4 MEASURES TO PREVENT AND DETECT FRAUD AND COMPUTER ABUSE

The company, Aeon Bandaraya Melaka, was stated to have no computer frauds or anyone
jeopardising their system. The most common form of computer abuse they confront is unanticipated
viruses in their system.

Other than computer abuse, one of the challenges they confront is frequent theft, which is a
common occurrence. A fun detail about this is that while we were conducting our interview with the
security department, a fraudulent event occurred at the same time. It signifies that we were
fortunate enough to witness how the store department dealt with this problem. To deal with this
scenario, there were detective, preventive, and detective measures available. They stated that they
could only avoid and decrease the problem, but eliminating it would be impossible. They are also
dealing with a similar issue: loss. Loss is a common occurrence in everyday life. That is why Ms.
Amalina indicated that they have approaches to reduce this problem.

Finally, since aeon has a large number of branches, Ms. Amalina claimed that one computer abuse
occurred this year in the Hong Kong branch. The computer fraud is referred to as a cyber security
attack, and it causes major harm to the firm. According to reports, AEON credit card customers
reported being hacked and losing thousands of dollars in minutes. Lau, one of the victims, reported
receiving 11 notices of unauthorised transactions on his AEON JCB credit card, each for the identical
sum of HK$4,296.03 within two minutes. The total amount of unauthorised transactions exceeded
HK$47,000. Throughout this event, the company apply detective and corrective actions as well as
preventive actions, but the damage that it caused was losing customers as a lot of customers were
affected by this situation.

There are numerous techniques of preventative, detective, and corrective actions to tackle these
difficulties in all of these circumstances.

4.1 PREVENTIVE CONTROLS

i. Applying an antivirus system

The prevention action that they offer to this type of issue is to use a virus-fighting system. When
this occurs, it is usually because the system does not yet have an antivirus system or that it
requires a new one. Using an antivirus system assists the organisation in preventing the
occurrence of any other viruses that could be destructive to their internal system in the future.

ii. Prevention for theft and loss

They use a security tag to secure high-demand goods and commodities that are considered
luxurious and pricey. A tin of Milk powder, for example, is one of the high-demand, high-priced
commodities in AEON. The product itself comes in a variety of brands, including Fernleaf and
Enfalac Baby, and it is currently expensive to purchase. People always find a way to steal, and one
way AEON deters criminals who target dairy products is by securing it with the security tag
shown below. This security tag is intended for high-value items such as Uniqlo apparel, dairy
products, and so forth. This would help to discourage theft and loss. An anti-theft RF Detector, as
shown in image 2.0, also prevents theft. This detector had assisted AEON in its efforts to improve
theft control. CCTV and Radio Frequency Identification (RFID) detection security gates and
security guards have also been implemented by AEON. Security guards are stationed at the mall's
entrance and exit to prevent criminals from fleeing, and CCTV is installed in places that are
considered sensitive and have a high possibility of theft occurring. They exclusively concentrate
on these areas in order to have better control over the situation.

Employee theft is also one of the problems they have suffered. To control theft in their team,
they used segregation of duties. For example, a cashier should not be given responsibility to
handle or work in the receiving department. This is done to prevent anyone from having
complete control over any transactions. If there is a lack of staff in one of the departments,
employees from other departments will be assigned to fill that position for the time being.

AEON also prevents loss from expired items by employing a method known as Reduce to clear
(RTC). The loss prevention action is by turnover date, which is 30 days. AEON has a policy that
requires them to sell all of the goods they get within 30 days of obtaining them. This is to prevent
from loss occurring in the company. Employees are also required to do daily examination if there
is enough stock available to sell. If there is shortage, they should immediately report it so that
the company would not gain insufficient goods. This is also to maintain the company from
incurring any losses.

iii. Prevention action for cyber-attacks on AEON cardholders

Users or customers who use AEON cardholders and conduct transactions with the cardholders
safeguard their customers from cyber-attacks by improving account security. To secure their
account, they provide a strong password. They also allow their members to log in to the "AEON
HK" Mobile App and "AEON Netmember" to receive the most recent updates and information
about their transactions at any time and from any location. This could make users more
conscious of their transactions and help to prevent theft or cyber-attacks. If they discover any
unauthorised transactions, AEON has instructed consumers to contact support and report the
problem.
4.3 CORRECTIVE CONTROLS

i. Corrective action to fix antivirus issue

When there is a virus in the software system, staff workers frequently report it using an app
called iAeon. This report will be received by AEON Headquarters (HQ) and the auditors or IT
department, who will scan the system to determine where the virus is situated. They could
identify the virus using a firewall. After discovering the virus, the IT department would
eliminate it by blocking the site where it occurs and then apply an antivirus system.

ii. Corrective action to deal with theft and loss

AEON responses to theft by receiving an alert whenever a notification in the security system is
received. A fraudulent incident occurred at the same time as we were having an interview with
the security officer. This happened at the mall, and the alarm system went off because they
detected this happening. We were quite fortunate to see a fraudulent activity that had not
gone as planned. To find the culprit, the security department would examine the surveillance
cameras. The alarm would immediately notify the police station, allowing them to apprehend
the criminal before he fled. Following that, the company would quickly tighten their security
by placing extra guards in secluded locations and covering every area so that any frauds or
thefts would be easily detected.
They also prevent goods losses by performing routine daily audit checks. This audit check
enables them to quickly recognise expired goods and replace them if they turn out to be
expired. If the items' expiry date is nearing, they will sell them using the Reduce to clear
method (RTC). As a result, if the products are close to expire, they use a process known as
reduce to clear (RTC), in which they sell the goods at a percentage discount up to a specified
amount. This method is used to reduce AEON's losses.
They also apply a corrective action against employee’s theft. If an employee is detected
violating their duties and stealing from the company, there are remedies available as a
corrective measure for dishonest employees. Employees would be given a warning notice if
the problem was not severe, but if it was, they would be fired or imprisoned for breach of
duty.

iii. Corrective action against hacked AEON credit cards

Ms. Ema previously stated that AEON credit card holders in Hong Kong were recently hacked in
bulk, resulting in a loss of thousands of dollars while also harming the customer. Lau, who was
one of the victims during this incident, promptly called the customer care hotline and headed
to the AEON Credit Services branch to handle the situation. However, the staff simply recorded
all the relevant details and stated that they could only handle the matter through standard
procedures. Staff stated that senior management was having a meeting to discuss the matter
and had suspended the impacted credit cards. He suspected that a system update had caused
the problem. AEON Financial Services recognises the severity of the situation and the effect
that it has had on its customers. As a result of this circumstance, the corrective action that
AEON Financial Services will implement is extra security measures that will enhance its existing
standards. Stricter verification methods, improved monitoring systems, and more effective
methods for identifying fraudulent activity will be among these steps.
Closing sentences…

https://www.aeon.com.hk/en/credit-card/detail_cyber_security.html

https://www.dimsumdaily.hk/aeon-credit-cards-reportedly-hacked-in-bulk-thousands-of-dollars-lost-
within-minutes/