Coning

PDF generated using the open source mwlib toolkit. See http://code.pediapress.com/ for more information. PDF generated at: Fri, 25 Feb 2011 02:06:36 UTC

Contents
Articles
Confidence trick Cups and balls Shell game Three-card Monte Shill Sleight of hand Misdirection Fraud Ponzi scheme Pyramid scheme Soapy Smith Franchise fraud White-collar crime List of real-life con artists Scam baiting Scad (scam ad) Social engineering (security) Phishing Penetration test Physical information security SMiShing Vishing Moving scam List of confidence tricks Advance-fee fraud Pig in a poke Thai gem scam White van speaker scam Badger game Clip joint Insurance fraud Fiddle game Pigeon drop Art student scam 1 3 6 9 13 17 19 20 25 28 34 42 46 50 52 53 54 60 74 77 79 80 81 82 95 115 117 118 124 125 127 135 135 136

Psychic surgery Organized crime Identity theft Money laundering Extortion Hacker (computer security)

139 144 149 160 168 169

References
Article Sources and Contributors Image Sources, Licenses and Contributors 176 182

Article Licenses
License 183

Confidence trick

1

Confidence trick
A confidence trick or confidence game (also known as a bunko, con, flim flam, gaffle, grift, hustle, scam, scheme, swindle or bamboozle) is an attempt to defraud a person or group by gaining their confidence. The victim is known as the mark, the trickster is called a confidence man, con man, confidence trickster, grifter, or con artist, and any accomplices are known as plants. Confidence men or women exploit characteristics of the human psyche such as greed, both dishonesty and honesty, vanity, compassion, credulity, irresponsibility, naïveté, and the thought of trying to get something of value for nothing or for something far less valuable. Confidence men or women have victimized individuals from all walks of life.

Cups and balls is a kind of gambling which is usually administered as a confidence trick.

History
The first known usage of the term "confidence man" in English was in 1849. It was used by American press during the United States trial of William Thompson. Thompson chatted with strangers until he asked, if they had the confidence, to lend him their watches, whereupon he would walk off with the watch. He was captured when a victim recognized him on the street.[1]

Vulnerability to confidence tricks
Confidence tricks exploit typical human qualities such as greed, dishonesty, vanity, honesty, compassion, credulity, irresponsibility and naïveté. The common factor is that the victim (mark) relies on the good faith of the con artist. Just as there is no typical profile for swindlers, neither is there one for their victims. Virtually anyone can fall prey to fraudulent crimes. ... Certainly victims of high-yield investment frauds may possess a level of greed which exceeds their caution as well as a willingness to believe what they want to believe. However, not all fraud victims are greedy, risk-taking, self-deceptive individuals looking to make a quick dollar. Nor are all fraud victims naïve, uneducated, or elderly.[2] A greedy or dishonest mark may attempt to out-cheat the con artist, only to discover that he or she has been manipulated into losing from the very beginning. This is such a general principle in confidence tricks that there is a saying among con men that "you can't cheat an honest man."[3] Shills, also known as accomplices, help manipulate the mark into accepting the con man's plan. In a traditional confidence trick, the mark is led to believe that he will be able to win money or some other prize by doing some task. The accomplices may pretend to be strangers who have benefited from performing the task in the past.

Confidence trick

2

Fictional con artists
See Category:Fictional con artists

References
[1] Karen Halttunen, Confidence Men and Painted Women, p 6 ISBN 0-300-02835-0 [2] crimes-of-persuasion.com (http:/ / www. crimes-of-persuasion. com/ Victims/ victims. htm) Fraud Victim Advice / Assistance for Consumer Scams and Investment Frauds [3] A Conversation with James Swain online (http:/ / www. randomhouse. com/ catalog/ display. pperl?isbn=9780345478368& view=auqa)

Further reading
• Ball, J. Bowyer; Whaley, Barton (1982). Cheating and Deception (reprint 1991) (http://books.google.com/ books?id=ojmwSoW8g7IC). New Brunswick (USA), London (UK): Transaction Publishers. ISBN 0-88738-868-X. • Blundell, Nigel (1984) [1982]. The World's Greatest Crooks and Conmen and other mischievous malefactors. London: Octopus Books. ISBN 0-7064-2144-2. • Dillon, Eamon (2008) [2008]. The Fraudsters: Sharks and Charlatans - How Con Artists Make Their Money. Merlin Publishing. ISBN 978-1-903582-82-4. • Ford, Charles V. (1999) [1999]. Lies! Lies!! Lies!!!: The Psychology of Deceit (http://books.google.com/ books?id=_FSc5C2bFYUC). American Psychiatric Publishing, Inc.. ISBN 978-0-880489-97-3. • Henderson, Les (2000). Crimes of Persuasion: Schemes, scams, frauds (http://books.google.com/ books?id=-aJ8d_oewg8C). Coyote Ridge Publishing. ISBN 0-9687133-0-0. • Kaminski, Marek M. (2004). Games Prisoners Play (http://books.google.com/books?id=YIGzIaNmokgC). Princeton: Princeton University Press. ISBN 0-691-11721-7. • Maurer, David W. (1999) [1940]. The Big Con: The Story of the Confidence Man and the Confidence Game (reprinted) (http://books.google.com/books?id=xJUOAAAACAAJ). New York: Bobbs Merrill / Anchor Books. ISBN 0-385-49538-2. • Maurer, David W. (1974). The American Confidence Man (http://books.google.com/ books?id=W6twAAAACAAJ). Springfield: Charles C. Thomas, Publisher. ISBN 0-398-02974-1. • Sutherland, Edwin Hardin (1937). The Professional Thief (reprint 1989) (http://books.google.com/ books?id=muZuPt327pwC). Chicago: University of Chicago Press. ISBN 978-0-226-78051-1.

External links
• "Arrest of the Confidence Man" (http://chnm.gmu.edu/lostmuseum/lm/328/) New York Herald, 1849 • Dateline NBC investigation (http://www.msnbc.msn.com/id/17697615/) 'To Catch a Con Man'

Cups and balls

3

Cups and balls
The cups and balls is a classic performance of magic with innumerable adaptations. The effect known as acetabula et calculi was performed by Roman conjurers as far back as two thousand years ago. One popularly circulated painting of two men holding two inverted cups over two round objects has been taken by some as evidence that the effect dates back to Ancient Egypt, though experts now doubt that that is what the picture shows. Indeed the more commonly accepted view now is that the image depicts something rather more mundane: the baking of bread. The most widely performed version of the effect uses three cups and three small balls. The magician makes Hieronymus Bosch: The Conjurer, 1475-1480. Notice the man on the the balls pass through the solid bottoms of the cups, far left is stealing the other man's purse while he is distracted by the jump from cup to cup, disappear from the cup and game appear in other places, or vanish from various places and reappear under the cups (sometimes under the same cup), often ending with larger objects, like fruit, or even chicks or mice, appearing under the cups. A typical cups and balls routine includes many of the most fundamental effects of magic, including vanishes, appearances, transpositions and substitutions. Basic skills, such as misdirection, manual dexterity, and audience management are also essential to most cups and balls routines. As a result, mastery of the cups and balls is considered by many as the litmus test of a good magician. Indeed the late magic authority, John Mullholland, wrote that no less a person than Harry Houdini had expressed the opinion that no one could be considered an accomplished magician until he had mastered the Cups and Balls.[1] Instead of cups, other types of covers can be used, such as bowls or hats. The classic shell game con is a rogue-variant of the cups and balls.[2]

Cups and balls

4

Performance and variations
A basic routine is the triple penetration of the balls through inverted cups onto the table surface. One at a time, the balls are placed on top of an inverted cup, covered with a second cup, and caused to penetrate the cup and land on the table. This is repeated twice more with the two remaining balls until all three balls have penetrated the cup and gathered together on the table. A routine involving sleight of hand opens up more possibilities for the performer. The balls can appear, vanish, change color, travel between cups, grow in size or change into completely different objects. For the climax of the routine, the cups can be lifted to reveal objects of a totally different character or, at any rate, objects that are considerably larger than the small balls. Often, multiple objects are produced from under the cups, such as four pieces of fruit, which cannot even physically fit back inside the cups, making the routine all the more mystifying. Dai Vernon's handling of the Cups and Balls - especially his ending sequence is generally considered to be the single most influential cups and balls routine of the modern era.

Christian Farla performs Cups and Balls on stage.

Gazzo Macee, (aka Gary Osborne), has also influenced the theory and thinking of the traditional cups and balls routine by performing an extended routine, sometimes over thirty minutes in length, producing several large fruit and a melon from under a hat. He performs the cups and balls as an interactive comedic routine in his repertoire of street magic - a routine, incidentally, that borrows heavily from the Vernon routine. Other modern performers have altered the number of cups used in the effect. John Ramsay, David Williamson and Tommy Wonder, for example, have performed routines with only two cups. Some performers have also performed a variation on the Traditional Cups and Balls routine with only one cup (though this is different from the Chop Cup routine).

Chop Cup
A fairly modern development is the 'Chop Cup'. The cup can be lifted to be shown empty and replaced on the table. The ball then appears when the cup is lifted again. The inventor of the idea behind the trick is unknown but the modern method was popularized around 1954 by Al Wheatley who performed with his wife in a Chinese-costumed act called "Chop Chop and Charlene. The Chicago close-up magician Don Alan performed his streamlined 'Chop Cup' routine on television which was then immediately imitated by magicians. Many magicians today have variations of this routine in their repertoire.

Penn & Teller
The magic duo Penn & Teller performs a unique version of the cups and balls trick in their act. Initially, they perform the trick with small aluminum foil balls and plastic cups. The trick ends with the appearance of larger foil balls under the cups, and the surprise appearance of an extra unrelated object, such as a potato or a lime, under one or more cups. They then repeat the trick using transparent plastic cups, claiming that they will reveal how to perform the trick.[3] However, as part of the joke, they do the trick so fast as to make it difficult to follow. They claim that this version of the cups and balls breaks all four rules of magic: not to tell the audience how a trick is done, not to repeat the same trick twice, not to show the audience the secret preparation, and the 'unwritten rule' never to perform the cups and balls with clear plastic cups. They claim this version of the trick got them kicked out of The Magic

Cups and balls Castle, which comprises an appealing premise to the lay audience.

5

Noted performers
Michael Ammar, Paul Gertner, Aldo Colombini, Rafael Benatar, Paul Daniels, Gazzo, Bob White, Johnny Thompson and Al Schneider are among the world's leading professional practitioners of Cups and Balls magic. Other celebrated performers but now deceased included Bosco, Conus, "Pop" Krieger, Malini, S.Leo Horowitz (also known as Mohammed Bey), E.G. Brown, Dai Vernon, Charlie Miller, Johnny Platt,, Ross Bertram, Johnny Paul, Mike Rogers, Bob Read and the street magician/busker, Jim Cellini, who died in 2009.

Noted authorities
Bill Palmer of Houston, Texas, owns the world's largest collection of cups. He owns and operates the online "Cups and Balls Museum". A password is required to enter and browse the museum but this is usually issued promptly, free of charge, upon request. In addition, Palmer is generally regarded as the single most authoritative source of knowledge on virtually all aspects of the subject. The estate of the late British magician, Bob Read, owns the world's largest collection of prints depicting cups and balls magic, a popular subject of pre-20th century artists. Michael Ammar's "The Complete Cups And Balls", available both in book form and in a two-volume DVD set, is generally considered the most comprehensive course of instruction on cups and balls techniques. There is, however, an enormous body of literature on cups and balls spanning a period of some two thousand years but with most of it concentrated from the 18th century onward to the present day.

External links
• • • • • • RNT2 - World's Largest Manufacturer of Cups and Balls [4] Cups and Balls Magic - Reviews, Articles and News [5] YouTube: Penn and Teller's Cups and balls [6] YouTube: Tim Ellis' FISM award winning Cups and balls [7] YouTube: Cups and balls performed by [[Tommy Wonder (magician)|Tommy Wonder [8]]] Cups and Balls Feature on Ye Olde Magick Blogge [9]

References
[1] See introduction to Cups and Balls Magic by Tim Osborne (1937) [2] "shell game". Encyclopædia Britannica. 2009. http:/ / www. britannica. com/ EBchecked/ topic/ 539702/ shell-game [3] Musgrave, Andrew (2010). "Penn and Teller Expose the Cups and Balls" (http:/ / sleightly. com/ blog/ 2010/ 02/ 22/ penn-and-teller-expose-the-cups-and-balls/ ). Ye Olde Magick Blogge. . [4] http:/ / www. rnt2. com/ [5] http:/ / www. cupsandballsmagic. com/ [6] http:/ / www. youtube. com/ watch?v=BPyvAtQYVok [7] http:/ / www. youtube. com/ watch?v=xV30vPxEhZo [8] http:/ / www. youtube. com/ watch?v=eKwiE6DgxFc [9] http:/ / sleightly. com/ blog/ cups-and-balls/

Shell game

6

Shell game
The shell game (also known as Thimblerig, Three shells and a pea, the old army game) is portrayed as a gambling game, but in reality, when a wager for money is made, it is a confidence trick used to perpetrate fraud. In confidence trick slang, this famous swindle is referred to as a short-con because it is quick and easy to pull off.

"Play"
The game requires three shells (thimbles, walnut shells, bottle caps, plastic cups, and even match boxes have been used), and a small, soft round ball, about the size of a pea, and often referred to as such. It can be played on almost any flat surface, but on the streets it is often seen played on a mat lying on the ground, or on a cardboard box. The person perpetrating the swindle (called the thimblerigger, operator, or shell man) begins the game by placing the pea under one of the shells, then quickly shuffles the shells around. Once done shuffling, the operator takes bets from his An illegal shell game performed with bottle caps on Fulton Street in New York City audience on the location of the pea. The audience is told that if a player bets and guesses correctly, the player will win back double his bet (that is, he will double his money); otherwise he loses his money. However, in the hands of a skilled operator, it is not possible for the game to be won, unless the operator wants the player to win or if the player is allowed to touch the shells, in which case the player has a chance. The player must turn over any two shells saying that the pea is under neither of these. Since the pea is usually palmed, it is not under any of the shells and the operator has no choice but to pay up. This can only be done once. When an individual not familiar with the shell game encounters a game on the streets, it appears that bets are being placed by numerous players, when in reality, the people around the game are shills who are all part of the confidence trick. The apparent players actually serve various roles in the swindle: they act as lookouts for the police; they also serve as "muscle" to intimidate marks who become unruly and some are shills, whose job is to pretend to play the game, and entice the mark into betting. Once a mark enters the circle of apparent players and faces the operator, the gang surrounds them to discourage an easy exit and to keep other pedestrians from entering and disrupting the confidence trick gang's action on the main mark. The job of crowding around also protects the operator from any incriminating photographs being taken of the act. The operator and the shills will try to get the mark into a heightened state of anger or greed. Once this is accomplished, one shill will pretend to disclose a winning strategy to the mark. It is all a ruse to get the mark to place a large bet.

Shell game

7

The operator's trick is sleight of hand. A skilled operator can remove a pea from under any shell (or shells) and place it (or not) under any shell (or shells) undetected by a mark. So it is never of any benefit for the mark to watch the movement of either the shells or the operator's hands. When the operator has finished moving the shells around, he asks the mark if they wish to bet on the play. If a mark agrees, they have to place their money down before they can point to a shell. Using sleight of hand, the pea is revealed to be under a different shell than chosen. If no mark wants to play, one of the shills may start An illegal shell game in Drottninggatan, a street in Stockholm. the play in order to animate the mark. The shill will either lift a shell which is "obviously" wrong and will lose his money, or he lifts the "obvious" shell and wins. Or he may pretend that he has discovered some trick, and either "succeed" or clumsily fail. The game should not be mistaken for an honest game. It is not possible for a mark to win, even if they know how the trick is worked, or even if they "accidentally" pick the shell that actually has the pea under it. Through very skilled sleight of hand, the operator can easily hide the pea, without the mark's seeing him do so. Any player who is suspected of understanding the trick, or does not place a bet and just wants to watch, will be quickly edged away from the table by the shills or the muscle. The shell game set-up and lay-out is quick and simple, so that in the event of trouble, or if they are signaled that authorities are approaching, they can remove all traces of the game in seconds.

History
The shell game dates back at least to Ancient Greece.[1] It can be seen in several paintings of the European Middle Ages. A book published in England in 1670 (Hull Elections - Richard Perry and his fiddler wife) mentions the thimblerig game. In the 1790s, it was called "thimblerig" as it was originally played using sewing thimbles. Later, walnut shells were used, and today the use of bottle caps is very common. It was believed to be introduced to the U.S. by a Dr. Bennett. The swindle became very popular throughout the nineteenth century, and games were often set up in or around traveling fairs. Fear of jail kept these shell men traveling from one town to the next, never staying in one place very long. One of the most infamous confidence men of the nineteenth century, Jefferson Randolph Smith, known as Soapy Smith, led organized gangs of shell men throughout the mid-western United States, and later in Alaska.

Today, the game is still being played for money in many major cities around the world, usually at locations with a high tourist concentration (for example: New York and Los Angeles, in the United States, La Rambla in Barcelona, Spain, Gran Via in Madrid, Kurfürstendamm in Berlin, Germany, Bahnhofsviertel in Frankfurt am Main). The swindle is classified as a confidence trick game, and illegal to play for money in most countries.

"The Conjurer," painted by Hieronymus Bosch. The painting accurately displays a performer doing the cups and ballscups and balls routine, which has been practiced since Egyptian times. The shell game does have some origins in this old trick. The real trick of this painting is the pickpocket who is working for the conjurer. The pickpocket is robbing the spectator who is bent over.

Shell game The game also inspired a pricing game on the game show The Price Is Right, in which contestants attempt to win a larger prize and choices of four shells, one of which hides a ball, by correctly pricing smaller prizes.

8

Bibliography
• Bishop, Glen, The Shellgame - For Tableside Tricksters, 2000 • Price, Paul, The Real Work: Essential Sleight Of Hand For Street Operators, 2001 • Whit Haydn and Chef Anton, Notes on Three-card Monte

Notes
[1] "Shell Game." Encyclopaedia Britannica. http:/ / www. britannica. com/ EBchecked/ topic/ 539702/ shell-game

External links
• Play the shell game (http://soapysmith.net/page9.html), Play the several versions of the shell game and see video clips of the shell game being performed. • How do big city shell games work? (http://www.howstuffworks.com/question590.htm)

Three-card Monte

9

Three-card Monte
"Three-card monte" is also a name for the original, non-casino version of Three-Card Poker.
Three-card Monte

A three-card Monte game in Jaffa, Israel. It has all the hallmarks of the con; the cards are slightly curved, the corners have been bent and the dealer has the cash in hand to conceal any sleight-of-hand. Origin Type Players Skills required Cards Deck Playing time Random chance Spanish Gambling Np. Chance 3 Anglo-American 5-10 min. Easy Related games Monte Bank

Three-card Monte, also known as the Three-card marney, Three-card trick, Three-Way, Three-card shuffle, Menage-a-card, Triplets, Follow the lady, Les Trois Perdants, Find the lady, or Follow the Bee is a confidence game in which the victim, or mark, is tricked into betting a sum of money, on the assumption that they can find the money card among three face-down playing cards. In its full form, Three-card Monte is an example of a classic short con in which a shill pretends to conspire with the mark to cheat the dealer, while in fact conspiring with the dealer to cheat the mark. This confidence trick was already in use by the turn of the 15th century,[1] having a great deal in common with the shell game; they are the same except that cards are used instead of "shells".[2]

Rules
The three-card Monte game itself is very simple. To play, a dealer places three cards face down on a table, usually on a cardboard box which provides the ability to set up and disappear quickly.[3] The dealer shows that one of the cards is the target card, e.g., the Queen of Hearts, and then rearranges the cards quickly to confuse the player about which card is which. The player is then given an opportunity to select one of the three cards. If the player correctly identifies the Queen of Hearts, the player wins an amount equal to the amount bet; otherwise, he loses his stake.

Three-card Monte

10

Usual card selection
Since there are only three cards, the Jack of spades and Jack of clubs often complement the "money card", which is usually a Queen.[4] The Queen is often a red card, typically the Queen of hearts. Sometimes the Ace of spades is used as the money card, since the Ace of spades is viewed as lucky, which might lure the mark into playing the game.

Drawing a player in
When the mark arrives at the three-card Monte game, it is likely that a number of other players will be seen winning and losing money at the game. The people engaged in playing the game are often shills, confederates of the dealer who pretend to play so as to give the illusion of a straight gambling game. As the mark watches the game, they are likely to notice that they can follow the queen more easily than the shills seem to be able to, which sets them up to believe that they can beat the game. Eventually, if the mark enters the game, they will be cheated through any number of methods. An example of a simple scheme involves a dealer and two shills: • The dealer and shills act as if they do not know each other. The mark will come upon a game being conducted in a seemingly clandestine manner, perhaps with somebody "looking out" for police. The dealer will be engaged in his role, with the first shill betting money. The first shill may be winning, leading the mark to observe that easy money may be had, or losing, leading the mark to observe that he could beat the game and win money where the first shill is losing it. A three-card Monte stand in Warsaw, July 1944 • While the mark is watching, the second shill, acting as if he is a casual passerby like the mark, will casually engage a mark in conversation regarding the game, commenting on either how easily the first shill is winning or how he is losing money because he cannot win at what appears to the mark to be a simple game. This conversation is engineered to implicitly encourage the mark to play, and it is possible the second shill could resort to outright encouragement. • If the mark does not enter the game, the dealer may claim to see police and will fold up his operation and restart it elsewhere, or will wait for another mark to appear on the scene. • If the mark enters the game, they may be "had" (cheated) by a number of techniques. A common belief is that the operator may let the mark win a couple of bets to suck them in, but this is virtually never true. In a true Monte scam, the mark is unlikely to ever win a single bet. It is simply not necessary. There are just too many ways for a well-run mob to attract the marks, suck them in, and convince them to put money down. • When the dealer and the shills have taken the mark, a lookout, the dealer, or a shill acting as an observer will claim to have spotted the police. The dealer will quickly pack up the game and disperse along with the shills.

How it is done
Dealers employ sleight of hand[5] and misdirection to prevent the mark from finding the queen. Several moves are in common use.

The throw
In the throw, the dealer holds 2 cards face down in one hand. The top card is held between the thumb and second finger; the bottom card is held below it, between the thumb and third finger. The dealer then sweeps his hand down and throws one card on the table. The mark naturally assumes that the dealer has thrown the bottom card; however, the dealer may throw either the bottom card, by releasing his third finger, or the top card, by releasing his second finger.

Three-card Monte Done properly, the throw makes it virtually impossible for an observer to tell which card has fallen. Even shills can't reliably follow cards through the throw. Three card Monte crews use secret signals so that the dealer can tell the shills where the queen is.[5] The throw accounts for the characteristic sideways motion of the dealer's hands as the cards are moved around on the table.

11

Dealer's scams
If the mark picks the right card, one of the shills will simply post a higher bid, which the dealer immediately accepts, saying "I only accept the highest bid." In other words, the mark may put down $20 on the right card. A shill will then throw down $40 on top of the card, thereby winning the "right" to play that round. Of course, if the mark picks the wrong card, the dealer takes the bid and the money. The dealer will never, ever, accept a winning bid from a mark.

The Mexican turnover
If a mark should happen to pick the queen when the dealer doesn't want it, the dealer can use a Mexican turnover to exchange it with another card.[5] First, the dealer picks up another card—not the one that the mark has chosen. The dealer holds it by a corner between thumb and forefinger, and slides it under the chosen card—ostensibly in order to turn over the chosen card. In fact, as the two cards come vertical, the dealer shifts his grip from the unchosen card to the chosen card, taking the chosen card away in his hand and leaving the unchosen card to fall face up on the table. Like the throw, a properly executed Mexican turnover is virtually undetectable.

The Drop Move
If other surrounding players become aware of a dealer possibly cheating, the dealer can "prove" them wrong with the Drop Move. If a mark picks the correct card, the dealer begins to pick up the other cards. Using sleight of hand, the dealer then accidentally "drops" a card he tried to pick up over the box. He then reaches over the box and acts as if he can't reach the card. While still bent over the cardboard box, the dealer asks a player or shill to pick up the dropped card. The card is dropped face down, so the mark doesn't see that the card is wrong. While the player or shill picks up the card, the dealer picks up the two other cards and switches card positions while still hovering over them, so the mark doesn't see. When the dealer gets the card back, he flips over their card, revealing it to be incorrect.

