Case Study About Frauds in Information System Essay

Free Articles

1. Compose a sum-up of the instance. Include how the fraud was perpetrated. the features of the culprit ( s ) who committed the fraud. the function the hearer ( s ) had in the instance. and the direct and indirect effects the incident had on the organization’s stakeholders ( clients. sellers. employees. executive commission. and board of managers ) .

Comerica is being sued by Experi- Metal’s for a $ 560. 000 phishing onslaught to their bank history. Experi- Metal. a custom auto- parts shaper. was hit by phishing felons in January 2009. The fraud was perpetrated when the bank’s frailty president received a phishing electronic mail stating him to make full out on-line paperwork to execute scheduled care. The e-mail appeared to hold been sent from the bank. The electronic mail was sent from phishing felons ) Once the president sent over his certificates the onslaught was started. Experi- Metal accused Comerica of neglecting to take immediate action that could hold eliminated some of the loss.

We Will Write a Custom Essay Specifically
For You For Only $13.90/page!


order now

The bank processed over a million dollars in wires from the companies account. The onslaught was done in a affair of hours. Criminals tried to travel 1000000s of dollars to an Eastern Europe history. Comerica learned of the onslaught within four hours of the fraud. J. P. Morgan Chase contacted Comerica to describe leery activity in the history. The felons were funding money into the Chase Accounts to travel it overseas to Russia and Estonia. Comerica shut down the cozenage but it was after the concern lost money. Comerica shut down the history but still processed 15 wires after happening out about the cozenage. Comerica filed suit against the bank for the phishing onslaught and to seek to reimburse some of the money that was paid out through the phishing onslaught.

The features of the culprit are normally people from abroad and the electronic mails have spelling mistakes. The onslaughts come from abroad and the electronic mails will incorporate misspelled and converse letters. The aggressors send out 1000s of electronic mails seeking to acquire an person to react. The electronic mails are intended to flim-flam users into snaping on the nexus and come ining their personal information. The electronic mail will portray a company such as a bank. The electronic mail will province there is a job and need the person to verify their information. It will include a cause of action motivating the user to react or cancel.

The direct and indirect effects on the organization’s stakeholders were the bottom line would be understated because of the doomed of money. “Phishing scams deceive you into uncovering your personal. banking. or fiscal information through links in electronic mail that refer your browser to a look- similar sham web site that requests your personal. banking and/ or financial” . ( Roddel. 2008. pg. 93 ) The board of managers would necessitate to set something in topographic point with the bank to do certain this doesn’t go on once more. This is a deficiency of internal controls because the frailty president should hold verified the electronic mail before supplying his certificates.

The direct impact is to stultify the company and its handiness of financess. breach confidentiality. and safety. Phishing has a negative impact on a company’s gross which is a direct impact on the stakeholders. The direct consequence could include legal fees. and extra selling disbursal to recapture lost grosss. An organisation should pass on with its stakeholders when a phishing onslaught happens to extinguish the stakeholders losing assurance in the organisation. An indirect consequence to stakeholders is reacting to media enquiries. and presenting messages to parties affected.

2. Propose the fraud categorization ( s ) the instance can be categorized into ( based on the information processing theoretical account ) . Include your principle for the categorization.

“By far the most common signifier of corporate individuality larceny used by fraudsters is ‘phishing’ . Phishing involves fraudsters directing e-mails under the pretense of a bank or other reputable company. which appear reliable. to clients or users of that peculiar company. The emails ask for them to log on to the company’s web site and verify their history inside informations. including their personal designation details” ( Simmons & A ; Simmons. 2003. pg. 8 ) . The accountant of Experi-Metal’s received an electronic mail that appeared to be pressing.

The electronic mail stated the bank needed to transport out scheduled care on its banking package. It instructed the accountant to log in to the web site via the nexus in the electronic mail. The electronic mail appeared to come from Comerica’s online banking site. The site asked the accountant to come in a security codification. The web site was deceitful and was used to acquire the information to treat the deceitful wires. 3. Propose the type of controls that may hold been in topographic point at the clip of the misdemeanor.

The end of any organisation is to forestall or restrict the impact of phishing onslaughts. The company likely had an in house phishing program in topographic point. Corporate organisations have policies and processs to assist discourage phishing onslaughts. This should hold included preparation of employees to avoid a phishing onslaught. The controls in topographic point at Experi-Metal likely included a preventative program that consisted of employee preparation and e-mail filters. There needs to be more effectual controls in topographic point to forestall this from go oning in the hereafter. The accountant should ne’er hold given his personal information out online without verifying through the bank. Management has to be made cognizant of the types of phishing onslaughts through instruction and an effectual policy demands to be in topographic point to cover these types of onslaughts. The system did non neglect it was the actions of the accountant which led to the phishing onslaught.

4. Recommend two ( 2 ) types of controls that could be implemented to forestall fraud in the hereafter and extra stairss direction can take to extenuate losingss. “Avoid e-mailing personal and fiscal information. If you get an unexpected electronic mail from a company or authorities bureau inquiring for your personal information. reach the company or bureau cited in the electronic mail. utilizing a telephone figure you know to be echt. or get down a new Internet session and type in the Web reference that you know is correct” ( McMillian. 2006. pg. 160 ) . A assortment of attempts purpose to discourage phishing through jurisprudence enforcement. and machine-controlled sensing. One thing that should be stressed at Experi- Metal is ne’er follow links in an electronic mail claiming to be from a bank.

Bank establishments ne’er ask you to verify your online banking username and watchword. The accountant should hold contacted the bank and verified the information before he entered the codification. The slogan is trust no electronic mail or web site. The concern should hold in topographic point controls to maintain this from go oning traveling frontward. Second. Experi- Metal should put in a good Anti-virus and firewall protection package and adjust the scenes to fasten up web security. Any client or concern that has an inordinate sum of wires the bank should put a halt on the history and it needs to be verified before anymore wires are processed.

Experi-Metal could hold positive wage on the history and this would extinguish any wires from being processed without their blessing. Extra employee preparation should be offered to assist employee’s be able to detect deceitful electronic mails. An person should ne’er react to any electronic mails inquiring for personal information. The bank should follow policy to protect and inform clients about deceitful activity. 5. Judge the penalty of the offense ( was it appropriate. excessively indulgent. or excessively rough ) and whether the penalty would function as a hindrance to similar Acts of the Apostless in the hereafter.

The tribunal ruled in favour of Experi- Metal in the instance. Comerica was held apt for over half a million dollars stolen from Experi-Metal. The penalty was non difficult because Comerica failed to move in good religion when it processed over 100 wire transportations in a few hours. The bank should hold stopped the wire transportations and contacted the company. A client is keeping a bank responsible to maintain their money safe. Most of the money was recovered but the justice ruled in favour of Experi-Metal based on the fact the bank did non react speedy plenty in halting the wire transportations. Banks are making a better occupation at descrying fraud because of this instance but there is still room for betterment. This was a major instance because it put force per unit area on Bankss to beef up their security position. The justice is keeping the Bankss responsible to the safe maintaining of a company’s money.

Related posts:

  1. Mis Wintergear Case Study Essay
  2. Case study Technique Essay
  3. Bank of America Case Study Essay
  4. Google Case Study Essay
  5. Procter and Gamble Case Study
  6. Case Study Critique of the Jackson Home
  7. Leadership Case Study Essay
  8. Pacific grove case study Essay
  9. Case Study, Amazon: From Book Seller to Service Provider Essay

Post a Comment

Your email address will not be published. Required fields are marked *

*

x

Hi!
I'm Katy

Would you like to get such a paper? How about receiving a customized one?

Check it out