Accounting Information System-CHAPTER-6.pdf
AjNicoleGumsat
42 views
21 slides
Jun 18, 2024
Slide 1 of 21
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
About This Presentation
Computer Fraud and Abuse Techniques
Slide Content
Chapter 6
Computer Fraud and
Abuse Techniques
Presented by:
MILLA, NICOLE ANDREA
FRANCISCO, LYNN
MORALIDAD, MEEKA JAYE
VILLAESTER, HARRON
Computer Fraud and
Abuse Techniques
Presented by:
MILLA, NICOLE ANDREA
FRANCISCO, LYNN
MORALIDAD, MEEKA JAYE
VILLAESTER, HARRON
Compare and Contrast Computer
attack and abuse tactics.
Explain how social engineering
techniques are used to gain physical
or logical access to computer
resources.
Describe the different types of
malware used to harm computers.
Learning Objectives
attack and abuse tactics.
Explain how social engineering
techniques are used to gain physical
or logical access to computer
resources.
Describe the different types of
malware used to harm computers.
Learning Objectives
Types of Attacks
Unauthorized access, modification, or use of a
computer system or other electronic device.
Hacking
social engineering
Techniques, usually psychological tricks, to gain
access to sensitive data or information
Used to gain access to secure systems or locations
Malware
Any software that is used to do harm.
Unauthorized access, modification, or use of a
computer system or other electronic device.
Hacking
social engineering
Techniques, usually psychological tricks, to gain
access to sensitive data or information
Used to gain access to secure systems or locations
Malware
Any software that is used to do harm.
Hacking
Hijacking
Gaining control of a computer to
carry out illicit activities
Botnet (Robot Network)
Zombies
Bot herders
Denial of Service (DoS) Attack
Spamming
Spoofing: Makes the communication
look as if someone else sent it so as to
gain confidential information.
Hijacking
Gaining control of a computer to
carry out illicit activities
Botnet (Robot Network)
Zombies
Bot herders
Denial of Service (DoS) Attack
Spamming
Spoofing: Makes the communication
look as if someone else sent it so as to
gain confidential information.
Forms of Spoofing
E-mail spoofing
Caller ID spoofing
IP address spoofing
Address Resolution
Protocol (ARP) spoofing
SMS spoofing
Web-page spoofing
(phishing)
DNS spoofing
E-mail spoofing
Caller ID spoofing
IP address spoofing
Address Resolution
Protocol (ARP) spoofing
SMS spoofing
Web-page spoofing
(phishing)
DNS spoofing
Hacking with Computer Code
Cross-site Scripting (XSS)
Uses vulnerability of Web application that allows the Web site to get
injected with malicious code. When a user visits a website, that
malicious code is able to collect data from the user.
Buffer Overflow Attack
Large amount of data sent to overflow the input memory (buffer) of
a program causing it to crash and replaced with attacker's program
instructions.
SQL Injection (insertion) Attack
Malicious code inserted in place of a query to get to the database
information.
Cross-site Scripting (XSS)
Uses vulnerability of Web application that allows the Web site to get
injected with malicious code. When a user visits a website, that
malicious code is able to collect data from the user.
Buffer Overflow Attack
Large amount of data sent to overflow the input memory (buffer) of
a program causing it to crash and replaced with attacker's program
instructions.
SQL Injection (insertion) Attack
Malicious code inserted in place of a query to get to the database
information.
Other Types of Hacking
Man in the Middle (MITM): Hacker is placed in
between a client (user) and a host (server) to read,
modify, or steal data.
Piggybacking
Password Cracking
War Dialing and Driving
Phreaking
Data Diddling
Data Leakage
Pod Slurping
Man in the Middle (MITM): Hacker is placed in
between a client (user) and a host (server) to read,
modify, or steal data.
Piggybacking
Password Cracking
War Dialing and Driving
Phreaking
Data Diddling
Data Leakage
Pod Slurping
Hacking Used for Embezzlement
Salami Technique:
Taking small amounts at a time
Round-down fraud
Economic Espionage:
Theft of information, intellectual
property and trade secrets
Cyber-extortion
Threats to a person or business online
through E-mail or text messages
unless money is paid
Salami Technique:
Taking small amounts at a time
Round-down fraud
Economic Espionage:
Theft of information, intellectual
property and trade secrets
Cyber-extortion
Threats to a person or business online
through E-mail or text messages
unless money is paid
Hacking Used for Fraud
Internet Misinformation
E-mail Threats
Internet Auction
Internet Pump and Dump
Click Fraud
Web Cramming
Software Piracy
Internet Misinformation
E-mail Threats
Internet Auction
Internet Pump and Dump
Click Fraud
Web Cramming
Software Piracy
social engineering
techniques
Identify Theft
Assuming someone else's identity
Pretexting
Using a scenario to trick victims to
divulge information or to gain access
Posing
Cretaing a fake business to get
sensitive information
techniques
Identify Theft
Assuming someone else's identity
Pretexting
Using a scenario to trick victims to
divulge information or to gain access
Posing
Cretaing a fake business to get
sensitive information
social engineering
techniques
Phishing
Sending an e-mail asking the victim to
respond to a link that appears legitimate
that requests sensitive data
Pharming
Redirects website to a spoofed website
URL Hijacking
Takes advantage of typographical errors
entered in for websites and users gets
invalid or wrong website
techniques
Phishing
Sending an e-mail asking the victim to
respond to a link that appears legitimate
that requests sensitive data
Pharming
Redirects website to a spoofed website
URL Hijacking
Takes advantage of typographical errors
entered in for websites and users gets
invalid or wrong website
social engineering
techniques
Scavenging
Searching trash for confidential
information
Shoulder Surfing
Snooping (either close behind the
person) or using technology to snoop
and get confidential information
Skimming
Double swiping credit card
techniques
Scavenging
Searching trash for confidential
information
Shoulder Surfing
Snooping (either close behind the
person) or using technology to snoop
and get confidential information
Skimming
Double swiping credit card
Why People Fall Victim
Compassion
The desire to help others who present
themselves as really needing your help.
