Sabotage – An intentional act where the intent is to destroy a system some of its compo- nents.

Cookie-A text file created by a Web site and stored on a visi- tor’s hard drive. Cookies store information
about who the user is and what the user has done on the site.

Fraud-Any and all means a person uses to gain an unfair advantage over another person.

White-collar criminals – Typically, businesspeople who commit fraud. White-collar criminals usually
resort to trickery or cun- ning, and their crimes usually involve a violation of trust or confidence.

Corruption – Dishonest conduct by those in power which often involves actions that are illegiti- mate,
immoral, or incompatible with ethical standards. Examples include bribery and bid rigging.

Investment fraud – Misrepre- senting or leaving out facts in order to promote an investment that
promises fantastic profits with little or no risk. Examples include Ponzi schemes and securities fraud.

Misappropriation of assets – Theft of company assets by employees.

Fraudulent financial reporting – Intentional or reckless conduct, whether by act or omission, that results
in materially misleading financial statements.

Pressure – A person’s incentive or motivation for committing fraud.

Opportunity – The condition or situation that allows a person or organization to commit and conceal a
dishonest act and convert it to personal gain.

Lapping Concealing the theft of cash by means of a series of delays in posting collections to accounts
receivable.

Check kiting – Creating cash us- ing the lag between the time a check is deposited and the time it clears
the bank.
Rationalization – The excuse that fraud perpetrators use to justify their illegal behavior.

Computer fraud – Any type of fraud that requires computer technology to perpetrate.

INPUT FRAUD The simplest and most common way to commit a computer fraud is to alter or falsify
computer input. It requires little skill; perpetrators need only understand how the sys- tem operates so
they can cover their tracks.

PROCESSOR FRAUD Processor fraud includes unauthorized system use, including the theft of computer
time and services.

COMPUTER INSTRUCTIONS FRAUD Computer instructions fraud includes tampering with company
software, copying software illegally, using software in an unauthorized manner, and developing software
to carry out an unauthorized activity.

OUTPUT FRAUD Unless properly safeguarded, displayed or printed output can be stolen, copied, or
misused. A Dutch engineer showed that some monitors emit television-like sig- nals that, with the help
of some inexpensive electronic gear, can be displayed on a television screen.

CHAPTER 6

Hacking – Unauthorized access, modification, or use of an electronic device or some element of a

computer system.

Hijacking Gaining control of someone else’s computer to carry out illicit activities, such as sending spam
without the computer user’s knowledge.

Botnet – A network of powerful and dangerous hijacked com- puters that are used to attack systems or
spread malware.

Zombie – A hijacked computer, typically part of a botnet, that is used to launch a variety of Internet
attacks.
Bot herder The person who creates a botnet by installing software on PCs that responds to the bot
herder’s electronic instructions.

Denial-of-service (DoS) attack – A computer attack in which the attacker sends so many e-mail bombs or
web page requests, often from randomly generated false addresses, that the Internet service provider’s
e-mail server or the web server is overloaded and shuts down.

Spamming Simultaneously

Sending the same unsolicited

Message to many people, of

Ten in an attempt to sell them

Something.

Dictionary attack-Using special

Software to guess company

e-mail addresses and send them

blank e-mail messages. Unre

turned messages are usually

valid e-mail addresses that can

be added to spammer e-mail

lists.

Splog-Spam blogs created to

Increase a website’s Google

PageRank, which is how often

A web page is referenced by

Other web pages,

Spoofing-Altering some part

Of an electronic communication

To make it look as if someone

Else sent the communication in

Order to gain the trust of the

Recipient.

e-mail spoofing-Making a

sender address and other parts

of an e-mail header appear as

though the e-mail originated

from a different source.

Caller ID spoofing – Displaying

An incorrect number on the re-

Cipient’s caller ID display to hide

The caller’s identity.

IP address spoofing – Creating

Internet Protocol packets with

A forged IP address to hide

The sender’s identity or to im-

Personate another computer

System.
Address Resolution Protocol (ARP) spoofing Sending fake ARP messages to an Ethernet LAN. ARP is a
computer net working protocol for determin ing a network host’s hardware address when only its IP or
net work address is known.

MAC address – A Media Access Control address is a hardware address that uniquely identifies each node
on a network

SMS spoofing Using short message service (SMS) to change the name or number a text message appears
to come from.

Web-page spoofing-See phishing.

DNS spoofing-Sniffing the ID of a Domain Name System (DNS, the “phone book” of the Internet that
converts a domain, or website name, to an IP ad- dress) request and replying be- fore the real DNS
server.