Legality
In Canada, under section 206(1) of the Criminal Code of Canada, it is illegal to do the following in relation to the three-card monte: • • • • • Receive bets Induce any person to stake or hazard any money or other valuable property Carry on or play or offer to carry on or play in a public place Employ any person to carry on or play in a public place Allow the game to take place (the owner of the premise)

They are indictable offences, with the maximum penalty of two years in prison.[6]

Three-card Monte

12

Historic
• It was taking a victim with Three-card Monte, on July 7, 1898, that caused the shooting death, two days later, of infamous con man Soapy Smith.[7] • After revealing the secret behind the trick on British television, American illusionist John Lenahan was expelled from the Magic Circle. • The play Topdog/Underdog features three-card Monte as a significant plot device. • "Canada Bill" Jones (1820–1877), was considered a master of the Three Card Monte in the middle of the 19th century in America.[8]

References
[1] Paul B. Newman Daily life in the Middle Ages (http:/ / books. google. com/ books?id=O8GKt_PPjr8C& pg=PA169& dq=three+ card+ monte+ daily+ life+ in+ the+ middle+ ages& lr=& hl=cs#v=onepage& q=& f=false), pg. 169, McFarland (2001) ISBN 0786408979 [2] Tom Ogden The Complete Idiot's Guide to Magic Tricks, pg. 123, - Alpha Books (1998) ISBN 0028627075 [3] Richard John Neuhaus The best of The Public square, pg. 203, Wm. B. Eerdmans Publishing Company (2001) ISBN 0802849954 [4] Three Card Monte at ♦ (http:/ / www. pagat. com/ misc/ monte. html) at Pagat.com [5] Penn Jillette, radio interview, NPR, ca. 2000 [6] Criminal Code of Canada (http:/ / laws. justice. gc. ca/ eng/ C-46/ 20100510/ page-5. html?rp2=SEARCH& rp3=SI& rp1=three-card monte& rp4=all& rp9=cs& rp10=L& rp13=50#codese:206) [7] Sauerwein, Stan (2005), Soapy Smith, Skagway's Scourge of the Klondike [8] William Norman Thompson Gambling in America: an encyclopedia of history, issues, and society (http:/ / books. google. com/ books?id=-9eNVovFFMoC& pg=PA205& dq=three+ card+ monte& lr=& hl=cs#v=onepage& q=three card monte& f=false), pg. 205, ISBN 1576071596

Notes
• Haydn, Whitand Anton, Chef (2001) Whit Hayden and Chef Anton present the School for Scoundrels notes on three-card monte School for Scoundrels, Alta Loma, California, OCLC 53922163 (http://www.worldcat.org/ oclc/53922163) • Lizardi, José Joaquín Fernández de (1942)The Itching Parrot (translation of (1816) Periquillo Sarniento) Doubleday, Garden City, New York, OCLC 838797 (http://www.worldcat.org/oclc/838797); republished in 2000 under the title The mangy parrot: the life and times of Periquillo Sarniento: written by himself for his children Hackett Publishing, Indianapolis, Indiana, ISBN 0-87220-669-6

External links
• Video walkthrough of a classic street Three Card Monte ruse (http://video.google.com/ videoplay?docid=-163435387173807719) on Video Google • Detailed step by step on how to perform the Three Card Monte (http://www.free-card-tricks.net/ 3-card-monte-card-trick.html) • Epinions review of Three Card Monte (http://www.epinions.com/content_19940937348) • Video showing Three card Monte trick with cards (http://www.card-trick.net/cardtrick13a.htm) • Slide show focusing on the actions and expressions of Times Square Three Card Monte "players" in New York City (http://picasaweb.google.com/john.van.v/Forty_deuce_Monte#slideshow/5270172784445738546)

Shill

13

Shill
A shill or plant is a person who helps another person or organization to sell goods or services without disclosing that he or she has a close relationship with the seller. The shill pretends to have no association with the seller/group and gives onlookers the impression that he or she is an enthusiastic independent customer. The person or group that hires the shill is using crowd psychology, to encourage other onlookers or audience members (who are unaware of the set-up) to purchase the said goods or services. Shills are often employed by confidence artists. The term is also used to describe a person who is paid to help a political party or other advocacy organization to gain adherents; as with the situation of selling goods or services, the shill gives the impression of being unrelated to the group in question, and gives the impression that he or she finds merit in the ideological claims of the political party. Shilling is illegal in many circumstances and in many jurisdictions[1] because of the frequently fraudulent and damaging character of the shill's actions. However, if a shill does not place uninformed parties at a risk of loss, but merely generates "buzz", the shill's actions may be legal. For example, a person planted in an audience to laugh and applaud when desired (see claque), or to participate in on-stage activities as a "random member of the audience", is a type of legal shill.
Auctioneer and assistants, Cheviot, Ohio "Shill" can also be used pejoratively to describe a critic who appears either all-too-eager to heap glowing praise upon mediocre offerings, or who acts as an apologist for glaring flaws. In this sense, they would be an implicit "shill" for the industry at large, possibly because their income is tied to its prosperity. The origin of the term shill is uncertain; it may be an abbreviation of the Yiddish shillaber. The word originally denoted a carnival worker who pretended to be a member of the audience in an attempt to elicit interest in an attraction. Some sources trace the usage only back to 1914.[2] [3]

Internet
In online discussion media, satisfied consumers or "innocent" parties may express specific opinions in order to further the interests of an organization in which they have an interest, such as a commercial vendor or special interest group. Websites may also be set up for the same purpose. For example, an employee of a company that produces a specific product may praise the product anonymously in a discussion forum or group in order to generate interest in that product, service or group. In addition, some shills use sock puppetry where they sign on as one user soliciting recommendations for a specific product or service. They then sign on as a different user pretending to be a satisfied customer of a specific company. In some jurisdictions and circumstances this type of activity may be illegal. In addition, reputable organizations may prohibit their employees and other interested parties (contractors, agents, etc.) from participating in public forums or discussion groups in which a conflict of interest might arise, or will at least insist that their employees and agents refrain from participating in any way that might create a conflict of interest. For example, the plastic surgery company, Lifestyle Lift, ordered their employees to post fake positive reviews on websites. As a result, they were sued, and ordered to pay $300,000 in damages by the New York Attorney General's office. Said Attorney General Andrew Cuomo: "This company’s attempt to generate business by duping consumers was cynical, manipulative, and illegal. My office has [been] and will continue to be on the forefront in protecting consumers against emerging fraud and deception, including ‘astroturfing,’ on the Internet."[4]

Shill

14

Sock puppets
Sometimes shills may be used to downplay legitimate complaints posted by users on the Internet. See Spin (public relations) and sock puppet (internet).

Gambling
Both the illegal and legal gambling industries often use shills to make winning at games appear more likely than it actually is. For example, illegal Three-card Monte and Shell game peddlers are notorious employers of shills. These shills also often aid in cheating, disrupting the game if the "mark" is likely to win. In a legal casino, however, a shill is sometimes a gambler who plays using the casino's money in order to keep games (especially poker) going when there are not enough players. (This is different from a "proposition player" who is paid a salary by the casino for the same purpose, but bets with their own money.)

Marketing
In marketing, shills are often employed to assume the air of satisfied customers and give testimonials to the merits of a given product. This type of shilling is illegal in some jurisdictions but almost impossible to detect. It may be considered a form of unjust enrichment or unfair competition, as in California's Business & Professions Code § 17200, which prohibits any "unfair or fraudulent business act or practice and unfair, deceptive, untrue or misleading advertising".

Auctions
Shills, or "potted plants", are sometimes employed in auctions. Driving prices up with phony bids, they seek to provoke a bidding war among other participants. Often they are told by the seller precisely how high to bid, as the seller actually pays the price (to himself, of course) if the item does not sell, losing only the auction fees. Shilling has a substantially higher rate of occurrence in online auctions, where any user with multiple accounts (and IP addresses) can shill without aid of participants. Many online auction sites employ sophisticated (and usually secret) methods to detect collusion. The online auction site eBay forbids shilling; its rules do not allow friends or employees of a person selling an item to bid on the item. [5]

Journalism
The term is applied metaphorically to journalists or commentators who have vested interests in or associations with parties in a controversial issue. Usually this takes the form of a show or network pretending to be offering news when in fact they are simply repeating talking points offered by a political party. Journalistic ethics require full disclosure of conflicts of interest, and of any interference by other parties with the reportage. More specifically, there is historical cases of Journalists in private media organisations being covert representatives of government and/or businesses. In these roles the journalists will present positive stories about their respective interests at key moments in order to influence public opinion. This is often achieved by claiming to have access to anonymous government or business sources. At other times, the links may actually appear overt to some, but not to the intended audience such as with Radio Free Europe, a broadcaster which targeted Eastern European audiences on behalf of the Central Intelligence Agency. An extension of these tactics is the practice of monitoring news outlets prior to or during publication. Often when a negative story is discovered attempts are made first to stop it. However as this can, in some societies, draw attention to what could otherwise be a minor story, Shill's are used to put out alternative views, either to confuse the public about the legitimacy of the story or to outright convince them that it is a lie.

Shill

15

Research and experiments
A shill in a psychology experiment, or the like, is called a "confederate". In Stanley Milgram's experiment in which the subjects witnessed people getting electric shocks, a confederate would pretend to be one of the experimental subjects who would receive the fake shocks, so that the real experimental subject would think that a draw of names from a hat was random. The confederate would always play the role of the learner, and the subject would be the teacher, and the subject would think that this was a random draw from a hat containing papers that say "learner" and "teacher". In performance art, such as DECONference (Decontamination Conference), the confederates were called "deconfederates", and when a large group of (de)conference attendees were asked to remove all clothing prior to entry to the deconference, the deconfederate, planted among the attendees, would comply immediately with the request, causing all of the others to follow the orders and disrobe as well.[6]

Interrogations

Police or military interrogators sometimes use undercover agents (called "plants") to assist with the interrogation of an individual or suspect. The plant can pose as a fellow inmate or internee, build a rapport and earn the confidence of the interviewee. The plant may subtly suggest that telling the interrogators what they want to know is the sensible or right thing to do. Even if no outright confessions are obtained, minor details and discrepancies that come out in supposedly innocent conversation can be used to chip away at the interviewee. Some plants are in reality inmates or prisoners of war who have been promised better treatment and conditions in return for helping with the interrogation, as in the character played by William Hurt in the film Kiss of the Spider Woman. One notorious UK case is that of Colin Stagg, a man who was falsely accused of the murder of Rachel Nickell, in which a policewoman posed as a potential love interest to try to tempt Stagg to implicate himself.

The experimenter (E) orders the teacher (S), the subject of the experiment, to give what the latter believes are painful electric shocks to a learner (A), who is actually an actor and confederate. The subject believes that for each wrong answer, the learner was receiving actual electric shocks, though in reality there were no such punishments. Being separated from the subject, the confederate set up a tape recorder integrated with the electro-shock generator, which played pre-recorded sounds for each shock level.

Relation to Other Concepts
Puppet Government
Puppet, Vassal or Satellite states have been routinely used in exercises of foreign policy to give weight to the arguments of the country that controls them. Examples of this include the USSR's use of its satellites in the United Nations during the Cold War. These states are also used to give the impression of legitimacy to domestic policies that are ultimately harmful to the population they control, while benefiscial to the government that controls them. Even outside the spectrum of sovereign powers many multiparty democratic systems give foreign powers the capacity to influence political discourse through shills and psuedo sock-puppets. Thanks to the reliance of many political parties on external sources of revenue for campaigns it can be easy for a government or business to either choose which party it funds or to outright create one. This way they can either choose to support existing minority voices that echo their views or form their own, using their funds and usually semi-covert influence to make them a

Shill more prominent voice. Another concept in foreign policy is seen in sovereign alliances. In these instances, an allied country acts on behalf of anothers interests so that it appears that the original power does not want to get involved. This is useful in situations where there is little public support in the original country for the actions. This type of collusion is typically practiced between countries that share common goals and are capable of returning favours. An example of this may be Cuba's role during the Cold War, in sending active combat troops to wars in Africa when it was unpalatable for the USSR to do so.

16

False Flag Operation
Another tool utilising the appearance of another entity is a False Flag Operation. In these operations a government or organisation attempts to impersonate another party while committing an act that will allow it to react. An example of this is the Nazi Operation to destroy German Radio towers while dressed as Polish troops at the onset of World War Two.

Undercover Operations
During covert operations or police investigations agents may routinely claim to be of political views or a part of an organisation in order to gain the confidence of the people they wish to surveil. Sometimes this goes further with the agents participating in acts on behalf of the organisations they infiltrate or falsely represent as was the case during the Operations like Gladio and Chaos. Often the end goal is not just to gain information about the organisation but to discredit them in the eyes of the public. However, these kinds of actions are more similar to False Flag Operations then typical Undercover Operations. In other examples, operatives may act in a manner they deem positive to assist an organisation they cannot have overt ties to.

References
[1] "FTC v. Greeting Cards of America, Inc. et al' - [[United States of America|USA (http:/ / www. ftc. gov/ bcp/ internet/ cases-internet. pdf)]"]. ftc.gov. . [2] "Shill" (http:/ / www. merriam-webster. com/ dictionary/ shill). merriam-webster.com. . [3] Note: Shillaber as a surname was known in the US during the 19th Century. [4] "Attorney General Cuomo secures settlement with plastic surgery franchise that flooded internet with false positive reviews. Cuomo's deal is first case in nation against growing practice of "astroturfing" on Internet 'Lifestyle Lift' Will Pay $300,000 in Penalties and Costs to New York State" (http:/ / www. oag. state. ny. us/ media_center/ 2009/ july/ july14b_09. html). oag.state.ny.us. . Retrieved 25 November 2010. [5] "Man fined over fake eBay auctions" (http:/ / news. bbc. co. uk/ newsbeat/ hi/ technology/ newsid_10500000/ newsid_10508900/ 10508913. stm). BBC. 2010-07-05. . [6] Reference: Volume 36, Number 4, August 2003, E-ISSN: 1530-9282 Print ISSN: 0024-094X, "Decon 2 (Decon Squared): Deconstructing Decontamination", August 2003, pp. 285-290

External links
• FTC v. Greeting Cards of America, Inc. et al (http://www.ftc.gov/bcp/internet/cases-internet.pdf) • EBay's shill policy (http://pages.ebay.com/help/policies/seller-shill-bidding.html) • Catalog of hundreds of examples of shilling in news, retail and on the streets (http://www. howtheychangeyourmind.com/) • Political Shilling in India Elections (http://www.jeetegakaun.in/gujarat_elections_2007/thread.php?id=488) a live example

Sleight of hand

17

Sleight of hand
Sleight of hand, also known as prestidigitation ("quick fingers") or legerdemain, is the set of techniques used by a magician (or card sharp) to manipulate objects such as cards and coins secretly.[1] Sleight of hand is not a separate branch of magic, but rather one of the means used by a magician to produce an effect. It can be contrasted with the flourish, where the magician intentionally displays skills, such as the ability to cut cards one-handed, which is akin to juggling. Advanced sleight of hand requires months or years of practice before it can be performed proficiently in front of spectators. Sleight of hand is mostly employed in close-up magic, but it can also be used in stage magic. There are hundreds of different sleights at the performer's disposal, but they can generally be classified into groups such as switches, changes, and others. There are several stories about magicians using sleight of hand in real life, such as when American illusionist David Copperfield used sleight of hand to fool a mugger into thinking he had nothing in his pockets, even though he was carrying a cellphone, passport and wallet.[2]

Etymology
Sleight, meaning dexterity or deceptiveness, comes from the Old Norse slœgð,[3] meaning cleverness, cunning, slyness.[4] Sleight of hand is often mistakenly written as slight of hand or slide of hand. Slight descends from the Old Norse slettr, meaning plain, flat, even, smooth, level. [5] .

Sleight of hand in close-up magic
Sleight of hand is often used in close-up magic, performed with the audience close to the magician, usually within three or four meters, possibly in physical contact. It often makes use of everyday items as props, such as cards and coins. The guiding principle of sleight-of-hand, articulated by legendary close-up magician Dai Vernon, is "be natural." A well-performed sleight looks like an ordinary, natural and completely innocent gesture, change in hand-position or body posture. It is commonly believed that sleight of hand works because “the hand is quicker than the eye” but this is usually not the case. In addition to manual dexterity, sleight of hand depends on the use of psychology, timing, misdirection, and natural choreography in accomplishing a magical effect. Misdirection is perhaps the most important component of the art of sleight of hand. The magician choreographs his actions so that all spectators are likely to look where he or she wants them to. More importantly, they do not look where the performer does not wish them to look. Two types of misdirection are timing and movement. Timing is simple: by allowing a small amount of time to pass after an action, events are skewed in the viewer's mind. Movement is a little more complicated. A phrase often used is "A larger action covers a smaller action." Care must be taken however to not make the larger action so big that it becomes suspicious. Another common misconception is that close-up magic must utilise either sleight of hand or some kind of rigged apparatus. However, as Henry Hay's Cyclopedia of Magic[6] [7] says, "Many small tricks, especially card tricks, require neither apparatus nor sleight of hand; much apparatus of the "gimmick" type does not require sleight of hand. Illusions, because they deal with objects too big to hold in the hand, are one class of magic that seldom require sleight of hand--though even here sleight of hand "forcing" may be called into play. There are successful illusionists and apparatus conjurers who can do no sleight of hand at all, but their difficulties and restrictions deserve our sympathy rather than our scorn."

Sleight of hand

18

Principles of sleight of hand
The magicians Penn and Teller have been known, as part of their act, to explain sleight of hand while demonstrating it with a performance by Teller, appearing to merely dispose of an old cigarette and light a new cigarette. Teller is, in fact, simply hiding and replacing the same cigarette without ever putting it out. While Teller performs, Penn describes what he is doing, and explains the seven principles of sleight of hand.[8] The seven principles are: 1. 2. 3. 4. 5. 6. 7. Palm - To hold an object in an apparently empty hand. Ditch - To secretly dispose of an unneeded object. Steal - To secretly obtain a needed object. Load - To secretly move an object to where it is needed. Simulation - To give the impression that something has happened that has not. Misdirection - To lead attention away from a secret move. Switch - To secretly exchange one object for another.

This concept of seven principles of sleight of hand was created by Penn & Teller for their effect and routine. In "The Trick Brain", Fitzkie identifies 17 fundamental effects in magic. However it is debatable that the changes in position, material, form, color, size, temperature and weight could all be classified as a change. 1. Production 2. Vanish 3. Change in position 4. Change in material 5. Change in form 6. Change in color 7. Change in size 8. Change in temperature 9. Change in weight 10. Magnetism 11. Levitation 12. Penetration 13. Restoration 14. Remote control 15. Sympathy 16. Divination (Comprising all feats of mental magic) 17. Prediction

Deceit
Sleight-of-hand techniques can also be used to cheat in gambling games, in street con games such as the three-shell game, or three-card monte to steal, or, in some cases, to claim supernatural powers, as in the performances of some 19th- and early 20th-century spirit mediums. For this reason, the term "sleight of hand" frequently carries negative associations of dishonesty and deceit, and is also used metaphorically outside the above contexts. The techniques used by gamblers, however, are often very different from those employed by magicians; similarly, the techniques used by some psychics or spirit mediums are often different from those found in "straight" close-up magic and mentalism. The differences, however, are due to the different working conditions and the different degrees of proximity between spectators and performer; the same basic techniques and approaches are common in all the areas of deception mentioned.

Sleight of hand

19

Performers
Some of the most influential figures in sleight-of-hand and close-up magic have been Doug Henning, John Scarne, Jay Sankey, Dai Vernon, Roy Walton, David Copperfield, Tony Slydini, David Roth, Ed Marlo, Deniz Gaberz-Mah, Tommy Wonder, Michael Ammar, Ricky Jay, David Blaine, Teller of Penn and Teller, Cyril Takayama, Aaron Fisher, David Stone, Ryan MIleti, Rocco Silano, Lu Chen, Larry Jennings, and Alexander Herrmann. Performers often encourage their audience to believe they have used sleight of hand when they are actually using another principle or gimmick as the means of misdirecting the audience. For example, if one is performing something as simple as the appearing/disappearing coins using a thumb tip, the trick lies in the gimmick, but the audience is led to believe that the performer has done something very complex to hide the coins. This directs them away from thinking of a method as simple as the thumb tip.

References
[1] "Conjuring" (http:/ / www. 1911encyclopedia. org/ Conjuring). 1911 Britannica. Love To Know Classic Encyclopedia. . Retrieved 2007-12-29. "The employment of purely manual dexterity without mechanical apparatus may be distinguished as legerdemain, prestidigitation or sleight of hand.". [2] "Magician David Copperfield robbed after show at Kravis Center" (http:/ / www. palmbeachpost. com/ localnews/ content/ local_news/ epaper/ 2006/ 04/ 25/ 0425copperfield. html). . Retrieved 2008-01-11. [3] [4] [5] [6] [7] [8] "Merriam-Webster On Line Dictionary" (http:/ / www. meriam-webster. com/ dictionary/ sleight). . Retrieved 2007-12-29. "Online Etymology Dictionary" (http:/ / www. etymonline. com/ index. php?term=sleight). . Retrieved 2009-03-16. "Germanic Lexicon Project" (http:/ / lexicon. ff. cuni. cz/ corrections/ pdf/ cv_b0567. pdf). . Retrieved 2008-11-22. Hay, Henry. Cyclopedia of Magic (1st Ed. ed.). USA: Philadelphia: David McKay Company. Hay, Henry. Cyclopedia of Magic (reprint ed.). Dover Publications. pp. 498 pages. ISBN 978-0486218083. "Penn and Teller Explain Sleight of Hand" (http:/ / www. youtube. com/ watch?v=_qQX-jayixQ& NR=1). You Tube. . Retrieved 2007-12-29.

Misdirection
Misdirection may refer to: • • • • • • • a technique used when performing magic tricks (see Misdirection (magic)) a technique used in strategy games and warfare (see Feint) an incorrect charge given by a judge to a jury (see Misdirection (Legal)) a technique employed by criminals (see Pickpocketing) a technique used by the intelligence services (see Limited hangout) a technique used in American Football (see Counter Trey) a technique used in fast talk (see Psychobabble and Technobabble)

Fraud

20

Fraud
According to the Collins English Dictionary 10th Edition fraud can be defined as: "deceit, trickery, sharp practice, or breach of confidence, perpetrated for profit or to gain some unfair or dishonest advantage".[1] In the broadest sense, a fraud is an intentional deception made for personal gain or to damage another individual; the related adjective is fraudulent. The specific legal definition varies by legal jurisdiction. Fraud is a crime, and also a civil law violation. Defrauding people or entities of money or valuables is a common purpose of fraud, but there have also been fraudulent "discoveries", e.g. in science, to gain prestige rather than immediate monetary gain. A hoax also involves deception, but without the intention of gain, or of damaging or depriving the victim; the intention is often humorous.

Cost of fraud
The typical organization loses 5 percent of its annual revenue to fraud, with a median loss of $160,000. Frauds committed by owners and executives were more than nine times as costly as employee fraud. The industries most commonly affected are banking, manufacturing, and government.[2]

Types of fraudulent acts
Fraud can be committed through many media, including mail, wire, phone, and the Internet (computer crime and Internet fraud). The international dimensions of the web and ease with which users can hide their location, the difficulty of checking identity and legitimacy online, and the simplicity with which crackers can divert browsers to dishonest sites and steal credit card details have all contributed to the very rapid growth of Internet fraud. Types of criminal fraud include: • • • • • • • • • • • • • • • • • • • • bait and switch bankruptcy fraud benefit fraud, committing fraud to get government benefits counterfeiting of currency, documents or valuable goods charlatanism confidence tricks such as the 419 fraud and Spanish Prisoner creation of false companies or "long firms" embezzlement, taking money which one has been entrusted with on behalf of another party false advertising false billing false insurance claims forgery of documents or signatures, Franchise fraud where the real profit is earned, not by the sale of the product, but by the sale of new franchise licenses. fraud upon the court health fraud, for example selling of products known not to be effective, such as quack medicines, identity theft Insurance fraud investment frauds, such as Ponzi schemes and Pyramid schemes Moving scam religious fraud

• marriage fraud to obtain immigration rights without entitlement • rigged gambling games such as the shell game

Fraud • securities frauds such as pump and dump • tax fraud, not reporting revenue or illegally avoiding taxes. In some countries, tax fraud is also prosecuted under false billing or tax forgery[3]

21

Elements of fraud
Common law fraud has nine elements:[4] [5] 1. 2. 3. 4. 5. 6. 7. 8. 9. a representation of an existing fact; its materiality; its falsity; the speaker's knowledge of its falsity; the speaker's intent that it shall be acted upon by the plaintiff; plaintiff's ignorance of its falsity; plaintiff's reliance on the truth of the representation; plaintiff's right to rely upon it; and consequent damages suffered by plaintiff.

