Presentation is loading. Please wait.

Presentation is loading. Please wait.

Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except.

Published byRolf Hicks Modified over 9 years ago

Similar presentations

Presentation on theme: "Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except."— Presentation transcript:

1 Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Fraud Examination, 4E Chapter 17: Fraud in E-Commerce

2 Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Learning Objectives  Understand e-commerce fraud risk.  Take measures to prevent fraud in e-commerce.  Detect e-business fraud.

3 Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. E-commerce Fraud Risk  Pressures to Commit E-commerce Fraud  Dramatic growth, which has created tremendous cash flow needs.  Merger or acquisition activity, which creates pressures to “improve the reported financial results.”  Borrowing or issuing stock, additional pressures to “cook the books.”

4 Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. E-commerce Fraud Risk  New products, which require intensive and expensive marketing and for which an existing market does not yet exist.  Unproven or flawed business models, with tremendous cash flow pressures.

5 Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. E-commerce Fraud Risk  Opportunities to Commit E-commerce Fraud  New and innovative technologies for which security developments often lag transaction developments.  Complex information systems that make installing controls difficult.  The transfer of large amounts of information, a factor that poses theft and identity risks such as illegal monitoring and unauthorized access.

6 Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. E-commerce Fraud Risk  Removal of personal contact, which allows for easier impersonation or falsified identity.  Lack of “brick-and-mortar” and other physical facilities that facilitate falsifying Web sites and business transactions.  Inability to distinguish large and/or established companies from new and/or smaller companies, making it easy to deceive customers by falsifying identity and/or business descriptions.

7 Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. E-commerce Fraud Risk  Electronic transfer of funds, allowing large frauds to be committed more easily.  Compromised privacy, which results in easier theft by using stolen or falsified information.

8 Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. E-commerce Fraud Risk  Rationalization to Commit E-commerce Fraud  The perceived distance that decreases the personal contact between customer and supplier.  Transactions between anonymous or unknown buyers and sellers—you can’t see who you are hurting.  New economy thinking contends that traditional methods of accounting no longer apply.

9 Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. E-commerce Fraud Risk  Risks Inside an Organization  Data theft  Social engineering  Sniffing  Wartrapping  Vandalism  Employee laptops

10 Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. E-commerce Fraud Risk  Risks Outside an Organization  Computer viruses  Spyware  Phishing  Spoofing  Falsified identity  Database query (SQL) injections  Bust-out  E-mail and Web visits

11 Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Preventing Fraud in E-commerce  In e-business settings, reducing pressures and eliminating rationalizations has thus far proved difficult.  Security Through Obscurity  Keeping security holes, encryption algorithms, and processes secret in an effort to confuse attackers.  Experience shows that obscurity only heightens the challenge to a hacker!

12 Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Preventing Fraud in E-commerce  One of the best ways to prevent fraud in an e-business settings is to focus on reducing opportunities, usually through the implementation of appropriate internal controls.  Internal controls involve five different elements: (1) The control environment (2) Risk assessment (3) Control activities or procedures (4) Information and communication (5) Monitoring

13 Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Preventing Fraud in E-commerce  The following are the most important components of the control environment:  Integrity and Ethical Values  Board of Directors and Audit Committee Participation  Management’s Philosophy and Operating Style  Human Resources Policies and Practices

14 Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Preventing Fraud in E-commerce  Risk Assessment  Identifies the risks of doing business with e-business partners  Focuses on the control environment of business partners  Identifies the risks involved in electronic exchange or information and money  Intrusion detection

15 Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Preventing Fraud in E-commerce  Control Activities  Adequate separation of duties  Proper authorization of transactions and activities  Adequate documents and records  Physical control over assets and records  Independent checks on performance

16 Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Preventing Fraud in E-commerce  Adequate Separation of Duties  Make sure individuals who authorize transactions are different from those who actually execute them.  Doing so prevents the most common fraud in purchasing: kickbacks and bribery.