Zero-day attack-An attack be- tween the time a new software. Vulnerability is discovered and “released
it into the wild” and the time a software developer releases a patch to fix the problem.

Patch-Code released by soft- ware developers that fixes a particular software vulnerability.

Cross-site scripting (XSS)-A vulnerability in dynamic web pages that allows an attacker to bypass a
browser’s security mechanisms and instruct the victim’s browser to execute code, thinking it came from
the desired website.

Buffer overflow attack – When the amount of data entered into a program is greater than the amount of
the input buffer. The input overflow overwrites the next computer instruction, causing the system to
crash. Hackers exploit this by crafting the input so that the overflow contains code that tells the
computer what to do next. This code could open a back door into the system.

SQL injection (insertion) attack – Inserting a malicious SQL query in input such that it is passed to and
executed by an application program. This allows a hacker to convince the application to run SQL code
that it was not intended to execute.
Attack- A hacker placing himself between a client and a host to intercept communications between
them

Man-in-the-middle (MITM) attack – A hacker placing himself between a client and a host to intercept
communications between them.

Masquerading/impersonation- Gaining access to a system by pretending to be an authorized user. This

requires that the per petrator know the legitimate. User’s ID and passwords.

Piggybacking (1) Tapping into a communications line and elec- tronically latching onto a le- gitimate user
who unknowingly carries the perpetrator into the system. (2) The clandestine use of a neighbor’s Wi-Fi
network. (3) An unauthorized person fol- lowing an authorized person through a secure door, bypass-
ing physical security controls.

Password cracking – When an intruder penetrates a system’s defenses, steals the file contain- ing valid
passwords, decrypts them, and uses them to gain access to programs, files, and data.

War dialing – Programming a computer to dial thousands of phone lines searching for dial- up modem
lines. Hackers hack into the PC attached to the modem and access the network to which it is connected.

War driving-Driving around looking for unprotected home or corporate wireless networks.

War rocketing-Using rockets to let loose wireless access points attached to parachutes that detect
unsecured wireless networks.

Phreaking-Attacking phone systems to obtain free phone line access, use phone lines to transmit
malware, and to ac cess, steal, and destroy data.

Data diddling – Changing data before or during entry into a computer system in order to delete, alter,
add, or incorrectly update key system data.
Data leakage – The unauthor ized copying of company data, often without leaving any indi cation that it
was copied.

Podslurping Using a small de-

Vice with storage capacity (iPod,

Flash drive) to download unau

Thorized data from a computer.

Salami technique-Stealing tiny

Slices of money from many dif

Ferent accounts.

10

11

Round-down fraud-Instructing

The computer to round down

All interest calculations to two

Decimal places. The fraction

Of a cent rounded down on

Each calculation is put into the

Programmer’s account.

Economic espionage – Theft of

Information, trade secrets, and

Intellectual property.

Cyber-extortion-Threatening to

Harm a company or a person if

A specified amount of money is not paid.

Cyber-bullying-Using computer technology to support delib- erate, repeated, and hostile behavior that
torments, threat- ens, harasses, humiliates, em- barrasses, or otherwise harms another person.

Sexting – Exchanging sexually explicit text messages and revealing pictures with other people, usually by
means of a phone.

Internet terrorism- Using the Internet to disrupt electronic commerce and harm computers and
communications.
Internet misinformation – Using the Internet to spread false or misleading information.

e-mail threats Threats sent to victims by e-mail. The threats usually require some follow-up action, often
at great expense to the victim.

Internet auction fraud – Using an Internet auction site to defraud another person.

Internet pump-and-dump fraud- Using the Internet to pump up the price of a stock and then sell it.

Click fraud – Manipulating the number of times an ad is clicked on to inflate advertising bills.

Web cramming-Offering a free website for a month, developing a worthless website, and charg- ing the
phone bill of the people who accept the offer for months, whether they want to continue using the
website or not.

Software piracy – The unauthor- ized copying or distribution of copyrighted software.

Social engineering -The tech- niques or psychological tricks used to get people to comply with the
perpetrator’s wishes in order to gain physical or logical access to a building, computer, server, or
network. It is usually to get the information needed to obtain confidential data.

Cisco reported that fraudsters take advantage of the following seven human traits in order to entice a
person to reveal information or take a specific action:

1. Compassion-The desire to help others who present themselves as really needing your help.

2. Greed-People are more likely to cooperate if they get something free or think they are getting a
once-in-a-lifetime deal.

3. Sex Appeal People are more likely to cooperate with someone who is flirtatious or
Viewed as “hot.”

4. Sloth Few people want to do things the hard way, waste time, or do something unpleas- ant;
fraudsters take advantage of our lazy habits and tendencies.