Most jurisdictions in the United States require that each element be pled with particularity and be proved with clear, cogent, and convincing evidence (very probable evidence) to establish a claim of fraud. The measure of damages in fraud cases is to be computed by the "benefit of bargain" rule, which is the difference between the value of the property had it been as represented, and its actual value. Special damages may be allowed if shown proximately caused by defendant's fraud and the damage amounts are proved with specificity.

National Fraud Authority
The National Fraud Authority (NFA) is the government agency co-ordinating the counter-fraud response in the UK. The NFA works with a wide range of partners with the aim of making fraud more difficult to commit in the UK. The NFA was established following the government's 2006 Fraud Review. It concluded that fraud is a significantly under-reported crime, and while various agencies and organisations were attempting to tackle the issue, greater co-operation was needed to achieve a real impact in the public sector. The scale of the problem pointed to the need for a small but high-powered body to bring together the numerous counter-fraud initiatives that existed, which is when the NFA was formed. The NFA works to tackle frauds across the spectrum, but also works on fraud types and fraud issues that are a notable problem. These include identity fraud, mortgage fraud, accommodation addresses, mass marketing fraud and fraud affecting small and medium sized businesses. The NFA also produces the Annual Fraud Indicator, which estimates the cost of fraud. The current estimate puts the cost of fraud to the UK at £38 billion a year, which equates to £621 a year for every adult in England and Wales. Working with the charity, Victim Support, the NFA has also done some significant work with victims, to ensure they receive the support they deserve if they have been a victim of the crime. The NFA also runs Action Fraud - the UK's National Fraud Reporting Centre.

Action Fraud
Action Fraud is the UK's national fraud reporting service, run by the National Fraud Authority. Action Fraud is the place to go to get information and advice about fraud, as well as to report fraud. UK citizens can report fraud online or by calling 0300 123 2040. When a fraud is reported to Action Fraud, victims are given a crime reference number and their case is passed on to the National Fraud Intelligence Bureau (NFIB), which is run by the City of London's police service.

Fraud The Action Fraud website advice.
[6]

22 also has an A-Z of fraud describing different types of fraud, and offers prevention

Notable fraudsters
• Frank Abagnale Jr., US impostor who wrote bad checks and falsely represented himself as a qualified member of professions such as airline pilot, doctor, and attorney. The film Catch Me If You Can is based on his life. • Eddie Antar, founder of Crazy Eddie, who has about $1 billion worth of judgments against him stemming from fraudulent accounting practices at that company. • Cassie Chadwick, who pretended to be Andrew Carnegie's illegitimate daughter to get loans. • Salim Damji is a convicted fraud artist who defrauded millions of dollars in an affinity fraud. The money came mostly from relatives and members of the closely-knit Ismaili community. His $78 million scam was among the largest in Canadian history [7]. • Charles Dawson, an amateur British archeologist who claimed to have found the Piltdown man. • Marc Dreier, Managing founder of Attorney firm Dreir LLP. Prosecutors allege that from 2004 through December 2008, He sold approximately $700 million worth of fictitious promissory notes.[8] • Bernard Ebbers, founder of WorldCom, which inflated its asset statements by about $11 billion. • Ramón Báez Figueroa, banker from the Dominican Republic and former President of Banco Intercontinental. Sentenced on October 21, 2007 to ten years in prison for a US $2.2 billion fraud case that drove the Caribbean nation into an economic crisis in 2003. • Martin Frankel is a former U.S. financier, convicted in 2002 of insurance fraud worth $208 million, racketeering and money laundering. • Samuel Israel III, former hedge fund manager that ran the former fraudulent Bayou Hedge Fund Group. He faked suicide. • Ashok Jadejahas been accused of cheating people from across India of scores of rupees on the pretext of having divine blessings. • Konrad Kujau, German fraudster and forger responsible for the "Hitler Diaries". • Kenneth Lay, the American businessman who built energy company Enron. He was one of the highest paid CEOs in America until he was ousted as Chairman and was convicted of fraud and conspiracy, although as a result of his death, his conviction was vacated.[9] • Nick Leeson, English trader whose unsupervised speculative trading caused the collapse of Barings Bank. • James Paul Lewis, Jr., ran one of the biggest ($311 million) and longest running Ponzi Schemes (20 years) in US history. • Gregor MacGregor, Scottish conman who tried to attract investment and settlers for the non-existent country of Poyais. • Bernard Madoff, creator of a $65 billion Ponzi scheme - the largest investor fraud ever attributed to a single individual. • Colleen McCabe, British headmistress who stole £½ million from her school. • Gaston Means, a professional conman during U.S. President Warren G. Harding's administration. • Matt the Knife, American born con artist, card cheat and pickpocket who, from the ages of approximately 14 through 21, bilked dozens of casinos, corporations and at least one Mafia crime family out of untold sums. • Barry Minkow and the ZZZZ Best scam. • Michael Monus, founder of Phar-Mor, which ultimately cost its investors more than $1 billion. • F. Bam Morrison, who conned the town of Wetumka, Oklahoma by promoting a circus that never came. • Lou Pearlman, former boy-band manager indicted by a federal grand jury in Orlando on charges that he schemed to bilk banks out of more than $100 million. • Frederick Emerson Peters, US impersonator who wrote bad checks.

Fraud • Thomas Petters is an American masquerading as a business man who turned out to be a con man and was the former CEO and chairman of Petters Group Worldwide.[10] Petters resigned his position as CEO on September 29, 2008, amid mounting criminal investigations.[11] He later was convicted for turning Petters Group Worldwide into a $3.65 billion Ponzi scheme[12] and was sentenced to 50 years in federal prison. • Charles Ponzi and the Ponzi scheme. • Alves Reis, who forged documents to print 100,000,000 PTE in official escudo banknotes (adjusted for inflation, it would be worth about US$150 million today). • Christopher Rocancourt, a Rockefeller impersonator who defrauded Hollywood celebrities. • Joseph Rothe, of Fonthill, Ontario, ordered to pay $500,000 in restitution, received a four-year prison sentence, along with Ewaryst Prokofiew, of Mississauga, Ontario, in the biggest GST fraud in Canadian history. Code named Project Phantom for the lengthy police investigation [13], the organizers lined up a steady supply of vehicles that were to be sold at the auctions. The cars never materialized and were never purchased. But the operators of the fraud claimed that they had been sold, and because of the natives' tax-exempt status were able to claim the GST exemption. Authorities could only guess at the full loss sustained by the Canada Revenue Agency. Madam Justice Lynda Templeton of Superior Court said the scheme siphoned at least $11-million from Ottawa, possibly a great deal more. [14] • Scott W. Rothstein, a disbarred lawyer from Ft. Lauderdale, Florida, who perpetrated a Ponzi scheme which defrauded investors of over $1 billion. • Michael Sabo, best known as a check, stocks and bonds forger. He became notorious in the 1960s throughout the 1990s as a "Great Impostor" over 100 aliases, and earned millions from such. • John Spano, a struggling businessman who faked massive success in an attempt to buy out the New York Islanders of the NHL. • John Stonehouse, the last Postmaster-General of the UK and MP who faked his death to marry his mistress. • Kevin Trudeau, US writer and billiards promoter, convicted of fraud and larceny in 1991, known for a series of late-night infomercials and his series of books about "Natural Cures "They" Don't Want You to Know About". • Andrew Wakefield, UK physician who claimed links between the MMR vaccine, autism and inflammatory bowel disease. He was found guilty of dishonesty in his research and banned from medicine by the UK General Medical Council following an investigation by Brian Deer of the London Sunday Times. • Richard Whitney, who stole from the New York Stock Exchange Gratuity Fund in the 1930s. • Robert Douglas Hartmann, an American con man & felon implicated in a real estate mortgage investment Ponzi scheme which defrauded both private lenders & banks in excess of $34 million.

23

Related
Apart from fraud, there are several related categories of intentional deceptions that may or may not include the elements of personal gain or damage to another individual: • obstruction of justice • 18 U.S.C. § 704 [15] which criminalizes false representation of being been awarded any decoration or medal authorized by Congress for the Armed Forces of the United States

Fraud

24

Notes
[1] fraud. Dictionary.com. Dictionary.com Unabridged. Random House, Inc. http:/ / dictionary. reference. com/ browse/ fraud (accessed: January 17, 2011). [2] Report to the Nations on Occupational Fraud and Abuse (http:/ / www. acfe. com/ rttn/ 2010-highlights. asp). Association of Certified Fraud Examiners. 2010. p. 4. . [3] Tax Fraud and the Problem of a Constitutionality Acceptable Definition of Religion. BJ Casino - American Criminal Law. Rev., 1987 [4] Morlan v. Kelly, No. 2009-UP-002, SC Supreme Court, 2009 (http:/ / www. judicial. state. sc. us/ opinions/ displayUnPubOpinion. cfm?caseNo=2009-UP-002) [5] Schnellmann v. Roettger, 373 S.C. 379, 382, 645 S.E.2d 239, 241 (2007) (http:/ / www. judicial. state. sc. us/ opinions/ displayOpinion. cfm?caseNo=4074) [6] http:/ / www. actionfraud. org. uk/ [7] http:/ / www. farberfinancial. com/ news-events/ case-studies/ whitewashed/ [8] retrieved on March 19, 2009 (http:/ / money. cnn. com/ 2009/ 03/ 19/ news/ hedge_fund_fraud/ index. htm?postversion=2009031914) [9] Lozano, Juan A. (17 October 2006). "Judge vacates conviction of Ken Lay" (http:/ / www. cbsnews. com/ stories/ 2006/ 10/ 17/ ap/ business/ mainD8KQMS5O0. shtml). Associated Press. . [10] Nicole Muehlhausen, BIO: Tom Petters (http:/ / kstp. com/ article/ stories/ s592708. shtml?cat=63), KSTP.com, September 24, 2008. Retrieved October 8, 2008. [11] Tom Petters Resigns As Petters Group CEO (http:/ / wcco. com/ business/ tom. petters. ceo. 2. 828534. html), WCCO.com, September 29, 2008. Retrieved October 8, 2008. [12] Hughes, Art (December 2, 2009). "UPDATE 2-Tom Petters found guilty of Ponzi scheme fraud" (http:/ / www. reuters. com/ article/ idUSN024978920091202). Reuters (Thomson Reuters). . Retrieved December 10, 2009. [13] http:/ / www. cbc. ca/ canada/ story/ 2004/ 07/ 12/ gst_ont040712. html [14] http:/ / www. wikidfranchise. org/ 20040714-two-get [15] http:/ / www. law. cornell. edu/ uscode/ 18/ 704. html

References
• Fred Cohen Frauds, Spies, and Lies - and How to Defeat Them. ISBN 1-878109-36-7 (2006). ASP Press. • Review Fraud - Alex Copola (http://www.wcl.american.edu/journal/lawrev/48/48-4.cfm) Podgor, Ellen S. Criminal Fraud, (1999) Vol, 48, No. 4 American Law Review 1. • The Nature, Extent and Economic Impact of Fraud in the UK. Feb,2007. (http://www.acpo.police.uk/asp/ policies/Data/Fraud in the UK.pdf) • The Fraudsters - How Con Artists Steal Your Money (http://www.dilloninvestigates.com/index_files/Page390. htm)(ISBN 978-1-903582-82-4) by Eamon Dillon, published September 2008 by Merlin Publishing

External links
• Association of Certified Fraud Examiners (http://www.acfe.com/) • Immigration Marriage Fraud Amendments of 1986 (http://www.uscis.gov/propub/ProPubVAP. jsp?dockey=e95bc8f7591b3c6caa51b7cc51f8d255) • FBI Home page for fraud (http://www.fbi.gov/majcases/fraud/fraudschemes.htm) • U.S. Department of Justice Fraud Section (http://justice.gov/criminal/fraud)

Ponzi scheme

25

Ponzi scheme
A Ponzi scheme is a fraudulent investment operation that pays returns to separate investors, not from any actual profit earned by the organization, but from their own money or money paid by subsequent investors. The Ponzi scheme usually entices new investors by offering returns other investments cannot guarantee, in the form of short-term returns that are either abnormally high or unusually consistent. The perpetuation of the returns that a Ponzi scheme advertises and pays requires an ever-increasing flow of money from investors to keep the scheme going. The system is destined to collapse because the earnings, if any, are less than the payments to investors. Usually, the scheme is interrupted by legal authorities before it collapses because a Ponzi scheme is suspected or because the promoter is selling unregistered securities. As more investors become involved, the likelihood of the scheme coming to the attention of authorities increases. While the system eventually will collapse under its own weight, the example of Bernard Madoff's 1910 police mugshot of Charles Ponzi. investment scandal demonstrates the ability of a Ponzi scheme to delude both individual and institutional investors as well as securities authorities for long periods: Madoff's variant of the Ponzi scheme stands as the largest financial investor fraud committed by a single person in history. Prosecutors estimate losses at Madoff's hand totaling roughly $21 billion, as estimated by the money invested by his victims. If the promised returns are added, the losses amount to $64.8 billion, but a New York court dismissed this estimation method during the Madoff trial. The scheme is named after Charles Ponzi[1] who became notorious for using the technique in early 1920. Ponzi did not invent the scheme (for example Charles Dickens' 1857 novel Little Dorrit described such a scheme decades before Ponzi was born), but his operation took in so much money that it was the first to become known throughout the United States. Ponzi's original scheme was based on the arbitrage of international reply coupons for postage stamps, however he soon diverted investors' money to support payments to earlier investors and himself. Knowingly entering a Ponzi scheme, even at the last round of the scheme, can be rational economically if there is a reasonable expectation that government or other person or organisation will bail out those participating in the scheme.[2]

Hypothetical example
Suppose an advertisement is placed that promises extraordinary returns on an investment — for example, 20 percent on a 30-day contract. The objective is usually to deceive laymen who have no in-depth knowledge of finance or financial jargon. Verbal constructions that sound impressive but are essentially meaningless will be used to dazzle investors: terms such as "hedge futures trading," "high-yield investment programs," "offshore investment" might be used. The promoter will then proceed to sell stakes to investors—who are essentially victims of a confidence trick—by taking advantage of a lack of investor knowledge or competence. Claims of a "proprietary" investment strategy, which must be kept secret to ensure a competitive edge, may also be used to hide the nature of the scheme. Without the benefit of precedent or objective prior information about the investment, only a few investors are tempted, usually for small sums. Thirty days later, the investor receives the original capital plus the 20 percent return. At this point, the investor will have more incentive to put in additional money and, as word begins to spread, other investors grab the "opportunity" to participate, leading to a cascade effect deriving from the promise of

Ponzi scheme extraordinary returns. However, the "return" to the initial investors is being paid out of the investments of new entrants, and not out of profits. One reason that the scheme initially works so well is that early investors, those who actually got paid the large returns, commonly reinvest their money in the scheme (it does, after all, pay out much better than any alternative investment). Thus, those running the scheme do not actually have to pay out very much (net); they simply have to send statements to investors showing them how much they earned by keeping the money, maintaining the deception that the scheme is a fund with high returns. Promoters also try to minimize withdrawals by offering new plans to investors, often where money is frozen for a longer period of time, in exchange for higher returns. The promoter sees new cash flows as investors are told they could not transfer money from the first plan to the second. If a few investors do wish to withdraw their money in accordance with the terms allowed, the requests are usually promptly processed, which gives the illusion to all other investors that the fund is solvent.

26

Ultimate unraveling of a Ponzi scheme
The catch is that at some point one of these things will happen: 1. The promoter will vanish, taking all the remaining investment money (minus the payouts to investors) with him or her. 2. Since the scheme requires a continual stream of investments to fund higher returns, once investment slows down, the scheme will begin to collapse under its own weight as the promoter starts having problems paying the promised returns (the higher the returns, the greater the risk of the Ponzi scheme collapsing). Such liquidity crises often trigger panics, as more people start asking for their money, similar to a bank run. 3. External market forces, such as a sharp decline in the economy (e.g. Madoff and the market downturn of 2008), cause many investors to withdraw part or all of their funds; not necessarily due to loss of confidence in the investment, but simply due to underlying market fundamentals. In the case of Madoff, the fund could no longer appear normal after investors tried to withdraw $7 billion from the firm in late 2008 as part of the major worldwide market downturn affecting all investments.

Similar schemes
• A pyramid scheme is a form of fraud similar in some ways to a Ponzi scheme, relying as it does on a mistaken belief in a nonexistent financial reality, including the hope of an extremely high rate of return. However, several characteristics distinguish these schemes from Ponzi schemes: • In a Ponzi scheme, the schemer acts as a "hub" for the victims, interacting with all of them directly. In a pyramid scheme, those who recruit additional participants benefit directly. (In fact, failure to recruit typically means no investment return.) • A Ponzi scheme claims to rely on some esoteric investment approach (insider connections, etc.) and often attracts well-to-do investors; whereas pyramid schemes explicitly claim that new money will be the source of payout for the initial investments. • A pyramid scheme is bound to collapse much faster because it requires exponential increases in participants to sustain it. By contrast, Ponzi schemes can survive simply by persuading most existing participants to "reinvest" their money, with a relatively small number of new participants. • A bubble: A bubble is similar to a Ponzi scheme in that one participant gets paid by contributions from a subsequent participant (until inevitable collapse), but it is not the same as a Ponzi scheme. A bubble involves ever-rising prices in an open market (for example stock, housing, or tulip bulbs) where prices rise because buyers bid more because prices are rising. Bubbles are often said to be based on the "greater fool" theory. As with the Ponzi scheme, the price exceeds the intrinsic value of the item, but unlike the Ponzi scheme, there is no person

Ponzi scheme misrepresenting the intrinsic value. With the greater fool theory in mind, some may invest even though they believe the securities are overpriced due to a bubble. • "Robbing Peter to pay Paul": When debts are due and the money to pay them is lacking, whether because of bad luck or deliberate theft, debtors often make their payments by borrowing or stealing from other investors they have. It does not follow that this is a Ponzi scheme, because from the basic facts set out there is no indication that the lenders were promised unrealistically high rates of return via claims of unusual financial investments. Nor (from these basic facts) is there any indication that the borrower (banker) is progressively increasing the amount of borrowing ("investing") to cover payments to initial investors.

27

References
[1] "Ponzi Schemes" (http:/ / web. archive. org/ web/ 20041001-20051231re_/ http:/ / www. ssa. gov/ history/ ponzi. html). US Social Security Administration. . Retrieved 2008-12-24. [2] Bhattacharya, Utpal (2003). "The optimal design of Ponzi schemes in finite economies". Journal of Financial Intermediation 12: 2–24. doi:10.1016/S1042-9573(02)00007-4.

Further reading
• Dunn, Donald (2004). Ponzi: The Incredible True Story of the King of Financial Cons (Library of Larceny) (Paperback). New York: Broadway. ISBN 0767914996. • Zuckoff, Mitchell (2005). Ponzi’s Scheme: The True Story of a Financial Legend. Random House. ISBN 1400060397.

External links
• What is a Ponzi scheme? (http://www.mijiki.com/what-is-a-ponzi-scheme.html) Ponzi scheme definition with distinctions, history, and other information] • Ponzi scheme (http://dillonthompson.com/wp-content/uploads/2010/09/ponzi.swf) Illustration of a Ponzi scheme • The Ponzi Scheme and Tax Loss (http://www.ponzischemetaxloss.com) Describing tax recovery methods.

Pyramid scheme

28

Pyramid scheme
A pyramid scheme is a non-sustainable business model that involves promising participants payment, services or ideals, primarily for enrolling other people into the scheme or training them to take part, rather than supplying any real investment or sale of products or services to the public. Pyramid schemes are a form of fraud.[1] [2] Pyramid schemes are illegal in many countries including Albania, Denmark, Australia[3] , Brazil, Bulgaria, Canada, The unsustainable exponential progression of a classic pyramid scheme China[4] , Colombia[5] , Dominican Republic[6] , Estonia[7] , France, Germany, Hungary, Iceland, Iran[8] , Italy[9] , Japan,[10] , Malaysia, Mexico, Nepal, The Netherlands[11] , New Zealand[12] , Norway[13] , the Philippines[14] , Poland, Portugal, Romania,[15] , South Africa[16] , Spain, Sri Lanka[17] , Switzerland, Taiwan, Thailand[18] , Turkey[19] , the United Kingdom, and the United States[20] . These types of schemes have existed for at least a century, some with variations to hide their true nature, and many people believe that multilevel marketing is also a pyramid scheme.[21] [22] [23] [24]

Concept and basic models
A successful pyramid scheme combines a fake yet seemingly credible business with a simple-to-understand yet sophisticated-sounding money-making formula which is used for profit. The essential idea is that a "con artist" Mr. X, makes only one payment. To start earning, Mr. X has to recruit others like him who will also make one payment each. Mr. X gets paid out of receipts from those new recruits. They then go on to recruit others. As each new recruit makes a payment, Mr. X gets a cut. He is thus promised exponential benefits as the "business" expands. Such "businesses" seldom involve sales of real products or services to which a monetary value might be easily attached. However, sometimes the "payment" itself may be a non-cash valuable. To enhance credibility, most such scams are well equipped with fake referrals, testimonials, and information. The flaw is that there is no end benefit. The money simply travels up the chain. Only the originator (sometimes called the "pharaoh") and a very few at the top levels of the pyramid make significant amounts of money. The amounts dwindle steeply down the pyramid slopes. Individuals at the bottom of the pyramid (those who subscribed to the plan, but were not able to recruit any followers themselves) end up with a deficit.

Pyramid scheme

29

The "Eight-Ball" model
Many pyramids are more sophisticated than the simple model. These recognize that recruiting a large number of others into a scheme can be difficult so a seemingly simpler model is used. In this model each person must recruit two others, but the ease of achieving this is offset because the depth required to recoup any money also increases. The scheme requires a person to recruit two others, who must each recruit two others, who must each recruit two others. Prior instances of this scheme have been called the "Airplane Game" and the four tiers labelled as "captain," "co-pilot," "crew," and "passenger" to denote a person's level. Another instance was called the "Original Dinner Party" which labeled the tiers as "dessert," "main course," "side salad," and "appetizer." A person on the "dessert" course is the one at the top of the tree. Another variant, "Treasure Traders," variously used gemology terms such as "polishers," "stone cutters," etc. or gems like "rubies," "sapphires," "diamonds," etc. Such schemes may try to downplay their pyramid nature by referring to themselves as "gifting circles" with money being "gifted." Popular schemes such as the "Women Empowering Women"[25] do exactly this. Whichever euphemism is used, there are 15 total people in four tiers (1 + 2 + 4 + 8) in the scheme - with the Airplane Game as the example, the person at the top of this tree is the "captain," the two below are "co-pilots," the four below are "crew," and the bottom eight joiners are the "passengers."

The "eight-ball" model contains a total of fifteen members. Note that unlike in the picture, the triangular setup in the cue game of eight-ball corresponds to an arithmetic progression 1 + 2 + 3 + 4 + 5 = 15. The pyramid scheme in the picture in contrast is a geometric progression 1 + 2 + 4 + 8 = 15.

The eight passengers must each pay (or "gift") a sum (e.g. $1000) to join the scheme. This sum (e.g. $8000) goes to the captain who leaves, with everyone remaining moving up one tier. There are now two new captains so the group splits in two with each group requiring eight new passengers. A person who joins the scheme as a passenger will not see a return until they advance through the crew and co-pilot tiers and exit the scheme as a captain. Therefore, the participants in the bottom 3 tiers of the pyramid lose their money if the scheme collapses. If a person is using this model as a scam, the confidence trickster would make the lion's share of the money. They would do this by filling in the first 3 tiers (with 1, 2, and 4 people) with phony names, ensuring they get the first 7 payouts, at 8 times the buy-in sum, without paying a single penny themselves. So if the buy-in were $1000, they would receive $8,000, paid for by the first 8 investors. They would continue to buy in underneath the real investors, and promote and prolong the scheme for as long as possible to allow them to skim even more from it before it collapses. Although the 'Captain' is the person at the top of the tree, having received the payment from the 8 paying passengers, once he or she leaves the scheme is able to re-enter the pyramid as a 'Passenger' and hopefully recruit enough to reach captain again, thereby earning a second payout.

Matrix schemes
Matrix schemes use the same fraudulent non-sustainable system as a pyramid; here, the participants pay to join a waiting list for a desirable product which only a fraction of them can ever receive. Since matrix schemes follow the same laws of geometric progression as pyramids, they are subsequently as doomed to collapse. Such schemes operate as a queue, where the person at head of the queue receives an item such as a television, games console, digital camcorder, etc. when a certain number of new people join the end of the queue. For example ten joiners may be required for the person at the front to receive their item and leave the queue. Each joiner is required to buy an expensive but potentially worthless item, such as an e-book, for their position in the queue. The scheme organizer profits because the income from joiners far exceeds the cost of sending out the item to the person at the front. Organizers can further profit by starting a scheme with a queue with shill names that must be cleared out before

Pyramid scheme genuine people get to the front. The scheme collapses when no more people are willing to join the queue. Schemes may not reveal, or may attempt to exaggerate, a prospective joiner's queue position which essentially means the scheme is a lottery. Some countries have ruled that matrix schemes are illegal on that basis.

