Kenneth C. Laudon,Jane P. Laudon Management Information System 12th Edition pdf

are wireless networks that pretend to offer trustworthy Wi-Fi

connections to the Internet, such as those in airport lounges, hotels, or coffee

shops. The bogus network looks identical to a legitimate public network.

Fraudsters try to capture passwords or credit card numbers of unwitting users

who log on to the network. 

redirects users to a bogus Web page, even when the individual

types the correct Web page address into his or her browser. This is possible if

pharming perpetrators gain access to the Internet address information stored

by Internet service providers to speed up Web browsing and the ISP companies

have flawed software on their servers that allows the fraudsters to hack in and

change those addresses.

In the largest instance of identity theft to date, Alberto Gonzalez of Miami

and two Russian co-conspirators penetrated the corporate systems of TJX

Corporation, Hannaford Brothers, 7-Eleven, and other major retailers, stealing

over 160 million credit and debit card numbers between 2005 and 2008. The

group initially planted “sniffer” programs in these companies’ computer

networks that captured card data as they were being transmitted between

computer systems. They later switched to SQL injection attacks, which we

introduced earlier in this chapter, to penetrate corporate databases. In March

2010, Gonzalez was sentenced to 20 years in prison. TJX alone spent over $200

million to deal with its data theft, including legal settlements.

The U.S. Congress addressed the threat of computer crime in 1986 with the

Computer Fraud and Abuse Act. This act makes it illegal to access a computer

system without authorization. Most states have similar laws, and nations in

Europe have comparable legislation. Congress also passed the National

Information Infrastructure Protection Act in 1996 to make virus distribution

302

Part Two

Information Technology Infrastructure

and hacker attacks that disable Web sites federal crimes. U.S. legislation, such

as the Wiretap Act, Wire Fraud Act, Economic Espionage Act, Electronic

Communications Privacy Act, E-mail Threats and Harassment Act, and Child

Pornography Act, covers computer crimes involving intercepting electronic

communication, using electronic communication to defraud, stealing trade

secrets, illegally accessing stored electronic communications, using e-mail for

threats or harassment, and transmitting or possessing child pornography.

C l i c k   F r a u d

When you click on an ad displayed by a search engine, the advertiser typically

pays a fee for each click, which is supposed to direct potential buyers to its

products. 

Download 15,21 Mb.

Do'stlaringiz bilan baham: