Loading...
Anti-Fraud & Corruption Policy and Internal Control Strategies
Quiz by R
Customize this quiz to suit your class
Instantly translate to 100+ languages
Tag the questions with any skills you have. Your dashboard will track each student's mastery of each skill.
Give this quiz to my class
Revealing personal data can lead to threats like identity theft, fraud, bullying, and blackmail. 1.Identity Theft Definition: Identity theft occurs when someone steals your personal information and uses it without your permission. This can include your name, Social Security number, or bank details. Example: If someone gets your Social Security number, they could open a credit card in your name and run up bills that you would have to pay. 2.Fraud Definition: Fraud is when someone deceives another person to gain something of value, like money or personal information. This is often done through lies or tricks. Example: A person might call you pretending to be from your bank and tell you that you need to confirm your account details. If you give them your information, they may steal your money. 3. Bullying Definition: Bullying is when someone repeatedly hurts, threatens, or picks on another person. This can happen in person or online (cyberbullying). Example: If someone sends hurtful messages or spreads rumors about you on social media, thatâs a form of bullying. 4. Blackmail Definition: Blackmail is when someone threatens to reveal harmful or embarrassing information about you unless you give them something they want, usually money or favors. Example: If someone takes a private photo of you and threatens to share it unless you pay them, thatâs blackmail. Summary Identity Theft: Stealing personal information for illegal use. Fraud: Deceiving someone for personal gain. Bullying: Repeatedly hurting or threatening someone. Blackmail: Threatening to expose information unless demands are met. Understanding these terms helps you recognize and protect yourself from potential dangers in both real life and online. If you see any signs of these actions happening, itâs important to talk to a trusted adult or authority figure. There are several guidelines for you to be aware of to keep your personal data confidential: âĒHave strong passwords set on any account that holds personal data. Stronger passwords include characters, numbers and symbols and are not a recognisable word. âĒEncrypt (scramble text so that it cannot be read without a decryption key) any personal data that you store on your computer. âĒHave a firewall present, scanning incoming and outgoing data from your computer system. firewall : a security measure that can be implemented to monitor traffic into and out of a computer and prevent external users gaining unauthorised access to a computer system. A firewall is a security measure that helps protect a computer system by monitoring and controlling the traffic that comes into and goes out of the system. Think of it as a barrier between your computer and the outside world. It prevents unauthorized users from accessing your computer while allowing authorized traffic to pass through. âĒRegularly scan your computer with preventative software, such as an anti-virus package, that is used to identify a virus on a computer and remove it. Anti-virus: software that is used to identify a virus on a computer and remove it âĒMake use of any biometric devices (devices that measures a person's biological data, such as thumbprints), that are built into technology. biometric devices: Unique physical characteristic of a person that can be used by a computer for identification purposes. https://www.aratek.co/news/biometric-devices-definition-and-examples Biometric devices are tools that use unique physical characteristics of a person for identification purposes. This means they can recognize who you are based on features that are unique to you. Here are some examples of biometric characteristics: Fingerprint Recognition, Facial Recognition, Voice Recognition âĒOnly visit and provide data to websites that are a trusted source. âĒDo not open any email attachments from a sender you do not recognise. âĒCheck the URL attached to any link requesting data to see if it is genuine. âĒBe cautious about any pictures or opinions that you post or send to people. âĒRemove data about your location that is normally attached to your photos and videos that you may post, such as geotags. Geotag: an electronic tag that assigns a geographical location A geotag is an electronic tag that assigns a specific geographical location to a piece of information, like a photo or a video. Geotags can help people understand where a photo was taken or where an event occurred, making it easier to organize and find information based on location. âĒDo not become friends on social networking sites with people you do not know. âĒSet all the privacy controls to the most secure setting that are available on social media accounts. âĒReport and block any suspicious user. âĒUse a nickname or pseudonym when using the internet for entertainment, for example, playing games. âĒIf it is possible, use a