30

Connection to multi-level marketing
The network marketing or multi-level marketing business has become associated with pyramid schemes as "Some schemes may purport to sell a product, but they often simply use the product to hide their pyramid structure."[26] and the fact while some people call MLMs in general "pyramid selling"[27] [28] [29] [30] [31] others use the term to denote an illegal pyramid scheme masquerading as an MLM.[32] The FTC warns "Not all multilevel marketing plans are legitimate. Some are pyramid schemes. It’s best not to get involved in plans where the money you make is based primarily on the number of distributors you recruit and your sales to them, rather than on your sales to people outside the plan who intend to use the products."[33] and states that research is your best tool and gives eight steps to follow: 1. Find — and study — the company’s track record. 2. Learn about the product 3. Ask questions 4. 5. 6. 7. 8. Understand any restrictions Talk to other distributors (beware shills) Consider using a friend or adviser as a neutral sounding board or for a gut check. Take your time. Think about whether this plan suits your talents and goals[34]

Some believe MLMs in general are nothing more than legalized pyramid schemes[21] [22] [23] [24] making the issue of a particular MLM being legal or not moot.

Connection to franchise fraud
Franchise fraud (or 'franchise churning') is defined by the U.S. Federal Bureau of Investigation as a pyramid scheme. The FBI website states: pyramid schemes :—also referred to as franchise fraud or chain referral schemes—are marketing and investment frauds in which an individual is offered a distributorship or franchise to market a particular product. The real profit is earned, not by the sale of the product, but by the sale of new distributorships. Emphasis on selling franchises rather than the product eventually leads to a point where the supply of potential investors is exhausted and the pyramid collapses. [35]

Notable recent cases
Internet
In 2003, the United States Federal Trade Commission (FTC) disclosed what it called an internet-based "pyramid scam." Its complaint states that customers would pay a registration fee to join a program that called itself an "internet mall" and purchase a package of goods and services such as internet mail, and that the company offered "significant commissions" to consumers who purchased and resold the package. The FTC alleged that the company's program was instead and in reality a pyramid scheme that did not disclose that most consumers' money would be kept, and that it gave affiliates material that allowed them to scam others.[36] WinCapita was a scheme run by Finnish criminals that involved about €100 million.

Pyramid scheme

31

Others
The 1997 rebellion in Albania was partially motivated by the collapse of pyramid schemes. In early 2006 , Ireland was hit by a wave of schemes with major activity in Cork and Galway. Participants were asked to contribute €20,000 each to a "Liberty" scheme which followed the classic eight-ball model. Payments were made in Munich, Germany to skirt Irish tax laws concerning gifts. Spin-off schemes called "Speedball" and "People in Profit" prompted a number of violent incidents and calls were made by politicians to tighten existing legislation.[37] Ireland has launched a website to better educate consumers to pyramid schemes and other scams.[38] On 12 November 2008, riots broke out in the municipalities of Pasto, Tumaco, Popayan and Santander de Quilichao, Colombia after the collapse of several pyramid schemes. Thousands of victims had invested their money in pyramids that promised them extraordinary interest rates. The lack of regulation laws allowed those pyramids to grow excessively during several years. Finally, after the riots, the Colombian government was forced to declare the country in economical emergency to seize and stop those schemes. Several of the pyramid's managers were arrested, and these are being prosecuted for the crime of "illegal massive money reception."[39] The Kyiv Post reported on 26 November 2008 that American citizen Robert Fletcher (Robert T. Fletcher III; aka "Rob") was arrested by the SBU (Ukraine State Police) after being accused by Ukrainian investors of running a Ponzi scheme and associated pyramid scam netting US$20 million. (The Kiev Post also reports that some estimates are as high as US$150M.)

In popular culture
• The feature film Children of Invention tells the story of a mother who gets entangled in a pyramid scheme. • The novel Welcome to the N.H.K. features a story arc wherein the main character is caught up in a crooked multi-level marketing scam called 'Mouse Road'. • On the NBC sitcom The Office, it is revealed that Michael Scott did not attend college because he lost all his tuition money in a pyramid scheme. At a later date, the same character unintentionally attempts to recruit members of his staff into selling calling cards, not realizing that he had been conned into a pyramid scheme until it is made clear by an employee.

References
[1] Common Fraud Schemes: Pyramid Scheme (http:/ / www. fbi. gov/ majcases/ fraud/ fraudschemes. htm#pyramid) Federal Bureao of Investigation [2] Debra A. Valentine (1998-05-13). "Pyramid Schemes" (http:/ / www. ftc. gov/ speeches/ other/ dvimf16. shtm). United States Federal Trade Commission. . Retrieved 2010-09-01. [3] Trade Practices Amendment Act (No. 1) 2002 (http:/ / www. comlaw. gov. au/ comlaw/ Legislation/ Act1. nsf/ 0/ 5A0DC6C047FFEA5ACA256F72000F75F1/ $file/ 1282002. pdf) Trade Practices Act 1974 (Cth) ss 65AAA - 65AAE, 75AZO [4] Regulations for the Prohibition of Pyramid Sales (http:/ / tradeinservices. mofcom. gov. cn/ en/ b/ 2005-08-23/ 24294. shtml) [5] "Colombia scam: 'I lost my money'" (http:/ / news. bbc. co. uk/ 1/ hi/ world/ americas/ 7736124. stm). BBC News. November 18, 2008. . Retrieved April 12, 2010. [6] "Proyecto De Ley Que Prohíbe La Venta Bajo El Esquema Piramidal" (http:/ / www. camaradediputados. gov. do/ masterlex/ mlx/ docs/ 24/ 106/ 1BA5/ 5FFE/ 6000. pdf) (in Spanish). . [7] "Tarbijakaitseseadus [The Consumer Protection Law of Estonia]" (https:/ / www. riigiteataja. ee/ ert/ act. jsp?id=13328494) (in Estonian). §12³(8) #14. . Retrieved October 11, 2010. [8] Key GoldQuest members arrested in Iran Airport (http:/ / www. presstv. ir/ detail. aspx?id=113056& sectionid=3510212) [9] Legge 17 agosto 2005, n. 173 (http:/ / www. parlamento. it/ parlam/ leggi/ 05173l. htm) (Italian) [10] 無限連鎖講の防止に関する法律 (http:/ / law. e-gov. go. jp/ htmldata/ S53/ S53HO101. html) (in Japanese) [11] Sentence by the High Council of the Netherlands regarding a pyramid scheme (http:/ / zoeken. rechtspraak. nl/ resultpage. aspx?snelzoeken=true& searchtype=ljn& ljn=AR8424& u_ljn=AR8424) [12] Laws and Regulations Covering Multi-Level Marketing Programs and Pyramid Schemes (http:/ / www. consumerfraudreporting. org/ pyramidschemes_laws. htm) Consumer Fraud Reporting.com [13] Lovdata.no (http:/ / www. lovdata. no/ all/ tl-19950224-011-004. html#16)

Pyramid scheme
[14] NYtimes.com (http:/ / query. nytimes. com/ gst/ fullpage. html?res=9C05E4DA1539F933A05750C0A9659C8B63), "Investors in Philippine Pyramid Scheme Lose over $2 Billion" [15] Explozia piramidelor (http:/ / www. ziua. ro/ display. php?data=2006-07-12& id=203369) Ziarul Ziua, 12.07.2006 [16] Whitecollarcrime.co.za (http:/ / www. whitecollarcrime. co. za/ news. php?item. 95), Pyramid Schemes [17] Pyramid Schemes Illegal Under Section 83c of the Banking Act of Sri Lanka (http:/ / www. documents. gov. lk/ Acts/ 2006/ Banking (Amendment) Act No. 15 of 2006/ Banking (Amendment) Act (E). pdf) Department of Government Printing, Sri Lanka [18] TDSA.gov (http:/ / www. tdsa. org/ download/ piramid. pdf), ข้อมูลเพิ่มเติมในระบบธุรกิจขายตรงและธุรกิจพีระมิด by Thai Direct Selling Association (in Thai) [19] Saadet zinciri operasyonu: 60 gözaltı (http:/ / www. cnnturk. com/ 2010/ turkiye/ 05/ 14/ saadet. zinciri. operasyonu. 60. gozalti/ 576283. 0/ index. html) [20] Pyramid Schemes (http:/ / www. ftc. gov/ speeches/ other/ dvimf16. shtm) Debra A. Valentine, General Counsel, Federal Trade Commission [21] Carroll, Robert Todd (2003). The Skeptic's Dictionary: A Collection of Strange Beliefs, Amusing Deceptions, and Dangerous Delusions. Wiley. pp. 235. ISBN 0471272426. [22] Coenen, Tracy (2009). Expert Fraud Investigation: A Step-by-Step Guide. Wiley. pp. 168. ISBN 0470387963. [23] Ogunjobi, Timi (2008). SCAMS - and how to protect yourself from them. Tee Publishing. pp. 13–19. [24] Salinger (Editor), Lawrence M. (2005). Encyclopedia of White-Collar & Corporate Crime. 2. Sage Publishing. pp. 880. ISBN 0761930043. [25] Pyramid selling scam that preys on women to be banned (http:/ / www. guardian. co. uk/ uk/ 2001/ aug/ 05/ tracymcveigh. theobserver) [26] Pyramid Schemes, May 13, 1998" (http:/ / www. ftc. gov/ speeches/ other/ dvimf16. shtm) Federal Trade Commission [27] Edwards, Paul (1997). Franchising & licensing: two powerful ways to grow your business in any economy. Tarcher. pp. 356. ISBN 0874778980. [28] Clegg, Brian (2000). The invisible customer: strategies for successive customer service down the wire. Kogan Page. pp. 112. ISBN 074943144X. [29] Higgs, Philip; Smith, Jane (2007). Rethinking Our World. Juta Academic. pp. 30. ISBN 0702172553. [30] Kitching, Trevor (2001). Purchasing scams and how to avoid them. Gower Publishing Company. pp. 4. ISBN 0566082810. [31] Mendelsohn, Martin (2004). The guide to franchising. Cengage Learning Business Press. pp. 36. ISBN 1844801624. [32] Blythe, Jim (2004). Sales & Key Account Management. Cengage Learning Business Press. pp. 278. ISBN 1844800237. [33] Facts for Consumers; The Bottom Line About Multilevel Marketing Plans and Pyramid Schemes (http:/ / www. ftc. gov/ bcp/ edu/ pubs/ consumer/ invest/ inv08. shtm) Federal Trade Commission [34] Facts for Consumers; The Bottom Line About Multilevel Marketing Plans and Pyramid Schemes (http:/ / www. ftc. gov/ bcp/ edu/ pubs/ consumer/ invest/ inv08. shtm) Federal Trade Commission [35] http:/ / www. fbi. gov/ scams-safety/ fraud [36] FTC Charges Internet Mall Is a Pyramid Scam (http:/ / www. ftc. gov/ opa/ 2003/ 07/ nexgen. htm) Federal Trade Commission [37] Gardaí hold firearm after pyramid scheme incident (http:/ / archives. tcm. ie/ irishexaminer/ 2006/ 03/ 23/ story514972170. asp) Irish Examiner [38] National Consumer Agency Ireland (http:/ / www. consumerconnect. ie/ eng/ ) [39] Colombians riot over pyramid scam (http:/ / news. bbc. co. uk/ 2/ hi/ americas/ 7726069. stm). Colombia: BBC news. Nov 13, 2008. .

32

• The Fraudsters - How Con Artists Steal Your Money Chapter 9, Pyramids of Sand (ISBN 978-1-903582-82-4) by Eamon Dillon, published September 2008 by Merlin Publishing, Ireland

External links
• An information graphic that describes a pyramid scheme (http://dillonthompson.com/wp-content/uploads/ 2010/09/pyramid1.swf) • FTC consumer complaint form (https://www.ftccomplaintassistant.gov/) • Article by Financial Crimes Investigator, Bill E. Branscum (http://www.fraudsandscams.com/pyramid.htm) • Spoof article (http://www.mr-shouty-trousers.com/ You-re-only-5-Minutes-Away-From-Becoming-a-Millionaire) • IMF feature on "The Rise and Fall of Albania's Pyramid Schemes" (http://www.imf.org/external/pubs/ft/ fandd/2000/03/jarvis.htm) • Cockeyed.com presents: Pyramid Schemes (http://www.cockeyed.com/ebay/scam/laptop_pyramids.html) A description of the 8-ball model and matrix schemes which is a close cousin to pyramid schemes. • National Consumer Agency on Pyramid Schemes (http://www.consumerconnect.ie/eng/Hot_Topics/Scams/ Pyramid Schemes/) - Irish consumer site describes two local pyramid schemes and offers advice to would-be participants.

Pyramid scheme • PyramidSim.com (http://www.pyramidsim.com/index.php) simulation, graphing and calculation of various pyramid schemes. • National Consumer Agency Ireland (http://www.consumerconnect.ie/eng/) • Australian Trade Practices Amendment Act (No. 1) 2002 (http://www.comlaw.gov.au/comlaw/Legislation/ Act1.nsf/0/5A0DC6C047FFEA5ACA256F72000F75F1/$file/1282002.pdf) Australian Law Online • Public Warning on Pyramid Schemes (http://www.cbsl.gov.lk/pics_n_docs/02_prs/_docs/notices/ notice_20070430.pdf) Central Bank of Sri Lanka

33

Soapy Smith

34

Soapy Smith
Jefferson Randolph "Soapy" Smith II

Soapy Smith Born Died November 2, 1860Coweta County, Georgia July 8, 1898 (aged 37)Skagway, Alaska

Occupation confidence man, gambler, saloon proprietor Spouse Children Parents Mary Eva Noonan Jefferson Randolph Smith III, Mary Eva Smith, James Luther Smith Jefferson Randolph Smith I Emily Dawson Edmondson

Jefferson Randolph "Soapy" Smith II (November 2, 1860 – July 8, 1898) was an American con artist and gangster who had a major hand in the organized criminal operations of Denver, Colorado; Creede, Colorado; and Skagway, Alaska, from 1879 to 1898. He was killed in the famed Shootout on Juneau Wharf. He is perhaps the most famous confidence man of the old west.

Early years
Jefferson Smith was born in Coweta County, Georgia, to a family of education and wealth. His grandfather was a plantation owner and his father a lawyer.[1] The family met with financial ruin at the close of the American Civil War. In 1876 they moved to Round Rock, Texas, to start anew.[2] Smith left his home shortly after the death of his mother, but not before witnessing the shooting of the outlaw Sam Bass.[3] It was in Fort Worth, Texas, that Jefferson Smith began his career as a confidence man. He formed a close-knit, disciplined gang of shills and thieves to work for him. Soon he became a well-known crime boss, known as the "king of the frontier con men".[4]

Career
Smith spent the next 22 years as a professional bunko man and boss of an infamous gang of swindlers. They became known as the Soap Gang, and included famous men such as Texas Jack Vermillion and Ed "Big Ed" Burns.[4] [5] The gang moved from town to town, plying their trade on their unwary victims. Their principal method of separating victims from their cash was the use of "short cons", swindles that were quick and needed little setup and few helpers. The short cons included the shell game, three-card monte, and any game in which they could cheat.

Soapy Smith

35

The prize soap racket
Some time in the late 1870s or early 1880s, Smith began duping entire crowds with a ploy the Denver newspapers dubbed "The prize soap racket".[6] Smith would open his "tripe and keister" (display case on a tripod) on a busy street corner. Piling ordinary soap cakes onto the keister top, he began expounding on their wonders. As he spoke to the growing crowd of curious onlookers, he would pull out his wallet and begin wrapping paper money, ranging from one dollar up to one hundred dollars, around a select few of the bars. He then finished each bar by wrapping plain paper around it to hide the money. He mixed the money-wrapped packages in with wrapped bars containing no money. He then sold the soap to the crowd for one dollar a cake. A shill planted in the crowd would buy a bar, tear it open, and loudly proclaim that he had won some money, waving it around for all to see. This performance had the desired effect of enticing the sale of the packages. More often than not, victims bought several bars before the sale was completed. Midway through the sale, Smith would announce that the hundred-dollar bill yet remained in the pile, unpurchased. He then would auction off the remaining soap bars to the highest bidders.[7] Through manipulation and sleight-of-hand, he hid the cakes of soap wrapped with money and replaced them with packages holding no cash. The only money "won" went to shills, members of the gang planted in the crowd pretending to win in order to increase sales.[8] Smith quickly became known as "Soapy Smith" all across the western United States. He used this swindle for twenty years with great success. The soap sell, along with other scams, helped finance Soapy's criminal operations by paying graft to police, judges, and politicians. He was able to build three major criminal empires: the first in Denver, Colorado (1886–1895); the second in Creede, Colorado (1892); and the third in Skagway, Alaska (1897–1898).

Criminal boss of Denver, Colorado
In 1879 Smith moved to Denver and began to build the first of his empires. Con men normally moved around to keep out of jail, but as Smith's power and gang grew, so did his influence at City Hall, allowing him to remain. By 1887 he was reputedly involved with most of the criminal bunko activities in the city. Newspapers in Denver reported that he controlled the city's criminals, underworld gambling and accused corrupt politicians and the police chief of receiving his graft.[9]

Tivoli Club
In 1888 Soapy opened the Tivoli Club, on the southeast corner of Market and 17th streets, a saloon and gambling hall. Legend has it that above the entrance was a sign that read caveat emptor, Latin for "Let the buyer beware".[10] Soapy's younger brother, Bascomb Smith, joined the gang and operated a cigar store that was a "front" for dishonest poker games and other swindles, operating in one of the back rooms.[11] Other "businesses" included fraudulent lottery shops, a "sure-thing" stock exchange, fake watch and bogus diamond auctions, and the sale of stocks in nonexistent businesses.

Soapy Smith

36

Politics and other cons
Soapy's political influence was so great that some of the police officers patrolling the streets would not arrest him or members of his gang. If they did, a quick release from jail was arranged easily. A voting fraud trial after the municipal elections of 1889 focused attention on corrupt ties and payoffs between Soapy, the mayor, and the chief of police—a combination referred to in local newspapers as "the firm of Londoner, Farley and Smith".[12] Smith opened an office in the prominent Chever block, a block away from his Tivoli Club, from which he ran his many operations. This also fronted as a business tycoon's office for high-end swindles.[13] Soapy was not without enemies and rivals for his position as the underworld boss. He faced several attempts on his life and shot several of his assailants. He became known increasingly for his gambling and bad temper. Smith was also generous to charities, donating to numerous organizations and non-denominational churches that helped the poor.

Creede, Colorado
In 1892, with Denver in the midst of anti-gambling and saloon reforms, Smith sold the Tivoli and moved to Creede, Colorado, a mining boomtown that had formed around a major silver strike. Using Denver-based prostitutes to cozy up to property owners and convince them to sign over leases, he acquired numerous lots along Creede's main street, renting them to his associates.[14] Once having gained enough allies, he announced that he was the camp boss. With brother-in-law and gang member William Sidney "Cap" Light as deputy sheriff, Soapy began his second empire, opening a gambling hall and saloon called the Orleans Club.[15] He purchased and briefly exhibited a petrified man nicknamed "McGinty" for an admission of 10 cents. While customers were waiting in line to pay their dime, Soapy's shell and three-card monte games were winning dollars out of their pockets.[16] Smith provided an order of sorts, protecting his friends and associates from the town's council and expelling violent troublemakers. Many of the influential newcomers were sent to meet him. Soapy grew rich in the process, but again was known to give money away freely, using it to build churches, help the poor, and to bury unfortunate prostitutes. Creede's boom very quickly waned and the corrupt Denver officials sent word that the reforms there were coming to an end. Soapy took McGinty back to Denver. He left at the right time, as Creede soon lost most of its business district in a huge fire on 5 June 1892. Amongst the buildings lost was the Orleans Club.[17]

Back to Denver
On his return to Denver, Smith opened new businesses that were nothing more than fronts for his many short cons. One of these sold discounted railroad tickets to various destinations. Potential purchasers were told that the ticket agent was out of the office, but would soon return, and then offered an even bigger discount by playing any of several rigged games.[18] Soapy's power grew to the point that he admitted to the press that he was a con man and saw nothing wrong with it. In 1896 he told a newspaper reporter, "I consider bunco steering more honorable than the life led by the average politician."[19] Colorado's new governor Davis Hanson Waite, elected on a Populist Party reform platform, fired three Denver officials whom he felt were not abiding by his new mandates. They refused to leave their positions and were quickly joined by others who felt their jobs were threatened. The governor called out the state militia to assist removing those fortified in city hall. The military brought with them two cannon and two Gatling guns. Soapy joined in with the corrupt officeholders and police at the hall and found himself commissioned as a deputy sheriff. He and several of his men climbed to the top of City Hall's central tower with rifles and dynamite to fend off any attackers.[20] Cooler heads prevailed, however, and the struggle over corruption was fought in the courts, not on the streets. Soapy Smith was an important witness in court.

Soapy Smith Governor Waite agreed to withdraw the militia and allow the Colorado Supreme Court to decide the case. The court ruled that the governor had authority to replace the commissioners, but he was reprimanded for bringing in the militia, in what became known as the "City Hall War".[21] Waite ordered the closure of all Denver's gambling dens, saloons and bordellos. Soapy exploited the situation, using the recently acquired deputy sheriff's commissions to perform fake arrests in his own gambling houses, apprehending patrons who had lost large sums in rigged poker games.[22] The victims were happy to leave when the "officers" allowed them to walk away from the crime scene rather than be arrested, naturally without recouping their losses. Eventually, Soapy and his brother Bascomb Smith became too well known, and even the most corrupt city officials could no longer protect them. Their influence and Denver-based empire began to crumble. When they were charged with attempted murder for the beating of a saloon manager, Bascomb was jailed, but Soapy managed to escape, becoming a wanted man in Colorado. Lou Blonger and his brother Sam, rivals of the Soap Gang, acquired his former control of Denver's criminals.[23] Before leaving, Soapy tried to perform a swindle started in Mexico, where he tried to convince President Porfirio Diaz that his country needed the services of a foreign legion made up of American toughs. Soapy became known as Colonel Smith, and managed to organize a recruiting office before the deal failed.[24]

37

Skagway, Alaska, and the Klondike gold rush
When the Klondike Gold Rush began in 1897, Soapy moved his operations to Skagway, Alaska (then spelled Skaguay). He set up his third empire much the same way as he had in Denver and Creede.[25] He put the town's deputy U.S. Marshal on his payroll and began collecting allies for a takeover.[26] Soapy opened a fake telegraph office in which the wires went only as far as the wall. Not only did the telegraph office obtain fees for "sending" messages, but cash-laden victims soon found themselves losing even more money in poker games with new found "friends".[27] Telegraph lines did not reach or leave Skagway until 1901.[28] Soapy Jeff. Smiths Parlor, Soapy's base of operations opened a saloon named Jeff Smith's Parlor (opened in March 1898), as an office from which to run his operations.[29] Although Skagway already had a municipal building, Soapy's saloon became known as "the real city hall." Skagway was gaining a reputation as a "hell on earth," with many perils for the unwary. Smith's men played a variety of roles, such as newspaper reporter or clergyman, with the intention of befriending a new arrival and determining the best way to rid him of his money. The new arrival would be steered by his "friends" to dishonest shipping companies, hotels, or gambling dens, until he was wiped out. If the man was likely to make trouble or could not be recruited into the gang, Soapy himself would then appear and offer to pay his way back to civilization.[30] When a group of vigilantes, the "Committee of 101", threatened to expel Soapy and his gang, he formed his own "law and order society", which claimed 317 members, to force the vigilantes into submission.[31] During the Spanish-American War in 1898, Smith formed his own volunteer army with the approval of the U.S. War Department. Known as the "Skaguay Military Company," with Soapy as its captain. Smith wrote to President William McKinley and gained official recognition for his company, which he used to strengthen his control of the town.[32]

Soapy Smith On 4 July 1898, Soapy rode as marshal of the Fourth Division of the parade, not grand marshal (Daily Alaskan, July 2, 1898), leading his army on his gray horse. Not exactly a place of honor, the last division of the parade, after all the horses had deposited their manure. On the grandstand, he sat beside the territorial governor and other officials.

