Cybercrime- Computer & Internet Fraud (Fin Present)

7/27/2019 Cybercrime- Computer & Internet Fraud (Fin Present)

1/26

1

CYBER CRIMECOMPUTER AND INTERNET FRAUD

BY:KIM HONG (123101038)

Master of Accounting Program

Trisakti University

Jakarta


2/26

2

FRAUD TRANSITION ERAS

Computer specialist, attorneys, MBAs, Wall Street

professionals, etc.;

Illegal activities focuses on cyber crimes;

Criminal activities centered on tax evasion, money

laundering, computer and internet frauds.

Geek-olithic Era

(1980-present)

3.

College graduates (accountant) and sons of

mobsters (SMOB);Illegal activities such as casino, legitimate &

illegitimate businesses;

Criminal activities centered on tax evasion and

money laundering.

Neolithic Era

(1960-1980)

2.

Individual to mob such as Al Capone, God Father;

Illegal activities such as alcohol, gambling,

prostitution, guns, and drugs;Criminal activities centered on bribes, kickbacks,

laundering cash, and evading taxes.

Paleolithic Era

(1920-1960)

1.

CHARACTERISTICSFRAUD ERANO.


3/26

3

COMPUTER FRAUD

Computer fraud is any defalcation or embezzlementaccomplished by tampering with computer programs, datafiles, operations, equipment, or media, and resulting inlosses sustained by the organization whose computersystem was compromised. The intention is to execute afraudulent scheme or financial criminal act.

It can be difficult to detect by fraud examiner or forensicprofessional because it:

. Lacks a traditional paper audit trail;

. Requires understanding of the technology used to commit the crime;

. Requires an understanding of the technology of the victim computer;

. Requires use computer specialists to assist the fraud examiner.


4/26

4

COMPUTER CRIME

Computer crime is an act where the computer hardware,software, or data is altered, destroyed, manipulated, orcompromised due to acts that are not intended. It is acrime that is committed where the computer or electronicdata device is integral to the criminal act.

The function of computer in crime is fourfold:. As an Object: physical sabotage, theft, or destruction of information;

. As a Subject: technologists use to commit the crime such as virus

attacks, illegal access, etc.;. As a Tool: electronic device is used to commit the crime such as

embezzlement, theft of information, or hacking;

. As a Symbol: it is as a victim into investment, pyramid, other

traditional fraud schemes adapted to digital environment.


5/26

5

CYBER CRIME FACT


6/26

6

NORTON CYBER CRIME SURVEY


7/26

7

CYBER CRIME IN INDONESIA

Based on Symantec Corporation Survey:

Conducted in April 2010; 499 respondents (male and female=

6:4);

Attacked at least 86% internet users;

Completion of cyber crime cases was

36 days; Average cost IDR11,558,945

(USD1,265).SURVEY


8/26

8

CYBER CRIME ATTACK


9/26

9

CYBER CRIME FACTS


10/26

10

COMPUTER HACKING

Hacker= computer enthusiast;

someone seeking unauthorized access tocomputer systems & its information.

Hackers include employees, individuals operatingalone, hacker gangs, and entrepreneurial hackers

who seek financial reward for their illegal acts.

Hacking:

. Breaking computer systems guess users accesscodes;

. Social engineering: enter a company to reveal

information.


11/26

11

HACKING METHODS

Trojan Horse Virus: converting instruction to unauthorizedaccess;

Trap Doors: inserting instruction in a program to circumventcontrol hackers take advantage of it;

Salami Techniques: unauthorized program to steal smallamount from asset, e.g. interest rounding at banking;

Logic Bombs: executing at specific event, e.g. deleting payrollif the user name is removed;

Data Diddling: changing data before or during entry intocomputer system, e.g. replacing valid disk with modified ones;

Scavenging & Dumpster Diving: obtaining data from the trashby knowing user name;

Data Leakage: removing, smuggling, hiding information fromfacility;

Piggybacking/Impersonation: gaining restricted area usingusers password & tapping to terminal link;


12/26

12

HACKING METHODS

Simulation & Modeling: manipulation to plan or controlcriminal act;

Wire Tapping: taking transmitted data between computers.Encryption can minimize it;

Network Weaving: looping using network to avoid detection;

Altering Password Generation: using randomizer to generatename and password;

Buffer Overflow Exploits: overflowing a program to altersystem files, installing backdoors, etc.;

Privilege Escalation Exploits: unauthorized access to exploitgrand administrator or root level access to users;

Backdoors: remote access to the system at a point time;

HTTP Exploits: performing malicious activities to web serverapplications;

Anti-hacker Measures: remote access to customers, vendors,and suppliers to companys server.


13/26

13

HACKER DETECTION PROGRAM

Print & review log files;

Administer passwords;

Maintain security software;

Review system activity reports;

Follow up on potential security violations;

Review telecommunication security.


14/26

14

COMPUTER VIRUSES

Computer virus is a hidden computer programs thatuse computer resources or other computer activities

to shut down or slow the system significantly. Infected computers resources to replicate itself and

spread the infection to other computer systems on anetwork, internet, email, text messages, infectedsoftware, shared program application, demonstrationsoftware, freeware, and shareware.

Diversity from harmless (displaying a message or

greeting) to those that shut down entire computernetwork, ruin data, or destroy the ability of computerfunction.


15/26

15

TYPES OF COMPUTER VIRUSES

Macro virus;

Boot sector virus;

Parasitic virus; TSRAM virus;

Application software virus;

Multi-partite virus; Tequila virus;

Polymorphic virus;

Stealth virus; Mutation engine virus;

Network virus;

Worm.


