Chapter 5

Cyber Crime: Computer and Internet Fraud

Critical Thinking ExerciseThere are 5 different color houses, occupied by people of 5 different nationalities, who smoke 5 different cigar brands, drink 5 different types of alcohol, and have 5 different pets. The houses are lined up in a row.

1. The Brit lives in the red house.2. The Swede keeps dogs as pets.3. The Dane drinks tea.4. The green house is on the left of the white house.5. The green house’s owner drinks coffee.6. The person who smokes Pall Mall rears birds.7. The owner of the yellow house smokes Dunhill.8. The man living in the center house drinks milk.9. The Norwegian lives in the first house.10. The man who smokes Blends lives next to the one who keeps cats.11. The man who keeps the horse lives next to the man who smokes Dunhill.12. The owner who smokes Bluemasters drinks beer.13. The German smokes prince.14. The Norwegian lives next to the blue house.15. The man who smokes Blends has a neighbor who drinks water.

QUESTION: WHO OWNS THE FISH?

3 Eras of Fraudulent Activities• Paleolithic Era

– Centered on cash and evading taxes– Fraud schemes involved alcohol,

gambling, prostitution and drugs• Neolithic Era

– “Accountants could steal more than mobsters”

– Included cash heavy business to conceal proceeds

• Geek-olithic Era– Computers or network of computers

involved

Overview of Cyber Crime• The Role of the Computers in

Cyber Crime• Computer Fraud vs.

Computer Crime• Losses or Other Damages

Related to Computer Crimes• International Aspects of

Computer Crime

The Role of the Computers in Cyber Crime

Computer Crime– Computer as an Object

• Computer or network is target– Computer as a Subject

• Computer is used to commit crime– Computer as a Tool

• Computer is integral to the act– Computer as a Symbol

• Computer adds credibility or is used to deceive

Computer Fraud vs. Computer Crime

• Computer Fraud– Access occurs with intent to execute a fraudulent

scheme– Comprehensive Crime Control Act of 1984– Computer Fraud and Abuse Act (CFAA)

• Computer Crime– Hardware, software or data is destroyed or

manipulated due to acts which are not intended– Computer assisted crimes

Loss or Other Damages Related to Computer Crimes

• Economic Loss– Responding to illegal acts– Conducting a damage assessment– Restoring data or program to original condition– Consequential damages occurred

• Special Loss– An actual or potential effect on medical care– Physical injury to a person– Threat to public health or safety– Damage to a computer related to the administration of

justice, national defense or national security

International Aspects of Computer Crime

• International dimensions are increasingly likely

• Securing electronic evidence is very difficult• Complaints dropped, but losses have risen• Council of Europe Cybercrime Convention

Frauds and Other Threats in the Digital World of Computers

• Insider Threats• Computer Hacking

– Social Engineering– Hacker Computer Manipulations

• Computer Viruses– Types of Computer Viruses– Virus Carriers and Indicators

• Hardware, Software and Data Security– Anti-Virus Software– Investigating Virus Infections

Insider Threats• Computer crime from employees inside an

organization– Opportunity to commit fraud– Aware of “holes” in the system

• Less stringent supervisory controls over IS personnel• Computer fraudster characteristics are similar to

traditional fraudster– Intelligent– Hard working– Minimal absences– Bored with “the routine”– Egotistical

Computer Hacking

• Seek unauthorized access to computer systems

• Incorporate unsuspecting computer owners• Gain access by generating password

Social Engineering

• Simple deception to gain access to information

• Pose as new worker to gain information

• Retrieve documents from trash

Hacker Computer Manipulations• Trojan Horse• Trap Doors• Salami Techniques• Logic Bombs• Data Diddling• Scavenging and Dumpster Diving• Data Leakage• Piggybacking/Impersonation• Simulation and Modeling• Wire Tapping• Network Weaving• Altering Password Generation• Buffer Overflow Exploits• Privilege Escalation Exploits• Backdoors• HTTP Expoits• Anti-Hacker Measures

Computer Viruses

• Attack Software• Hidden computer programs that shut or slow

down system• Can ruin data and destroy computer• Slow down can overload e-mail networks

