Unlock document.
This document is partially blurred.
Unlock all pages and 1 million more documents.
Get Access
Accounting Information Systems
6. 5 Match the data communications-related computer fraud and abuse technique in the
left column with the scenario in the right column. Terms may be used once, more
than once, or not at all.
1. Bluebugging
i. Making phone calls and sending text messages using another user’s
5. Packet sniffing
a. Intercepting Internet and other network transmissions.
6. Phreaking
j. Using telephone lines to transmit viruses and to access, steal, and
destroy data.
7. Piggybacking
d. Gaining access to a protected system by latching on to a legitimate
user.
10. War driving
c. Searching for unprotected wireless networks in a vehicle.
Ch. 6: Computer Fraud and Abuse Techniques
6.6 Match the data related computer fraud and abuse technique in the left column with
the scenario in the right column. Terms may be used once, more than once, or not at
all.
1. Chipping
e. Inserting a chip that captures financial data in a legitimate credit card
reader.
2. Data diddling
i. Altering data during the IPO (Input-Process-Output) cycle.
3. Data leakage
f. Copying company data, such as computer files, without permission.
Accounting Information Systems
6-15
6.7 Match the data security computer fraud and abuse technique in the left column with
the scenario in the right column. Terms may be used once, more than once, or not at
all.
1. Dictionary attack
j. Using software to guess company addresses, send them blank e-mails,
and all the rights and privileges of the legitimate user.
6. Password
cracking
c. Capturing and decrypting passwords to gain access to a system.
7. Piggybacking
e. Using a wireless network without permission.
12. Skimming
f. Covertly swiping a credit card in a card reader that records the data for
later use.
13. Social
engineering
r. Methods used to trick someone into divulging personal information.
14. Software piracy
p. Unauthorized copying or distribution of copyrighted software.
15. Steganography
g. Concealing data within a large MP3 file.
Ch. 6: Computer Fraud and Abuse Techniques
6.8 Match the data security computer fraud and abuse technique in the left column with
the scenario in the right column. Terms may be used once, more than once, or not at
all.
1 Address
Resolution Protocol
m. Fake computer networking protocol messages sent to an Ethernet
LAN to determine a network host's hardware address when only its IP
from a different source.
9 IP address
spoofing
l. Creating packets with a forged address to impersonate another
computing system.
10 Internet auction
fraud
w. Using a site that sells to the highest bidder to defraud another person
remove it.
16 Scareware
e. Malicious software that people are frightened into buying.
17 Sexting
h. Exchanging explicit messages and pictures by telephone.
18 SQL Injection
i. Inserting a malicious database query in input in a way that it can be
executed by an application program.
Accounting Information Systems
6-17
6.9 Identify the computer fraud and abuse technique used in each the following actual
examples of computer wrongdoing.
Each of these real-world scenarios were taken from news accounts of computer fraud and
abuse. There may be other valid answers, but the answers shown below are what the
news accounts and experts investigating the case said were used to perpetrate the fraud.
customer files containing personal information. The
intrusion cost Acxiom over $5.8 million.
c. Cyber-attacks left high-profile sites such as Amazon.com,
eBay, Buy.com, and CNN Interactive staggering under the
weight of tens of thousands of bogus messages that tied up
the retail sites’ computers and slowed the news site’s
operations for hours.
Denial of service attack
e. A federal grand jury in Fort Lauderdale claimed that four
executives of a rental-car franchise modified a computer-
billing program to add five gallons to the actual gas tank
capacity of their vehicles. Over three years, 47,000 customers
who returned a car without topping it off ended up paying an
extra $2 to $15 for gasoline.
Salami technique
Ch. 6: Computer Fraud and Abuse Techniques
g. MicroPatent, an intellectual property firm, was notified that
their proprietary information would be broadcast on the
Internet if they did not pay a $17 million fee. The hacker was
caught by the FBI before any damage was done.
Cyber-extortion
i. eBay customers were notified by e-mail that their accounts
had been compromised and were being restricted unless they
re-registered using an accompanying hyperlink to a Web
page that had eBay’s logo, home page design, and internal
links. The form had a place for them to enter their credit
card data, ATM PINs, Social Security number, date of birth,
and their mother’s maiden name. Unfortunately, eBay
hadn’t sent the e-mail.
Phishing
copies of Internet Explorer. The code recorded the users’
keyboard activities, giving the criminals access to usernames
and passwords at many banking Web sites. The attacks
caused $420 million in damage.
m. America Online subscribers received a message offering
free software. Users who opened the attachments
unknowingly unleashed a program hidden inside another
program that secretly copied the subscriber’s account name
Trojan horse
6-19
colleague or friend. The program sent an infected e-mail to
the first 50 e-mail addresses on the users’ Outlook address
book. Each infected computer would infect 50 additional
computers, which in turn would infect another 50 computers.