5. Trust People are more likely to cooperate with people who gain their trust.

6. Urgency-A sense of urgency or immediate need that must be met leads people to be more
cooperative and accommodating.

7. Vanity People are more likely to cooperate if you appeal to their vanity by telling them they are
going to be more popular or successful.

Establishing the following policies and procedures and people to follow them- can help minimize social
engineering:

1. Never let people follow you into a restricted building.

2. Never log in for someone else on a computer, especially if you have administrative access.

3. Never give sensitive information over the phone or through e-mail.

4. Never share passwords or user IDs.

5. Be cautious of anyone you do not know who is trying to gain access through you.

Identity theft-Assuming
Someone’s identity, usually for

Economic gain, by illegally ob-

Taining confidential information

Such as a Social Security number

Or a bank account or credit card

Number.

Pretexting – Using an invented

Scenario (the pretext) that cre-

Ates legitimacy in the target’s

Mind in order to increase the

Likelihood that a victim will

Divulge information or do

Something.

Posing Creating a seemingly

Legitimate business, collecting

Personal information while mak-

Ing a sale, and never delivering

The product.

Phishing-Sending an electronic

Message pretending to be a

Legitimate company, usually a

Financial institution, and request-

Ing information or verification

Of information and often warn-

Ing of a consequence if it is not

Provided. The request is bogus,

And the information gathered is

Used to commit identity theft or

To steal funds from the victim’s

Account.

Vishing – Voice phishing; it is like phishing except that the victim enters confidential data by phone:

Carding – Activities performed on stolen credit cards, including making a small online purchase to
determine whether the card is still valid and buying and sell- ing stolen credit card numbers.

Pharming – Redirecting website traffic to a spoofed website.

Evil twin – A wireless network with the same name (Service Set Identifier) as a legitimate wireless access
point. Users are connected to the twin because it has a stronger wireless signal or the twin disrupts or
disables the legitimate access point. Users are unaware that they connect to the evil twin and the perpe-
trator monitors the traffic look- ing for confidential information.

Typosquatting/URL hijacking Setting up similarly named websites so that users making typographical
errors when entering a website name are sent to an invalid site.

QR barcode replacements – Fraudsters cover valid Quick Response codes with stickers containing a
replacement QR code to fool people into going to an unintended site that infects their phones with
malware.

Tabnapping – Secretly changing an already open browser tab in order to capture user IDs and passwords
when the victim logs back into the site.

Scavenging/dumpster diving – Searching documents and records to gain access to con- fidential
information. Scaveng- ing methods include searching garbage cans, communal trash bins, and city
dumps.

Shoulder surfing – When per- petrators look over a person’s shoulders in a public place to get
information such as ATM PIN numbers or user IDs and passwords.
Lebanese looping-Inserting a sleeve into an ATM that prevents it from ejecting the card. The perpetrator
pretends to help the victim, tricking the person into entering the PIN again. Once the victim gives up, the
thief removes the card and uses it and the PIN to withdraw money.

Skimming-Double-swiping a credit card in a legitimate termi- nal or covertly swiping a credit card in a
small, hidden, hand- held card reader that records credit card data for later use.

Chipping-Posing as a service en- gineer and planting a small chip that records transaction data in a
legitimate credit card reader. The chip is later removed to access the data recorded on it.

Eavesdropping – Listening to private communications or tap- ping into data transmissions intended for
someone else. One way to intercept signals is by setting up a wiretap.

Malware-Any software that is used to do harm.

Spyware Software that secretly monitors computer usage, collects personal information about users,
and sends it to someone else, often without the computer user’s permission.

Adware – Spyware that causes banner ads to pop up on a monitor, collects information about the user’s
web-surfing and spending habits, and for- wards it to the adware creator, often an advertising or media
organization. Adware usually comes bundled with freeware and shareware downloaded from the
internet.

Torpedo software – Software that destroys competing mal- ware. This sometimes results in “malware
warfare” between competing malware developers.

Scareware Malicious software of no benefit that is sold using scare tactics.

Ransomware-Software that en crypts programs and data until a ransom is paid to remove it.
Keylogger-Software that records computer activity, such as a user’s keystrokes, e-mails sent and
received, websites visited, and chat session participation.

Trojan horse-A set of unau

Thorized computer instructions

In an authorized and otherwise

Properly functioning program.

Time bomb/logic bomb – A program that lies idle until some specified circumstance or a particular time
triggers it. Once triggered, the program sabotages the system by de stroying programs or data.

Trap door/back door – A set of computer instructions that allows a user to bypass the system’s normal
controls.

