Fraud

Fraud in technology is the falsifying or stealing of information with the intention of obtaining unearned finances or sensitive personal data. Internet or technological fraud usually involves hacking a network, gaining unauthorized access to an account, or tricking someone into giving out information or money.

Types of fraud

  • Email scams: attackers will send malicious links within an email, typically promising some sort of financial gain or suggesting an updated download of a software. These then compromise a user’s operating system. Email scams may often come from a stolen email address that a user knows or trusts either hacked by the attacker or slightly modified.
  • Requests for money: attackers may commit fraud by requesting financial transactions from an employee within a company (pretending to be the CEO with an urgent need, for example) or asking for donations to a made-up charity. A request for money can take many forms, but within an organization it’s often a rushed transfer of funds.
  • Phishing: an attacker may attempt to steal personal data or account information by lying about their identity or falsely posing as another organization. For example, a phishing scam might involve a request to change an account password, pretending to be a legitimate company. Most large companies will never send an email requesting a password change when the account owner has not made a login attempt.
  • Man-in-the-middle attacks: an attacker will try to hack an encrypted connection as it’s being established, attempting to pose as one of the legitimate parties and gain access to the channel and the sensitive data.

People who are trying to commit fraud often attempt to steal:

  • Credit or debit card information
  • Social Security details
  • Email address credentials
  • Birthdate and full name (even these could help an attacker gain more access to private data)
  • Phone number (so that they can make fraudulent calls)

Artificial intelligence, machine learning, and fraud detection

Organizations have recently attempted to implement machine learning and AI techniques to detect fraud more easily. One method of increasing security is requiring biometric data for authentication. Machine learning makes observations within a software or computer system and learns to detect problematic information. This might look like an email coming from the wrong employee at the wrong time or an attempted login that the intelligent system has never noticed before.

For machine learning to adequately detect fraud, it needs to be able to study a large amount of data on multiple platforms. That data should not be siloed. If the programs and applications within a business aren’t integrated, machine learning technology won’t be able to fully study patterns and detect suspicious activity.

Occupational fraud

A large source of fraudulent activity comes from within a company. Many cases of fraud are committed by employees against their organization. Smaller companies in particular are at risk of occupational, or inside, fraud because they don’t have as many options or finances to set up strong security protocols. Occupational fraud is surprisingly common within businesses.

If a company does not practice least privilege access, they will be more susceptible to insider fraud. Employees should be strictly limited to accessing the accounts and applications that they need and nothing else. This will limit their ability to steal private information and finances.






Jenna Phipps
Jenna Phipps
Jenna Phipps is a writer for Webopedia.com, Enterprise Storage Forum, and CIO Insight. She covers data storage systems and data management, information technology security, and enterprise software solutions.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.

Related Articles

Virtual Private Network (VPN)

A virtual private network (VPN) encrypts a device's Internet access through a secure server. It is most frequently used for remote employees accessing a...

Gantt Chart

A Gantt chart is a type of bar chart that illustrates a project schedule and shows the dependency between tasks and the current schedule...

Input Sanitization

Input sanitization is a cybersecurity measure of checking, cleaning, and filtering data inputs from users, APIs, and web services of any unwanted characters and...

IT Asset Management Software

IT asset management software (ITAM software) is an application for organizing, recording, and tracking all of an organization s hardware and software assets throughout...

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...