59 terms

IT / COMPUATER Fraud

STUDY
PLAY

Terms in this set (...)

fraud
any and all means a person uses to gain an unfair advantage over another person
legal requirements for defining fraud
a false statement
about a material fact
knowledge the statement was false when said
victim suffers a loss because of statement
three parts of fraud triangle
opportunity, pressure, rationalization
misappropriation of assets
theft, embezzlement, or misuse of company assets for personal gain
corruption
wrongful use of a position to gain personal benefit; dishonest conduct by those in power
financial statement fraud
misrepresenting the financial condition of an entity by intentionally altering amounts or disclosures with the goal of influencing users to make decisions
two phases of viruses
replicates itself and spreads to other systems or files
another event triggers attack phase
how viruses are spread
opening an email attachment or file or running an infected program
worm is different than a virus because it is
a stand-alone program, and replicates itself automatically
how do worms often reproduce
mailing themselves to the recipient's mailing list
does a worm or virus have a shorter life
worm
three types of occupational fraud
misappropriation of assets
corruption
fraudulent statements
input fraud
simplest and most common way to commit a fraud
forms of input fraud
disbursement frauds
inventory frauds
payroll frauds
cash receipt frauds
fictitious refund fraud
processor fraud
involves computer fruad committed through unauthorized system use
includes theft of computer time and services
example of processor fraud
surfing the internet and using company computer to conduct a competing business
computer instructions fraud
involves tampering with software that processes company data
example of computer instructions fraud
modifying software, making illegal copies
data fraud
involves altering or damaging a company's data files or copying/using/searching files without authorization
example of data fraud
steal and sell financial information about individuals from their employers database
output fraud
involves stealing or misusing system output
example of output fraud
creation of counterfeit checks
adware
software that collects consumer surfing and purchasing data
botnet
a network of hijacked computers
bot herder
hackers that control hijacked computers
DoS
overloading an internet service provider's email server by sending hundreds of email messages per second from randomly generated false addresses
email threats
sending an email instructing the recipient to do something or they will suffer adverse consequences
hijacking
gaining control of a computer to carry out unauthorized illicit activities
internet misinformation
circulating lies or misleading information using the world's largest network
internet terrorism
using the internet to disrupt communications and e-commerce
key logger
use of spyware to record a user's keystrokes
pharming
diverting traffic from a legitimate website to a hacker's website to gain access to personal and confidential information
phishing
emails that look like they came from a legitimate source but are actually from a hacker who is trying to get the user to divulge personal information
spamming
emailing an unsolicited message to many people at the same time
splog
a spam blog that promotes affiliated websites to increase their google pagerank
spyware
software that monitors a reports a user's computing habits
spoofing
making an email look like it came from someone else
typosquatting
creating websites with names similar to real websites so users making errors while entering a website name are sent to a hacker's site
dictionary attack
using software to guess company addresses, send them blank emails, and adding unreturned messages to spammer email lists
hacking
gaining access to a computer system without permission
logic bomb
software that sits idle until a specified circumstance or time triggers it
malware
software used to do harm
masquerading
pretending to be a legitimate user, thereby gaining access to a system and all the rights and privileges of the legitimate user
password cracking
capturing and decrypting passwords to gain access to a system
piggybacking
using a wireless network without permission
posing
creating a seemingly legitimate business, collecting personal information while making a sale, and never delivering the item sold
pretexting
acting under false pretenses to gain confidential information
rootkit
software that conceals processes, files, network connections, and system data from the operating system and other programs
shoulder surfing
observing or listening to users as they divulge personal information
skimming
covertly swiping a credit card in a card reader that records the data for later use
social engineering
methods used to trick someone into divulging personal information
software piracy
unauthorized copying or distribution of copyrighting software
steganography
concealing data within a large MP3 file
superzapping
special software used to bypass system controls
trap door
entering a system using a bakc door that bypasses normal system controls
trojan horse
unauthorized code in an authorized and properly functioning program
virus
a segment of executable code that attaches itself to software
worm
a program that can replicate itself and travel over networks
zero-day attack
attack between the time a software vulnerability is discovered and a patch to fix the problem is released
YOU MIGHT ALSO LIKE...