ACC 321 Exam 2 Flashcards
Creating cash using the lag between the time a check is deposited and the time it clears the bank.
Check kiting
Concealing the theft of cash by means of a series of delays in posting collections to accounts receivable.
Lapping
A text file created by a website and stored on a visitor’s hard drive.
- store information about who the user is and what the user has done on the site.
Cookie
Dishonest conduct by those in power which often involves actions that are illegitimate, immoral, or incompatible with ethical standards. Examples include bribery and bid rigging.
Corruption
Misrepresenting or leaving out facts in order to promote an investment that promises fantastic profits with little or no risk. Examples include Ponzi schemes and securities fraud.
Investment fraud
Any type of fraud that requires computer technology to perpetrate.
Computer fraud or cybercrime
Any and all means a person uses to gain an unfair advantage over another person.
Fraud
Intentional or reckless conduct, whether by act or omission, that results in materially misleading financial statements
Fraudulent financial reporting
Theft of company assets by employees.
Misappropriation of assets
The condition or situation that allows a person or organization to commit and conceal a dishonest act and convert it to personal gain.
Opportunity
A person’s incentive or motivation for committing fraud.
Pressure
The excuse that fraud perpetrators use to justify their illegal behavior.
Rationalization
An intentional act where the intent is to destroy a system or some of its components.
Sabotage
Typically, businesspeople who commit fraud.
- usually resort to trickery or cunning, and their crimes usually involve a violation of trust or confidence.
White-collar criminals
Spyware that causes banner ads to pop up on a monitor, collects information about the user’s web-surfing and spending habits, and forwards it to the adware creator, often an advertising or media organization.
- usually comes bundled with freeware and shareware downloaded from the Internet.
Adware
Gaining control of someone else’s computer to carry out illicit activities, such as sending spam without the computer user’s knowledge.
Hijacking
A network of powerful and dangerous hijacked computers that are used to attack systems or spread malware.
Botnet
Hijacked computers, typically part of a botnet, that are used to launch a variety of Internet attacks.
Zombies
The person who creates a botnet by installing software on PCs that responds to the bot herder’s electronic instructions. This control over the PCs allows the ______ to mount a variety of Internet attacks.
bot herder
Trial-and-error method that uses software to guess information, such as the user ID and the password, needed to gain access to a system.
Brute force attack
Recovering passwords by trying every possible combination of upperand lower-case letters, numbers, and special characters and comparing them to a cryptographic hash of the password.
Password cracking
When the amount of data entered into a program is greater than the amount of the input buffer. The input overflow overwrites the next computer instruction, causing the system to crash. Hackers exploit this by crafting the input so that the overflow contains code that tells the computer what to do next. This code could open a back door into the system.
Buffer overflow attack
(insertion) Inserting a malicious SQL query in input such that it is passed to and executed by an application program. This allows a hacker to convince the application to run SQL code that it was not intended to execute.
SQL injection attack
Taking control of someone else’s phone to make or listen to calls, send or read text messages, connect to the Internet, forward the victim’s calls, and call numbers that charge fees.
Bluebugging
Making a sender address and other parts of an e-mail header appear as though the e-mail originated from a different source.
E-mail spoofing
Displaying an incorrect number on the recipient’s caller ID display to hide the caller’s identity.
Caller ID spoofing
Activities performed on stolen credit cards, including making a small online purchase to determine whether the card is still valid and buying and selling stolen credit card numbers.
Carding
Planting a small chip that records transaction data in a legitimate credit card reader. The chip is later removed or electronically accessed to retrieve the data recorded on it.
Chipping
A fake EMV chip is inserted in a stolen card. When a purchase is declined, the perpetrator persuades the clerk to let the card be swiped, thereby bypassing the EMV verification.
EMV chip bypass
(XSS) A vulnerability in dynamic web pages that allows an attacker to bypass a browser’s security mechanisms and instruct the victim’s browser to execute code, thinking it came from the desired website.
Cross-site scripting
Hacking into and hijacking computing resources to mine cryptocurrency, thereby avoiding costs that can outweighs the value of the crypto mined.
Crypto jacking
Hacking into a wallet or using social engineering tactics to trick a person into revealing the digital keys needed to access their blockchain account.
Crypto wallet attacks
Manipulating the number of times an ad is clicked on to inflate advertising bills. Companies advertising online pay from a few cents to over $10 for each click on their ads.
Click fraud
The unauthorized copying or distribution of copyrighted software.
Software piracy
Threatening to harm a company or a person if a specified amount of money is not paid.
Cyberextortion
Software that encrypts programs and data until a ransom is paid to remove it.
Ransomware
Using computer technology to support deliberate, repeated, and hostile behavior that torments, threatens, harasses, humiliates, embarrasses, or otherwise harms another person.
Cyberbullying
