This lesson presents material from chapter 14. Objectives
important to this lesson:
E-commerce fraud risk
The chapter begins with a story about a scam that is meaner than it is
profitable. An online vendor decides to advertise with search engine companies,
and learns that vendors are charged for each click
on their ads when those ads come up in search results. The click-through
rate (percentage of clicks per presentations of an ad) is called a
CTR and our hero's ads are getting a 1 to 2 percent CTR. He goes
on vacation, and returns to find that his CTR has jumped to a new bracket:
35 to 40 percent. This is a huge change. His online sales, however, have
not increased, nor has traffic to his web site. Someone has jacked up
his CTR to increase his expenses. (Razzle, frazzle, rum bummers.) Our
hero is being victimized by someone who is actually making him look more
successful, but is also costing him more money in ad fees.
The text continues with some history that may be instructive to some
readers. It asks you to think about how the Internet has changed
your life. In the case of most students, a better question is how has
it defined your life. This calls for some introspection, or some
knowledge of "recent" history. I feel like I'm asking kids in
the 60s how TV changed their life. Since I'm one of them, I can tell you
that I only partly knew. I grew up with it, it was always there, but it
was constantly changing. That was the part I could perceive. The Internet
has been like that, but the learning curve was much faster, much steeper.
Many of you have grown up in a world that has always had the Internet.
You don't remember a world that didn't have Google, Alexa, and Siri ready
to fetch answers for you. As such, you are used to the idea that lots
of information is easily had.
We should all be suspicious of what seems to be authenticating information
because of information's ready availability. I had a phone call from a
relative this week who was called by someone with a story about needing
to get bail money for me in another state. I explained that someone was
trying to cheat her, and that she should report it to the police. She
was almost taken in by the family details the con artist knew, but luckily
she was not going to trust the story until she followed up on it. This
is a lesson that President Reagan learned and celebrated:
The skill of a one-on-one con artist in convincing you that he/she is
telling you the truth is critical to running a successful con. The grifter
needs you to believe. The e-commerce thief needs more technical skill,
and can get away with much less social skill. On page 614, the text presents
some pressures, opportunities, and rationalizations that apply to e-commerce
fraud, some to insiders and some to customers. It is easier to understand
why people follow a good in-person con artist. Let the great Robert Preston
illustrate a technique. The scene: turn of the last century, in River
City, Iowa. The con man: Professor Harold Hill, leader of a brass band.
The text discusses several kinds of scams, many of which should be familiar
to you. Today's class takes place on the day after Thanksgiving, linking
us directly to the discussion on page 615 of the 2013 assault on Target
stores. 40 million credit card numbers were stolen, which remains
an impressive number. This is the kind of attack that reaps large rewards
for the attacker and ruins the lives of millions of ordinary people. Proper
security, as the author discusses later in the chapter, might have prevented
that data breach and many like it. The text emphasizes ongoing risk assessment
and implementation of effective controls.
The chapter concludes with advice to use data-driven techniques to detect
e-commerce fraud. We should pay attention to unexpected changes and access
to our databases, as well as to devices and users that have no business
on our network.
The usual array of assignment, lab, and project portions
are assigned this week.