ISYS 414 Ch. 5
Vocabulary from chapter 5
| created: | 2 months ago by pib8 | tags: | fraud 5 |
Bookmark & Share
 Study
|
 Review All
|
|
Sabotage |
the intent to destroy or harm a system or some if its components |
|
cookie |
data that Web sties store on your computer to identify their Web sites to your computer and identify you to the Web site so you do not have to log on each time you visit the site |
|
white-collar criminals |
fraud perpetrators |
|
misappropriation of assets or employee fraud |
the theft of company assets |
|
fraudulent financial reporting |
intentional or reckless conduct, whether by act or omission, that results in materially misleading financial statements |
|
the fraud triangle |
based on research, the three conditions that are present when fraud occurs: a pressure, an opportunity, and a rationalization |
|
pressure |
a person's incentive or motivation for committing fraud |
|
opportunity |
the condition or situation that allows a person or organization to commit the fraud, conceal the fraud, and convert the theft to personal gain |
|
rationalization |
allows perpetrators to justify their illegal behavior |
|
lapping scheme |
the perpetrator steals the cash or check that customer A mails into pay its account receivable. Funds received at a later date from customer B are used to pay off customer A's balance. Funds from customer C are used to pay off customer B, and so forth |
|
check kiting scheme |
the perpetrator creates cash by taking advantage of the timing lag between depositing a check and the check clearing the bank |
|
computer fraud |
any illegal act for which knowledge of computer technology is essential for its perpetration, investigation, or prosecution |
|
adware |
using software to collect web-surfing and spending data and forward it to advertising or media organizations. It also causes banner ads to pop up on computer monitors as the Internet is surfed. |
|
bluebugging |
taking control of someone else's phone to make calls, send text messages, listen to their phone calls, or read their text messages |
|
bluesnarfing |
stealing contact lists, images, and other data using Bluetooth |
|
chipping |
planting a chip that record transaction data in a legitimate credit card reader |
|
click fraud |
clicking online ads numerous times to inflate advertising bills |
|
cyber-extortion |
requiring a company to pay a specified amount of money to keep the extortionist from harming the company electronically |
|
data diddling |
changing data before, during, or after they are entered into the system |
|
data leakage |
copying company data, such as computer files, without permission |
|
denial-of-service attack |
sending e-mail bombs (hundreds of messages per second) from randomly generated false addresses. the recipient's Internet service provider e-mail server is overloaded and shuts down |
|
dictionary attack |
using software to guess company addresses and send them blank e-mails. unreturned messages are valid addresses that are added to spammer e-mail lists |
|
eavesdropping |
listening to private voice or data transmission, often using a wiretap |
|
economic espionage |
the theft of information, trade secrets, and intellectual property |
|
e-mail threats |
sending a threatening message asking the recipient to do something that make sit possible to defraud them |
|
evil twin |
a wireless network with the same name as a local wireless access point. the hacker disables the legitimate access point, users unknowingly reconnect to the evil twin, and hackers monitor the traffic looking for useful information |
|
hacking |
accessing and using compuer systems without permission, usually by means of a personal computer and a telecommunications device |
|
hijacking |
gaining control of someone else's computer to carry out illicit activities without the owner's knowledge |
|
identity theft |
assuming someone's identity, usually for economic gain, by illegally obtaining confidential information such as a Social Security number |
|
internet misinformation |
using the internet to spread false or misleading information |
|
internet terrorism |
using the internet to disrupt communication and electronic commerce |
|
key logger |
using spyware to record a user's keystrokes |
|
logic and time bombs |
software the sits idle until a specified circumstance or time triggers it, destroying programs, data, or both |
|
malware |
software that can be used to do harm |
|
masquerading/impersonation |
accessing a system by pretending to be an authorized user. the impersonator enjoys the same privileges as the legitimate user |
|
packet sniffing |
using a computer to find confidential information as it travels the internet and other networks |
|
password cracking |
penetrating system defenses, stealing valid password, and decrypting them so they can be used to access system programs, files, and data |
|
pharming |
redirecting traffic to a spoofed web site to gain access to personal and confidential information |
|
phising |
sending e-mails requesting recipients to visit a web page and verify data or fill in missing data. the e-mails and web sites look like legitimate companies, primarily financial institutions |
|
phreaking |
attacking phone systems and using telephone lines to transmit viruses and to access, steal, and destroy data |
|
piggybacking |
1.the clandestine use of someone's Wi-Fi network |
|
posing |
creating a seemingly legitimate business, collecting personal information while making a sale, and never delivering the item sold |
|
pretexting |
acting under false pretenses to gain confidential information |
|
rootkit |
software that conceals processes, files, network connections, and system data from the operating systems and othe rprograms |
|
round-down |
truncating interest calculations at two decimal places. the truncated fraction of a cent is placed in an account controlled by the perpetrator |
|
salami technique |
stealing tiny slices of money over time. an example is increasing expenses by a fraction of a percent and placing those funds in a perpetrator-controlled dummy account |
|
scavenging/dumpster diving |
searching for confidential corporate or personal information by searching trash cans or scanning the contents of computer memory |
|
shoulder surfing |
watching people or listening as they enter or give confidential information |
|
skimming |
double-swiping a credit card or covertly swiping it in a card reader that records the data for later use |
|
social engineering |
techniques that rick a person into disclosing confidential information |
|
software piracy |
illegally copying computer software |
|
spamming |
e-mailing an unsolicited message to many people at the same time |
|
splog |
a spam blog that promotes affiliated web sties to increase their google pagerank |
|
spyware |
using software to monitor computing habits and send that data to someone else, often without the computer user's permission |
|
spoofing |
making an e-mail message look as if someone else sent it |
|
steganography |
hiding data from one file inside a host file such as a large image or sound file |
|
superzapping |
using special software to bypass system controls and perform illegal acts |
|
trap door |
entering a system using a back door that bypasses normal system controls |
|
trojan horse |
unauthorized code in an authorized and properly functioning program |
|
typosquatting/URL hijacking |
setting up web sites with names similar to real web sites so users making typographical errors entering web site names are sent to a site filled with malware |
|
virus |
a segment of executable code that attaches itself to software, replicates itself, and spreads to other systems or files. triggered by a predefined event, it damages sytem resources or displays a message on the monitor |
|
vishing |
voice phishing, where e-mail recipients are asked to call a phone number where they are asked to divulge confidential data |
|
war dialing |
dialing thousands of phone lines searching for idle modems that can be used to enter the system, capture the attached computer, and gain access to the network(s) to which it is attached |
|
war driving/rocketing |
looking for unprotected wireless networks using a car or a rocket |
|
worm |
similar to a virus, but a program rather than a code segment hidden in a host program. copies and actively transmits itself directly to other systems. it usually does not live very long but is quite destructive while alive |
|
zero-day attack |
an attack between the time a new software vulnerability is discovered and a software patch that fixes the problem is released |