38

Death
On 7 July 1898, John Douglas Stewart, a returning Klondike miner, came to Skagway with a sack of gold valued at $2,700 ($71,093 in 2009 dollars.[33] ) Three gang members convinced the miner to participate in a game of three-card monte. When Stewart balked at having to pay his losses, the three men grabbed the sack and ran. The "Committee of 101" demanded that Soapy return the gold, but he refused, claiming that Stewart had lost it "fairly". On the evening of 8 July 1898, the vigilantes organized a meeting on the Juneau Company wharf. With a Winchester rifle draped over his shoulder, Soapy began an argument with Frank Reid, one of four guards blocking his way to the wharf. A gunfight, known as the Shootout on Juneau Wharf began unexpectedly, and both men were fatally wounded.
Newspaper headline of the fight.

Soapy's last words were "My God, don't shoot!"[34] Letters from J. M. Tanner, one of the guards with Reid that night, indicate that another guard fired the fatal shot.[35] Soapy died on the spot with a bullet to the heart. He also received a bullet in his left leg and a severe wound on the left arm by the elbow. Reid died 12 days later with a bullet in his leg and groin area. The three gang members who robbed Stewart received jail sentences. Soapy Smith was buried several yards outside the city cemetery. Every year on 8 July, wakes are held around the United States in Soapy's honor.[36] His grave and saloon are on most tour itineraries of Skagway.

Soapy Smith's grave

Popular culture
Festivals
• Skagway, Alaska, 8 July is the annual (since 1974) Soapy Smith Wake, which is held at the Eagles Hall. This event used to take place at Soapy's graveside in the city cemetery but is now held in the downtown area. • Magic Castle, Hollywood, California, 8 July is the annual Soapy Smith Party, complete with costume contests, charity gambling, and magic shows.
Frank Reid's grave

Soapy Smith

39

Fiction
• In at least one episode of the radio drama Challenge of the Yukon, Sergeant Preston of the North-West Mounted Police travels to Skagway and confronts Soapy. • In the John M. Ford Star Trek novel How Much for Just the Planet?, a Federation exploration and prospecting starship is named USS Jefferson Randolph Smith. (NCC-29402) Sulek-class, under the command of Captain Tatyana Trofimov. • Soapy Smith is the villain in the Lucky Luke album Le Klondike, by Morris, Yann and Jean Léturgie. The story features Smith's saloon and fake telegraph, but set in Dawson rather than Skagway. • A fictionalized version of Soapy Smith (and his death) features in George Markstein's 1978 novel Tara Kane. • Soapy Slick is the crooked saloon operator and profiteer, based on Soapy Smith, in the Uncle Scrooge comic series. • In the 1994 video game The Yukon Trail, the player meets Soapy and his gang. If the player plays Soapy's shell game, Soapy will swindle the player out of any money the player bets. • Smith is mentioned in James A. Michener's novel Alaska. • Soapy Sid is a character in P.G. Wodehouse's short story Pearls Mean Tears. Bertie Wooster is vacationing in France with his Aunt Agatha when Agatha's pearls go missing. • The main villain of the 1978 novel Yukon Gold by William D. Blankenship. • He is the villain in the novel Lili Klondike by Mylène Gilbert-Dumas. • He appears in Denver, Colorado in Jack Black's autobiography, You Can't Win. [37]

Movies
By year of release: • The Girl Alaska (1919) This film is believed to be the first portrayal of Soapy Smith. The film was shown in a theater in St. Louis, where Soapy's widow and son lived and caused them enough grief for them to sue the production company. • Call of the Wild 20th Century Pictures. Harry Woods portrays Soapy. • Honky Tonk (1941) Clark Gable portrayed Soapy Smith in this MGM film, Honky Tonk. Due to legal pressures from the descendants, the name "Soapy Smith" was changed to "Candy Johnson." • The Great Jesse James Raid (1953) Earl Hodgins portrays Soapy. • The Far Country (1955) John McIntire portrays a likable badman, clearly, but loosely based on Soapy Smith. The film, starring James Stewart, is set in Skagway, Alaska during the Klondike gold rush. • Two-Way Stretch (1960) Soapy Stevens is a dishonest merchant and bogus vicar played by Wilfred Hyde-White in this British comedy. • Klondike Fever (1980) Rod Steiger portrays Soapy in a Canadian produced, fictional adaptation of the adventures of Jack London. • The Sting (prequel) (1983) This film was never produced, due to the failure of the sequel. Soapy Smith was to be portrayed as the mentor of Henry Gondorff (Paul Newman).

Television
• The Alaskans (1959–1960). Actor John Dehner portrayed Soapy. In one episode, "Remember the Maine", the story of the Skaguay Military Company is dramatized. • Alias Smith and Jones (1971–1972). Actor Sam Jaffe portrayed Soapy in three episodes: "The Great Shell Game" (aired February 18, 1971), "A Fistful of Diamonds" (aired March 4, 1971), and "Bad Night in Big Butte" (aired March 2, 1972). • "The Saga of Soapy Smith" (1968) An episode on Bill Burrud's, Treasure!.

Soapy Smith • Deadwood (2004–2006) Gill Gayle plays the Huckster, a prize soap package salesman based on Soapy, in all three seasons.

40

Other
• • • • The Ballad of Soapy Smith (1983) A play by Michael Weller featuring Denis Arndt as Soapy.[38] "The Ballad of Soapy Smith" (1965) A song by Al Oster, Northland Music Company (Call of Alaska, FR-1009). Soapy Smith's Pioneer Restaurant 543 2nd Avenue, Fairbanks, AK 99701-4728 "The Days of 98 Show with Soapy Smith" Eagles Hall, Gold Rush Productions Inc., Skagway,AK.

References and notes
[1] [2] [3] [4] Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. p. 22. ISBN 0-9819743-0-9 Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. p. 26. ISBN 0-9819743-0-9 Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. pp. 30-32. ISBN 0-9819743-0-9 Robertson, Frank C.; Harris, Beth Kay (1961). Soapy Smith: King of the Frontier Con Men. New York City: Hastings House. ISBN 9780803866614. [5] Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. pp. 74-92. ISBN 0-9819743-0-9 [6] Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. p. 40. ISBN 0-9819743-0-9 [7] Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. pp. 38-51. ISBN 0-9819743-0-9 [8] Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. p. 45. ISBN 0-9819743-0-9 [9] Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. pp. 62-63. ISBN 0-9819743-0-9 [10] Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. p. 124. ISBN 0-9819743-0-9 [11] Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. p. 89. ISBN 0-9819743-0-9 [12] Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. pp. 83-84. ISBN 0-9819743-0-9 [13] Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. pp. 138-39. ISBN 0-9819743-0-9 [14] Rocky Mountain News 02/29/1892, p. 6. [15] Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. p. 208. ISBN 0-9819743-0-9 [16] Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. pp. 237-43. ISBN 0-9819743-0-9 [17] Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. p. 245. ISBN 0-9819743-0-9 [18] Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. p. 71. ISBN 0-9819743-0-9 [19] The Road, 29 February 1896 [20] Denver Times, 23 March 1894 [21] Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. pp. 294-316. ISBN 0-9819743-0-9 [22] Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. p. 321. ISBN 0-9819743-0-9 [23] Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. pp. 374-379. ISBN 0-9819743-0-9 [24] Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. p. 361-363. ISBN 0-9819743-0-9 [25] Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. p. 442. ISBN 0-9819743-0-9 [26] Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. p. 510. ISBN 0-9819743-0-9 [27] Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. p. 480. ISBN 0-9819743-0-9 [28] Collier's Weekly, 11/09/1901 [29] Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. p. 482. ISBN 0-9819743-0-9 [30] Pierre Berton, The Klondike Fever, Knopf, 1967, p. 149 [31] Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. p. 468. ISBN 0-9819743-0-9 [32] Smith, Jeff (2009). Alias Soapy Smith: The Life and Death of a Scoundrel, Klondike Research. pp. 487-490. ISBN 0-9819743-0-9 [33] http:/ / www. wolframalpha. com/ input/ ?i=2700+ in+ 1898+ dollars [34] The Skaguay News, 15 July 1898 [35] Fairbanks Daily News Miner, 23 June 1941 [36] The publicized events are held at the Eagles Hall in Skagway, Alaska (since 1974), The Magic Castle in Hollywood, California (since 2004) and the White Horse Movie Ranch in Laverne, California (since 2006). [37] http:/ / books. google. com/ books?id=oX18RFGcyI4C& lpg=PA132 [38] NY Times review of the play (http:/ / theater2. nytimes. com/ mem/ theater/ treview. html?res=9802E1D61139F930A25752C1A962948260& n=Top/ Reference/ Times Topics/ Organizations/ P/ Public Theater)

Soapy Smith

41

Further reading
• Collier, William R. and Edwin V. Westrate, The Reign of Soapy Smith: Monarch of Misrule, New York: Doubleday, Doran, 1935. • Pullen, Harriet S., Soapy Smith Bandit of Skagway: How He Lived; How He Died, Stroller's Weekly Print, undated (early 1900s). • Robertson, Frank G. and Beth Kay Harris, Soapy Smith: King of the Frontier Con Men, New York: Hastings House, 1961. • Shea & Patten, The Soapy Smith Tragedy, The Daily Alaskan Print, 1907. • Smith, Jeff, Alias Soapy Smith: The Life and Death of a Scoundrel, Juneau, Alaska: Klondike Research (http:// www.klondikeresearch.com/order.html), 2009. ISBN 0-9819743-0-9

External links
• Friends of Bad Man Soapy Smith (http://www.soapysmith.net/) - website for The Soapy Smith Preservation Trust. • Soapy Smith's Soap Box (http://soapysmiths.blogspot.com/) - New found information pertaining to Soapy Smith. Run by a descendant. • Magic Castle (http://www.magiccastle.com/ama/eventphotos.cfm) - Photographs taken at the 2003–2010 Soapy Smith annual wakes. • Find A Grave (http://www.findagrave.com/cgi-bin/fg.cgi?page=gr&GRid=958&pt= Jefferson 'Soapy' Smith/) - Leave a message on Soapy's virtual gravesite. • Owlhoots of the Old West (http://www.mtnguy.com/owlhoots/smith.htm) • Denver history (http://www.denvergov.org/aboutdenver/history_char_smith.asp) • Leadville.com (http://www.leadville.com/history/soapy.htm) • Alaska's Villains Vamps and Vagabonds (http://www.margaretdeefholts.com/soapysmith.html) • Soapy Smith and the Blonger Bros. (http://www.blongerbros.com/news/Lou_Soapy.asp) • The "Sure Thing" man. (http://www.tombstonetimes.com/stories/soapy.html) • Photo of group of vigilantes in Skagway about to go after Soapy Smith and his gang (http://content.lib. washington.edu/cdm4/item_viewer.php?CISOROOT=/alaskawcanada&CISOPTR=279&CISOBOX=1& REC=14), U.Wash Digital Collections

Franchise fraud

42

Franchise fraud
Franchise fraud is defined by the United States Federal Bureau of Investigation as a pyramid scheme.

Franchise fraud in U.S. federal law
The FBI website states: "pyramid schemes — also referred to as franchise fraud or chain referral schemes — are marketing and investment frauds in which an individual is offered a distributorship or franchise to market a particular product. The real profit is earned, not by the sale of the product, but by the sale of new distributorships. Emphasis on selling franchises rather than the product eventually leads to a point where the supply of potential investors is exhausted and the pyramid collapses." [1] In the United States, franchising is regulated by a complex web of franchise rules and franchising regulations consisting of the Federal Trade Commission Franchise Rule, state laws, and industry guidelines.[2] The most recent version of the FTC Franchise Rule was in 2007, is printed in FR 2007a, pp. 15544–15575. The FTC franchise rule specifies what information a franchisor must disclose to a prospective franchise business as a franchise opportunity in a document named the Franchise Disclosure Document (FDD). [3] [4]

Means of committing franchise fraud
Franchisors that practice franchise fraud will attempt to pressure a franchisee leaving the franchise system sign a non-disclosure agreement, confidentiality agreement, or a gag order. The gag order allows franchise misrepresentation by preventing prospective new franchisees learning important details about the churning franchise. Unfortunately, the Federal Trade Commission Rule and the State Franchise Disclosure Documents that govern the sale of franchises appear to enable franchisors to withhold negative facts concerning the performance of the franchised business plan from new buyers of franchises and to disclaim that the franchisors have promised anything in the way of success and profits in the written disclosure document and the binding, and generally non-negotiated, franchise agreement. The sellers of franchised business plans, the franchisors, themselves, appear to have no obligation under current rules and regulations to disclose negative system UNIT performance statistics to new buyers of the franchised business plans who then unknowingly purchase franchises that have demonstrated low or no profitability and high failure rates of "founding" franchisees. Uniquely, franchisors, themselves, under the FTC Rule and the State Franchise Disclosure Documents appear not to have to disclose system UNIT Performance Statistics in their possession to new buyers, and new buyers of franchises must do their due diligence with current and ex-franchisees. It should be noted that current and ex-franchisees of systems have no duty under the law to disclose information about their businesses to prospective franchisees. In the 2007 Franchise Rule, in the Federal Register from pages 15505 to 15506, comments from former franchisees were listed concerning confidentiality agreements: • "commenters complained that the use of confidentiality clauses is widespread,622 and several commenters urged the Commission to ban the use of confidentiality clauses as a deceptive or unfair trade practice. Other opponents of confidentiality clauses—including state regulators and some franchisors—asserted that such provisions inhibit prospective franchisees from learning the truth as they conduct their due diligence investigation of a franchise offer." • "one franchisee representative, contended that the harm flowing from confidentiality provisions goes beyond individual franchise sales, noting that such provisions intimidate franchisees into not testifying before legislative committees and public agencies, such as the Federal Trade Commission."

Franchise fraud • "[T]he gag order . . . prohibits me from being able to answer questions, you know, and give cautionary remarks to other people who might be considering the franchise that I was with." • "‘‘the use of gag orders is almost 100 percent in some franchise systems." • "Three franchisees— Raymond Buckley, Roger C. Haines, and David E. Myklebust—believed that they were kept in the dark about the failure of their franchisor’s system due to confidentiality clauses imposed on current and former franchisees." • "confidentiality clauses "typically release the franchisor from legal liability and bar the franchisee (under threat of legal action) from making any oral or written statements about the franchise system or their experience with the franchised business. The purpose of such clauses is to shut down any negative public comment about the franchise system." • "franchisee, related: "I had spoken to some of the franchisees that had left the system. I now feel certain that they painted a picture that was not close to being the truth based on the gag order that [the franchisor] imposed. Had I gotten the truth from these people, my decision certainly would have been different. Every franchisee leaving the system has had a gag order placed on them, making it impossible for current and future franchisees to get the facts." By having former franchisees under a gag order, franchisors that practice business franchise fraud or franchise churning "inhibit prospective franchisees from learning the truth about the franchising opportunity as they conduct their due diligence investigation of a franchise offer." (page 15505 of the Federal Register Franchise Rule)

43

Franchise fraud law in the U.S. state by state
California
California Franchise Investment Law,[5] begins at section 31000 of the California Corporations Code.[6] Part 1 lists the definitions of the California Franchise code. Part 2 is the Regulation Of The Sale Of Franchises. There are three chapters, 1) Exemptions, 2) Disclosures, and 3) General Provisions. Under chapter 2, section 31125 the following exists (A) The proposed modification is in connection with the resolution of a bona fide dispute between the franchisor and the franchisee or the resolution of a claimed or actual franchisee or franchisor default, and the modification is not applied on a franchise systemwide basis at or about the time the modification is executed. A modification shall not be deemed to be made on a franchise systemwide basis if it is offered on a voluntary basis to fewer than 25 percent of the franchisor's California franchises within any 12-month period. (B) The proposed modification is offered on a voluntary basis to fewer than 25 percent of the franchisor's California franchises within any 12-month period, provided each franchisee is given a right to rescind the modification agreement if the modification is not made in compliance with paragraph (1) of subdivision (c). (d) Any modification of a franchise agreement with an existing franchise of a franchisee shall be exempted from this chapter if the modification is offered on a voluntary basis and does not substantially and adversely impact the franchisee's rights, benefits, privileges, duties, obligations, or responsibilities under the franchise agreement. (f) A franchisor shall not make modifications in consecutive years for the purpose of evading the 25 percent requirements set forth above. If a franchisor in California keeps less than 25% of former California franchisees (not nationwide franchisees), per year, under a Gag order, there is no violation. The modification agreement can have a clause in the document stating that is was "signed voluntarily". Part 3 of this code describes Fraudulent and Prohibited Practices. Chapter 1 describes Fraudulent practices.[7] Chapter 2 describes Prohibited practices.[8] Chapter 3 describes Unfair practices.[9]

Franchise fraud

44

Indiana
In Indiana fraud, deceit, and misrepresentation during the process of franchise contract formation or performance is actionable at civil law under the Indiana Franchise Act. There is no general right of action, only a specific right of private action by a party on the aforementioned grounds. The scope of franchise fraud is also narrower than the scope of ordinary common law fraud action. The Indiana Supreme Court holds that "the circumstances of fraud would be the time, the place, the substance of the false representations, the facts mispresented, and the identification of what was procured by the fraud. [… However,] the plaintiff in a franchise fraud action must nevertheless plead the facts and circumstances alleged to constitute fraud, deceit, or misrepresentation with at least the same degree of particularity and detail as would be necessary to maintain an action for common law fraud".[10] Also held by the Supreme Court is that scienter is not an element of franchise fraud. Nor does failure to disclose on the part of a franchisor a pending civil lawsuit at the time of making a franchise agreement constitute franchise fraud, so long as any such representations as to legal action are not relied upon by either party as part of their decision-making process. Statements by the franchisor as to potential earnings by the franchisee do not constitute franchise fraud, since they do not constitute a material (mis-)representation of past or existing facts.[11] Civil action under the Franchise Disclosure Act must be brought within three years of discovery of the violation. Action brought under the Deceptive Franchise Practices Act must be brought within two.[11]

References
[1] FBI — Common Fraud Schemes (http:/ / www. fbi. gov/ scams-safety/ fraud). Fbi.gov. Retrieved on 2010-12-06. [2] "AN OVERVIEW OF FRANCHISE REGULATION IN THE UNITED STATES" (http:/ / www. franchiselawsource. com/ overview_franchise_regulation. html). Franchise Law Source. Kern & Hillman LLC. . [3] Franchise and Business Opportunities | BCP Business Center (http:/ / business. ftc. gov/ documents/ inv07-franchise-and-business-opportunities). Business.ftc.gov. Retrieved on 2010-12-06. [4] FTC Issues Updated Franchise Rule (http:/ / www. ftc. gov/ opa/ 2007/ 01/ franchiserule. shtm). Ftc.gov. Retrieved on 2010-12-06. [5] http:/ / www. corp. ca. gov/ srd/ ccfil. asp [6] http:/ / www. leginfo. ca. gov/ cgi-bin/ calawquery?codesection=corp& codebody=& hits=20 [7] http:/ / www. leginfo. ca. gov/ cgi-bin/ waisgate?WAISdocID=31520114725+ 1+ 0+ 0& WAISaction=retrieve [8] http:/ / www. leginfo. ca. gov/ cgi-bin/ displaycode?section=corp& group=31001-32000& file=31210-31211 [9] http:/ / www. leginfo. ca. gov/ cgi-bin/ displaycode?section=corp& group=31001-32000& file=31220 [10] Garner 2001, pp. 278–279. [11] Garner 2001, p. 279.

Bibliography
• Garner, W. Michael (2001). "Indiana". Franchise desk book: selected state laws, commentary and annotations (2nd ed.). American Bar Association. ISBN 9781570739729.

Further reading
Books and papers
• Purvin, Robert (2008). The Franchise Fraud: How to protect yourself before and after you invest (2008 ed.). John Wiley & Sons. p. 307. ISBN 9781419688621. • Bertrand, Marsha (1999). Fraud! How to Protect Yourself from Schemes, Scams, and Swindles (1999 ed.). Amcom American Management Association. p. 307. ISBN 9780814470329. • Bertrand, Marsha (2000). "Have I Got a Franchise for You! Be Your Own Boss, Easy Money..." (http://www. businessweek.com/smallbiz/news/coladvice/book/bk991029.htm). Fraud! How to Protect Yourself from Schemes, Scams, and Swindles. AMACOM. ISBN 9780814470329. • "Rules and Regulations" (http://www.ftc.gov/os/fedreg/2007/march/070330franchiserulefrnotice. pdf#page=102) (PDF). Federal Register 72 (61): 15544–15575. 30 March 2007.

Franchise fraud

45

Newspapers
• Bradsher, Keith (1999-03-21). "Fax Corp. Is Accused of Franchise Fraud" (http://www.nytimes.com/1990/03/ 21/business/fax-corp-is-accused-of-franchise-fraud.html). The New York Times. • Mencimer, Stephanie (February 2009). "Franchise Fraud: Wake Up and Smell the Fine Print" (http:// motherjones.com/politics/2009/02/franchise-fraud-wake-and-smell-fine-print). MotherJones. • "Franchise Fraud: Hard to Swallow" (http://motherjones.com/politics/2009/02/franchise-fraud-hard-swallow). MotherJones. February 2009. • "Report: Speedy Sign-A-Rama, USA" (http://www.ripoffreport.com/Franchises/Speedy-Sign-A-Rama-U/ sign-a-rama-speedy-sign-a-rama-2a266.htm). Ripoff Report. 2010-05-20. • Maze, Jonathan (May 2008). "Developers of Dagwood's Sandwich sue for fraud" (http://www.franchisetimes. com/content/story.php?article=00871). Franchise Times. • Mount, Ian (2008-02-29). "New franchise rule: More disclosure, same high risks" (http://money.cnn.com/ 2008/02/29/smbusiness/franchising.fsb/index.htm). Fortune.

White-collar crime

46

White-collar crime

Criminology and penology Theories Anomie Differential association theory Deviance Labeling theory Psychopathy Rational choice theory (criminology) Social control theory Social disorganization theory Social learning theory Strain theory Subcultural theory Symbolic interactionism · Victimology Types of crimes Blue-collar crime · Corporate crime Juvenile crime Organized crime Political crime · Public order crime Public order case law in the U.S. State crime · State-corporate crime White-collar crime · Victimless crime Penology Deterrence · Prison Prison reform · Prisoner abuse Prisoners' rights · Rehabilitation Recidivism · Retribution Utilitarianism
Criminal justice portal

See also: Wikibooks:Social Deviance

Within the field of criminology, white-collar crime has been defined by Edwin Sutherland as "a crime committed by a person of respectability and high social status in the course of his occupation" (1939). Sutherland was a proponent of Symbolic Interactionism, and believed that criminal behavior was learned from interpersonal

White-collar crime interaction with others. White-collar crime, therefore, overlaps with corporate crime because the opportunity for fraud, bribery, insider trading, embezzlement, computer crime, copyright infringement, money laundering, identity theft, and forgery are more available to white-collar employees.

47

Historical background
The term white-collar crime only dates back to 1939. Professor Edwin Hardin Sutherland was the first to coin the term, and hypothesize white-collar criminals attributed different characteristics and motives than typical street criminals. Mr. Sutherland originally presented his theory in an address to the American Sociological Society in attempt to study two fields, crime and high society, which had no previous empirical correlation. He defined his idea as "crime committed by a person of respectability and high social status in the course of his occupation" (Sutherland, 1939). Many denote the invention of Sutherland's idiom to the explosion of U.S business in the years following the Great Depression. Sutherland noted that in his time, "less than two percent of the persons committed to prisons in a year belong to the upper-class." His goal was to prove a relation between money, social status, and likelihood of going to jail for a white-collar crime, compared to more visible, typical crimes. Although the percentage is a bit higher today, numbers still show a large majority of those in jail are poor, "blue-collar" criminals, despite efforts to crack down on white-collar, and corporate crime. Other fiscal laws were passed in the years prior to Sutherland's studies including antitrust laws in the 1920's, and social welfare laws in the 1930's. After the Depression, people went to great lengths to rebuild their financial security, and it is theorized this led many hard workers, who felt they were underpaid, to take advantage of their positions. Much of Sutherland's work was to separate and define the differences in blue collar street crimes, such as arson, burglary, theft, assault, rape and vandalism, which are often blamed on psychological, associational, and structural factors. Instead, white-collar criminals are opportunists, who over time learn they can take advantage of their circumstances to accumulate financial gain. They are educated, intelligent, affluent, confident individuals, who were qualified enough to get a job which allows them the unmonitored access to often large sums of money. Many also use their intelligence to con their victims into believing and trusting in their credentials. Many do not start out as criminals, and in many cases never see themselves as such.[1]

Definitional issues
Modern criminology generally rejects a limitation of the term by reference, rather classifies the type of crime and the topic: • By the type of offense, e.g. property crime, economic crime, and other corporate crimes like environmental and health and safety law violations. Some crime is only possible because of the identity of the offender, e.g. transnational money laundering requires the participation of senior officers employed in banks. But the Federal Bureau of Investigation has adopted the narrow approach, defining white-collar crime as "those illegal acts which are characterized by deceit, concealment, or violation of trust and which are not dependent upon the application or threat of physical force or violence" (1989, 3). This approach is relatively pervasive in the United States, the record-keeping does not adequately collect data on the socioeconomic status of offenders which, in turn, makes research and policy evaluation problematic. While the true extent and cost of white-collar crime are unknown, it is estimated to cost the United States somewhere between $300-$660 billion annually, according to the FBI (Lane and Wall 2006, cited; in Friedrichs, 2007, p46). • By the type of offender, e.g. by social class or high socioeconomic status, the occupation of positions of trust or profession, or academic qualification, researching the motivations for criminal behavior, e.g. greed or fear of loss of face if economic difficulties become obvious. Shover and Wright (2000) point to the essential neutrality of a crime as enacted in a statute. It almost inevitably describes conduct in the abstract, not by reference to the character of the persons performing it. Thus, the only way that one crime differs from another is in the

White-collar crime backgrounds and characteristics of its perpetrators. Most if not all white-collar offenders are distinguished by lives of privilege, much of it with origins in class inequality. • By organizational culture rather than the offender or offense which overlaps with organized crime. Appelbaum and Chambliss (1997, 117) offer a twofold definition: • Occupational crime which occurs when crimes are committed to promote personal interests, say, by altering records and overcharging, or by the cheating of clients by professionals. • Organizational or corporate crime which occurs when corporate executives commit criminal acts to benefit their company by overcharging or price fixing, false advertising, etc.

