Detecting complex account fraud in the enterprise: The role of technical and non-technical controls

Authors:
Sigi Goode;David Lacey
Affiliations:
-;-
Venue:
Decision Support Systems
Year:
2011

Citing 22
Cited 1

An analysis of security incidents on the Internet 1989-1995

An analysis of security incidents on the Internet 1989-1995
Coping with systems risk: security planning models for management decision making

MIS Quarterly
Technical opinion: Information system security management in the new millennium

Communications of the ACM
Why there aren't more information security research studies

Information and Management
Fighting organized crimes: using shortest-path algorithms to identify associations in criminal networks

Decision Support Systems
The Value of Intrusion Detection Systems in Information Technology Security Architecture

Information Systems Research
A longitudinal study of information system threat categories: the enduring problem of human error

ACM SIGMIS Database
Preventive and deterrent controls for software piracy

Journal of Management Information Systems
On Data Reliability Assessment in Accounting Information Systems

Information Systems Research
Is Information Security Under Control?: Investigating Quality in Information Security Management

IEEE Security and Privacy
Threats and countermeasures for information system security: A cross-industry study

Information and Management
Deterring internal information systems misuse

Communications of the ACM
Managing the false alarms: A framework for assurance and verification of surveillance monitoring

Information Systems Frontiers
An investigation of Zipf's Law for fraud detection (DSS#06-10-1826R(2))

Decision Support Systems
Intrusion Prevention in Information Systems: Reactive and Proactive Responses

Journal of Management Information Systems
Identifying disgruntled employee systems fraud risk through text mining: A simple solution for a multi-billion dollar problem

Decision Support Systems
Choice and Chance: A Conceptual Model of Paths to Information Security Compromise

Information Systems Research
Visualizing criminal relationships: comparison of a hyperbolic tree and a hierarchical list

Decision Support Systems
An outlier-based data association method for linking criminal incidents

Decision Support Systems - Special issue: Intelligence and security informatics
Fighting cybercrime: a review and the Taiwan experience

Decision Support Systems - Special issue: Intelligence and security informatics
Analysis of modern IS security development approaches: towards the next generation of social and adaptable ISS methods

Information and Organization
Case study: Computer crime at CEFORMA: a case study

International Journal of Information Management: The Journal for Information Professionals

BizPro: Extracting and categorizing business intelligence factors from textual news articles

International Journal of Information Management: The Journal for Information Professionals

Quantified Score

Hi-index	0.00

Visualization

Abstract

Complex fraud, involving heightened offender knowledge of organizational processes, can be especially damaging to the firm. Much research has focused on technical, quantitative detection methods. This paper uses multidimensional scaling of empirical fraud event data from a large telecommunications firm to illustrate how technical and socio-technical fraud controls are used to detect fraud at varying levels of time exposure and dollar loss. The evidence suggests that technical controls only detect one third of fraud cases with zero time exposure and loss. More complex fraud is detected with a range of technical and socio-technical controls from inside and outside the firm. Interviews with twelve fraud managers and investigators are used to confirm the findings.