17 Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Preventing Fraud in E-commerce  Proper Authorization of Transactions and Activities  Passwords  Firewalls  Digital signatures and certificates  Biometrics

18 Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Preventing Fraud in E-commerce  Adequate Documents and Records  Electronic Documents:  sales invoices, purchase orders, subsidiary records, sales journals, employee time cards, checks, etc.  In e-commerce, additional controls must be put in place.  Encryption

19 Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Preventing Fraud in E-commerce  Physical Control over Assets and Records  Three categories of controls protect:  IT equipment  Programs  Data Files  Physical controls are used to protect computer facilities.

20 Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Preventing Fraud in E-commerce  Independent Checks on Performance  Organizations should always conduct checks on their e-business partners (Dun & Bradstreet reviews, full-fledged investigations)

21 Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Preventing Fraud in E-commerce  Understand the management or business partners and what motivates them. Three items :  Backgrounds  Motivations  Decision-making influence-must be examined.

22 Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Detecting E-commerce Fraud  Data-driven Fraud Detection  Endeavor to understand the business or operations of the organization  Identify what frauds can occur in the operation  Determine the symptoms that the most likely frauds would generate  Use databases and information systems to search for those symptoms

23 Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Detecting E-commerce Fraud  Analyze the results  Investigate the symptoms to determine if they are being caused by actual fraud or by other factors

24 Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Detecting E-commerce Fraud  Technical Knowledge and Experience  It is extremely important for fraud investigators who specialize in e-commerce to understand the tools and methods that perpetrators use.

25 Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license distributed with a certain product or service or otherwise on a password-protected website for classroom use. Detecting E-commerce Fraud  Web-servers  E-mail clients and servers  Intrusion programs (nmap, Airsnort, Wireshark, etc.)  Unix  Perl, Python, Ruby and Bash scripting languages

Download ppt "Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except."

Similar presentations

Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except.

Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except.
Computer Fraud Chapter 5.

Computer Fraud Chapter 5.
Computer Fraud Chapter 5.

Computer Fraud Chapter 5.
Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except.

Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except.
Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except.

Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except.
The Islamic University of Gaza

The Islamic University of Gaza
Chapter 11: Financial Statement Fraud

Chapter 11: Financial Statement Fraud
Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except.

Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
FORENSIC ACCOUNTING - BA124 - 2010Slide 17-1 Today’s Topics n E-Commerce Fraud n E-Commerce Fraud Risks n E-Commerce Fraud Prevention.

FORENSIC ACCOUNTING - BA Slide 17-1 Today’s Topics n E-Commerce Fraud n E-Commerce Fraud Risks n E-Commerce Fraud Prevention.
Copyright © 2007 Prentice-Hall. All rights reserved 1 Internal Control & Cash Chapter 8.

Copyright © 2007 Prentice-Hall. All rights reserved 1 Internal Control & Cash Chapter 8.
Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except.

Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except.
Albrecht, Albrecht, Albrecht, Zimbelman Chapter 14: Fraud Against Organizations © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned,

Albrecht, Albrecht, Albrecht, Zimbelman Chapter 14: Fraud Against Organizations © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned,
Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except.

Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except.
© 2012 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license.

© 2012 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license.
Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except.

Albrecht, Albrecht, Albrecht, Zimbelman © 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except.
Elements of Internal Controls Preventing Fraud, Waste, and Abuse in Urban and Rural Transit Systems.

Elements of Internal Controls Preventing Fraud, Waste, and Abuse in Urban and Rural Transit Systems.
What distinguishes cyber crime from “traditional” crime? What distinguishes cyber crime from “traditional” crime? How has the Internet expanded opportunities.

What distinguishes cyber crime from “traditional” crime? What distinguishes cyber crime from “traditional” crime? How has the Internet expanded opportunities.
© 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license.

© 2011 Cengage Learning. All Rights Reserved. May not be copied, scanned, or duplicated, in whole or in part, except for use as permitted in a license.
Chapter 3 – Electronic Business (E-Business) Systems

Chapter 3 – Electronic Business (E-Business) Systems

Similar presentations

Ads by Google