networks. Captured data is sifted to find confidential or proprietary information that can be sold or otherwise used

superzapping

the unauthorized use of a special system program to bypass regular system controls and perform illegal acts. This utility was originally written to handle emergencies, such as restoring a system that had crashed

virus

a segment of executable code that attaches itself to an applciation program or some othe executable system component. When the hidden program is triggered, it makes unauthorized alterations to the way a system operates

worm

similar to a virus except that it is a program rather than a code segment hidden in a host program. It also copies itself automatically and actively transmits itself directly to other systems

Please allow access to your computer’s microphone to use Voice Recording.

Having trouble? Click here for help.

We can’t access your microphone!

Click the icon above to update your browser permissions above and try again

Example:

Reload the page to try again!

Reload

Press Cmd-0 to reset your zoom

Press Ctrl-0 to reset your zoom

It looks like your browser might be zoomed in or out. Your browser needs to be zoomed to a normal size to record audio.

Please upgrade Flash or install Chrome
to use Voice Recording.

For more help, see our troubleshooting page.

Your microphone is muted

For help fixing this issue, see this FAQ.

Star this term

You can study starred terms together

NEW! Voice Recording

Create Set