virtual private network (VPN), an encrypted connection that can be used to send data more securely across a network. Virtual private network (VPN) : an encrypted connection that can be used to send data more securely across a network A Virtual Private Network (VPN) is a special way to connect to the internet that keeps your information safe. Imagine you are sending a secret message to a friend. You want to make sure no one else can read it while it travels. A VPN helps you do just that! It creates an encrypted connection, which means it turns your message into a code that only your friend can understand Example: Public Wi-Fi Safety: When you use public Wi-Fi, like in a cafÃĐ, your data can be easily accessed by hackers. If you connect to a VPN while using that public Wi-Fi, your data is encrypted, making it much harder for anyone to steal your information. 5.1 Personal data Personal data is any data that relates to you and your identity. This includes data such as: âĒName âĒAddress âĒTelephone number âĒEmail address âĒBank details âĒMedical records âĒSalary âĒPolitical opinions You should be very careful about revealing any of your personal data! By revealing personal data to another, especially online, you are exposing yourself to dangers such as identity theft, fraud, bullying and blackmail. These types of dangers can be issues that arise as a result of revealing more personal thoughts and feelings to those that can use them against you. It is a more sinister viewpoint to take, but the moment you reveal any personal data to another, you are providing them with the potential to harm you or your identity. This isn't to say you should never speak to another, especially those unknown online, just understand how to recognise a danger and how to keep your identity secure. To keep yourself safe in your daily life, you are likely to have been taught to take measures such as locking doors, not talking to strangers and not venturing into unsafe areas. However, when many people go online, they relax their safety measures, perhaps because they are in the comfort of their own home, so do not think anything negative will happen. Many people that use the internet are genuine, but knowing how to detect the few that aren't is important. There are several guidelines for you to be aware of to keep your personal data confidential: âĒHave strong passwords set on any account that holds personal data. Stronger passwords include characters, numbers and symbols and are not a recognisable word. âĒEncrypt (scramble text so that it cannot be read without a decryption key) any personal data that you store on your computer. âĒHave a firewall present, scanning incoming and outgoing data from your computer system. âĒRegularly scan your computer with preventative software, such as an anti-virus package, that is used to identify a virus on a computer and remove it. âĒMake use of any biometric devices (devices that measures a person's biological data, such as thumbprints), that are built into technology. âĒOnly visit and provide data to websites that are a trusted source. âĒDo not open any email attachments from a sender you do not recognise. âĒCheck the URL attached to any link requesting data to see if it is genuine. âĒBe cautious about any pictures or opinions that you post or send to people. âĒRemove data about your location that is normally attached to your photos and videos that you may post, such as geotags. âĒDo not become friends on social networking sites with people you do not know. âĒSet all the privacy controls to the most secure setting that are available on social media accounts. âĒReport and block any suspicious user. âĒUse a nickname or pseudonym when using the internet for entertainment, for example, playing games. âĒIf it is possible, use a virtual private network (VPN), an encrypted connection that can be used to send data more securely across a network. The ways in which some of these guidelines can be used in more detail will be explored throughout this chapter.How is personal data collected? There are several ways that an unauthorised person can try and collect your data. These include: âĒphishing âĒsmishing âĒvishing âĒpharming. Phishing Phishing is when a person sends a legitimate looking email to a user. The email contains a link to a website that also looks legitimate. The user is encouraged to click the link and to input personal data into a form on the website. The email could also simply ask the user to reply to the email with their personal data. The user is tricked into giving their personal data to a source that they believe is legitimate. However, both the email and the linked website are from a fake unauthorised source. The personal data that is input is then collected by an unauthorised person. This person can then use this data for criminal acts, for example, to commit fraud or steal the person's identity. Intimidation has become a common feature of phishing emails, threatening the user that they must click the link and rectify a situation immediately, or there will be a further issue. The aim of a phishing attack is to