DeMISTIfying Infosec: Cyber Fraud

By Katherine Teitler

Cyber Fraud

According to OWASP, the Open Web Application Security Project, online fraud is described as, “the use of deception by an individual or group of individuals using an online medium with the intention of obtaining an advantage for himself or herself or for a third party or parties, avoiding an obligation, or causing loss to another party.”[1]

Since the mid-1990’s, businesses of all sizes and across geographies have taken advantage of the opportunity to increase their reach and thus their revenue. The ever-growing increase in online transactions, though, has also opened up opportunities for criminals to commit cyber crime.

Cyber fraud, a subsection of cyber crime, exploits human tendencies or inherent trust by purposefully deceiving an individual into providing personal or financial information. The fraudster can then use the information obtained to procure goods or services without any financial responsibility; impersonate an individual, group, or business to gain access to information; or avoid any repercussions of a cyber crime due to a veiled identity.

It has been estimated that about one-third of all cyber crime is cyber fraud. While individuals are generally fairly well protected from the effects of financial cyber fraud because of the Electronic Fund Transfer Act[2], small businesses do not have the same protections and can suffer severe financial and reputational consequences if they are a victim of cyber fraud.

When the FBI calls: Practical Guidance on Handling a Cyber Intrusion Notification from the FBI - Case Study

According to the FBI[3], there are 4 major categories of “Common Frauds.” They are:

  • Common Fraud Scams
  • Investment-Related Scams
  • Internet Scams
  • Fraud Targeting Senior Citizens

All of the above are more easily conducted online, as it’s pretty easy to fool a recipient with a legitimate-looking email, link, or attachment. Fraudsters also often combine techniques, like placing phony helpdesk or customer services calls, and convincing the victim to provide private information that helps the criminal achieve his goal.

 

 

prestitial ad