CHAPTER TEN

Computer Fraud and Countermeasures

In the old days, people robbed stagecoaches and knocked off armored trucks. Now they’re knocking off servers.

—Richard Power, Computer Security Expert and Author

After studying this chapter, the reader should be able to:

  • Identify areas of vulnerability to fraudulent use of information systems and processing of fraudulent transactions.
  • Design and implement appropriate measures to defend the digital assets of the organization.

Advances in the use of computers in our daily lives has put confidential information about all of us personally and about our organizations and our families in the public domain with easy access from anywhere in the world. As a result, we all are open to the potential for fraud on a massive scale. Even five years ago, much of this information remained comparatively hidden, and computer software to retrieve such information has become a major threat. Such malwear (malicious software) and spyware (unauthorized software gathering personal or confidential information on a computer or its users) has had to become more sophisticated over the years because much of the information that used to be gathered surreptitiously is now publicly available.

Operational management bears primary responsibility for the prevention and detection of all frauds, including information technology (IT) frauds. Nevertheless, IT has a major role to play in assisting management in establishing a control environment in which fraud is unlikely ...

Get Corporate Fraud and Internal Control + Software Demo: A Framework for Prevention now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.