steal the user's personal data. Figure 5.1: Phishing. A real-life example of phishing PayPal have been the subject of several different phishing emails. Users receive an email that looks as though it has been sent from PayPal, as it has the PayPal branding. The email normally warns of an issue such as unexpected activity on their account, or that some kind of verification of their account is required. The user is then asked to click a link to log into their account and resolve the issue. The link takes them to a webpage that looks like the PayPal login page. If the user inputs their login details into this page, they will not be taken to their account. It is often at this stage that the user may realise that the email and webpage are fake. However, they have already given the unauthorised person their PayPal login details. Figure 5.2: An example of a phishing email claiming to be from PayPal. How to recognise phishing There are several guidelines to be aware of regarding emails to avoid being subjected to phishing. These include: âĒDon't even open an email that is not from a sender that you recognise or a trusted source. âĒLegitimate companies will never ask you for your personal data using email. Be immediately suspicious of any email that requests your personal data. âĒLegitimate companies will normally address you by your name. Be suspicious of any email that addresses you as âDear Member' or âDear Customer'. âĒLegitimate companies will send an email that uses their domain name. If you hover your mouse over the sender's name, it will show the email address that the email is sent from. If this does not look legitimate, for example, does not contain the correct domain name, then it is probably fake. For example, if the sender's email is user@paypal1.com rather than user@paypal.com, this is from an incorrect domain name. âĒLegitimate companies are protective of their professional reputation and thoroughly check any communications. They will make sure that all information given is grammatically and correctly spelt. Be suspicious of any email that contains bad grammar or spelling mistakes. âĒA link in an email from a legitimate company will also normally contain the domain name of the company. You can sometimes hover over the link, or right click and inspect the link, to see the address of the URL that is attached. If the URL does not contain the domain name, or also contains typical errors such as spelling mistakes, then be suspicious of this. PRACTICAL ACTIVITY 5.02 Ask a friend or a member of your family if they have ever received an email that they believed was a phishing email. Ask them how they identified it was phishing. Ask them if they know all of the given guidelines for identifying phishing emails. Smishing Smishing (or SMS phishing) is a variant of phishing that uses SMS text messages to lure the user into providing their personal details. The user is sent an SMS text message that either contains a link to a website, in the same way that phishing does, or it will ask the user to call a telephone number to resolve an urgent issue. The same advice can be followed for smishing as given for phishing. The user must question at all times any links that are sent from an unknown or suspicious user. It is advisable that if a user believes the message may be legitimate, to type in the domain name for the legitimate company website into their web browser, rather than following the link in the message. Users should block any numbers that they believe are suspicious to prevent any further risk of smishing from that number. Figure 5.3: Smishing. Vishing Vishing (or voice phishing) has the same aim as phishing, to obtain a user's personal details. The user receives a telephone call that could either be an automated system or could be a real person. An automated voice could speak to the user and advise them that an issue has occurred, such as there has been suspicious activity regarding their bank account. The user may then be asked to call another number, or just to simply press a digit and be directed to another automated system. This system will ask them to provide their bank account details to resolve the issue. The bank account details have then been obtained by the unauthorised user and can be used to commit a crime against the user. The automated system could be replaced by a real person who will try to do the same thing. They will try to convince the user that there has been an issue with an account they have and to provide the log-in details or PIN for the account to verify who they are so the issue can be resolved. The precaution to take for vishing is that no company will ever call you and ask you to provide any log-in details or PIN details over the telephone. They may ask you to provide other personal information, and if you are in doubt that the person on the other end of the phone is legitimate, it is always advisable to put the phone down and call the company back on a legitimate number that you may already know or can obtain. Figure 5.4: Vishing. Pharming Pharming is when an unauthorised user installs malicious code