Types of Computer Viruses• Macro Virus• “I Love You” virus• Boot Sector Viruses• Parasitic Viruses• TSRAM Viruses• Application Software Viruses• Multi-Partite Viruses• Polymorphic Viruses• Stealth Viruses• Mutation Engine Viruses• Network Viruses• Worms

Virus Carriers and IndicatorsCarriers Indicators

Unknown applications System suddenly slows down

Media brought in by employees

Dramatic decrease in free space

Unsolicited e-mails Increase in file size

Vendors/suppliers with infected software

Operating system begins behaving unpredictably

Hardware, Software and Data Security• Effective security ensures availability of data• Effective passwords are essential• Logical controls to secure network• Data encryption• Digital signatures

– E-SIGN Act• Biometrics• Smartcards• Virus protection

Antivirus Software• Detect computer viruses and malware• Traditional Scanners

– Look for known viruses– Check recognizable patterns– Limited usefulness

• Heuristic Scanners– Look for unknown viruses– Inspect executable files

• Behavior Blocking Scanners– Run continuously– Look for behavior linked to virus activity

• Change Detection Scanners– Check for changes

Investigating Virus Infections• Virus infections can be

investigated by taking the following actions– Isolate the system– Run antivirus software– Document findings

• Audit trail of infection• Determine source of virus• Protection policies• Countermeasures• Track costs / damages

Internet Fraud

• Electronic Commerce• Typical Internet Schemes

– Traditional Frauds Adapted for the Computer and Internet

– Additional Threats and Abuses of the Computer and Internet

• Combating Internet Fraud

Electronic Commerce (E-Commerce)

• Electronic Signatures– Encryption– Smart Cards– Memory Cards– Processor Cards

Traditional Frauds Adapted for the Computer and Internet

• Get Rich Quick• Pyramid Schemes• Foreign Trusts• Prime Bank Note• Chain Letters• Investment and Securities Fraud• Ponzi Scheme

Additional Threats and Abuses of the Computer and Internet

• Modem Hijacking• Spamming• Counterfeit Check Scams• Phishing• Spear Phishing• Pharming• Internet Auction Fraud

Combating Internet Fraud

• Encrypt confidential information• User validation• Don’t store financial information and

customer data on web server • Firewalls

– Attempt to prevent unauthorized access– Control interactions between servers and internet

Complex Frauds and Financial Crimes in Cyberspace

• Exploit computer vulnerabilities• Hackers use malware to steal information• “Botnets”• Distributed Denial of Service (DDos)• Why is internet an attractive operational

location for criminal enterprises?– Information is power– Cyberspace gives criminal worldwide reach– World Wide Web is anonymous– Difficult to prosecute criminals

Shadowcrew: Web Mobs

• Sold stolen and counterfeit credit and identification cards

• $4 million in losses• Can pop up anywhere and

disband with little more than keystrokes

• Work solely in the online world

Money Laundering in Cyberspace• Internet banking makes following money more

difficult• Enhanced by near anonymity• Can be accessed by anywhere in the world• Monitoring activity is nearly impossible• Gambling of dirty money at cyber-casinos• $500 billion annually• Cyberspace payment models

– Merchant Issuer Model– Bank Issuer Model– Non-Bank Issuer Model– Peer-to-Peer Model

Money Laundering in Cyberspace

• International Monetary Fund (IMF)• World Bank• Financial Sector Assessment Program (FSAP) • Map Global Payment Systems• Facilitate International Information Sharing

– Information Sharing and Analysis Center (ISAC)• Harmonize and Coordinate International

Money Movement Regulations

E-gold

• Electronic currency– Backed by gold bullion in allocated storage– Global currency

• Can be used for money laundering– Anonymous– No records– No CTR’s– Circumvent regulated financial institutions

Reporting Cyber Crime, Computer and Internet Fraud

• Internet Crime Complaint Center (IC3)– Provides reporting mechanism for victims– Alerts authorities to suspected criminal or civil

violations– Establish effective alliances with industry

• National White Collar Crime Center (NW3C)– Research internet related crime complaints