SKEPTICISM (doubt): A common weapon to fight against fraud taking place online.

A human beings perspective is always an important factor in fraud, a trusted organisation skepticism has to be balanced with trust, if both of these factors are not balanced frauds are been taken place. Detecting frauds and fighting agaisnt these frauds is the duty of several groups like:

  1. Board of directors
  2. Financial executives
  3. Audit committees
  4. Internal auditors
  5. External auditors

Professional skepticism occurs when nothing is taken for granted by the groups given above.

As a result for participating in these session you should be able to:-

  1. Show the possible ways of frauds been taken place online.
  2. Recognize the tricks of the fraudster.
  3. Identify the trust and doubt paridgm
  4. Explain the impact culture on “GOVERNMENT RISK AND COMPLIANCE”
  5. Analyze doubts, why and how it fluctuates?\
  6. Walk away with leading practices for developing a fraud risk assesment.


More than just citi bank, paypal and ebay

Perpetrators are not only looking for bank account information but also for a lot more than that. These tricks are only implemented on well-known financial institutions. Phishing now has a more diverse range of victims. Institutions like citibank, paypal and ebay now have been joined by a host of social networking and gambling websites.

The risk for such organizations have been made clear by such malpractices taking place online, stolen information can be used to undermine a firm’s reputation online which can destroy a firm completely.


Recently the cybercriminals has come up with vishing and phaxing methods being used by them recently to thug online users.

The difficulty lies in both distinguishing these spoofed websites with the genuine ones. As the computers users has become more wit about phished URLS, the cybercriminals has come up with more traits.

In “vishing”, or voice phishing, scammers use VoIP(voice over internet protocol)  to build bogus switchboard systems, mimicking those of online organizations. They then spam out emails claiming to come from those companies, but rather than including a link to a bogus website, they instead provide a phone number. Similarly, “phaxing” emails tell the recipient to fax back a form with banking and other details.

The prevalence of phishing and email fraud has made people cautious of giving out personal information online. Unknowingly we trust fax and phone numbers because we don’t really think that fraudsters will bother with the effort and cost needed to set them up.


  1. Be cautious of websites asking for your confidential information especially about your financial nature. Legal firms do not ask for confidential information via email or phone calls, and most of the firms around the world do not ask for confidential information until and unless you’re the one contacting them.
  2. Do not get pressured by threats given to you by these cybercriminals these threats are known as “SCARE TACTICS”. For eg. They may ask you for your confidential information and until and unless you don’t update those information they may threaten you to disable an account or delay your services. Always contact your merchant when these messages or emails are received by you.
  3. Always familiarise yourself with a website’s privacy policy. The most useful thing to look for is the website’s policy on whether it will or will not sell it’s mailing list. Most of the spam you receive on daily basis is because the webiste you’ve signed up with has sold your email address to another company, if you’re not okay with this happening, it might be worth reconsidering whether you want to sign up to the site.
  4. Never submit confidential information via forms embedded within email messages. Senders are often able to track all information entered.
  5. Never use links in an email to connect to a website unless you’re absolutely sure they’re authentic. Instead open a new tab and type the URL directly into the address bar. Often a phishing website will look identical to the original- look at the address bar to make sure that this is the case.