Greed
People are more likely to cooperate
if they get something free or think
they are getting a once-in-a-lifetime
deal.
Sex Appeal
People are more likely to cooperate
with someone who is flirtatious or
viewed as “hot.”
Compassion
The desire to help others who present
themselves as really needing your help.
Greed
People are more likely to cooperate
if they get something free or think
they are getting a once-in-a-lifetime
deal.
Sex Appeal
People are more likely to cooperate
with someone who is flirtatious or
viewed as “hot.”
Why People Fall Victim
Trust
More likely to cooperate with people
who gain their trust.
Urgency
Cooperation occurs when there is a
sense of immediate need.
Sloth
Fraudsters take advantage of our lazy
habits and tendencies.
Vanity
More likely to cooperate if you appeal to
their vanity by telling them they are
going to be more successful.
Trust
More likely to cooperate with people
who gain their trust.
Urgency
Cooperation occurs when there is a
sense of immediate need.
Sloth
Fraudsters take advantage of our lazy
habits and tendencies.
Vanity
More likely to cooperate if you appeal to
their vanity by telling them they are
going to be more successful.
Minimize the Threats of Social Engineering
Never let people follow you into
restricted areas
Never log in for someone else on a
computer
Never give sensitive information over the
phone or through e-mail
Never share passwords or user ID's
Be cautious of someone you don't know
who is trying to gain access through you
Never let people follow you into
restricted areas
Never log in for someone else on a
computer
Never give sensitive information over the
phone or through e-mail
Never share passwords or user ID's
Be cautious of someone you don't know
who is trying to gain access through you
Spyware
Secretly monitors and collects information
Can hijack search requests
Adware
A spyware that can pop banner ads on a
monitor
Scareware
Software that is often malicious, is of little or
no benefit, and is sold using scare tactics
Types of Malwares
Secretly monitors and collects information
Can hijack search requests
Adware
A spyware that can pop banner ads on a
monitor
Scareware
Software that is often malicious, is of little or
no benefit, and is sold using scare tactics
Types of Malwares
Keylogger
Software that records user keystrokes
Trojan Horse
Malicious computer instructions in an
authorized and property functioning program
Types of Malwares
Time Bombs and Logic Bombs
Are Trojan Horse that lie idle until triggered by
a specified date or time
Trap Door or Back Door
Set of computer instructions that allows user to
bypass the system normal conditions
Software that records user keystrokes
Trojan Horse
Malicious computer instructions in an
authorized and property functioning program
Types of Malwares
Time Bombs and Logic Bombs
Are Trojan Horse that lie idle until triggered by
a specified date or time
Trap Door or Back Door
Set of computer instructions that allows user to
bypass the system normal conditions
Packet Sniffer
Captures data as it travels over the internet
Rootkit
Conceals processes, files, network connections,
memory address, system utility program
Superzapping
Unauthorized use of special system programs to
bypass regular controls and perform illegal acts
Types of Malwares
Steganography Program
A program that can merge confidential
information with a seemingly harmless file
Captures data as it travels over the internet
Rootkit
Conceals processes, files, network connections,
memory address, system utility program
Superzapping
Unauthorized use of special system programs to
bypass regular controls and perform illegal acts
Types of Malwares
Steganography Program
A program that can merge confidential
information with a seemingly harmless file
Computer Virus
A segment of self-replicating,
executable code that attaches itself to a
file or program
Computer Worm
Stand alone self replicating program
Often reside in E-mail attachments
Types of Malwares
A segment of self-replicating,
executable code that attaches itself to a
file or program
Computer Worm
Stand alone self replicating program
Often reside in E-mail attachments
Types of Malwares
Bluesnarfing
Stealing contact lists, images, and other data using
flaws in Bluetooth applications.
Cellphone Bluetooth
Vulnerabilities
Bluebugging
Taking control of someone else's phone to make
or listen to calls, send or read text messages.
Stealing contact lists, images, and other data using
flaws in Bluetooth applications.
Cellphone Bluetooth
Vulnerabilities
Bluebugging
Taking control of someone else's phone to make
or listen to calls, send or read text messages.
Thank you!
Tags
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 42
- Slides 21
- Age 531 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
30 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
32 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
30 views
14
Fertility awareness methods for women in the society
Isaiah47
29 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
26 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
28 views