Analysis: Fraudsters get net benefits.
Increased internet use has been matched by a surge in online fraud.
The jury’s out on fraud in the new economy. Has the growth of the internet provided fraudsters with just a different medium to rip off the unwary, or will there be a surge in new types of fraud?
Both statements are correct. But what has become clear is that, either way, fraud can be carried out on a far grander scale on the internet.
One of the most well-known frauds of recent times is the Nigerian letter scam – officially known as section 419 fraud – where the author writes to a business person, enlisting their help in a supposed money laundering scheme which ends with the victim’s own bank account being cleaned out.
Now the fraudster can send thousands of emails at the stroke of a key, saving a small fortune in postage stamps at the same time.
This was one example cited by Stephen Low, assistant director of the Serious Fraud Office, of how modern technology was making traditional frauds easier.
Speaking at a fraud seminar last week hosted by ICAS in Edinburgh, Low said: ‘Fraud is based on deception and deceiving requires communication. How much easier is the fraudster’s life if they can deceive millions all over the world in one communication?’
Section 419 frauds are perhaps the simplest form of e-crime, relying on the gullibility, and more importantly the greed, of a recipient in order to succeed.
But the theft and misuse of data stored on organisations’ computer systems poses a far greater threat, the most obvious area being credit card details.
The news that after the world economic forum’s meeting in Davos last month, Switzerland, the credit card details of several well-known international figures had been lifted from computer systems must have sent a shudder through many an e-security expert’s mainframe.
Credit card fraud on the up
Misuse of stolen credit cards is not new – in the past the card needed to be physically removed from its owner but today’s technology means that a hacker can access a person’s card details without the owner being aware.
Resources & Whitepapers
Accounting Software The power of customisation in accounting systems
Simon Dawson, a former PricewaterhouseCoopers forensic services manager who has recently moved to Control Risks Group, a business risk consultancy, told delegates at the seminar of a Chinese hacker who stole credit card details from RealNames.com – up to 150,000 people could have been affected.
‘The theft of credit card details through the internet is now big business,’ Dawson said.
Western Union and Powergen have suffered similar hacks.
Trouble on the inside
But the threat of fraud does not only come from outside an organisation.
As Dawson said, employee abuse can pose just as big a problem to a company as an outside hacker can.
Dawson tells of how, while investigating an IT manager suspected of copying video games, he discovered an IT department collecting thousands of pornographic pictures, running a counterfeiting operation, hosting an external website on the company’s own server and an IT manager running a separate business using the company’s systems.
A recent development in the new economy is the fraudsters’ motivation.
Charlotte Cochrane, a chartered accountant responsible for uncovering employee fraud at US financial services group AIG, lists the some of characteristics of a fraudster – someone with drink, drugs or gambling problems, marital difficulties, or who has been passed over for promotion.
But Cochrane’s assertion that a strong challenge to beat the system lies at the heart of many frauds is perhaps more true in today’s world than before. Or as Dawson says; ‘Hackers do it for the hell of it.’ Such a motivator can be difficult to combat.
Making a false impression on investors
The news that e-district.net, the interactive video website, has sacked its chief executive Steven Laitman after discovering figures for registered users, page impressions and revenues had been exaggerated will probably come as no surprise to Stephen Low, SFO assistant director.
Though not referring to e-district, Low said: ‘There was a period when the value of a dotcom start-up was based on the number of contacts inits database, rather than the number of sales it had made, let alone the profit it was generating.
‘It would not be too surprising if someone – finding trading very difficult on the web – decided to invent a few sales which had not actually happened or added of few hundred imaginary customers to its contact database.’