What additional and meaningful responses do you have on the paragraphs below regarding new opportunities e-commerce solutions like EDI present for internal and external perpetrators trying to defraud companies? See paragraphs below.

Internal Opportunities available to Fraud perpetrator: Data theft: Data theft is primary concern for any organization. It is a growing problem for individual computer users as well as large corporations and organizations. Insiders remain a significant threat to the organization's sensitive data. Insider data theft may be due to a malicious employee taking or selling your corporate data or simply making an unintentional mistake. Such stolen data can be sold to third party or use for ransom. Rather than react after sensitive data is lost, the organization should take proactive steps to mitigate the risk of insider data theft. Passwords: Password strategy has been frustrating security consultants since the very beginnings of the internet, all due to the irritating balance needed between protection and convenience. If you chooselong and complex passwords, you can end up forgetting them and losing all access. Creating easy-to-remember passwords leaves systems highly vulnerable and open to attack. If an employee does not follow password requirement and passwords are not secured then it can be cracked easily by hacker to obtain sensitive data from the system. This hacker can be internal or external to the organization. Cyber vandalism: Cyber vandalismis damage or destruction that takes place in digital form. This can be done by different ways like denial of service, deletion of files or physical damage to equipment. These are usually done by disgruntle employees and difficult to discover. Social Engineering: Social engineeringis a broad term that refers to the many ways criminals acquire personal information not only from consumers but also from employees and other players in the flow of payments and shipping. There are list of social engineering fraud method ranges from wide-scale attacks like email phishing for customer passwords to be used in account takeovers, to impersonating company executives, to diverting couriers in order to steal packages. Sniffing: Though used legitimately, it can be used to gather information from unencrypted communications. This can happen when employee uses organization's laptops or mobile device in unprotected environments like hotel, airport or other business networks. Hackers can easily sniff into the computer using open network and obtain information.

External Opportunities available perpetrator: Computer Virus: Another serious threat you must watch out for is malicious software. These usually include viruses, worms, and Trojan horses. All of them pose a grave danger to organization's system. Viruses are normally introduced into the system through external sources. Once they find their way into the network, they completely destroy the computer from the inside by corrupting all the files and disrupting the operations of the e-commerce website. Worms are different from viruses, as they don't require a host and directly spread from the internet. They are deadlier than viruses because they can infect millions of computers in just a few hours. Trojan horses are basically programs designed to perform massive destruction. The root of this threat lies in the downloaded file, hence teaching us a lesson to always check where the downloaded file originates from. Phishing: Receiving fake "you must take action" emails, either to your company or customers is a widely-used ploy and form of trickery used by hackers. It does require follow-through and unintentionally offering up login information or personal identification information. As mentioned in our textbook, if even 1% of the employees respond with sensitive information to such email, it can give easy access of sensitive information to hacker. Falsified Identity: This is the biggest risk in electronic transactions as no one is able to see who is on other side. It is easy to get into illegitimate website to perform business activity. It is also hard to make sure authenticity of the other party as identity theft is biggest concern now a days. Exploitation of Known Vulnerabilities: Attackers are on the lookout for certain vulnerabilities that might be existing in an e-commerce store. Often an e-commerce store is vulnerable to SQL injection and Cross-site Scripting (XSS).SQL injection is a malicious technique where a hacker attacks organization's query submission forms to access its database. They corrupt database with an infectious code, collect data, and later wipe the trail. While in XSS, The attackers can plant a malicious JavaScript snippet on organization's e-commerce store to target your online visitors and customers. Such codes can access your customers' cookies and compute. Bust-out: Bust-out fraud is a common and growing type of business fraud. The perpetrators of business fraud typically obtain cash and/or goods through normal business transactions but with one important twist: They never intend to pay. As their invoices go past due for 30 days, 60 days, 90 days, and so on, they may offer promises of payment or excuses while they complete their scam, but they never pay.