1 mark for each risk + 1 mark for corresponding reason why it is a risk and 1 mark for method
of minimisation
Risk: hacking
Reason: illegal/unauthorised access to data
deletion/amendment of data
Minimised: use of passwords/user ids
use of firewalls
encrypt data/encryption
Risk: virus
Reason: can corrupt/delete data
cause computer to crash/run slow
can fill up hard drive with data
Minimised: use of /run anti-virus (software)
do not download software or data from unknown sources
Risk: spyware/key logging (software)
Reason: can read key presses/files/monitors on a user’s computer
Minimised: use of/run anti-spyware (software)
use data entry methods such as drop-down boxes to minimise risk
Risk: phishing
Reason: link/attachments takes user to fake/bogus website
website obtains personal/financial data
Minimised: do not open/click emails/attachments from unknown sources
some firewalls can detect fake/bogus websites
Risk: pharming
Reason: redirects user to fake/bogus website
redirection obtains personal/financial data
Minimised: only trust secure websites, e.g. look for https
check the URL matches the intended site
Risk: credit card fraud/identity theft
Reason: loss of money due to misuse of card/stealing data
Minimised: set passwords
encrypt data/encryption
Risk: cracking
Reason: illegal/unauthorised access to data
Minimised: setting strong passwords
encrypt data/encryption
There may be other valid answers given that are outside the provided mark scheme.