48

Relationship to other types of crime
Blue-collar crime
The types of crime committed are a function of what is available to the potential offender. Thus, those employed in relatively unskilled environments and living in inner-city areas have fewer "situations" to exploit (see Clarke: 1997) than those who work in "situations" where large financial transactions occur and live in areas where there is relative prosperity. Blue-collar crime tends to be more obvious and thus attracts more active police attention (e.g. for crimes such as vandalism or shoplifting, where physical property is involved). In contrast, white-collar employees can incorporate legitimate and criminal behavior, thus making themselves less obvious when committing the crime. Therefore, blue-collar crime will more often use physical force, whereas in the corporate world, the identification of a victim is less obvious and the issue of reporting is complicated by a culture of commercial confidentiality to protect shareholder value. It is estimated that a great deal of white-collar crime is undetected or, if detected, it is not reported.

State-corporate crime
The negotiation of agreements between a state and a corporation will be at a relatively senior level on both sides, this is almost exclusively a white-collar "situation" which offers the opportunity for crime. White-collar crime has become a priority of law enforcement[2] When senior levels of a corporation engage in criminal activity using the company this is sometimes called control fraud.

Further reading and references
• Appelbaum, Richard P. & Chambliss, William J. (1997). Sociology: A Brief Introduction. New York: Longman. ISBN 0-673-98279-3 • Barnett, Cynthia. (Undated). The Measurement of White-Collar Crime Using Uniform Crime Reporting (UCR) Data.[3] • Clarke, Ronald (ed). (1997). Situational Crime Prevention: Successful Case Studies (2nd edition). New York: Criminal Justice Press. ISBN 0-911577-38-6 • Dillon, Eamon Dilloninvestigates.com [4], The Fraudsters - How Con Artists Steal Your Money Chapter 5, Pillars of Society, published September 2008 by Merlin Publishing, Ireland ISBN 978-1-903582-82-4 • Friedrichs, David O. (2003) Trusted Criminals: White Collar Crime in Contemporary Society, Wadsworth. ISBN 0-495-00604-1 • Geis, G., Meier, R. & Salinger, L. (eds.) (1995). White-collar Crime: Classic & Contemporary Views. NY: Free Press. • Green, Stuart P. (2006). Lying, Cheating, and Stealing: A Moral Theory of White Collar Crime. Oxford: Oxford University Press. • Lea, John. (2001). Crime as Governance: Reorienting Criminology. [5]

White-collar crime • Leap, Terry L. (2007) Dishonest Dollars: The Dynamics of White-Collar Crime. Ithaca: Cornell University Press. ISBN 978-0-8014-4520-0 • Newman, Graeme R. & Clarke, Ronald V. (2003). Superhighway Robbery: Preventing E-commerce Crime. Portland, Or: Willan Publishing. ISBN 1-84392-018-2 • Reiman, J. (1998). The Rich get Richer and the Poor get Prison. Boston: Allyn & Bacon. • Pontell, H. & Tillman, R. (1998). Profit Without Honor: White-collar Crime and the Looting of America. Upper Saddle River, NJ: Prentice Hall. • Shapiro, Susan P. (1990). "Collaring the Crime, not the Criminal: Reconsidering the Concept of White-collar Crime", American Sociological Review 55: 346-65. • Simon, D. & Eitzen, D. (1993). Elite Deviance. Boston: Allyn & Bacon. • Simon, D. & Hagan, F. (1999). White-collar Deviance. Boston: Allyn & Bacon • Shover, Neal & Wright, John Paul (eds.) (2000). Crimes of Privilege: Readings in White-Collar Crime. Oxford: Oxford University Press. ISBN 0-19-513621-7 • Sutherland, Edwin Hardin (1949). White Collar Crime. New York: Dryden Press. • Thiollet, J.P. (2002). Beau linge et argent sale — Fraude fiscale internationale et blanchiment des capitaux, Paris, Anagramme ed. ISBN 2 914571178 • U.S. Department of Justice, Federal Bureau of Investigation (1989). White Collar Crime: A Report to the Public. Washington, D.C.: Government Printing Office.

49

References
[1] [2] [3] [4] [5] Providence.edu (http:/ / www. providence. edu/ polisci/ students/ corporate_crime/ history. htm) .Charles Anzalone, "White-Collar Crime Has Become Priority of Law Enforcement" FBI.com (http:/ / www. fbi. gov/ ucr/ whitecollarforweb. pdf) http:/ / www. dilloninvestigates. com/ index_files/ Page390. htm Blueyonder.do.uk (http:/ / www. bunker8. pwp. blueyonder. co. uk/ misc/ crimgov. htm)

External links
• White Collar Crime Legal Blog (http://lawprofessors.typepad.com/whitecollarcrime_blog/) • National White Collar Crime Center (http://www.nw3c.org/) • White Collar Crime Blog for Public (http://informant.nw3c.org/)

List of real-life con artists

50

List of real-life con artists
This is a list of notable real-life individuals who exploited confidence tricks.

Born in the 18th century or earlier
• William Chaloner (1650s/1665 – 1699): serial counterfeiter and confidence trickster proven guilty by Sir Isaac Newton[1] • Gregor MacGregor (1786–1845): Scottish con man who tried to attract investment and settlers for a non-existent country of Poyais[2]

Born or active in the 19th century
• Lou Blonger (1849–1924): organized massive ring of con men in Denver in early 1900s[3] • Victor Lustig (1890–1947): born in Bohemia (today's Czech Republic) and known as "the man who sold the Eiffel Tower"[4] • George C. Parker (1870–1936): U.S. con man who sold New York monuments to tourists, including most famously the Brooklyn Bridge, which he sold twice a week for years.[5] • Charles Ponzi (1882–1949): "Ponzi scheme" is a "get rich fast" fraud named after him[6] • Canada Bill Jones (?-1880): king of the three-card monte men.[3] • William Thompson (active in 1840–1849): U.S. criminal whose deceptions caused the term confidence man to be coined[7] • Joseph Weil (1875–1976): one of the most famous American con men of his era[8]

Born or active in the 20th century
• Bernie Cornfeld (1927–1995): ran the Investors Overseas Service, alleged to be a Ponzi scheme[9] • Kenneth Lay (1942-2006): The American businessman who built energy company Enron. He was one of the highest paid CEOs in America until he was ousted as Chairman and was convicted of fraud and conspiracy, although as a result of his death, his conviction was vacated.[10]

Living people
• Frank Abagnale (1948): U.S. check forger and impostor; his autobiography was made into the movie Catch Me If You Can.[11] • Marc Dreier (1950): Managing founder of Attorney firm Dreir LLP. Prosecutors allege that from 2004 through December 2008, he sold approximately $700 million worth of fictitious promissory notes.[12] • Robert Hendy-Freegard (1971): Briton who kidnapped people by impersonating an MI5 agent and conned them out of money.[13] • James Arthur Hogue (1959): U.S. impostor who most famously entered Princeton University by posing as a self-taught orphan[14] • Bernard Madoff (1938): Former American stock broker, investment adviser, and non-executive chairman of the NASDAQ stock market who admitted to the operation of the largest Ponzi scheme in history[15] • Matt the Knife (1981): American-born con artist, card cheat and pickpocket who, from the ages of approximately 14 through 21, bilked dozens of casinos, corporations and at least one Mafia crime family.[16] [17] [18] • Barry Minkow (1967): Known for the ZZZZ Best scam.[19] • Richard Allen Minsky (1944): Scammed female victims for sex by pretending to be jailed family members over the phone.[20]

List of real-life con artists • Kevin Trudeau (1963): US writer and billiards promoter, convicted of fraud and larceny in 1991, known for a series of late-night infomercials and his series of books about "Natural Cures "They" Don't Want You to Know About".[21] [22] [23] • Jonny Craig (1986): Singer of the alternative bands Dance Gavin Dance and Emarosa, in early 2011 Craig convinced numerous fans to send him money in exchange for a MacBook laptop. The laptop was never sent out, and it is estimated that he pocketed at least $6,000 USD from the illicit dealings.[24]

51

References
[1] Oxford Dictionary of National Biography, Oxford University Press, Sept 2004; Paul Hopkins and Stuart Handley, 'Chaloner, William (d. 1699)' (http:/ / www. oxforddnb. com/ view/ article/ 66841,) [2] "Document of the Month January 2005" (http:/ / www. scotland. gov. uk/ News/ News-Extras/ docJan2005). The Scottish Executive. January 2005. . Retrieved 19 August 2007. [3] Maurer, David W. (1940). The Big Con: The Story of the Confidence Man and the Confidence Game. Bobbs Merrill. ISBN 0-7869-1850-8 [4] Johnson, James F.; Miller, Floyd (1961). The Man Who Sold the Eiffel Tower. Doubleday [5] Cohen, Gabriel (27 November 2005). "For You, Half Price" (http:/ / www. nytimes. com/ 2005/ 11/ 27/ nyregion/ thecity/ 27brid. html?ex=1290747600& en=d5b19f580f176c64& ei=5090& partner=rssuserland& emc=rss). The New York Times. . Retrieved 19 August 2007. [6] Zuckoff, Mitchell (March 8, 2005). Ponzi's Scheme: The True Story of a Financial Legend. Random House. ISBN 1-4000-6039-7 [7] "Arrest of the Confidence Man" (http:/ / chnm. gmu. edu/ lostmuseum/ lm/ 328/ ). New York Herald. 1849. . Retrieved 19 August 2007. [8] Weil, Joseph (1948). "Yellow Kid" Weil: The Autobiography of America's Master Swindler. Ziff-Davis. ISBN 0-7812-8661-1 [9] "The Fund Industry's Black Eye" (http:/ / www. stocksandnews. com/ wall-street-history. php?aid=MTA0N19XUw==). Brian Trumbore, StocksandNews.com. 2002-04-19. . Retrieved 19 August 2007. [10] Lozano, Juan A. (17 October 2006). "Judge vacates conviction of Ken Lay" (http:/ / www. cbsnews. com/ stories/ 2006/ 10/ 17/ ap/ business/ mainD8KQMS5O0. shtml). Associated Press. . [11] Frank W. Abagnale Jr.; with Stan Redding (1980). Catch Me if You Can. New York: Simon & Schuster. ISBN 0-671-64091-7. [12] "N.Y. lawyer arraigned in alleged $700M fraud" (http:/ / money. cnn. com/ 2009/ 03/ 19/ news/ hedge_fund_fraud/ index. htm?postversion=2009031914). CNNMoney.com. March 19, 2009. . Retrieved 2011-02-14. [13] "Fake spy guilty of kidnapping con" (http:/ / news. bbc. co. uk/ 1/ hi/ england/ nottinghamshire/ 4114640. stm). BBC. 2005-06-23. . Retrieved 19 August 2007. [14] "Princeton 'Student' Gets Jail Sentence" (http:/ / www. nytimes. com/ 1992/ 10/ 25/ nyregion/ princeton-student-gets-jail-sentence. html). The New York Times. 1992-10-25. . Retrieved 19 August 2007. [15] "Madoff Confessed $50 Billion Fraud Before FBI Arrest" (http:/ / www. bloomberg. com/ apps/ news?pid=newsarchive& sid=atUk. QnXAvZY). Bloomberg. 2008-12-12. . Retrieved 26 August 2010. [16] "American Voices". American Voices. October 12, 2008. [17] Schwartz, Dan (August 2007). "From Grifter To Guinness". Providence Monthly: 14. [18] Perry, Rachel (January 17, 2007). "Matt The Knife: Fire-Teething Never Looked So Good". Play (Philadelphia Edition): 10–12. [19] "It Takes One To Know One". [ Minutes (http:/ / www. cbsnews. com/ stories/ 2005/ 05/ 19/ 60minutes/ main696669. shtml|60)]. May 22, 2005. [20] Gorman, Anna (2001-12-01). "Rapist in Sex Scam Case Sentenced to Life in Prison" (http:/ / articles. latimes. com/ 2001/ dec/ 01/ local/ me-10262). Los Angeles Times. . Retrieved 2010-06-27. [21] King Con -- Selling Questionable Cures?. January 20, 2006. Retrieved on 2011-02-14. [22] Warner, Melanie (August 28, 2005). "After Jail and More, Salesman Scores Big With Cure-All Book" (http:/ / www. nytimes. com/ 2005/ 08/ 28/ business/ media/ 28trudeau. html?_r=2& oref=slogin). New York Times. . [23] "FTC: Marketer Kevin Trudeau Violated Prior Court Order" (http:/ / www. ftc. gov/ opa/ 2007/ 09/ trudeau. shtm). Federal Trade Commission. September 14, 2007. . Retrieved 2011-02-14. [24] "The fallacies of social networking...a fan shares his story." (http:/ / grafwall. indiestar. tv/ 2011/ 02/ fallacies-of-social-networkinga-fan. html). Indiestar.tv. February 18,2011. .

Scam baiting

52

Scam baiting
Scam baiting is a form of Internet vigilantism where the vigilante poses as a potential victim to the scammer in order to waste their time and resources, gather information that will be of use to authorities, or publicly humiliate the scammer. It is, in essence, a form of social engineering that may have an altruistic motive or may be motivated by malice. It is primarily used to thwart the 419 Nigerian advance-fee scam and can be done either out of a sense of civic duty or as a form of amusement. Scam baiting is usually done simply by gaining access to an e-mail address that has already been targeted by scammers, which given the prevalence of the spam is not a difficult proposition. Once access is gained, the baiter impersonates a person that is receptive to the financial hook that the scammer is using. The objective is to keep the scam going as long as possible, costing the scammer time and energy. Secondary goals include gathering as much information as possible to share with authorities. Amusement that the baiter may gain from the interaction include fooling the scammer into falling for claims just as ludicrous as the ones that the scammer is using to bilk the victim of money. Many baiters will use joke names (Hugh Janus, Jenny Talwarts, Dick Head and so on) which while obviously ludicrous to a native or fluent English speaker will go unnoticed by the scammer. Similarly baiters may introduce characters and even plot-lines from movies or television shows for comedic effect. In February 2011, the Belgian television show Basta portraited with hidden cameras how a scammer was fooled during a meeting with baiters, raising the stakes by involving a one-armed man, two dwarves and a pony. Eventually, a police raid was faked, during which the baiters were arrested and the scammer went free, abandoning the money, and without any suspicion.[1]

References
[1] Pest eens een internetfraudeur (http:/ / www. youtube. com/ watch?v=FsIAfvcC52E) Basta on YouTube (in Dutch)

Scad (scam ad)

53

Scad (scam ad)
A scad is a portmanteau of the words scam and advertisement, usually in reference to internet spam. The term has been used by the Alliance Against Bait and Click to describe scam ads that lure consumers to click on their site using a brand name or an outrageous deal while in turn providing suspect products and deals.[1] This technique is called 'bait and click' and has received significant press coverage from Consumer Reports Webwatch which has warned consumers to be wary of scads because they divert unsuspecting searchers from what they are looking for and waste their time.[2] At worst, scads can take users to unsecured sites – exposing them to fraud, scams, viruses, and spyware.[3] Sponsored search results contain over twice as many risky sites as organic listings for the same search terms, according to a study by online security company McAfee.[4] Scads exist in sponsored links and several have delivered Internet users to sites that charge for Firefox, a popular free web browser.[5]

References
[1] Ellison, David (August 18, 2008). "Don't get duped by back-to-school 'scad'" (http:/ / blogs. chron. com/ consumerwatch/ 2008/ 08/ dont_get_duped_by_backtoschool_1. html). Houston Chronicle. . Retrieved 2009-04-13. [2] Brendler, Beau (July 24, 2008). "Protecting Brands from Bogus Sponsored Links" (http:/ / blog. consumerwebwatch. org/ 2008/ 07/ industry_group_wants_to_protec. html). Consumer Reports WebWatch. . Retrieved 2009-04-13. [3] Finney, Michael (December 29, 2009). "Bait-and-switch scams move to Internet" (http:/ / abclocal. go. com/ kgo/ story?section=news/ 7_on_your_side& id=6577060). ABC KGO-TV Seven On Your Side. . Retrieved 2009-04-13. [4] Edelman, Ben; Rosenbaum, Hannah (June 4, 2007). "The State of Search Engine Safety. McAfee Inc." (http:/ / www. siteadvisor. com/ studies/ search_safety_may2007). McAfee Site Advisor. . Retrieved 2009-04-13. [5] Keats, Shane (February 3, 2006). "How Much Does 'Free' Cost?" (http:/ / blog. siteadvisor. com/ 2006/ 02/ how_would_you_like_to_pay_3795. shtml). McAfee SiteAdvisor Blog. . Retrieved 2009-04-13.

Social engineering (security)

54

Social engineering (security)
Computer security Secure operating systems Security architecture Security by design Secure coding Computer insecurity Vulnerability Social engineering Eavesdropping Exploits Trojans Viruses and worms Denial of service Backdoors Rootkits Keyloggers

Payloads

Social engineering is the act of manipulating people into performing actions or divulging confidential information, rather than by breaking in or using technical cracking techniques.[1] While similar to a confidence trick or simple fraud, the term typically applies to trickery or deception for the purpose of information gathering, fraud, or computer system access; in most cases the attacker never comes face-to-face with the victim. Social Engineering has also been employed by bill collectors, skiptracers, and bounty hunters. "Social engineering" as an act of psychological manipulation was popularized by hacker-turned-consultant Kevin Mitnick. The term had previously been associated with the social sciences, but its usage has caught on among computer professionals.[2]

Social engineering techniques and terms
All social engineering techniques are based on specific attributes of human decision-making known as cognitive biases.[3] These biases, sometimes called "bugs in the human hardware," are exploited in various combinations to create attack techniques, some of which are listed here:

Pretexting
Pretexting is the act of creating and using an invented scenario (the pretext) to engage a targeted victim in a manner that increases the chance the victim will divulge information or perform actions that would be unlikely in ordinary circumstances. It is more than a simple lie, as it most often involves some prior research or setup and the use of prior information for impersonation (e.g., date of birth, Social Security Number, last bill amount) to establish legitimacy in the mind of the target.[4] This technique can be used to trick a business into disclosing customer information as well as by private investigators to obtain telephone records, utility records, banking records and other information directly from junior company service representatives. The information can then be used to establish even greater legitimacy under tougher questioning with a manager, e.g., to make account changes, get specific balances, etc. Pretexting has been an observed law enforcement technique, under the auspices of which, a law officer may leverage the threat of an alleged infraction to detain a suspect for questioning and conduct close inspection of a vehicle or premises.

Social engineering (security) Pretexting can also be used to impersonate co-workers, police, bank, tax authorities, or insurance investigators — or any other individual who could have perceived authority or right-to-know in the mind of the targeted victim. The pretexter must simply prepare answers to questions that might be asked by the victim. In some cases all that is needed is a voice that sounds authoritative, an earnest tone, and an ability to think on one's feet.

55

Diversion theft
Diversion theft, also known as the "Corner Game"[5] or "Round the Corner Game", originated in the East End of London. In summary, diversion theft is a "con" exercised by professional thieves, normally against a transport or courier company. The objective is to persuade the persons responsible for a legitimate delivery that the consignment is requested elsewhere — hence, "round the corner". With a load/consignment redirected, the thieves persuade the driver to unload the consignment near to, or away from, the consignee's address, in the pretense that it is "going straight out" or "urgently required somewhere else". The "con" or deception has many different facets, which include social engineering techniques to persuade legitimate administrative or traffic personnel of a transport or courier company to issue instructions to the driver to redirect the consignment or load. Another variation of diversion theft is stationing a security van outside a bank on a Friday evening. Smartly dressed guards use the line "Night safe's out of order, Sir". By this method shopkeepers etc. are gulled into depositing their takings into the van. They do of course obtain a receipt but later this turns out to be worthless. A similar technique was used many years ago to steal a Steinway grand piano from a radio studio in London. "Come to overhaul the piano, guv" was the chat line. The social engineering skills of these thieves are well rehearsed, and are extremely effective. Most companies do not prepare their staff for this type of deception.

Phishing
Phishing is a technique of fraudulently obtaining private information. Typically, the phisher sends an e-mail that appears to come from a legitimate business—a bank, or credit card company—requesting "verification" of information and warning of some dire consequence if it is not provided. The e-mail usually contains a link to a fraudulent web page that seems legitimate—with company logos and content—and has a form requesting everything from a home address to an ATM card's PIN. For example, 2003 saw the proliferation of a phishing scam in which users received e-mails supposedly from eBay claiming that the user's account was about to be suspended unless a link provided was clicked to update a credit card (information that the genuine eBay already had). Because it is relatively simple to make a Web site resemble a legitimate organization's site by mimicking the HTML code, the scam counted on people being tricked into thinking they were being contacted by eBay and subsequently, were going to eBay's site to update their account information. By spamming large groups of people, the "phisher" counted on the e-mail being read by a percentage of people who already had listed credit card numbers with eBay legitimately, who might respond. IVR or phone phishing This technique uses a rogue Interactive voice response (IVR) system to recreate a legitimate-sounding copy of a bank or other institution's IVR system. The victim is prompted (typically via a phishing e-mail) to call in to the "bank" via a (ideally toll free) number provided in order to "verify" information. A typical system will reject log-ins continually, ensuring the victim enters PINs or passwords multiple times, often disclosing several different passwords. More advanced systems transfer the victim to the attacker posing as a customer service agent for further questioning.

Social engineering (security) One could even record the typical commands ("Press one to change your password, press two to speak to customer service" ...) and play back the direction manually in real time, giving the appearance of being an IVR without the expense. Phone phishing is also called vishing. Baiting Baiting is like the real-world Trojan Horse that uses physical media and relies on the curiosity or greed of the victim.[6] In this attack, the attacker leaves a malware infected floppy disk, CD ROM, or USB flash drive in a location sure to be found (bathroom, elevator, sidewalk, parking lot), gives it a legitimate looking and curiosity-piquing label, and simply waits for the victim to use the device. For example, an attacker might create a disk featuring a corporate logo, readily available from the target's web site, and write "Executive Salary Summary Q2 2010" on the front. The attacker would then leave the disk on the floor of an elevator or somewhere in the lobby of the targeted company. An unknowing employee might find it and subsequently insert the disk into a computer to satisfy their curiosity, or a good samaritan might find it and turn it in to the company. In either case as a consequence of merely inserting the disk into a computer to see the contents, the user would unknowingly install malware on it, likely giving an attacker unfettered access to the victim's PC and perhaps, the targeted company's internal computer network. Unless computer controls block the infection, PCs set to "auto-run" inserted media may be compromised as soon as a rogue disk is inserted.

56

Quid pro quo
Quid pro quo means something for something: • An attacker calls random numbers at a company claiming to be calling back from technical support. Eventually they will hit someone with a legitimate problem, grateful that someone is calling back to help them. The attacker will "help" solve the problem and in the process have the user type commands that give the attacker access or launch malware. • In a 2003 information security survey, 90% of office workers gave researchers what they claimed was their password in answer to a survey question in exchange for a cheap pen.[7] Similar surveys in later years obtained similar results using chocolates and other cheap lures, although they made no attempt to validate the passwords.[8]

Other types
Common confidence tricksters or fraudsters also could be considered "social engineers" in the wider sense, in that they deliberately deceive and manipulate people, exploiting human weaknesses to obtain personal benefit. They may, for example, use social engineering techniques as part of an IT fraud. A very recent type of social engineering techniques include spoofing or hacking IDs of people having popular e-mail IDs such as Yahoo!, GMail, Hotmail, etc. Among the many motivations for deception are: • Phishing credit-card account numbers and their passwords. • Hacking private e-mails and chat histories, and manipulating them by using common editing techniques before using them to extort money and creating distrust among individuals. • Hacking websites of companies or organizations and destroying their reputation. • Computer virus hoaxes

Social engineering (security)

57

Countermeasures
Organizations must decide which information is sensitive. Then they must tell their employees which information is sensitive. Employees must be trained to verify the identity of a person who request sensitive information. If that person's identity cannot be verified, then the employee must be trained to politely refuse the request. Security must be tested periodically, and these tests must be unannounced.[9]

Notable social engineers
Kevin Mitnick
Reformed computer criminal and later security consultant Kevin Mitnick popularized the term "social engineering", pointing out that it is much easier to trick someone into giving a password for a system than to spend the effort to crack into the system.[10] He claims it was the single most effective method in his arsenal.

