Fraud outside an organization, but against an organization may include intrusion into their computer systems, but more often is related to identity theft, where a perpetrator has stolen someone's identity to make purchases from another person's account, open accounts with someone else's name, credit, or social security number, or, a person may even impersonate another when legal trouble arises. Other types of fraud outside an organization can include illegitimate businesses, most commonly occurring in auction fraud where a person makes an auction sale and the consumer is delivered inferior goods or nothing at all.
Web site hijacking occurs when a web page or site is created to resemble that of a legitimate business and consumers may be taken for payment or personal information believing that they are dealing with a well known organization, when in fact they are dealing with a third party who is attempting to fool an unsuspecting person; and the creation of bogus internet companies may also fool consumers into purchasing products from someone who does not have a legitimate business at all.
They may have a full blown web site offering high priced electronics at unbelievably low prices, and when a payment is made, the unsuspecting consumer has compromised their personal information to be used by the fraudster for whatever purpose was intended by the web site operator, usually theft of data or money.
Other e-commerce frauds can include email scams such as Nigerian letter scams offering millions of dollars to a person who will help transfer funds out of Nigeria, other advance fee schemes where a person is promised a large sum of money for a small amount down, health insurance fraud may require individuals to supply insurance information in exchange for free medical equipment where insurance claims are submitted but equipment is not received, phishing attempts will pose as financial institutions or other accounts which suggest that the consumer "verify" personal information but it is not actually that purported organization which has sent the request, counterfeit prescription drugs may be offered at low costs and the drugs received are not the drugs promised and may cause serious health concerns especially with elderly, investment scams including pyramid schemes or letters of credit, and finally viruses or spyware that may be obtained through clicking on attachments or downloading free software.
There are many others as well, but these seem to cover the most popular frauds. How can these frauds be identified? How can they be prevented? What can be done if they occur? Many people ask these questions as they enter bank or credit card information into an order form. They proceed nevertheless, submit the order, make payment, and hope that all goes well and the goods will be delivered under the conditions promised. Symptoms of e-commerce fraud within an organization are the same as we have studied in chapter 5; however the other types are a bit different.
Since those frauds regarding organizations are similar to those studied in class, I have focused on fraud targeting individuals or consumers, which ultimately affects merchants when this stolen information is used to make purchases with funds belonging to somebody other than the person making the purchase. The lack of education and safeguarding of information causes financial loss for consumers, merchants, investigative organizations, as well as other organizations that regulate anything which could be related to e-commerce. Symptoms for a merchant can be identified through fraud management tools and screening, and symptoms for an individual are many, and can often be identified before they has been defrauded, but unfortunately for both of these, identifying symptoms and discovering the frauds are too often discovered at the same time.
Waiting until credit reports are damaged, bank accounts are drained, payments are disputed or purchases are not received as promised is not the best way to identify fraud. A person or merchant must understand the possible results of their actions and know where to turn if they become a victim of a fraudulent or misleading engagement, or other problems resulting from it. Many people understand that there are illegitimate businesses operating online with fraudulent intents, and they also realize that identity theft is a concern when giving out personal information. What many people don't realize is that privacy can be hard to obtain if it is strongly valued, and security can be threatened in more ways than often anticipated.