Abstract
It is essential for businesses to keep up with the technological advances. Today nearly all the businesses depend on computer technologies and the Internet to operate as technological developments have introduced many practical methods for businesses. Yet, transformation of businesses technologically also presents new means for the criminals, which has led to new types of fraud. It is crucial for businesses to take measures to prevent fraud. Traditional methods to prevent or to detect fraud seems to be ineffective for new types of fraud in the digital era. Therefore, new methods have been used to prevent and detect fraud. This chapter reviews fraud as a form of cybercrime in the digital era and aims to introduce the methods that have been used to detect and prevent it.
TopBackground
There is not a common definition of fraud. Fraud involves a wide range of activities united by some form of misrepresentation by a party to provide that party with an advantage or cause a disadvantage to others including criminal, civil and regulatory acts of deviance (Button and Cross, 2017).
Fraud incorporates four basic elements:
- •
“A false representation of nature of material
- •
Intent or knowledge that the representation is false, or intentional disregard for the accuracy
- •
Reasonably and justifiably relying on the representation
- •
Financial damages as a result of the preceding elements” (Skalak, Golden, Clayton &Pill, 2011: p.2).
Fraud is defined as an intent to cheat or gain an unmerited benefit including a broad set of acts. The American Institute of Chartered Public Accountants (AICPA) describes two main categories of fraud, which are deliberate misstatement of financial information, and misappropriation of assets (or theft). The definition of fraud might be extended as follows:
“Fraud consists of an illegal act (the intentional wrongdoing), the concealment of this act (often only hidden via simple means), and the deriving of a benefit (converting the gains to cash or other valuable commodity)” (Coderre, 2009: p.3). From a business standpoint, fraud may be defined as the misuse of assets in an organization and misrepresentation of financial statements.
Although there are various types of fraud, it can broadly be divided into employee fraud or misappropriation of assets and financial statement fraud (Skalak, Golden, Clayton &Pill,2011: p.5)
Key Terms in this Chapter
Denial of Service (DoS): DoS attacks are cyber crimes where the perpetrator’s goal is to make a computer or other types of electronic devices unavailable to its users. In DoS attacks, a computer network is often overloaded with massive amounts of data in a very short time to make the servers unable to hold up the data that is being transmitted. Distributed denial of service (DDoS) attacks which often make use of botnets that can be remotely controlled are even more threatening to information systems. This helps a perpetrator to attack multiple networks and areas simultaneously. DoS and DDoS attacks can do a hefty amount of financial loss and damage the reputation of a business as people might think that the business is incapable of preventing DoS and DDoS attacks (McQuade, 2009).
Phishing: “Phishing is an e-mail fraud method in which the perpetrator sends out legitimate-looking email in an attempt to gather personal and financial information from recipients” (definition provided by Search Security, as cited in Ross, 2016). Malware emails can be used for phishing (Pickett, 2012). Phishing does not only targets customers or clients, it also targets.
Intellectual Property: Intellectual property (IP) describes intangible assets such as patents, trademarks, designs, copyrights, databases, trade secrets, inventions, technologies, artworks (Kizza, 2010; Karius, 2016). Digital era has introduced remarkable innovations in industries including mass production of intellectual property as in software companies (Britz, 2013).