Badir Brothers
Brothers Ramy, Muzher, and Shadde Badir—all of whom were blind from birth—managed to set up an extensive phone and computer fraud scheme in Israel in the 1990s using social engineering, voice impersonation, and Braille-display computers.[11]

United States law
In common law, pretexting is an invasion of privacy tort of appropriation.[12]

Pretexting of telephone records
In December 2006, United States Congress approved a Senate sponsored bill making the pretexting of telephone records a federal felony with fines of up to $250,000 and ten years in prison for individuals (or fines of up to $500,000 for companies). It was signed by president George W. Bush on January 12, 2007.[13]

Federal legislation
The 1999 "GLBA" is a U.S. Federal law that specifically addresses pretexting of banking records as an illegal act punishable under federal statutes. When a business entity such as a private investigator, SIU insurance investigator, or an adjuster conducts any type of deception, it falls under the authority of the Federal Trade Commission (FTC). This federal agency has the obligation and authority to ensure that consumers are not subjected to any unfair or deceptive business practices. US Federal Trade Commission Act, Section 5 of the FTCA states, in part: "Whenever the Commission shall have reason to believe that any such person, partnership, or corporation has been or is using any unfair method of competition or unfair or deceptive act or practice in or affecting commerce, and if it shall appear to the Commission that a proceeding by it in respect thereof would be to the interest of the public, it shall issue and serve upon such person, partnership, or corporation a complaint stating its charges in that respect." The statute states that when someone obtains any personal, non-public information from a financial institution or the consumer, their action is subject to the statute. It relates to the consumer's relationship with the financial institution. For example, a pretexter using false pretenses either to get a consumer's address from the consumer's bank, or to get a consumer to disclose the name of his or her bank, would be covered. The determining principle is that pretexting only occurs when information is obtained through false pretenses. While the sale of cell telephone records has gained significant media attention, and telecommunications records are the focus of the two bills currently before the United States Senate, many other types of private records are being

Social engineering (security) bought and sold in the public market. Alongside many advertisements for cell phone records, wireline records and the records associated with calling cards are advertised. As individuals shift to VoIP telephones, it is safe to assume that those records will be offered for sale as well. Currently, it is legal to sell telephone records, but illegal to obtain them.[14]

58

1st Source Information Specialists
U.S. Rep. Fred Upton (R-Kalamazoo, Michigan), chairman of the Energy and Commerce Subcommittee on Telecommunications and the Internet, expressed concern over the easy access to personal mobile phone records on the Internet during Wednesday's E&C Committee hearing on "Phone Records For Sale: Why Aren't Phone Records Safe From Pretexting?" Illinois became the first state to sue an online records broker when Attorney General Lisa Madigan sued 1st Source Information Specialists, Inc., on 20 January, a spokeswoman for Madigan's office said. The Florida-based company operates several Web sites that sell mobile telephone records, according to a copy of the suit. The attorneys general of Florida and Missouri quickly followed Madigan's lead, filing suit on 24 January and 30 January, respectively, against 1st Source Information Specialists and, in Missouri's case, one other records broker First Data Solutions, Inc. Several wireless providers, including T-Mobile, Verizon, and Cingular filed earlier lawsuits against records brokers, with Cingular winning an injunction against First Data Solutions and 1st Source Information Specialists on January 13. U.S. Senator Charles Schumer (D-New York) introduced legislation in February 2006 aimed at curbing the practice. The Consumer Telephone Records Protection Act of 2006 would create felony criminal penalties for stealing and selling the records of mobile phone, landline, and Voice over Internet Protocol (VoIP) subscribers.

Hewlett Packard
Patricia Dunn, former chairman of Hewlett Packard, reported that the HP board hired a private investigation company to delve into who was responsible for leaks within the board. Dunn acknowledged that the company used the practice of pretexting to solicit the telephone records of board members and journalists. Chairman Dunn later apologized for this act and offered to step down from the board if it was desired by board members.[15] Unlike Federal law, California law specifically forbids such pretexting. The four felony charges brought on Dunn were dismissed.[16]

In popular culture
• In the film Hackers, the protagonist used pretexting when he asked a security guard for the telephone number to a TV station's modem while posing as an important executive. • In Jeffrey Deaver's book The Blue Nowhere, social engineering to obtain confidential information is one of the methods used by the killer, Phate, to get close to his victims. • In the movie Live Free or Die Hard, Justin Long is seen pretexting that his father is dying from a heart attack to have a BMW Assist representative start what will become a stolen car. • In the movie Sneakers, one of the characters poses as a low level security guard's superior in order to convince him that a security breach is just a false alarm. • In the movie The Thomas Crown Affair, one of the characters poses over the telephone as a museum guard's superior in order to move the guard away from his post. • In the James Bond movie Diamonds Are Forever, Bond is seen gaining entry to the Whyte laboratory with a then-state-of-the-art card-access lock system by "tailgating". He merely waits for an employee to come to open the door, then posing himself as a rookie at the lab, fakes inserting a non-existent card while the door is unlocked for him by the employee.

Social engineering (security)

59

References
Notes
[1] Goodchild, Joan (January 11, 2010). "Social Engineering: The Basics" (http:/ / www. csoonline. com/ article/ 514063/ Social_Engineering_The_Basics). csoonline. . Retrieved 14 January 2010. [2] Security engineering:a guide to building dependable distributed systems, second edition, Ross Anderson, Wiley, 2008 - 1040 pages ISBN 978-0-470.06852-6, Chapter 2, page 17 [3] Mitnick, K: "CSEPS Course Workbook" (2004), unit 3, Mitnick Security Publishing. [4] " Pretexting: Your Personal Information Revealed (http:/ / www. ftc. gov/ bcp/ edu/ pubs/ consumer/ credit/ cre10. shtm),"Federal Trade Commission [5] http:/ / trainforlife. co. uk/ onlinecourses. php [6] http:/ / www. darkreading. com/ document. asp?doc_id=95556& WT. svl=column1_1 [7] Office workers give away passwords (http:/ / www. theregister. co. uk/ content/ 55/ 30324. html) [8] Passwords revealed by sweet deal (http:/ / news. bbc. co. uk/ 1/ hi/ technology/ 3639679. stm) [9] Mitnick, K., & Simon, W. (2005). The Art Of Intrusion. Indianapolis, IN: Wiley Publishing. [10] Mitnick, K: "CSEPS Course Workbook" (2004), p. 4, Mitnick Security Publishing. [11] http:/ / www. wired. com/ wired/ archive/ 12. 02/ phreaks_pr. html [12] Restatement 2d of Torts § 652C. [13] Congress outlaws pretexting (http:/ / arstechnica. com/ news. ars/ post/ 20061211-8395. html), Eric Bangeman, 12/11/2006 11:01:01, Ars Technica [14] Mitnick, K (2002): "The Art of Deception", p. 103 Wiley Publishing Ltd: Indianapolis, Indiana; United States of America. ISBN 0-471-23712-4 [15] HP chairman: Use of pretexting 'embarrassing' (http:/ / news. com. com/ HP+ chairman+ Use+ of+ pretexting+ embarrassing/ 2100-1014_3-6113715. html?tag=nefd. lede) Stephen Shankland, 2006-09-08 1:08 PM PDT CNET News.com [16] Calif. court drops charges against Dunn (http:/ / news. cnet. com/ Calif. -court-drops-charges-against-Dunn/ 2100-1014_3-6167187. html)

Further reading
• Boyington, Gregory. (1990). Baa Baa Black Sheep Published by Bantam Books ISBN 0-553-26350-1 • Harley, David. 1998 Re-Floating the Titanic: Dealing with Social Engineering Attacks (http:// smallbluegreenblog.files.wordpress.com/2010/04/eicar98.pdf) EICAR Conference. • Laribee, Lena. June 2006 Development of methodical social engineering taxonomy project (http://faculty.nps. edu/ncrowe/oldstudents/laribeethesis.htm) Master's Thesis, Naval Postgraduate School. • Leyden, John. April 18, 2003. Office workers give away passwords for a cheap pen (http://www.theregister.co. uk/2003/04/18/office_workers_give_away_passwords/). The Register. Retrieved 2004-09-09. • Long, Johnny. (2008). No Tech Hacking - A Guide to Social Engineering, Dumpster Diving, and Shoulder Surfing Published by Syngress Publishing Inc. ISBN 978-1-59749-215-7 • Mann, Ian. (2008). Hacking the Human: Social Engineering Techniques and Security Countermeasures Published by Gower Publishing Ltd. ISBN 0-566-08773-1 or ISBN 978-0-566-08773-8 • Mitnick, Kevin, Kasperavičius, Alexis. (2004). CSEPS Course Workbook. Mitnick Security Publishing. • Mitnick, Kevin, Simon, William L., Wozniak, Steve,. (2002). The Art of Deception: Controlling the Human Element of Security Published by Wiley. ISBN 0-471-23712-4 or ISBN 0-7645-4280-X

Social engineering (security)

60

External links
• Socialware.ru (http://www.socialware.ru/) - The most major runet community devoted to social engineering. • Spylabs on vimeo (http://vimeo.com/spylabs/) - Video chanel devoted to social engineering. • Social Engineering Fundamentals (http://www.securityfocus.com/infocus/1527) - Securityfocus.com. Retrieved on August 3, 2009. • Social Engineering, the USB Way (http://www.darkreading.com/document.asp?doc_id=95556&WT. svl=column1_1) - DarkReading.com. Retrieved on July 7, 2006. • Should Social Engineering be a part of Penetration Testing? (http://www.darknet.org.uk/2006/03/ should-social-engineering-a-part-of-penetration-testing/) - Darknet.org.uk. Retrieved on August 3, 2009. • "Protecting Consumers' Phone Records" (http://www.epic.org/privacy/iei/sencomtest2806.html) - US Committee on Commerce, Science, and Transportation. Retrieved on February 8, 2006. • Plotkin, Hal. Memo to the Press: Pretexting is Already Illegal (http://www.plotkin.com/blog-archives/2006/ 09/memo_to_the_pre.html). Retrieved on September 9, 2006. • Striptease for passwords (http://www.msnbc.msn.com/id/21566341/) - MSNBC.MSN.com. Retrieved on November 1, 2007. • Social-Engineer.org (http://www.social-engineer.org) - social-engineer.org. Retrieved on September 16, 2009. • (http://www.jocktoday.com/2010/02/08/social-engineering-manipulating-caller-id/) - Social Engineering: Manipulating Caller-Id

Phishing
Phishing is a way of attempting to acquire sensitive information such as usernames, passwords and credit card details by masquerading as a trustworthy entity in an electronic communication. Communications purporting to be from popular social web sites, auction sites, online payment processors or IT administrators are commonly used to lure the unsuspecting public. Phishing is typically carried out by e-mail or instant messaging,[1] and it often directs users to enter details at a fake website whose look and feel are almost identical to the legitimate one. Phishing is An example of a phishing e-mail, disguised as an official e-mail from a (fictional) an example of social engineering techniques [2] bank. The sender is attempting to trick the recipient into revealing confidential used to fool users, and exploits the poor information by "confirming" it at the phisher's website. Note the misspelling of the usability of current web security words received and discrepancy. Such mistakes are common in most phishing [3] technologies. Attempts to deal with the emails. Also note that although the URL of the bank's webpage appears to be legitimate, it actually links to the phisher's webpage. growing number of reported phishing incidents include legislation, user training, public awareness, and technical security measures. A phishing technique was described in detail in 1987, and the first recorded use of the term "phishing" was made in 1996. The term is a variant of fishing,[4] probably influenced by phreaking,[5] [6] and alludes to baits used to "catch" financial information and passwords.

Phishing

61

History and current status of phishing
A phishing technique was described in detail, in a paper and presentation delivered to the International HP Users Group, Interex.[7] The first recorded mention of the term "phishing" is on the alt.online-service.america-online Usenet newsgroup on January 2, 1996,[8] although the term may have appeared earlier in the print edition of the hacker magazine 2600.[9]

Early phishing on AOL
Phishing on AOL was closely associated with the warez community that exchanged pirated software and the hacking scene that perpetrated credit card fraud and other online crimes. After AOL brought in measures in late 1995 to prevent using fake, algorithmically generated credit card numbers to open accounts, AOL crackers resorted to phishing for legitimate accounts[10] and exploiting AOL. A phisher might pose as an AOL staff member and send an instant message to a potential victim, asking him to reveal his password.[11] In order to lure the victim into giving up sensitive information the message might include imperatives like "verify your account" or "confirm billing information". Once the victim had revealed the password, the attacker could access and use the victim's account for fraudulent purposes or spamming. Both phishing and warezing on AOL generally required custom-written programs, such as AOHell. Phishing became so prevalent on AOL that they added a line on all instant messages stating: "no one working at AOL will ask for your password or billing information", though even this didn't prevent some people from giving away their passwords and personal information if they read and believed the IM first. A user using both an AIM account and an AOL account from an ISP simultaneously could phish AOL members with relative impunity as internet AIM accounts could be used by non-AOL internet members and could not be actioned (i.e.- reported to AOL TOS department for disciplinary action.) Eventually, AOL's policy enforcement with respect to phishing and warez became stricter and forced pirated software off AOL servers. AOL simultaneously developed a system to promptly deactivate accounts involved in phishing, often before the victims could respond. The shutting down of the warez scene on AOL caused most phishers to leave the service.[12]

Transition from AOL to financial institutions
The capture of AOL account information may have led phishers to misuse credit card information, and to the realization that attacks against online payment systems were feasible. The first known direct attempt against a payment system affected E-gold in June 2001, which was followed up by a "post-9/11 id check" shortly after the September 11 attacks on the World Trade Center.[13] Both were viewed at the time as failures, but can now be seen as early experiments towards more fruitful attacks against mainstream banks. By 2004, phishing was recognized as a fully industrialized part of the economy of crime: specializations emerged on a global scale that provided components for cash, which were assembled into finished attacks.[14] [15]

Phishing

62

Phishing techniques
Recent phishing attempts
Phishers are targeting the customers of banks and online payment services. E-mails, supposedly from the Internal Revenue Service, have been used to glean sensitive data from U.S. taxpayers.[16] While the first such examples were sent indiscriminately in the expectation that some would be received by customers of a given bank or service, recent research has shown that phishers may in principle be able to determine which banks potential victims use, and target bogus e-mails accordingly.[17] Targeted versions of phishing have been termed spear phishing.[18] Several recent phishing attacks have been directed specifically at senior executives and other high profile targets within businesses, and the term whaling has been coined for these kinds of attacks.[19]

A chart showing the increase in phishing reports from October 2004 to June 2005.

Social networking sites are now a prime target of phishing, since the personal details in such sites can be used in identity theft;[20] in late 2006 a computer worm took over pages on MySpace and altered links to direct surfers to websites designed to steal login details.[21] Experiments show a success rate of over 70% for phishing attacks on social networks.[22] The RapidShare file sharing site has been targeted by phishing to obtain a premium account, which removes speed caps on downloads, auto-removal of uploads, waits on downloads, and cooldown times between downloads.[23] Attackers who broke into TD Ameritrade's database (containing all 6.3 million customers' social security numbers, account numbers and email addresses as well as their names, addresses, dates of birth, phone numbers and trading activity) also wanted the account usernames and passwords, so they launched a follow-up spear phishing attack.[24] Almost half of phishing thefts in 2006 were committed by groups operating through the Russian Business Network based in St. Petersburg.[25] Some people are being victimized by a Facebook Scam, the link being hosted by T35 Web Hosting and people are losing their accounts.[26] There are anti-phishing websites which publish exact messages that have been recently circulating the internet, such as FraudWatch International and Millersmiles. Such sites often provide specific details about the particular messages.[27] [28]

Link manipulation
Most methods of phishing use some form of technical deception designed to make a link in an e-mail (and the spoofed website it leads to) appear to belong to the spoofed organization. Misspelled URLs or the use of subdomains are common tricks used by phishers. In the following example URL, http://www.yourbank.example.com/, it appears as though the URL will take you to the example section of the yourbank website; actually this URL points to the "yourbank" (i.e. phishing) section of the example website. Another common trick is to make the displayed text for a link (the text between the <A> tags) suggest a reliable destination, when the link actually goes to the phishers' site. The following example link, http:/ / en. wikipedia. org/ wiki/ Genuine, appears to take you to an article entitled "Genuine"; clicking on it will in fact take you to the article entitled "Deception". In the lower left hand corner of most browsers you can preview and verify where the link is going to take you.[29] Hovering your cursor over the link for a couple of seconds will do a similar thing. An old method of spoofing used links containing the '@' symbol, originally intended as a way to include a username and password (contrary to the standard).[30] For example, the link

Phishing http://www.google.com@members.tripod.com/ might deceive a casual observer into believing that it will open a page on www.google.com, whereas it actually directs the browser to a page on members.tripod.com, using a username of www.google.com: the page opens normally, regardless of the username supplied. Such URLs were disabled in Internet Explorer,[31] while Mozilla Firefox[32] and Opera present a warning message and give the option of continuing to the site or cancelling. A further problem with URLs has been found in the handling of Internationalized domain names (IDN) in web browsers, that might allow visually identical web addresses to lead to different, possibly malicious, websites. Despite the publicity surrounding the flaw, known as IDN spoofing[33] or homograph attack,[34] phishers have taken advantage of a similar risk, using open URL redirectors on the websites of trusted organizations to disguise malicious URLs with a trusted domain.[35] [36] [37] Even digital certificates do not solve this problem because it is quite possible for a phisher to purchase a valid certificate and subsequently change content to spoof a genuine website.

63

Filter evasion
Phishers have used images instead of text to make it harder for anti-phishing filters to detect text commonly used in phishing e-mails.[38]

Website forgery
Once a victim visits the phishing website the deception is not over. Some phishing scams use JavaScript commands in order to alter the address bar.[39] This is done either by placing a picture of a legitimate URL over the address bar, or by closing the original address bar and opening a new one with the legitimate URL.[40] An attacker can even use flaws in a trusted website's own scripts against the victim.[41] These types of attacks (known as cross-site scripting) are particularly problematic, because they direct the user to sign in at their bank or service's own web page, where everything from the web address to the security certificates appears correct. In reality, the link to the website is crafted to carry out the attack, making it very difficult to spot without specialist knowledge. Just such a flaw was used in 2006 against PayPal.[42] A Universal Man-in-the-middle (MITM) Phishing Kit, discovered in 2007, provides a simple-to-use interface that allows a phisher to convincingly reproduce websites and capture log-in details entered at the fake site.[43] To avoid anti-phishing techniques that scan websites for phishing-related text, phishers have begun to use Flash-based websites. These look much like the real website, but hide the text in a multimedia object.[44]

Phone phishing
Not all phishing attacks require a fake website. Messages that claimed to be from a bank told users to dial a phone number regarding problems with their bank accounts.[45] Once the phone number (owned by the phisher, and provided by a Voice over IP service) was dialed, prompts told users to enter their account numbers and PIN. Vishing (voice phishing) sometimes uses fake caller-ID data to give the appearance that calls come from a trusted organization.[46]

Other techniques
• Another attack used successfully is to forward the client to a bank's legitimate website, then to place a popup window requesting credentials on top of the website in a way that it appears the bank is requesting this sensitive information.[47] • One of the latest phishing techniques is tabnabbing. It takes advantage of the multiple tabs that users use and silently redirects a user to the affected site.

Phishing • Evil twins is a phishing technique that is hard to detect. A phisher creates a fake wireless network that looks similar to a legitimate public network that may be found in public places such as airports, hotels or coffee shops. Whenever someone logs on to the bogus network, fraudsters try to capture their passwords and/or credit card information.

64

Damage caused by phishing
The damage caused by phishing ranges from denial of access to e-mail to substantial financial loss. It is estimated that between May 2004 and May 2005, approximately 1.2 million computer users in the United States suffered losses caused by phishing, totaling approximately US$929 million. United States businesses lose an estimated US$2 billion per year as their clients become victims.[48] In 2007, phishing attacks escalated. 3.6 million adults lost US$3.2 billion in the 12 months ending in August 2007.[49] Microsoft claims these estimates are grossly exaggerated and puts the annual phishing loss in the US at US$60 million.[50] In the United Kingdom losses from web banking fraud—mostly from phishing—almost doubled to GB£23.2m in 2005, from GB£12.2m in 2004,[51] while 1 in 20 computer users claimed to have lost out to phishing in 2005.[52] The stance adopted by the UK banking body APACS is that "customers must also take sensible precautions ... so that they are not vulnerable to the criminal."[53] Similarly, when the first spate of phishing attacks hit the Irish Republic's banking sector in September 2006, the Bank of Ireland initially refused to cover losses suffered by its customers (and it still insists that its policy is not to do so[54] ), although losses to the tune of €11,300 were made good.[55]

Anti-phishing
There are several different techniques to combat phishing, including legislation and technology created specifically to protect against phishing. Most new internet browsers come with anti-phishing software.

