“…Following other IS scholars, IS misuse can take the shape of occupational fraud (eg, Cappelli et al, 2012; Dhillon, 1999; ReSpa, 2013; Willison, Lowry, & Paternoster, 2018), deliberate misuse of IS resources and criminal policy violations such as unauthorized access to information and modification (D'Arcy & Hovav, 2009; Hu, Xu, Dinev, & Ling, 2011; Straub, 1990), as well as software piracy (eg, D'Arcy & Hovav, 2007; Lowry, Zhang, & Wu, 2017; Peace, Galletta, & Thong, 2003). Besides, it can take the shape of insertion of malicious codes in extreme cases (Hutchings & Jorna, 2015; Lee, Lee, & Yoo, 2004), or purposeful leaking of confidential data for personal gains (Hovav, 2017; Hu et al, 2011; Smith & Jorna, 2011; Willison et al, 2018), theft and embezzlement (Hutchings & Jorna, 2015; Inuwa, Ononiwu, et al, 2019; Shaw & Stock, 2011) and cover‐up for mistakes in computer systems (Dhillon & Moores, 2001). Espionage (Shaw & Stock, 2011; Shropshire, 2009), sabotage (eg, creating backdoor accounts to syphon money; eg, Shropshire, 2009), and committing intentional errors (eg, Lowry, Posey, Bennett, & Roberts, 2015; Posey, Bennett, & Roberts, 2011) among others can occur to increase the list of such behaviors.…”