IT Sample Paper

IT SAMPLE PAPER A report on the use of Information Technology in implementing of Fraud Protection in the marketplace Introduction Fraud using information technology is an ancient crime, which increase their scale through the extensive and developing use of computers, computer networks and other types of information communication technology. These frauds take several forms and can even be carried out without the use of ICT (Lowry et al., 2013, p. 161). These crimes have become a nuisance since they can be or are carried out by a single person without his\\her physical appearance at the crime scene. They fall into three broad categories: individual, property and governmental. The case study below gives details about how the online frauds have taken root and their alarming rising rates depending on the number of people falling victim. The main forms of information technology frauds: Hacking It refers to gaining unauthorized access to a network, a computer system or website by manipulating their codes or passwords. It is commonly referred to as cracking. The primary objective of cracking is to get personal data and ensure smooth cyber crime. Taking the following case study shows how hacking has spread. In December 2012, a hacker was giving a zero-day exploit for Gmail for $800 that would enable an attacker use a cross-site scripting vulnerability to hijack accounts.  1

IT SAMPLE PAPER Cross-site scripting (XSS) attacks still maintain the top spot as a risk to web applications, websites, and databases, a close analysis of about15 million cyber attacks in the third quarter of 2012 revealed. Other top attack techniques being commonly employed are the SQL injections (SQLi), directory traversals and cross-site request forgery (CSRF), according to a web application attack report by a particular cloud technology firm based in the UK. The hacker, commonly referred to as “The Spider”, had created a video to promote the exploit on an underground cyber crime called Dark code (Zhu & Kraemer, 2010, p. 64). Phishing It is a type of a bulk marketing fraud. The fraudster sends fake email accounts disguised as real ones to many potential targeted victims. Its primary aim is to gain access entry to particular personal data in order to tailor communications accordingly. A recent case scenario of phishing involved a trash email sent to subscribers. Customers of an individual mobile provider firm received a particular email stating a defect with their very latest service provided. The email requested them to visit the firm’s website through a link provide through the e-mail to give their personal details like their birthday dates. It turned out that both the site provided and the e-mail was not genuine (Rastegari & Dehkordi, 2013). Electronic financial frauds The most common form of electronic financial fraud is the online banking fraud usually involving transactions carried out over the internet. Sometimes, the fraudster employs the ‘no card’ approach where the card and its holder are not present. Also, retail transactions over the internet fall under this category where both the business and its customers may fall victim. A survey carried out in 2011\\2012 in England and Wales provide enough evidence on the fraud (Cimiotti & Merschen, 2014, p. 43). The survey aimed to establish probable frauds through the internet and specifically the use of emails. More than 42000 households responded to the survey. Of the respondents, 56% said they had received an email informing them of significant prizes won in lotteries and sweepstakes they had never participated or ever had details about it. About 16% were asked to provide capital for a high yield investment with shares on the Stock Exchange, but it turned out that the company was just a bogus. The other 28% of the respondents were invited to meet potential partners for romantic relationships ultimately leading to marriage. As it turned out about the last group, most of them were married or in stable relationships. 2

IT SAMPLE PAPER Bulk marketing and consumer frauds The fraud takes several forms like charity, inheritance, deposit payments and the infamous pyramid schemes. In such a case, a person is convinced to part with money before the transaction with a promise of a bigger payment when the deal or the investment matures. Online retailing and auction sites The fraudster operates fake websites detailing nonexistent goods and services. Sometimes, the customer may be led to buy counterfeit goods by being led to believe that they are the original products. Cinema and airline tickets faking are common, and the buyers led to believe they are buying the actual tickets. In relation to bogus auction sites, the UK Financial Fraud Action reports clearly indicate that 51161 false retail and auctioning sites were in operation. By the period 2013-2014, the number of these websites had risen to a staggering 256641 in number. The statistics clearly indicate that the number of fraudsters is increasing and consequently the number of victims. It also reported that within that period, Ireland was the most targeted dominion with 46%, followed by Wales with 30% and England came third with24% (Srivastava, 2011, p. 454). Dating websites The sites operators aim at ensuring smooth social networking of people all over the world. The site users are requested to provide personal details with a registration fee with a promise of instant connection with their preferred partners. Unfortunately, after paying the fees mentioned above, no connections materialize to reality. Security measures With everyday technological advancements occurring, people are required to adapt as fast as possible especially electronically. More so, the user agreement should explicitly states terms and conditions of engagement or use (Cumming & Johan, 2013, p. 451). Enhancing personal care Cyber criminals mostly use lost credit cards, social security, and insurance cards to obtain personal information about individuals. Sometimes the criminals assume the identities on the cards they get when committing crimes hence leaving liability to the real owners of the cards. In 2012, police officers from UK arrested six fraudsters while their US counterparts captured twelve.  3