Packet sniffers – Programs that capture data from information packets as they travel over the Internet
or company networks. Captured data is sifted to find confidential or proprietary information.

Steganography program – A program that can merge con- fidential information with a seemingly
harmless file, pass- word protect the file, send it anywhere in the world, where the file is unlocked and
the confidential information is reas- sembled. The host file can still be heard or viewed because hu-
mans are not sensitive enough to pick up the slight decrease in image or sound quality.

Rootkit – A means of concealing system components and mal- ware from the operating system and
other programs; can also modify the operating system.

Superzapping-The unauthor
Ized use of a special system.

Program to bypass regular

System controls and perform

Illegal acts. The superzap utility

Was originally written to handle

Emergencies, such as restoring

A system that had crashed.

Virus-A segment of executable

Code that attaches itself to a

File, program, or some other

Executable system component.

When the hidden program is

Triggered, it makes unauthor

Ized alterations to the way a

System operates.

10

Worm-Similar to a virus, except

That it is a program rather than

A code segment hidden in a

Host program. A worm also

Copies itself automatically and

Actively transmits itself directly

To other systems.

Bluesnarfing – Stealing (snarfing) contact lists, images, and other data using flaws in Bluetooth
applications.

TECHNIQUE

Address Resolution
Protocol (ARP) spoofing

Adware

Bluebugging

Bluesnarfing

Botnet, bot herders

Buffer overflow attack

Caller ID spoofing

Carding

Chipping

Click fraud

Cross-site scripting

(XSS) attack

Cyber-bullying

Cyber-extortion
Data diddling

Data leakage

Denial-of-service

Attack

Dictionary attack

DNS spoofing

Eavesdropping

Econornic espionage

E-mail spoofing

E-mail threats

Evil twin

Hacking

Hijacking

Identity theft

Internet auction fraud

Internet misinformation

DESCRIPTION

Sending fake ARP messages to an Ethernet LAN. ARP is a computer networking protocol for determining
a network host’s hardware address when only its IP or network address is known.

Spyware that collects and forwardis data to advertising companies or causes banner ads to pop-up as

The Internet is surfed. Taking control of a phone to make calls, send text messages, listen to calls, or
read text messages.

Stealing contact lists, images, and other data using Bluetooth.

A network of hijacked computers. Bot herders use the hijacked computers, called zombies, in a variety
of attacks.

Inputting so much data that the input buffer overflows. The overflow contains code that takes control

Of the computer

Displaying an incorrect number on the recipient’s caller ID display to hide the identity of the caller.

Verifying credit card validity; buying and selling stolen credit cards.

Planting a chip that records transaction data in a legitimate credit card reader.

Manipulating the number of times an ad is clicked on to inflate advertising bills.

Exploits web page security vulnerabilities to bypass browser security mechanisms and create a mali-
cious link that injects unwanted code into a website.

Using computer technology to harm another person.

Requiring a company to pay money to keep an extortionist from harming a computer or a person.
Changing data before or during entry into a computer system to delete, alter, add, or incorrectly up-

Date data.

Unauthorized copying of company data.

An attack designed to make computer resources unavailable to its users. For example, so many

e-mail messages that the Internet service provider’s e-mail server is overloaded and shuts down.

Using software to guess company addresses, send employees blank e-mails, and add unreturned
messages to spammer e-mail lists.

Sniffing the ID of a Domain Name System (server that converts a website name to an IP address) re-

Quest and replying before the real DNS server. Listening to private voice or data transmissions.

The theft of information, trade secrets, and intellectual property.

Making a sender address and other parts of an e-mail header appear as though the e-mail originated

From a different source. Sending a threatening message asking recipients to do something that makes it
possible to defraud
Them. A wireless network with the same name as another wireless access point. Users unknowingly
connect to the evil twin; hackers monitor the traffic looking for useful information.

Unauthorized access, modification, or use of an electronic device or some element of a computer

System. Gaining control of someone else’s computer for illicit activities. Assuming someone’s identity by
illegally obtaining confidential information such as a Social Security

Number.

Using an Internet auction site to commit fraud.

Using the Internet to spread false or misleading information.

Internet terrorism

Internet pump-and-

Dump fraud

IP address spoofing

Keylogger

Lebanese looping

MAC address
Malware

Man-in-the-middle (MITM) attack Masquerading/

Impersonation

Packet sniffers

Password cracking

Pharming

Phishing

Phreaking

Piggybacking

Podslurping

Posing

Pretexting

QR barcode

Replacements

Ransomware
Rootkit

Round-down fraud

Salami technique

Scareware

Scavenging/dumpster

Diving

Sexting

Shoulder surfing

Skimming

SMS spoofing

Social engineering

Software piracy

Spamming

Splog
Using the Internet to disrupt communications and e-commerce. Using the Internet to pump up the price
of a stock and then sell it.

