if you’re trying to be malicious, wouldn’t it be better to multiply by Rand() instead of divide by Rand()?

assuming there are a decent number of recorded sales, you’d end up seeing many of the calls to Rand() returning values very close to 0. so, if you’re dividing by those values, you’d end see lots of sales records reporting values in the thousands, millions, or even billions of dollars. i feel like that screams “software bug” more than anything. on the other hand, seeing lots of values multiplied by values close to 0 would certainly look weird, but it wouldn’t be as immediately suspicious.

(of course a better thing would just be to use Rand() on a range other than [0,1])