IT SAMPLE PAPER The FBI-led crackdown in 13 countries on credit card fraudster managed to arrest a sum of 24 fraudsters (Rastegari & Dehkordi, 2013, p. 87). In order to facilitate the crackdown, the FBI carried out a two-year undisclosed investigation on the fake online forum involving credit card transaction on information. Therefore, maximum care must be taken of such devices during their viable time and also ensure proper discarding upon expiry of the same. Safe internet use There are many useful tips that an internet user should follow to guarantee their browsing or internet use security. These tips may include: Always remember that there are individuals online who would like to get access to your personal details. Never give this information to anybody until you are sure of the recipient and his\\her credentials. Install and remember to use scanning software when using your personal computer to protect yourself from internet hacking. Avoid using your official name, date of birth, personal address or any name people use when referring to you other for passwords.  If you are using the passwords, use a long word that makes it hard for a hacker to crack. You can even use a mixed up word where you mix small and capital letters and even add figures to it. Avoid responding to strange emails and if you have to do not use your personal details. If any email you to confirm your personal details, however, authentic it appears, it is phishing, and you should reported it to [email protected] which fights phishing (Benlian & Hess, 2011). Ensure a web address is always secure before sharing your personal data and should take the format of Https:\\\\. Regularly log into your online accounts to be able to detect any changes and keep a record of all your transactions (Beatty et al., 2011, p. 23). Secure the wireless networks The wireless networks are very vulnerable to invasion if not strictly secured. A person should avoid carrying out financial transactions on the WI-FI network. According to cyber security report released and published by Hewlett Packard (HP) in May 2014, mobile and web applications emerge as the new frontiers in the war against cyber attacks. The number of SQL injection attacks on web applications rose sharply from approximately 15 million to more than 50 million in 2011 the report revealed (Beatty et al., 2011, p. 32). 4

IT SAMPLE PAPER Data protection Always use data encryption for the files kept in a computer such as tax data and always change data locations to prevent online tracking (Agrawal, 2014, p. 205). Detectives from UK seized Swiss bank transfer of £26m. The login information was stolen from unscripted accounts signed in through the public computers. Users are urged not to enter and save their login information in publicly used computers. In addition, any time a user enter the details into the computer should ensure that they sign out immediately and when possible regularly change the password. The Government Input The government has created a body responsible for combating frauds through Information Technology and ensuring online security. It always monitors suspicious sources on the internet. When it a threat, for example, malware or spyware is detected, the public agencies are instantly notified (Chaudhry et al., p. 255). It also does the following roles: It gives advice to organizations about self-protection from the online risks detected (Pollach, 2011). The efforts of this are shown in the case study below about an employ who stole from her employer. A debt accountant who stole more than £26,000 from her pension scheme company was warned that she was quite fortunate to avoid a prison term.( The cyber fraudster transferred the money over a three-year period to buy her necessities and pay off her mortgage after changing her  bank details for those of the suppliers. The lady used to steal around £1,500 a month up to when an intern became suspicious about  the outgoing regular  payments that were being recorded on her personal computer, which she could not recall processing It monitors all advancements in digital technology and upgrades the security systems, and this prevents situations like mobile traffic shut down. The government also runs regular campaigns against the cyber crimes so as to caution the public about them. It aims at ensuring that the public remain techno- savvy, and it always alerts against such threats. The government also uses state policies and legislative tactics in fighting these crimes. It does all these by putting strict regulations and laws that scare away potential cyber fraudsters. The punishments for these crimes come in the lack of bonds for arrested suspects, hefty fines and long imprisonment terms for the convicted criminals. Four arrested in more than£1m London cyber bank robber Warwick Ashford 12 December 2013.  5

