Rusch, J.J. The "Social Engineering" of Internet fraud: www.isoc.org/inet99/proceedings/3g/3g_2.htm ---------------------------------------------------------------------------------------
B. Insider Threats to Business Data and Information
What motivates employees to commit computer crimes and how are the crimes committed? In Avoiding Cyberfraud in Small Businesses, Bologna and Shaw (pp. 13-16) describe the ways in which employee computer frauds occur. An employee may bypass or override computer system controls. The employee may counterfeit, manipulate or destroy data in computer-kept accounts receivable or accounts payable records. A employee may enlist other employees or associates to assist with theft or fraud. Malevolent employees may introduce viruses, worms, Trojan horses or other problematic computer programs in order to disrupt a business for financial gain. Embezzlers often have insider operational knowledge about how a business works and technical knowledge about the computer systems associated with a business. Offenders often exploit weaknesses in computer and accounting systems for personal financial gain.
Reference: Bologna, J. and Shaw, P. (2000). Avoiding cyberfraud In small businesses. John Wiley and Sons. N.Y.
Here is a list of the ways in which malevolent employees or others can cause problems for those who do not protect computer data. Deliberate Malfeasance
Internet Protocol Number Misuse Customer Data Theft Fraud Sabotage Hacking
Lost Productivity
Chatting or Web Mall Auctions, Shopping Job Hunting Day Trading Gambling Pornography