16/26

16

VIRUS ATTACK INDICATORS

Decreasing free space;

System slow down;

An increase size of some files; Operating system behaving abnormal;

Unusual messages and graphics;

Inability to boot system and access files; Unexplained and repeated maintenance repairs;

System or data file disappeared or fragmented;

Unexplained changes in memory & program sizes; Displaying messages that virus has been

encountered.


17/26

17

VIRUS INVESTIGATION & PREVENTION

Isolating systems and all media;

Running virus software;

Document finding;

Interviewing system custodian & all users toidentify its symptoms, damage, & system mallfunction;

Following audit trail of infection; Determining source of virus;

Do not use external device to boot the system;

Do not install unauthorized software; Use anti virus software to detect potential viruses;

Back up program & files;

Be caution in opening attachment.


18/26

18

INTERNET FRAUD SCHEMES

1%Internet access services10.

1%Work at home plans9.

1%Information/adult services8.

1%Advance fee loans7.

2%Phishing6.

4%Lotteries/lottery clubs5.

6%False checks4.

8%Nigerian money offers3.

30%General merchandise sales2.

42%Online auction1.

% COMPLAINTSINTERNET SCHEMESNO.


19/26

19

INTERNET FRAUD PERSPECTIVES

Over 1 billion internet users, 16% of worldspopulation (June 2006);

In US, 69% of population was online,approximately 227 million users;

Internet growth increased 189% (2000-2005);

In US, identity fraud, decreased from 10.1 million

people to 8.9 million people but the average fraudloss increased from $5,249 to $6,383;

In US, total one year cost of identity fraud

increased from $53.2 billion to $56.6 billion (2003-2006);

68% of identity fraud victims incur no out of pocketexpenses;


20/26

20

INTERNET FRAUD PERSPECTIVES

To resolve identity fraud cases increased from 33hours (2003) to 40 hours (2006);

30% identity theft from lost/stolen wallets,checkbooks, credit cards;

47% identity theft by friends, neighbors, in-homeemployees, family members, or relatives;

Nearly 70% from consumers shreddingdocuments, now less than 1%;

2.3% was the smallest rate of identity fraud

victims at age 65+; 35-44 age group had the highest average fraud

amount i.e. $9,435.


21/26

21

TRADITIONAL INTERNET FRAUD SCHEMES

Get Rich Quick: desire to make easy money;

Pyramid Schemes: marketing or investment referralfraud;

Foreign Trusts: getting tax less life for evasion;

Prime Bank Note: offering high yield investmentschemes;

Chain Letters: intimidating un-fortune events if notdonate certain amounts;

Investment & Securities Fraud: offering advice by

manipulating stock price for fraudsters advantage; Ponzi Scheme: high financial return by using

subsequent investors amount to initial investor;


22/26

22

NEW THREAT INTERNET FRAUD SCHEMES

Modem Hijacking: long distance connection fromISPs victim;

Spamming: sending email to subscriber on the list;

Counterfeit Check Scams: taking money by offeringgoods and asking the down payment;

Phishing: tricking business into providing

passwords, account numbers, other sensitive data;

Spear Phishing: fooling employee to get user nameand password to access corporate network;

Pharming: fooling into entering sensitive data intoa malicious website;

Internet auction fraud: offering auction via

internet.


23/26

23

COMBATING INTERNET FRAUD

Encrypt confidential information;

Validate user names and passwordinto its protocol;

Do not put financial information,customer data, and other valuabledatabases on the web server;

Put firewall to prevent unauthorizedaccess.


24/26

24

MONEY LAUNDERING IN CYBER SPACE

Accounted $500 billion (1996);

4 models: merchant issuer, bank issuer, non-bankissuer, and peer to peer models;

E-gold can be used for money laundering in thetype of transactions: e-commerce, business tobusiness payments, point of service sales, person to

person payments, payroll, bill payments, andcharitable donations;

Combating money laundering through non-

anonymous financial transactions, mapping globalpayment systems, facilitating internationalinformation sharing, knowing your customers,harmonizing and coordinating international money

movement regulations.


25/26

25

REPORTING CYBER CRIMES

Law enforcement agencies: Federal Bureau ofInvestigation (FBI); US Secret Service; USImmigration & Customs Enforcement (ICE); US

Postal Inspection Service; Bureau of Alcohol,Tobacco, Firearms, and Explosives (ATF);

Internet Crime Complaint Center (IC3) serves as ameans to receive internet-related criminal

complaints;

In Indonesia, Electronic Information andTransaction Law no. 11 2008 had been approved to

be the reference computer-related events. It isruled from article 27 to article 37. Any violationagainst the rules will be charged according tocriminal law as stated from article 42 until article

52.


26/26

26

SUMMARY & CONCLUSION

1. Crimes has grown to cyber crimes centered on taxevasion, money laundering, computer andinternet frauds.

2. Cyber crimes use computer to take advantage

from the technology weaknesses to enrichpersonal wealth.

3. Top 5 cyber crimes: virus, worms, or othermalicious code (53%), Spyware (41%), Phishing(38%), Unauthorized access (35%),

Unintentional exposure of sensitive information(34%).

4. Security tools and watch can be used to reducethe risk of cyber crimes.

5. Reporting cyber crimes to the authorities isimportant as a way to investigate and take furtheractions.

6. Electronic Information and Transaction Law no.11 2008 is the reference to computer-related

criminal actions in Indonesia.

Date post:	14-Apr-2018
Category:	Documents
Upload:	golden-saragih
View:	221 times
Download:	0 times

Cybercrime- Computer & Internet Fraud (Fin Present)

Documents