IT SAMPLE PAPER Police apprehended four suspected cyber criminals and seized £80,000 in cash following an unprecedented theft of over £1m from two banks. The arrests came three months after cyber criminals targeted the Barclays by controlling the branch computers. The two men and women were arrested on suspicion of conspiracy to defraud and launder money (Cimiotti & Merschen, 2014, p. 57). The government also engages foreign governments for better coordination in fighting this vice (Plavsic, Dippel & Hussain, 2009, p. 200). It also intercepts data that is sensitive to the public and thus reduces the cases, and the crimes are deterred .However, the number of victims is lowering though in a small number. The reduction in number clearly indicates that the governments Fraud Action are paying off even though not at a higher pace as expected. In conclusion, the frauds taking place using Information and Communication Technology are so many and occur stealthily. Reason being the fraudsters are well advanced in the technological developments. However, the fight against this vice is not lost but it should serve as a wake-up call to all the stakeholders in the fields mentioned above. The stakeholders include and not limited to citizens themselves, banks and other corporate organizations, the government, and its respective agencies. Through this kind of coordination and cooperation, every cyber criminal and their techniques will be apprehended and dealt with instantly. 5

IT SAMPLE PAPER REFERENCES Agrawal, S 2014, ‘Issues of Concern and Mitigating Strategies: A Study on ITES Firms’, Vision (09722629), 18, 3, pp. 205-216. Beatty, P, Reay, I, Dick, S, & Miller, J 2011, ‘Consumer trust in e-commerce web sites’, ACM Computing Surveys, 43, 3, pp. 1-46. Benlian, A, & Hess, T 2011, ‘The Signaling Role of IT Features in Influencing Trust and Participation in Online Communities’,International Journal Of Electronic Commerce, 15, 4, pp. 7-56. Chaudhry, P, Chaudhry, S, Stumpf, S, & Sudler, H 2011, ‘Piracy in cyber space: consumer complicity, pirates and enterprise enforcement’, Enterprise Information Systems, 5, 2, pp. 255-271. Cimiotti, G, & Merschen, T 2014, ‘Trends in consumer payment fraud: A call for consistent strong authentication across all consumer payments’, Journal Of Payments Strategy & Systems, 8, 1, pp. 43-63. Cumming, D, & Johan, S 2013, ‘Listing Standards and Fraud’, Managerial & Decision Economics, 34, 7/8, pp. 451-470. Lowry, P, Moody, G, Galletta, D, & Vance, A 2013, ‘The Drivers in the Use of Online Whistle-Blowing Reporting Systems’, Journal Of Management Information Systems, 30, 1, pp. 153-190. Plavsic, A, Dippel, T, & Hussain, S 2009, ‘IT Facilitating Fraud’, International Review Of Law, Computers & Technology, 13, 2, pp. 193-209. Pollach, I 2011, ‘Online privacy as a corporate social responsibility: an empirical study’, Business Ethics: A European Review, 20, 1, pp. 88-102. Rastegari, S, & Dehkordi, S 2013, ‘Protection of consumer rights in Cyberspace’, New Marketing Research Journal, pp. 81-99. Srivastava, A 2011, ‘Resistance to change: six reasons why businesses don’t use e- signatures’, Electronic Commerce Research, 11, 4, pp. 357-382. Zhu, K, & Kraemer, K 2010, ‘Post-Adoption Variations in Usage and Value of E- Business by Organizations: Cross-Country Evidence from the Retail Industry’, Information Systems Research, 16, 1, pp. 61-84. 6