Computer Fraud Casebook
IN THIS SUMMARY
Fraud-an act of deception practiced in order to secure personal gain - has been a longstanding threat for business owners. Rapid advances in computers, however, have propelled the issue of computer fraud into the forefront at the cost of billions of dollars to companies and consumers alike. Because this threat is likely to only intensify as technology continues to become more accessible and sophisticated, companies that wish to maintain their livelihood have no choice but to establish controls for preventing and addressing these crimes. In Computer Fraud Casebook, editor Joseph T. Well compiles and presents 42 actual computer fraud case studies written by the certified fraud examiners involved in the investigations. Following each case study, the authors discuss lessons learned from the experience as well as recommendations to prevent future instances of fraud. Despite the diversity in these 42 cases, several common themes emerge. First, all companies - despite their size, industry, or success - are vulnerable to computer fraud. This fraud can be perpetrated internally or externally, can require specialized expertise or merely access to a home computer, and can be severely crippling or a minor setback. However, the risk cannot be denied and must always be considered when engaging in thoughtful planning and prevention programs. Another theme evident throughout the book is the often multi-faceted nature of these schemes. Early success with one method of fraud may lead to even bolder and more complex types of fraud. In several of the investigations, a minor instance of fraud was the subject of the initial investigation, and only after digging much deeper was the full web of deceit revealed. Because of this "slippery slope" effect, it is critical that all suspected instances of fraud - no matter how trivial or minute they may initially seem - be investigated. Related to the need to intervene early on, a third theme reflects the importance of an aware and educated workforce that is encouraged to step forward and report suspected fraud. In many of the cases, financially devastating fraud would never have been detected were in not for an astute and educated individual who was not afraid to step up to a superior and suggest a wrongdoing might be occurring. To promote these behaviors, it is critical for upper management to (a) provide appropriate and ongoing training, (b) model these behaviors themselves, and (c) establish a culture where fraudulent activity is not tolerated and reporting potential violations is applauded. A final theme clear throughout this book is the importance of utilizing a trained fraud investigator if fraud within a company is suspected. In each of the cases, the investigator or investigatory team brought specialized expertise to the table that facilitated the successful resolution of the case. In addition, the investigators were able to draw upon current and previous experiences with computer fraud to make recommendations to the companies that would prevent future instances of fraud, minimizing the potential for future losses. Due to their vulnerability to computer fraud, Computer Fraud Casebook is undoubtedly relevant for leadership and employees within any organization. However, the book would also clearly be appropriate for any individual with a minimal understanding of technology (e.g., personal computer, Internet). After all, computer fraud can impact anyone at anytime. Although not all cases of computer fraud will be preventable, the adage "knowledge is power" certainly holds true. By understanding the types of computer fraud threats out there, coupled with effective ways they have been prevented and dealt with, readers can feel more secure in knowing that they have the tools necessary to minimize their likelihood of falling victim to or being negatively impacted by such crimes.