on a person's hard drive or server. The malicious code is designed to redirect a user to a fake website when they type in the address of a legitimate one. The fake website is designed to look like the legitimate one, to trick the user and make sure they are not aware that their request has been redirected. The user will then enter their personal details into the fake website, believing it is the legitimate one, and the unauthorised person will now have their personal data. A common technique used in pharming is called domain name server (DNS) cache poisoning. This technique exploits vulnerabilities in the DNS and diverts the internet traffic intended for a legitimate server toward a fake one instead. The unauthorised user needs to find a way to install the malicious code on the computer. They often hide the malicious code in an email attachment or link. When the user opens the email attachment or clicks the link, the malicious code is downloaded also. Figure 5.5: Pharming. The aim of a pharming attack is also to steal a user's personal data. A real-life example of pharming In 2007 50 different companies all over the world were subject to a pharming attack, these included PayPal, eBay, Barclays bank and American Express. Over a three-day period, hackers managed to infect over 1000 PCs a day with a malicious pharming code. When users who had been infected visited the websites of the different companies, they were redirected to a legitimate-looking version of the site that was designed to steal their personal data. The original email, containing the malicious code, was set up to look like a shocking news story. Users were encouraged to click a link in the email to find out more information. The code was downloaded when the user clicked the link. This was quite a sophisticated attack that required legitimate looking websites to be set up for a large number of companies. It is not known how much money the hackers were able to retrieve as a result. How to prevent pharming All of the guidelines to avoid being subjected to phishing are also relevant for recognising pharming. There are also several other precautions that can be taken to check for pharming attacks. These include: âĒHave a firewall installed and operational. A firewall monitors incoming and outgoing traffic from your computer. It checks this traffic against set criteria and will flag and stop any traffic that does not meet the criteria. A firewall could detect and block suspicious traffic, such as a malicious code trying to enter your system. âĒHave an anti-virus program installed that is designed to detect malicious pharming code. You need to scan your computer on a regular basis to check for any malicious code. It is advisable to set up an automatic scan on a daily basis at a time when your computer will normally be switched on. âĒBe aware when using public Wi-Fi connections. A hacker could look to directly access your computer and install the malicious code if you are connected to a public Wi-Fi connection. It is often advisable to use a VPN when using public Wi-Fi. This will help shield your internet activity and personal details from a hacker, making it more difficult for them to access your computer. Smishing can also be used as a form of pharming. A user is sent a link, that when they click is designed to download malware onto their mobile device. Therefore, it is advisable to have security software installed on your mobile and also scan it regularly to detect any presence of malware.Honduras is a Central American nation bordered by Nicaragua, Guatemala, and El Salvador. The Caribbean Sea forms its northern coastline. The Pacific Ocean borders a small southern strip of land. Almanaque Nombre oficial: RepÚblica de Honduras Ãrea total: 112.090 km2 PoblaciÃģn: 9.038.741 Ciudad capital: Tegucigalpa Moneda: lempira Lenguas: espaÃąol, dialectos amerindios Early History Explorer Christopher Columbus came to Honduras in 1502 on his fourth trip to the New World. As was the case in North America, Honduras, in Central America, had been home to many native indigenous groups including the Sumu and Lenca. Some estimates suggest an indigenous population of up to 2,000,000 before the Europeans arrived. Among these indigenous groups were the Maya. Their civilization spread from the YucatÃĄn area of Mexico to Hondurasâ ancient city of CopÃĄn. Spainâs conquest of Honduras began in 1525, but it was not easy. It took until 1539 to fully conquer it. There were conflicts with the native population, who were forced into labor. Many died from disease and abuse. Others were enslaved and sent to the Caribbean islands. In addition, there were pirate attacks and in-fighting among the Spaniards. Phawat/Shutterstock Gold and silver deposits were discovered in Honduras in the 1530s, attracting more settlers. By the mid-16th century, mining was an important industry, mainly in the towns of Gracias and Comayagua. More native labor was needed, taking its toll on the dwindling indigenous population. As a solution, enslaved Africans were introduced in the 1540s. This was well before 1619, when