Cyber Net Fraud and How They Can Affect Accounting Information Systems - Research Paper Example

Cyber Net Fraud and How They Can Affect Accounting Information Systems Cyber net fraud also commonly known as internet fraud refers to the process of using the internet and software that can access it to defraud people. It can also be defined as any form of intentional deception for unlawful and unfair gain through the use of the internet. Cyber fraudsters usually do this by either giving distorted information or concealing information. The most common form of cyber net fraud is the distribution and use of rogue security software. Given the fact that businesses’ are increasingly warming up to the idea of e-business, cyber net fraud can be said to be one of the major threats to modern businesses. This paper aims at illustrating the different forms of cyber net fraud and how they can affect business accounting information systems. An accounting information system refers to a system that collects, stores and processes accounting and financial data that is used by business organizations during decision making processes. Such a system is basically a computer based way of tracking, accounting activities using information technology resources. Accounting information systems are always designed in accordance with the individual requirements of a business organization. An accounting information system should always have an internal control system. This refers to a number of procedures and methods that can be used by business organizations to authorize transactions, ensure accuracy of financial records, and safeguard assets. Given the nature of such systems they are always very vulnerable to cyber net fraud. A common form of cyber net fraud is a phishing attack. The phishing attack involves using of fraudulent websites or spoofed e-mails to trick recipients into revealing personal financial details such as account username and password, credit card numbers, social security numbers, and many other important data. They succeed in doing this by hijacking well known banks, trusted brands, online retailers, and credit card companies to lure their potential victims into believing in their legitimacy (Axelrod, 2004). Phishers are always able to convince about 2% of people who respond to their websites and e-mails. By doing this they are able to get money at the expense of the various business organizations that they disguise themselves as. Digital technology enables easy dissemination and flawless reproduction of graphics, print, multimedia combinations, and sound. People have over the years taken advantage of digital technology to reproduce copyrighted and confidential materials for personal use or for sale. This might particularly happen to an accounting information system. If cyber-criminals hack into a business organization’s accounting information system, they are able to access information that might give the business’ competitors a competitive advantage. Through this they can be able to forecast the business strategies. This can also be used to unlawfully reproduce some data from the system. For instance, they will be able to use such data to reproduce forged financial documents such as receipts. In the modern societies, cyber fraudsters have also specialized in extortion. Many financial institutions have been victims of such electronic attacks. One of the most common ways in which cyber criminals succeed in such extortion is by threatening to clear out all the data in these organization’s information systems. Given the importance of the data contained in the information systems, the business organization always prefers giving cyber criminals their demands instead of losing the information they really need (Carr, 2012). According to The Sunday Times, in the period in between the year 1993 and 1995, a total of £42.5 million was paid to an internet fraudster by a financial institution as a way of saving their information systems from being destroyed. Such extortions usually lead to huge losses by the business organizations involved. However, refusal to comply with such demands can lead to unbearable consequences. Another common form of cyber net fraud is tax-refund fraud. In the year 2012 it was reported by the Treasury Inspector General for Tax Administration that approximately 1.5 million US Dollars’ worth of tax returns went undetected. There was also an estimated 5 billion US Dollars’ worth of money lost through tax refund fraud. In most cases, tax refund fraud usually involves the use of names and social security numbers of deceased citizens (Kruse & Heiser, 2003). People who perform pension plan audit also face a similar form of concern. Such frauds always take advantage of the incapability of accounting information systems to detect whether or not the distribution payees are diseased or not. A good example of such a case is that of the man who forged his mother’s signature after her death. He did this on the pension checks for several years before he eventually got caught. Cyber net fraud can also come in the form of a corporate account take over. A corporate account takeover refers to a situation where a controller’s login details of an accounting information system are illegally acquired through file transfers, email attachments, or web downloads. In some cases, some cybercriminals can hack into an organization’s computer, find financial and banking information, access the account online the manipulate data and information. In most cases the manipulation of data and information usually involves the transfer of money from the business’ account to their accounts. This is because accounting information systems usually contain details on the movement of financial resources in and out of business organizations. With such information they are able to know the amount they should target, where it has been banked, and various other details that can help them in the process. Such activities are enhanced by activities such as electronic and online banking. Cybercriminals can gain virtual access to key information in an accounting information system through identity theft and theft of sensitive data. Just like, corporate account takeover, this can lead to huge losses. Cyber fraudsters make use of software such as “Zapper” to modify point of sales networks or cash register in order to successfully skim funds. One such software is held on the scanners used for business organizations’ inventory control, the fraudsters can then access the information that is held in the inventory control system. In most cases such activities are always undertaken to cover up for skims that are ongoing in business organizations. The information can also be accessed online and manipulated from a geographically far distance to cover up for such skims. Such cyber crimes, mostly involve business organization that deals in sales activities and barcode scanner to enter transactions into their inventories. Cyber net fraud can take place through the stealing of credit card information during wireless transactions. The success of such frauds is always contributed to by weak data encryption systems. With such capabilities, hackers can gain access to the information on millions of credit cards that are used in such systems. This leads to the loss of money in millions. With an accounting information systems with poor a data encryption system, a business organization risks losing data to cyber fraudsters. They also risk losing their credibility and market grip if in any case the details of their clients’ credit cards will be accessed through their accounting information systems. A good example of such an incident is the credit card exposure at TJX Companies Inc. in December 2006. During this occasion, millions of US Dollars were lost after details of a total of 94 million credit cards were illegally accessed by hackers. Internet fraudsters can also use malware to access servers. When they upload these malwares to servers they are able to access information from databases that are connected to the same servers. This leads to a situation where they are able to access a business’ sensitive information in case their accounting information systems is connected to such a network. It is impossible for a business to have an accounting information system without a network being involved. This involvement makes these systems vulnerable to unauthorized external access. A good example of such a case is the ESTsoft case of 2011. In this case, some hacker uploaded some malware to a certain server that was used by the organization to update its ALZip compression application. In this case they accessed personal information to more than 35 million South Koreans whose information was contained in a database that was connected to the same network. It is clearly evident that cyber net fraud is a threat to the existence of business organizations. This is particularly true for business organizations with accounting information systems. However, given the importance of such systems to modern business organizations, it will be impossible to discontinue the use of these systems because of the risks involved. This means that business organizations should be cautious when handling accounting information systems. They should make sure that their systems and networks are highly protected and encrypted to reduce the possibilities of such breaches occurring. For the sake of security, business organizations should also consider changing system access details regularly just in case such details got into the wrong hands. They should also ensure physical security of their systems because some of these cyber crimes begin with an initial physical access to the accounting information system. All these will reduce the possibilities of a business organization being a victim of cyber net fraud. References Axelrod, W. (2004). Outsourcing Information Security. Norwood: Artech House. Carr, J. (2012). Inside cyber warfare. Farnham: O'Reilly. Kruse, W. G., & Heiser, J. G. (2003). Computer forensics: Incident response essentials. Boston, Mass. [u.a.: Addison-Wesley. Read More