Creating IP packets with a forged IP address to hide the sender’s identity or to impersonate another
computer system.

Using spyware to record a user’s keystrokes.

Inserting a sleeve into an ATM so that it will not eject the victim’s card, pretending to help the victim as
a means of obtaining his PIN, and using the card and PIN to drain the account.

A Media Access Control address is a hardware address that uniquely identifies each node on a network.

Software that is used to do harm.

A hacker placing himself between a client and a host to intercept network traffic; also called session

Hijacking.

Gaining access to a system by pretending to be an authorized user. The impersonator enjoys the same
privileges as the legitimate user

Inspecting information packets as they travel across computer networks.

Penetrating system defensès, stealing passwords, and decrypting them to access system programs, files,
and data.

Redirecting traffic to a spoofed website to obtain confidential information.

Communications that recipients to disclose confidential information by responding to an

e-mail or visiting a website

Attacking phone systems to get free phone access; using phone lines to transmit viruses and to

Access, steal, and destroy data.

1. Clandestine use of someone’s Wi-Fi network,

2. Tapping into a communications line and entering a system by latching onto a legitimate user.

3. Bypassing physical security controls by entering a secure door when an authorized person opens
it

Using a small device with storage capacity (iPod, Flash drive) to download unauthorized data from a

Computer.

Creating a seemingly legitimate business, collecting personal data while making a sale, and never

Delivering items sold

Acting under false pretenses to gain confidential information.

Covering valid Quick Response codes with stickers containing replacement QR codes to fool people into
going to an unintended site,

Software that encrypts programs and data until a ransom is paid to remove it.
Software that conceals processes, files, network connections, and system data from the operating
system and other programs, can also change the operating system.

Truncating interest calculations at two decimal places and placing truncated amounts in the perpetra-

Tor’s account.

Stealing tiny slices of money over time.

Malicious software of no benefit that is sold using scare tactics,

Searching for documents and records in garbage cans, communal trash bins, and city dumps to obtain
confidential information.

Exchanging sexually explicit text messages and pictures, usually by phone.

Watching or listening to people enter or disclose confidential data.

Double-swiping a credit card or covertly swiping it in a card reader to record the data for later use. Using
short message service (SMS) to change the name or number a text message appears to come from.

Techniques that trick a person into disclosing confidential information,

Unauthorized copying or distribution of copyrighted software.

Sending unsolicited message to many people at the same time.

A spam blog that promotes websites to increase their Google PageRank (how often a web page is by
other pages.
Spoofing

Making an electronic communication look like someone else sent it.

Software that monitors computing habits and sends that data to someone else, often without the

User’s permission.

Spyware

SQL injection attack

Inserting a malicious SQL query in input such that it is passed to and executed by an application
program.

Steganography

Hiding data inside a host file, such as a large image or sound file. Using special software to bypass
system controls and perform illegal acts.

Superzapping

Secretly changing an already open browser tab using JavaScript.

Tabnapping

Time bomb/logic bomb

Software that sits idle until a specified circumstance or time triggers it, destroying programs, data, or
both. Software that destroys competing malware.

Torpedo software

Trap door / back door

A back door into a system that bypasses normal system controls.

Trojan horse

Unauthorized code in an authorized and properly functioning program.

Typosquatting/URL hijacking

Websites with names similar to real websites; users making typographical errors are sent to a site filled
with malware.

Virus

Executable code that attaches itself to software, replicates itself, and spreads to other systems or files.
When triggered, it makes unauthorized alterations to the way a system operates.

Vishing

Voice phishing, in which e-mail recipients are asked to call a phone number that asks them to divulge
confidential data.

War dialing
Dialing phone lines to find idle modems to use to enter a system, capture the attached computer, and
gain access to its network(s).

War driving/rocketing Web cramming

Looking for unprotected wireless networks using a car or a rocket.

Developing a free and worthless trial-version website and charging the subscriber’s phone bill for
months even if the subscriber cancels.

Web-page spoofing

Also called phishing.

Worm

Similar to a virus; a program rather than a code segment hidden in a host program. Actively transmits
itself to other systems. It usually does not live long but is quite destructive while alive.

Zero-day attack

Attack between the time a software vulnerability is discovered and a patch to fix the problem is
released.

Zombie

A hijacked computer, typically part of a botnet, that is used to launch a variety of Internet attacks.