Computer Crime Second Part of Chapter 7 A gift of Fire – Sara Baase

Fraud Credit card fraud Identity Theft ATM Fraud Some solutions Finish Embezzlement Sabotage Industrial espionage Trust the systemrust the system Digital Forgery Fighting the problem

Credit card fraud Stealing of credit card numbers by store clerks, thieves searching trash near stores, or fake phone calls. Use of counterfeit cards – reprogramming the magnetic strip with a different account number. Stealing numbers from the web – on transmission or from stored files. (electronic shoplifting) Also: Some users claim not to have ordered or received a good they have ordered.

Why do these frauds occur? Customers do not want to take the time to provide full identification or wait while the merchants check it. Customers may be offended by requests for ID. Looses from most credit cards are absorbed by the credit card issuers, not the merchant => the merchant does not have much incentive to check the cards. On the Web the charges have to be absorbed by the merchant as there is no customer’s signature.

Identity Theft Our identity is now a number. Consequences of identity theft may cause little money loss but great anguish including: –Loose a good credit rating –Be prevented from borrowing money –Be prevented from cashing checks –Loose a job –Be unable to rent an apartment –Be sued by creditors to whom the criminal owes money.

ATM Fraud Thieves need the PIN number from a customer and the card (or a copy of the card) Click for an example (in Spanish)an example

Telecommunications Fraud Using robbed calling card numbers. Cloning cellular phones (making them transmit another user’s serial number at the beginning of each call.

Preventing credit card fraud Companies keep a record of stolen cards in the computer and stores are now connected to the company computer. New cards sent by post require the user to enter specific identification data before the card is activated. (or even use caller ID to recognize the users’ home phone number) Software recognizes unusual spending activity.

Preventing ATM Fraud Redesigning ATM to make the keyboard less visible There is a limit for cash withdrawal. High activity at a particular machine is checked. Banks stopped printing the complete account number on receipts.

Fraudulent appropriation Embezzlement is “fraudulent appropriation of property by a person to whom it has been trusted”.

Why? Complexity of modern transactions increase the opportunity for embezzlement. The complexity and anonymity of computers help hide scam. Victims: Banks Brokerage houses Insurance companies Large financial institutions

Examples: Employees of insurance companies set up phoney insurance policies and make claims on them. Employees transfer large sums to Swiss bank accounts. Employees create fake purchase orders for purchases from phoney companies and cash the checks themselves. Employees steal data from their employer’s computer and sell it to competitors.

Sabotage The motivation for sabotage is not new, what is new is the ease with which a great amount of damage can be done using a computer. The lack of violence or physical destruction might make the crime seem less serious both to its perpetrators and to jurors.

Reasons for sabotage: Employees who are fired or angry at their employees sabotage computer systems Files may be destroyed Logic bombs may be planted (software that destroys critical files) A system is sabotaged in the hope to be called and paid to fix it. Wanting to feel powerful or make people miserable.

Protection: Employees with access to sensitive systems should be rotated. Each employee should have its own user ID and password. ID’s should limit the user’s activity to the actions the employee needs to perform. No one person should have access to many parts of a system.

Industrial espionage Large quantities of digital information can be copied quickly. There is no indication that a theft took place – nothing is missing. Insiders are paid for passwords – and the spying can be accomplished from a remote location.

Trusting the system The intent to steal is not in the computer, but computers can make cheating harder to identify and correct. Some people trust the computer Others are suspicious of anything that comes out of the machine. We should trust or distrust the company that is the owner of the computer system. Trust high ethical standards and care to avoid mistakes.

Digital Forgery Computer systems enable people to make fakes with relative ease. The equipment has improved in quality and prices have dropped. Forgery of paper documents will still be a problem for some time. Cyberspace will also have a problem with digital forgery

Crime fighting versus privacy Automated surveillance software to browse through chat rooms and web sites looking for suspicious activity and build a database of suspicious posting. The surveillance software monitors constantly. Is this an invasion to privacy?

Using biometrics Biometrics are biological characteristics that are unique to an individual. –Fingerprint, voice prints, face, hand geometry, retina scans and DNA Biometric technology for identification applications is rapidly developing. Some applications are for comfort but the most important are for security and fraud prevention.

Examples of use Opening a door by touching a scanner Using a face scanner to prevent a person from applying for an additional driver’s license or welfare benefits with different names. Thumbprint match to logon into a computer. Airports restrict access to certain areas with thumbprint checking..

Problems with biometrics Hackers may capture biometrics data and send the information to gain access. When a credit card number is stolen a new one is issued – a finger print cannot be changed. Increase use of biometrics can increase surveillance and tracking of activities by government agencies.