enslaved Africans first arrived in Jamestown in the American colonies. The 17th century was filled with conflicts, primarily between the Spanish and the British. Britain wanted to establish colonies on the Caribbean coast of Honduras. They eventually seized the coast with help from the native Sambo and Miskito peoples. However, Spain later regained control. Independence In the early 1800s in Honduras, resentment toward Spain grew. One reason was that Honduras was subject to more taxes to help pay for conflicts that were happening between Spain and France. Other Spanish colonies were also increasingly resentful toward Spain. In 1776 in North America, the 13 colonies banded together to declare their independence from Britain. Similarly, Honduras joined other Central American provinces. Together, they declared independence from Spain on September 15, 1821. Honduras briefly became a part of Mexico, but in 1823, it became independent from Mexico. It then joined the United Provinces of Central America. This included other former Spanish colonies: Costa Rica, El Salvador, Guatemala, and Nicaragua. But the federation did not last, partially due to divisions in political beliefs. In 1838, Honduras declared its independence from the federation. By the early 1900s, the United States had economic interests in Honduras. American fruit corporations like the Standard Fruit Company and United Fruit Company began investing in Honduras to export bananas. To protect American investments, the United States became more involved in Hondurasâ political affairs. When Nicaragua appeared to threaten the stability in Honduras, US President Taft sent forces to Honduras to protect American interests. The Great Depression caused economic havoc in the United States and elsewhere. In Honduras, this meant economic problems and political turmoil. During this time, General Tiburcio CarÃas Andino was elected president, in 1932. He worked to strengthen the military and pay off Honduran debt. Yet he also worked to gather and maintain his own power. He changed the constitution so that he could extend his term in office as president until 1949. His advanced age and pressure from the United States forced him to allow free elections in 1948. General Francisco MorazÃĄn In 1823, Honduras joined the United Provinces of Central America. In 1830, Tegucigalpa-born General JosÃĐ Francisco MorazÃĄn was elected president of the federation. He remained president until just before the federation disbanded in 1840. aalezk/Shutterstock MorazÃĄn favored liberal policies and the reduced power of the church. MorazÃĄn was a self-educated man. He recognized the importance of education and the need for schools in Honduras. He believed that girls and boys should have an equal opportunity for education. During his presidency, he tried to make improvements in education. He opened schools that were free to attend. In addition to improving education, he established a system of trial by jury. It was based on the Livingston Code, created in Louisiana. This was a set of reforms to the system of legal punishment. Today, Honduras celebrates the Day of the Honduran Soldier on October 3, MorazÃĄnâs birthday. This holiday honors MorazÃĄn for his fight for democracy, liberalism, and the nation. Modern Honduras The last half of the 20th century was a political rollercoaster. There were various coups (government takeovers), conflicts, and changing leaders. Starting in 1963, Honduras was primarily led by military governments. This continued for almost 20 years. In 1969, Honduras fought a four-day war with El Salvador. The conflict was over immigration and the shared border. Though the war was brief, the two nations didnât sign a peace treaty until 1980. With the election of president Roberto Suazo CÃģrdova in 1981, Honduras returned to a civilian government. In the 1980s Honduras was tangled in conflicts of Nicaragua and El Salvador, partly because of the United States. Nicaraguan Contras, who wanted to overthrow the Sandinista government in Nicaragua, were using US-approved bases in Honduras. The United States was also running training camps in Honduras for Salvadoran forces facing their own civil war. This sparked anti-American protests and a desire to reduce the US presence in Honduras. Over the next few decades, Honduras continued to experience political instability. In 2009, President Manuel Zelaya was removed from power by a military coup. People were upset because he called for a referendum to change the constitution. The international community condemned this coup. As a result, Honduras cut diplomatic ties with several countries. In 2010, the United States recognized President Porfirio Lobo Sosa as a democratically elected leader. He was followed by Juan Orlando HernÃĄndez in 2014. However, protests in 2015 called for his resignation over claims of campaign fraud. In 2017, Orlando HernÃĄndez was re-elected in a disputed election.Anti-Rasuah dan IntegritiAnti- Semitism Legislation Anti-slavery movements and emancipation in France. + The sugar industry and attitudes to labour. (Form 4)anti-bullying