The traditional village market has been replaced by the global digital market. The internet has transformed trading of goods, services and commodities fundamentally. Kenyans have swiftly embraced technology and once the national fiber and submarine cable infrastructure is in place, expect a boom in electronic commerce.
However the same problems of fraud that were witnessed in the village market have crept into the digital realm. Fraudulent schemes continue unabated even in the internet. Digital thugs are busy attempting to defraud online customers by misrepresentation and deception. These online criminals try to present goods and services that look, as much as possible, like those that legitimate e-commerce merchants offer.
Their access point is usually the website. The website today’s bank counter, the first access point. An e-commerce trader has to be more vigilant than the brick and mortar bank manager. This is because a cyber criminal can easily breach an e-commerce website, commit fraud and leave undetected.
It is therefore vital to counter these web attacks by understanding and using various profiling techniques. One of the most effective is Staging (or posing). This is a profiling technique that can be used to obtain a profile of a financial intruder.
Staging is the manner of website defacement or the way particular files or resources are left once penetrated by the intruder. The habit of leaving deliberate ‘calling cards’, is not common among cyber fraudsters. This is because their motive is to breach e-commerce websites and obtain the data. This can only be achieved by employing a sustained covert connection to the system.
They therefore go to great lengths to cover their tracks. The alteration of a crime scene to confuse or mislead is common and is a good example of staging. The forensic investigator looks for signs that not only indicate the presence of an online fraudster but also of cover-up signs.
Intruders attempt to hide or remove evidence of an intrusion by deleting logs, altering date-time stamps, and installing their own utilities to subvert the operating system. They also use strong encryption to cloak their activities by encrypting data before stealing it, encoding communications between compromised hosts and obfuscating executables.
It is therefore important to identify the absence of the obvious as well as the presence of the obvious online financial intruder tracks. The presence of encrypted packets within a network is evidence of an intrusion. The absence of router network logs is indicative of an intrusion.
Staging is, therefore, a useful profiling technique that can assist our budding local e-entrepreneurs.