1 / 27

ATG 383 - Chapter 10 - Fraud

ATG 383 - Chapter 10 - Fraud. Spring 2002. Many Views of Fraud. Fraud Process Kiting and lapping Various computer frauds Matching controls to frauds. Fraud Process. Pressure Table 10.1 Opportunity Table 10.2 Ability to rationalize Fraud. Kiting. Bank A. Bank B. Bank C.

ulf
Télécharger la présentation

ATG 383 - Chapter 10 - Fraud

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ATG 383 - Chapter 10 - Fraud Spring 2002

  2. Many Views of Fraud • Fraud Process • Kiting and lapping • Various computer frauds • Matching controls to frauds

  3. Fraud Process • Pressure • Table 10.1 • Opportunity • Table 10.2 • Ability to rationalize • Fraud

  4. Kiting Bank A Bank B Bank C

  5. Lapping Mon C.R. 300 250 500 700 100 400 2,250 Tu C.R. 200 150 500 300 300 900 2,350 Wed C.R. 500 350 500 600 200 250 2,400 Th C.R. 200 400 100 700 100 400 1,900 Fri C.R. 200 250 500 600 100 150 1,800

  6. Computer Fraud

  7. Summary of Computer Frauds

  8. Trojan Horse A destructive program that masquerades as a benign application. Does not duplicate itself. • Example: Antigen.exe • Fake virus scanner • Scans data files • Sends private info out as e-mail

  9. Round-down Technique Truncate interest calculations & divert to programmer’s account

  10. Salami Technique Tiny slices of money stolen over long period of time. • Example: Hopkins Park, IL • Personal charges to village-issued credit cards

  11. Trap Door Create a way to enter a system without normal controls. http://www.bradley.edu/academics/ehs/dean/dean_index.html http://www.bradley.edu/academics/ehs/dean/

  12. Data Diddling & Leakage Change data before, during, or after it has entered the system. Unauthorized copying of data.

  13. Software Piracy Copy software without publisher’s permission. http://www.siia.net/piracy/default.htm http://www.bsa.org/usa/antipiracy/

  14. Logic Time Bomb Program or instructions that lies idle until a specified time.

  15. Scavenging Searching corporate records for confidential information. • Example: John Freeman • Temporary typist working for brokerage firms • Used inside information for profit. • Full story: www.sec.gov/divisions/enforce/extra/freecomp.htm

  16. Eaves Dropping Listening to private conservation through wiretapping or other means • Examples • Intercept e-mail • Plant a listening device http://www.greatsouthernsecurity.com/instruc.htm

  17. E-mail Bombs Overload an ISP’s e-mail server. Also, send numerous requests to web site. • Examples • Yahoo • E-bay • Amazon.com

  18. Computer Virus Computer program that replicates itself and carries out some predetermined mission. http://www.DataFellows.com/virus-info/v-pics/

  19. Matching Controls to Frauds

  20. Controls related to multiple frauds • Proper hiring and firing practices. • Managing disgruntled employees. • Train employees in security and fraud prevention. • Develop strong internal controls. • Segregation of duties. • Required vacations and rotate jobs.

  21. Controls related to multiple frauds • Monitor hacker information • Conduct frequent audits. • Use a computer security officer. • Use computer consultants. • Use forensic accountants. • Maintain adequate insurance. • Develop a contingency plan for fraud occurrences.

  22. Alter Input & False Input • Use fraud detection software • Various input controls discussed in Chapter 9.

  23. Unauthorized Processing • Restrict access to computers equipment and data files. • Protect the system from viruses. • Monitor system activities. • Use software to monitor system activity and recover from fraud.

  24. Modify Computer Instructions • Restrict access to computers equipment and data files. • Monitor system activities. • Store backup copies of program and data files in a secure off-site location. • Use software to monitor system activity and recover from fraud. • Protect the system from viruses.

  25. Alter, Damage, or Copy Files • Manage and track software licenses. • Require signed confidentiality agreements. • Restrict access to computers equipment and data files. • Encrypt data and programs. • Control sensitive data. • Control laptop computers.

  26. Alter, Damage, or Copy Files • Monitor system activities. • Store backup copies of program and data files in a secure off-site location. • Use software to monitor system activity and recover from fraud.

  27. Steal Output • Require signed confidentiality agreements. • Encrypt data and programs. • Protect phone lines. • Control sensitive data.

More Related