Cryptography Reference
In-Depth Information
to achieve. Similarly, program manipulation is diHcult to detect, but re-
quires a computer-savvy individual who alters or inserts new programs, or
perhaps subroutines into existing ones. The Trojan Horse is a ubiquitous
method for program manipulation (see Footnote 9.7 on page 337), wherein
the attacker can write a self-destruct into the program so that evidence
of its existence is erased. Yet another type of computer fraud is the prac-
tice of transferring (stealing) money from accounts in “thin slices”, called
salami slicing
. Salami slicing requires an institution where there are an
immense number of transactions, so as not to be noticed, and for which
the transactions involve more than two decimal places. Since currencies
typically use only two decimals, there is roundoff after those two decimals.
A salami-slicing program will round down those decimals and place the
excess into an account, usually hidden. This may seem trivial, but it does
not take long to accumulate millions by this scheme. Moreover, detec-
tion is diHcult, and often takes place only after the culprit has left the
organization.
Forgery
:
Computer data forgery
is the alteration, manipulation, or dele-
tion of computer data for the purpose of defrauding or injuring. It may also
involve the transmission of such computer data. Computer “data” means any
computer-generated text, document, record, or representation, including e-mail,
graphics, images, and word-processing documents.
Identity Theft
: As noted on page 376, when we discussed cybercrime
and e-commerce, we have already looked at identity theft. Here we extend the
discussion to include methods for thwarting such criminal activity. To protect
yourself against identity theft, do not throw away data with information about
you unless you destroy it first. For instance, always shred any bank state-
ments, credit card applications or promotions you receive in the mail, credit
card receipts, expired credit cards, insurance forms, and any medical state-
ments. Thieves may pick through your garbage or recycling bins to get your
personal information. Keep track of your credit card activity at regular inter-
vals, say, once a week. Do not wait for the billing-cycle statement since you
may be able to catch any unusual activity early and terminate it before it goes
too far. Moreover, if you do not receive your regular billing cycle statement
on time, contact the financial institution. Check your address with them since
identity thieves often recover bills and change the address when they take over
the account. The same holds true for any banking accounts. Keep tabs on
activity in order to spot and stop any suspicious activity. If you order cheques
from your bank, pick them up. Do not have them sent by mail since that invites
intervention by identity thieves. Always cancel inactive credit accounts of any
type. If you do not need it, close it. Such accounts are invitations to criminals.
When we talked about privacy issues above, we cautioned against giving out
personal information to strangers. This is particularly important in preventing
identity theft. Never give out numbers related to your personal identity that
is government-related. For instance, if you are Canadian, do not give out your
Search WWH ::
Custom Search