ITS 4450 - Fraud Prevention and Deterrence


Chapter 17, Fraud in E-Commerce

This lesson presents material from chapter 14. Objectives important to this lesson:

  1. E-commerce fraud risk
  2. Preventive measures
  3. Detection
Concepts:
Chapter 17

The chapter begins with a story about a scam that is meaner than it is profitable. An online vendor decides to advertise with search engine companies, and learns that vendors are charged for each click on their ads when those ads come up in search results. The click-through rate (percentage of clicks per presentations of an ad) is called a CTR and our hero's ads are getting a 1 to 2 percent CTR. He goes on vacation, and returns to find that his CTR has jumped to a new bracket: 35 to 40 percent. This is a huge change. His online sales, however, have not increased, nor has traffic to his web site. Someone has jacked up his CTR to increase his expenses. (Razzle, frazzle, rum bummers.) Our hero is being victimized by someone who is actually making him look more successful, but is also costing him more money in ad fees.

The text continues with some history that may be instructive to some readers. It asks you to think about how the Internet has changed your life. In the case of most students, a better question is how has it defined your life. This calls for some introspection, or some knowledge of "recent" history. I feel like I'm asking kids in the 60s how TV changed their life. Since I'm one of them, I can tell you that I only partly knew. I grew up with it, it was always there, but it was constantly changing. That was the part I could perceive. The Internet has been like that, but the learning curve was much faster, much steeper. Many of you have grown up in a world that has always had the Internet. You don't remember a world that didn't have Google, Alexa, and Siri ready to fetch answers for you. As such, you are used to the idea that lots of information is easily had.

We should all be suspicious of what seems to be authenticating information because of information's ready availability. I had a phone call from a relative this week who was called by someone with a story about needing to get bail money for me in another state. I explained that someone was trying to cheat her, and that she should report it to the police. She was almost taken in by the family details the con artist knew, but luckily she was not going to trust the story until she followed up on it. This is a lesson that President Reagan learned and celebrated:

The skill of a one-on-one con artist in convincing you that he/she is telling you the truth is critical to running a successful con. The grifter needs you to believe. The e-commerce thief needs more technical skill, and can get away with much less social skill. On page 614, the text presents some pressures, opportunities, and rationalizations that apply to e-commerce fraud, some to insiders and some to customers. It is easier to understand why people follow a good in-person con artist. Let the great Robert Preston illustrate a technique. The scene: turn of the last century, in River City, Iowa. The con man: Professor Harold Hill, leader of a brass band.

The text discusses several kinds of scams, many of which should be familiar to you. Today's class takes place on the day after Thanksgiving, linking us directly to the discussion on page 615 of the 2013 assault on Target stores. 40 million credit card numbers were stolen, which remains an impressive number. This is the kind of attack that reaps large rewards for the attacker and ruins the lives of millions of ordinary people. Proper security, as the author discusses later in the chapter, might have prevented that data breach and many like it. The text emphasizes ongoing risk assessment and implementation of effective controls.

The chapter concludes with advice to use data-driven techniques to detect e-commerce fraud. We should pay attention to unexpected changes and access to our databases, as well as to devices and users that have no business on our network.

 

 

Assignments

The usual array of assignment, lab, and project portions are assigned this week.