Information Technology Reference
In-Depth Information
Information Systems in the Global Economy
Battling Hackers and Fraudsters Day In and Day Out
Online giant eBay provides the world's largest online marketplace. Roughly 147 million
people buy and sell all kinds of merchandise and services on eBay. It is estimated that more
than $1,900 worth of goods is sold on eBay every second. Hundreds of thousands of people
in the United States depend on eBay for their living. Some of those people earn their living
illegally and unethically.
With so many transactions taking place on eBay, the company manages as much money
as a global bank. In fact, eBay owns the largest online banking service, PayPal, which is
used to facilitate transactions between online buyers and sellers. Unfortunately, managing
the largest online bank and marketplace makes eBay a huge target for hackers and fraud-
sters. The level of information security implemented at eBay far exceeds the level of
security used in a brick-and-mortar bank.
Fraud is a major challenge for eBay. Criminals gain illegal access to customer accounts
and use the accounts and their good reputation to sell knock-offs—primarily imitations of
high-quality items. Of all Internet-related crimes, auction fraud appears to be the biggest
problem. The 2007 Internet Crime Report published by the FBI explains: “Internet auction
fraud was by far the most reported offense, comprising 44.9 percent of referred complaints.
Non-delivered merchandise and/or payment accounted for 19.0 percent of complaints.
Check fraud made up 4.9 percent of complaints. Credit/debit card fraud, computer fraud,
confidence fraud, and financial institutions fraud round out the top seven categories of
complaints referred to law enforcement during the year.”
In 2008, at least two eBay crimes made headlines. The first involves a Romanian hacker
called Vladuz who hacked into eBay systems and masqueraded as an official eBay repre-
sentative. The damage Vladuz caused is estimated at 1 million dollars. He was eventually
apprehended and awaits trial. The second big story involves Jeremiah Mondello, a 23-year-
old from Oregon. Mondello stole more than 40 eBay and PayPal accounts and used them
to sell over a million dollars worth of counterfeit software, making more than $400,000
for himself. Mondello is now spending two years in prison, and must pay $225,000 in fines
and devote 450 hours to community service once released from prison.
Even though many crimes are taking place on eBay as you read this sentence, eBay
says that fraud remains a tiny fraction of the million or so transactions that take place
each day. eBay keeps fraud under control by investing heavily in information security tools
and practices.
eBay uses many types of security tools to address many kinds of threats. On its Web
site, eBay states that PayPal uses “the world's most advanced proprietary fraud prevention
systems to create a safe payment solution.” The company also invests in an automated
security system to keep hackers out of the network. The system uses more than a dozen
scanning applications to monitor vulnerabilities on eBay's global network and on all part-
ner networks that connect to eBay's extranet.
The security software that patrols eBay's systems provides continuous reports to se-
curity engineers. The software also creates reports for system administrators and execu-
tives that provide an overview of network conditions and illustrate the impact of
information security investment. Additionally, the security software measures eBay's com-
pliance with government regulations involving information security.
The battle to protect valuable and private information online is one in which all levels
of management in businesses and governments are or should be fully engaged. Attacks