The program spread rapidly and exponentially, causing
considerable damage. Many companies had to disconnect
from the Internet or shut down their e-mail gateways
because of the vast amount of e-mail the program was
generating. The program caused more than $400 million in
damages.
r. As many as 114,000 Web sites were tricked into running
database commands that installed malicious HTML code
redirecting victims to a malicious Web server that tried to
install software to remotely control the Web visitors’
computers.
SQL injection attack
inserted code that
redirected victims to
malicious Web servers.
s. Zeus records log-in information when the user of the
infected computer logs into a list of target Web sites, mostly
banks and other financial institutions. The user’s data is sent
to a remote server where it is used and sold by cyber-
criminals. The new version of Zeus will significantly increase
fraud losses, given that 30% of Internet users bank online.
A Trojan virus inserted a
keystroke logger on
computers. These
computers created a botnet
that captured and sent bank
data to hackers who sold it.
Ch. 6: Computer Fraud and Abuse Techniques
week later a “Distracting Beach Babes” message did the
same thing.
u. Robert Thousand, Jr. discovered he lost $400,000 from his
Ameritrade retirement account shortly after he began
receiving a flood of phone calls with a 30-second recording
for a sex hotline. An FBI investigation revealed that the
perpetrator obtained his Ameritrade account information,
called Ameritrade to change his phone number, created
several VoIP accounts, and used automated dialing tools to
• Fraudsters used identity
theft tactics (such as
phishing) to get victim’s
Ameritrade account
information.
• Social engineering
tactics were used to get
v. The Internet Crime Complaint Center reports a “hit man”
scam. The scammer claims that he has been ordered to
assassinate the victim and an associate has been ordered to
kill a family member. The only way to prevent the killings is
to send $800 so an Islamic expatriate can leave the United
States.
Cyber-extortion. The
email threat was sent to
extort $800 from the victim
and his family.
Accounting Information Systems
6-21
6.10 On a Sunday afternoon at a hospital in the Pacific Northwest, computers became
sluggish, and documents would not print. Monday morning, the situation became
worse when employees logged on to their computers. Even stranger things
happened—operating room doors would not open, pagers would not work, and
computers in the intensive care unit shut down. By 10:00 A.M., all 50 IT employees
were summoned. They discovered that the hospital was under attack by a botnet that
exploited a Microsoft operating system flaw and installed pop-up ads on hospital
computers. They got access to the first computer on Sunday and used the hospital’s
network to spread the infection to other computers. Each infected computer became
a zombie that scanned the network looking for new victims. With the network
clogged with zombie traffic, hospital communications began to break down. The IT
staff tried to halt the attack by shutting off the hospital’s Internet connection, but it
was too late. The bots were inside the hospital’s computer system and infecting other
computers faster than they could be cleaned. Monday afternoon IT figured out which
malware the bots were installing and wrote a script, which was pushed out hourly,
directing computers to remove the bad code. The script helped to slow the bots down
a bit.
This case is based on an actual attack. The solution represents the actual events of the
attack and the hospital's response.
a. What could the hospital do to stop the attack and contain the damage?
By Monday afternoon, IT figured out which malware the bots were installing and
wrote a script, which was pushed out hourly, directing computers to remove the bad
code. The script helped to slow the bots down a bit.
b. Which computer fraud and abuse technique did the hackers use in their attack
on the hospital?
The primary attack used was a Zero-day attack that exploited a newly found
Ch. 6: Computer Fraud and Abuse Techniques
c. What steps should the hospital have taken to prevent the damage caused by the
attack?
The hospital's network is now protected by Computer Associate's Pest Patrol, which
blocks adware and spyware, and Cisco MARS, an intrusion detection system.
Aftermath:
The hackers were a 19-year old California man, Christopher Maxwell, and two juveniles. Based
in part on evidence supplied by the hospital, Maxwell pleaded guilty to conspiracy and
intentionally causing damage to a protected computer. He was sentenced to 37 months in federal
prison and ordered to pay $112,500 in restitution to the hospital.
Accounting Information Systems
6-23
SUGGESTED ANSWERS TO THE CASES
6.1 1. How did Shadowcrew members concealed their identities?
• Used aliases when working online
How can average citizens protect their identities while interacting online?
• Use discretion in revealing personal information online. Individuals who use chat
2. How has the Internet made detecting and identifying identity fraudsters
difficult?
By using aliases, fraudulent email accounts, and proxy servers, thieves make it
3. What are some of the most common electronic means of stealing personal
information?
• Accessing public and victim-provided data
4. What is the most common way that fraudsters use personal data?
5. What measures can consumers take to protect against the online brokering of
their personal data?
• Avoid giving out their personal data – online or otherwise – whenever possible.
Ch. 6: Computer Fraud and Abuse Techniques
6. What are the most effective means of detecting identity theft?
• Regularly monitoring credit reports
7. What pieces of personal information are most valuable to identity fraudsters?
• Name
• Address
The rest of the story:
One of the results of Operation Firewall was the convictions of Andrew Mantovani, Chad
Hatten, and James Ancheta.
• Mantovani, a 24-year-old college student and a Shadowcrew co-founder, was sentenced
to 32 months in federal prison, a $5,000 fine, and three years of probation.