Social responses
One strategy for combating phishing is to train people to recognize phishing attempts, and to deal with them. Education can be effective, especially where training provides direct feedback.[56] One newer phishing tactic, which uses phishing e-mails targeted at a specific company, known as spear phishing, has been harnessed to train individuals at various locations, including United States Military Academy at West Point, NY. In a June 2004 experiment with spear phishing, 80% of 500 West Point cadets who were sent a fake e-mail were tricked into revealing personal information.[57] People can take steps to avoid phishing attempts by slightly modifying their browsing habits. When contacted about an account needing to be "verified" (or any other topic used by phishers), it is a sensible precaution to contact the company from which the e-mail apparently originates to check that the e-mail is legitimate. Alternatively, the address that the individual knows is the company's genuine website can be typed into the address bar of the browser, rather than trusting any hyperlinks in the suspected phishing message.[58] Nearly all legitimate e-mail messages from companies to their customers contain an item of information that is not readily available to phishers. Some companies, for example PayPal, always address their customers by their username in e-mails, so if an e-mail addresses the recipient in a generic fashion ("Dear PayPal customer") it is likely to be an attempt at phishing.[59] E-mails from banks and credit card companies often include partial account numbers. However, recent research[60] has shown that the public do not typically distinguish between the first few digits and the last few digits of an account number—a significant problem since the first few digits are often the same for all clients of a financial institution. People can be trained to have their suspicion aroused if the message does not contain any specific personal information. Phishing attempts in early 2006, however, used personalized information, which makes it unsafe to assume that the presence of personal information alone guarantees that a message is legitimate.[61] Furthermore, another recent study concluded in part that the presence of personal

Phishing information does not significantly affect the success rate of phishing attacks,[62] which suggests that most people do not pay attention to such details. The Anti-Phishing Working Group, an industry and law enforcement association, has suggested that conventional phishing techniques could become obsolete in the future as people are increasingly aware of the social engineering techniques used by phishers.[63] They predict that pharming and other uses of malware will become more common tools for stealing information. Everyone can help educate the public by encouraging safe practices, and by avoiding dangerous ones. Unfortunately, even well-known players are known to incite users to hazardous behaviour, e.g. by requesting their users to reveal their passwords for third party services, such as email.[64]

65

Technical responses
Anti-phishing measures have been implemented as features embedded in browsers, as extensions or toolbars for browsers, and as part of website login procedures. The following are some of the main approaches to the problem. Helping to identify legitimate websites Most websites targeted for phishing are secure websites meaning that SSL with strong PKI cryptography is used for server authentication, where the website's URL is used as identifier. In theory it should be possible for the SSL authentication to be used to confirm the site to the user, and this was SSL v2's design requirement and the meta of secure browsing. But in practice, this is easy to trick. The superficial flaw is that the browser's security user interface (UI) is insufficient to deal with today's strong threats. There are three parts to secure authentication using TLS and certificates: indicating that the connection is in authenticated mode, indicating which site the user is connected to, and indicating which authority says it is this site. All three are necessary for authentication, and need to be confirmed by/to the user. Secure Connection The standard display for secure browsing from the mid-1990s to mid-2000s was the padlock. In 2005, Mozilla fielded a yellow URL bar 2005 as a better indication of the secure connection. This innovation was later reversed due to the EV certificates, which replaced certain certificates providing a high level of organization identity verification with a green display, and other certificates with an extended blue favicon box to the left of the URL bar (in addition to the switch from "http" to "https" in the url itself). Which Site The user is expected to confirm that the domain name in the browser's URL bar was in fact where they intended to go. URLs can be too complex to be easily parsed. Users often do not know or recognise the URL of the legitimate sites they intend to connect to, so that the authentication becomes meaningless.[3] A condition for meaningful server authentication is to have a server identifier that is meaningful to the user; many ecommerce sites will change the domain names within their overall set of websites, adding to the opportunity for confusion. Simply displaying the domain name for the visited website[65] as some anti-phishing toolbars do is not sufficient. Some newer browsers, such as Internet Explorer 8, display the entire URL in grey, with just the domain name itself in black, as a means of assisting users in identifying fraudulent URLs. An alternate approach is the petname extension for Firefox which lets users type in their own labels for websites, so they can later recognize when they have returned to the site. If the site is not recognised, then the software may either warn the user or block the site outright. This represents user-centric identity management of server identities.[66] Some suggest that a graphical image selected by the user is better than a petname.[67] With the advent of EV certificates, browsers now typically display the organisation's name in green, which is much more visible and is hopefully more consistent with the user's expectations. Unfortunately, browser vendors have

Phishing chosen to limit this prominent display only to EV certificates, leaving the user to fend for himself with all other certificates. Who is the Authority The browser needs to state who the authority is that makes the claim of who the user is connected to. At the simplest level, no authority is stated, and therefore the browser is the authority, as far as the user is concerned. The browser vendors take on this responsibility by controlling a root list of acceptable CAs. This is the current standard practice. The problem with this is that not all certification authorities (CAs) employ equally good nor applicable checking, regardless of attempts by browser vendors to control the quality. Nor do all CAs subscribe to the same model and concept that certificates are only about authenticating ecommerce organisations. Certificate Manufacturing is the name given to low-value certificates that are delivered on a credit card and an email confirmation; both of these are easily perverted by fraudsters. Hence, a high-value site may be easily spoofed by a valid certificate provided by another CA. This could be because the CA is in another part of the world, and is unfamiliar with high-value ecommerce sites, or it could be that no care is taken at all. As the CA is only charged with protecting its own customers, and not the customers of other CAs, this flaw is inherent in the model. The solution to this is that the browser should show, and the user should be familiar with, the name of the authority. This presents the CA as a brand, and allows the user to learn the handful of CAs that she is likely to come into contact within her country and her sector. The use of brand is also critical to providing the CA with an incentive to improve their checking, as the user will learn the brand and demand good checking for high-value sites. This solution was first put into practice in early IE7 versions, when displaying EV certificates.[68] In that display, the issuing CA is displayed. This was an isolated case, however. There is resistance to CAs being branded on the chrome, resulting in a fallback to the simplest level above: the browser is the user's authority. Fundamental flaws in the security model of secure browsing Experiments to improve the security UI have resulted in benefits, but have also exposed fundamental flaws in the security model. The underlying causes for the failure of the SSL authentication to be employed properly in secure browsing are many and intertwined. Security before threat Because secure browsing was put into place before any threat was evident, the security display lost out in the "real estate wars" of the early browsers. The original design of Netscape's browser included a prominent display of the name of the site and the CA's name, but these were dropped in the first release. Users are now highly experienced in not checking security information at all. Click-through syndrome However, warnings to poorly configured sites continued, and were not down-graded. If a certificate had an error in it (mismatched domain name, expiry), then the browser would commonly launch a popup to warn the user. As the reason was generally a minor misconfiguration, the users learned to bypass the warnings, and now, users are accustomed to treat all warnings with the same disdain, resulting in Click-through syndrome. For example, Firefox 3 has a 4-click process for adding an exception, but it has been shown to be ignored by an experienced user in a real case of MITM. Even today, as the vast majority of warnings will be for misconfigurations not real MITMs, it is hard to see how click-through syndrome will ever be avoided.

66

Phishing Lack of interest Another underlying factor is the lack of support for virtual hosting. The specific causes are a lack of support for Server Name Indication in TLS webservers, and the expense and inconvenience of acquiring certificates. The result is that the use of authentication is too rare to be anything but a special case. This has caused a general lack of knowledge and resources in authentication within TLS, which in turn has meant that the attempts by browser vendors to upgrade their security UIs have been slow and lacklustre. Lateral communications The security model for secure browser includes many participants: user, browser vendor, developers, CA, auditor, webserver vendor, ecommerce site, regulators (e.g., FDIC), and security standards committees. There is a lack of communication between different groups that are committed to the security model. E.g., although the understanding of authentication is strong at the protocol level of the IETF committees, this message does not reach the UI groups. Webserver vendors do not prioritise the Server Name Indication (TLS/SNI) fix, not seeing it as a security fix but instead a new feature. In practice, all participants look to the others as the source of the failures leading to phishing, hence the local fixes are not prioritised. Matters improved slightly with the CAB Forum, as that group includes browser vendors, auditors and CAs. But the group did not start out in an open fashion, and the result suffered from commercial interests of the first players, as well as a lack of parity between the participants. Even today, CAB forum is not open, and does not include representation from small CAs, end-users, ecommerce owners, etc. Standards gridlock Vendors commit to standards, which results in an outsourcing effect when it comes to security. Although there have been many and good experiments in improving the security UI, these have not been adopted because they are not standard, or clash with the standards. Threat models can re-invent themselves in around a month; Security standards take around 10 years to adjust. Venerable Certificate Authority model Control mechanisms employed by the browser vendors over the CAs have not been substantially updated; the threat model has. The control and quality process over CAs is insufficiently tuned to the protection of users and the addressing of actual and current threats. Audit processes are in great need of updating. The recent EV Guidelines documented the current model in greater detail, and established a good benchmark, but did not push for any substantial changes to be made. Browsers alerting users to fraudulent websites Another popular approach to fighting phishing is to maintain a list of known phishing sites and to check websites against the list. Microsoft's IE7 browser, Mozilla Firefox 2.0, Safari 3.2, and Opera all contain this type of anti-phishing measure.[69] [70] [71] [72] Firefox 2 used Google anti-phishing software. Opera 9.1 uses live blacklists from PhishTank and GeoTrust, as well as live whitelists from GeoTrust. Some implementations of this approach send the visited URLs to a central service to be checked, which has raised concerns about privacy.[73] According to a report by Mozilla in late 2006, Firefox 2 was found to be more effective than Internet Explorer 7 at detecting fraudulent sites in a study by an independent software testing company.[74] An approach introduced in mid-2006 involves switching to a special DNS service that filters out known phishing domains: this will work with any browser,[75] and is similar in principle to using a hosts file to block web adverts. To mitigate the problem of phishing sites impersonating a victim site by embedding its images (such as logos), several site owners have altered the images to send a message to the visitor that a site may be fraudulent. The image may be moved to a new filename and the original permanently replaced, or a server can detect that the image was not

67

Phishing requested as part of normal browsing, and instead send a warning image.[76] [77] and its totally safe Augmenting password logins The Bank of America's website[78] [79] is one of several that ask users to select a personal image, and display this user-selected image with any forms that request a password. Users of the bank's online services are instructed to enter a password only when they see the image they selected. However, a recent study suggests few users refrain from entering their password when images are absent.[80] [81] In addition, this feature (like other forms of two-factor authentication) is susceptible to other attacks, such as those suffered by Scandinavian bank Nordea in late 2005,[82] and Citibank in 2006.[83] A similar system, in which an automatically-generated "Identity Cue" consisting of a colored word within a colored box is displayed to each website user, is in use at other financial institutions.[84] Security skins[85] [86] are a related technique that involves overlaying a user-selected image onto the login form as a visual cue that the form is legitimate. Unlike the website-based image schemes, however, the image itself is shared only between the user and the browser, and not between the user and the website. The scheme also relies on a mutual authentication protocol, which makes it less vulnerable to attacks that affect user-only authentication schemes. Still another technique [87] relies on a dynamic grid of images that is different for each login attempt. The user must identify the pictures that fit their pre-chosen categories (such as dogs, cars and flowers). Only after they have correctly identified the pictures that fit their categories are they allowed to enter their alphanumeric password to complete the login. Unlike the static images used on the Bank of America website, a dynamic image-based authentication method creates a one-time passcode for the login, requires active participation from the user, and is very difficult for a phishing website to correctly replicate because it would need to display a different grid of randomly generated images that includes the user's secret categories.

68

Dynamic image-based authentication for anti-phishing

Eliminating phishing mail Specialized spam filters can reduce the number of phishing e-mails that reach their addressees' inboxes. These approaches rely on machine learning and natural language processing approaches to classify phishing e-mails.[88] [89] Monitoring and takedown Several companies offer banks and other organizations likely to suffer from phishing scams round-the-clock services to monitor, analyze and assist in shutting down phishing websites.[90] Individuals can contribute by reporting phishing to both volunteer and industry groups,[91] such as PhishTank.[92] Individuals can also contribute by reporting phone phishing attempts to Phone Phishing,[93] Federal Trade Commission.[94]

Legal responses
On January 26, 2004, the U.S. Federal Trade Commission filed the first lawsuit against a suspected phisher. The defendant, a Californian teenager, allegedly created a webpage designed to look like the America Online website, and used it to steal credit card information.[95] Other countries have followed this lead by tracing and arresting phishers. A phishing kingpin, Valdir Paulo de Almeida, was arrested in Brazil for leading one of the largest phishing crime rings, which in two years stole between US$18 million and US$37 million.[96] UK authorities jailed two men in June 2005 for their role in a phishing scam,[97] in a case connected to the U.S. Secret Service Operation Firewall,

Phishing which targeted notorious "carder" websites.[98] In 2006 eight people were arrested by Japanese police on suspicion of phishing fraud by creating bogus Yahoo Japan Web sites, netting themselves ¥100 million (US$870,000).[99] The arrests continued in 2006 with the FBI Operation Cardkeeper detaining a gang of sixteen in the U.S. and Europe.[100] In the United States, Senator Patrick Leahy introduced the Anti-Phishing Act of 2005 in Congress on March 1, 2005. This bill, if it had been enacted into law, would have subjected criminals who created fake web sites and sent bogus e-mails in order to defraud consumers to fines of up to US$250,000 and prison terms of up to five years.[101] The UK strengthened its legal arsenal against phishing with the Fraud Act 2006,[102] which introduces a general offence of fraud that can carry up to a ten year prison sentence, and prohibits the development or possession of phishing kits with intent to commit fraud.[103] Companies have also joined the effort to crack down on phishing. On March 31, 2005, Microsoft filed 117 federal lawsuits in the U.S. District Court for the Western District of Washington. The lawsuits accuse "John Doe" defendants of obtaining passwords and confidential information. March 2005 also saw a partnership between Microsoft and the Australian government teaching law enforcement officials how to combat various cyber crimes, including phishing.[104] Microsoft announced a planned further 100 lawsuits outside the U.S. in March 2006,[105] followed by the commencement, as of November 2006, of 129 lawsuits mixing criminal and civil actions.[106] AOL reinforced its efforts against phishing[107] in early 2006 with three lawsuits[108] seeking a total of US$18 million under the 2005 amendments to the Virginia Computer Crimes Act,[109] [110] and Earthlink has joined in by helping to identify six men subsequently charged with phishing fraud in Connecticut.[111] In January 2007, Jeffrey Brett Goodin of California became the first defendant convicted by a jury under the provisions of the CAN-SPAM Act of 2003. He was found guilty of sending thousands of e-mails to America Online users, while posing as AOL's billing department, which prompted customers to submit personal and credit card information. Facing a possible 101 years in prison for the CAN-SPAM violation and ten other counts including wire fraud, the unauthorized use of credit cards, and the misuse of AOL's trademark, he was sentenced to serve 70 months. Goodin had been in custody since failing to appear for an earlier court hearing and began serving his prison term immediately.[112] [113] [114] [115]

69

References
[1] Tan, Koontorm Center. "Phishing and Spamming via IM (SPIM)" (http:/ / isc. sans. org/ diary. php?storyid=1905). . Retrieved December 5, 2006. [2] Microsoft Corporation. "What is social engineering?" (http:/ / www. microsoft. com/ protect/ yourself/ phishing/ engineering. mspx). . Retrieved August 22, 2007. [3] Jøsang, Audun et al.. "Security Usability Principles for Vulnerability Analysis and Risk Assessment." (http:/ / www. unik. no/ people/ josang/ papers/ JAGAM2007-ACSAC. pdf) (PDF). Proceedings of the Annual Computer Security Applications Conference 2007 (ACSAC'07). . Retrieved 2007. [4] "Spam Slayer: Do You Speak Spam?" (http:/ / www. pcworld. com/ article/ id,113431-page,1/ article. html). PCWorld.com. . Retrieved August 16, 2006. [5] "Phishing, n. OED Online, March 2006, Oxford University Press." (http:/ / dictionary. oed. com/ cgi/ entry/ 30004304/ ). Oxford English Dictionary Online. . Retrieved August 9, 2006. [6] "Phishing" (http:/ / itre. cis. upenn. edu/ ~myl/ languagelog/ archives/ 001477. html). Language Log, September 22, 2004. . Retrieved August 9, 2006. [7] Felix, Jerry and Hauck, Chris (September 1897). "System Security: A Hacker's Perspective". 1987 Interex Proceedings 1: 6. [8] ""phish, v." OED Online, March 2006, Oxford University Press." (http:/ / dictionary. oed. com/ cgi/ entry/ 30004303/ ). Oxford English Dictionary Online. . Retrieved August 9, 2006. [9] Ollmann, Gunter. "The Phishing Guide: Understanding and Preventing Phishing Attacks" (http:/ / www. technicalinfo. net/ papers/ Phishing. html). Technical Info. . Retrieved July 10, 2006. [10] "Phishing" (http:/ / www. wordspy. com/ words/ phishing. asp). Word Spy. . Retrieved September 28, 2006. [11] Stutz, Michael (January 29, 1998). "AOL: A Cracker's Paradise?" (http:/ / wired-vig. wired. com/ news/ technology/ 0,1282,9932,00. html). Wired News. . [12] "History of AOL Warez" (http:/ / www. rajuabju. com/ warezirc/ historyofaolwarez. htm). . Retrieved September 28, 2006. [13] "GP4.3 - Growth and Fraud — Case #3 - Phishing" (https:/ / financialcryptography. com/ mt/ archives/ 000609. html). Financial Cryptography. December 30, 2005. .

Phishing
[14] "In 2005, Organized Crime Will Back Phishers" (http:/ / itmanagement. earthweb. com/ secu/ article. php/ 3451501). IT Management. December 23, 2004. . [15] Abad, Christopher (September 2005). "The economy of phishing: A survey of the operations of the phishing market" (http:/ / firstmonday. org/ htbin/ cgiwrap/ bin/ ojs/ index. php/ fm/ article/ view/ 1272/ 1192). First Monday. . [16] "Suspicious e-Mails and Identity Theft" (http:/ / www. irs. gov/ newsroom/ article/ 0,,id=155682,00. html). Internal Revenue Service. . Retrieved July 5, 2006. [17] "Phishing for Clues" (http:/ / www. browser-recon. info/ ). Indiana University Bloomington. September 15, 2005. . [18] "What is spear phishing?" (http:/ / www. microsoft. com/ athome/ security/ email/ spear_phishing. mspx). Microsoft Security At Home. . Retrieved July 10, 2006. [19] Goodin, Dan (April 17, 2008). "Fake subpoenas harpoon 2,100 corporate fat cats" (http:/ / www. theregister. co. uk/ 2008/ 04/ 16/ whaling_expedition_continues/ . ). The Register. . [20] Kirk, Jeremy (June 2, 2006). "Phishing Scam Takes Aim at [[MySpace.com (http:/ / www. pcworld. com/ resource/ article/ 0,aid,125956,pg,1,RSS,RSS,00. asp)]"]. IDG Network. . [21] "Malicious Website / Malicious Code: MySpace XSS QuickTime Worm" (http:/ / web. archive. org/ web/ 20061205104430/ http:/ / www. websense. com/ securitylabs/ alerts/ alert. php?AlertID=708). Websense Security Labs. Archived from the original (http:/ / www. websense. com/ securitylabs/ alerts/ alert. php?AlertID=708) on December 5, 2006. . Retrieved December 5, 2006. [22] Tom Jagatic and Nathan Johnson and Markus Jakobsson and Filippo Menczer. "Social Phishing" (http:/ / www. indiana. edu/ ~phishing/ social-network-experiment/ phishing-preprint. pdf) (PDF). To appear in the CACM (October 2007). . Retrieved June 3, 2006. [23] "1-Click Hosting at RapidTec — Warning of Phishing!" (http:/ / web. archive. org/ web/ 20080430101024/ http:/ / rapidshare. de/ en/ phishing. html). Archived from the original (http:/ / rapidshare. de/ en/ phishing. html) on 2008-04-30. . Retrieved December 21, 2008. [24] "Torrent of spam likely to hit 6.3 million TD Ameritrade hack victims" (http:/ / www. webcitation. org/ 5gY2R1j1g). Archived from the original (http:/ / www. sophos. com/ pressoffice/ news/ articles/ 2007/ 09/ ameritrade. html) on 2009-05-05. . [25] Shadowy Russian Firm Seen as Conduit for [[Cybercrime (http:/ / www. washingtonpost. com/ wp-dyn/ content/ story/ 2007/ 10/ 12/ ST2007101202661. html?hpid=topnews)]], by Brian Krebs, Washington post, October 13, 2007 [26] Phishsos.Blogspot.com (http:/ / phishsos. blogspot. com/ 2010/ 01/ facebook-scam. html) [27] "Millersmiles Home Page" (http:/ / www. millersmiles. co. uk). Oxford Information Services. . Retrieved 2010-01-03. [28] "FraudWatch International Home Page" (http:/ / www. fraudwatchinternational. com). FraudWatch International. . Retrieved 2010-01-03. [29] HSBCUSA.com (http:/ / www. hsbcusa. com/ security/ recognize_fraud. html) [30] Berners-Lee, Tim. "Uniform Resource Locators (URL)" (http:/ / www. w3. org/ Addressing/ rfc1738. txt). IETF Network Working Group. . Retrieved January 28, 2006. [31] Microsoft. "A security update is available that modifies the default behavior of Internet Explorer for handling user information in HTTP and in HTTPS URLs" (http:/ / support. microsoft. com/ kb/ 834489). Microsoft Knowledgebase. . Retrieved August 28, 2005. [32] Fisher, Darin. "Warn when HTTP URL auth information isn't necessary or when it's provided" (https:/ / bugzilla. mozilla. org/ show_bug. cgi?id=232567). Bugzilla. . Retrieved August 28, 2005. [33] Johanson, Eric. "The State of Homograph Attacks Rev1.1" (http:/ / www. shmoo. com/ idn/ homograph. txt). The Shmoo Group. . Retrieved August 11, 2005. [34] Evgeniy Gabrilovich and Alex Gontmakher (February 2002). "The Homograph Attack" (http:/ / www. cs. technion. ac. il/ ~gabr/ papers/ homograph_full. pdf) (PDF). Communications of the ACM 45 (2): 128. . [35] Leyden, John (August 15, 2006). "Barclays scripting SNAFU exploited by phishers" (http:/ / www. theregister. co. uk/ 2006/ 08/ 15/ barclays_phish_scam/ ). The Register. . [36] Levine, Jason. "Goin' phishing with eBay" (http:/ / q. queso. com/ archives/ 001617). Q Daily News. . Retrieved December 14, 2006. [37] Leyden, John (December 12, 2007). "Cybercrooks lurk in shadows of big-name websites" (http:/ / www. theregister. co. uk/ 2007/ 12/ 12/ phishing_redirection/ ). The Register. . [38] Mutton, Paul. "Fraudsters seek to make phishing sites undetectable by content filters" (http:/ / news. netcraft. com/ archives/ 2005/ 05/ 12/ fraudsters_seek_to_make_phishing_sites_undetectable_by_content_filters. html). Netcraft. . Retrieved July 10, 2006. [39] Mutton, Paul. "Phishing Web Site Methods" (http:/ / www. fraudwatchinternational. com/ phishing-fraud/ phishing-web-site-methods/ ). FraudWatch International. . Retrieved December 14, 2006. [40] "Phishing con hijacks browser bar" (http:/ / news. bbc. co. uk/ 1/ hi/ technology/ 3608943. stm). BBC News. April 8, 2004. . [41] Krebs, Brian. "Flaws in Financial Sites Aid Scammers" (http:/ / blog. washingtonpost. com/ securityfix/ 2006/ 06/ flaws_in_financial_sites_aid_s. html). Security Fix. . Retrieved June 28, 2006. [42] Mutton, Paul. "PayPal Security Flaw allows Identity Theft" (http:/ / news. netcraft. com/ archives/ 2006/ 06/ 16/ paypal_security_flaw_allows_identity_theft. html). Netcraft. . Retrieved June 19, 2006. [43] Hoffman, Patrick (January 10, 2007). "RSA Catches Financial Phishing Kit" (http:/ / www. eweek. com/ article2/ 0,1895,2082039,00. asp). eWeek. . [44] Miller, Rich. "Phishing Attacks Continue to Grow in Sophistication" (http:/ / news. netcraft. com/ archives/ 2007/ 01/ 15/ phishing_attacks_continue_to_grow_in_sophistication. html). Netcraft. . Retrieved December 19, 2007. [45] Gonsalves, Antone (April 25, 2006). "Phishers Snare Victims With VoIP" (http:/ / www. techweb. com/ wire/ security/ 186701001). Techweb. .

70

Phishing
[46] "Identity thieves take advantage of VoIP" (http:/ / www. silicon. com/ research/ specialreports/ voip/ 0,3800004463,39128854,00. htm). Silicon.com. March 21, 2005. . [47] "Internet Banking Targeted Phishing Attack" (http:/ / www. met. police. uk/ fraudalert/ docs/ internet_bank_fraud. pdf). Metropolitan Police Service. 2005-06-03. . Retrieved 2009-03-22. [48] Kerstein, Paul (July 19, 2005). "How Can We Stop Phishing and Pharming Scams?" (http:/ / web. archive. org/ web/ 20080324080028/ http:/ / www. csoonline. com/ talkback/ 071905. html). CSO. Archived from the original (http:/ / www. csoonline. com/ talkback/ 071905. html) on 2008-03-24. . [49] McCall, Tom (December 17, 2007). "Gartner Survey Shows Phishing Attacks Escalated in 2007; More than $3 Billion Lost to These Attacks" (http:/ / www. gartner. com/ it/ page. jsp?id=565125). Gartner. . [50] "A Profitless Endeavor: Phishing as Tragedy of the Commons" (http:/ / research. microsoft. com/ ~cormac/ Papers/ PhishingAsTragedy. pdf) (PDF). Microsoft. . Retrieved November 15, 2008. [51] "UK phishing fraud losses double" (http:/ / www. finextra. com/ fullstory. asp?id=15013). Finextra. March 7, 2006. . [52] Richardson, Tim (May 3, 2005). "Brits fall prey to phishing" (http:/ / www. theregister. co. uk/ 2005/ 05/ 03/ aol_phishing/ ). The Register. . [53] Miller, Rich. "Bank, Customers Spar Over Phishing Losses" (http:/ / news. netcraft. com/ archives/ 2006/ 09/ 13/ bank_customers_spar_over_phishing_losses. html). Netcraft. . Retrieved December 14, 2006. [54] "Latest News" (http:/ / applications. boi. com/ updates/ Article?PR_ID=1430). . [55] "Bank of Ireland agrees to phishing refunds – vnunet.com" (http:/ / www. vnunet. com/ vnunet/ news/ 2163714/ bank-ireland-backtracks). . [56] Ponnurangam Kumaraguru, Yong Woo Rhee, Alessandro Acquisti, Lorrie Cranor, Jason Hong and Elizabeth Nunge (November 2006). "Protecting People from Phishing: The Design and Evaluation of an Embedded Training Email System" (http:/ / www. cylab. cmu. edu/ files/ cmucylab06017. pdf) (PDF). Technical Report CMU-CyLab-06-017, CyLab, Carnegie Mellon University.. . Retrieved November 14, 2006. [57] Bank, David (August 17, 2005). "'Spear Phishing' Tests Educate People About Online Scams" (http:/ / online. wsj. com/ public/ article/ 0,,SB112424042313615131-z_8jLB2WkfcVtgdAWf6LRh733sg_20060817,00. html?mod=blogs). The Wall Street Journal. . [58] "Anti-Phishing Tips You Should Not Follow" (http:/ / web. archive. org/ web/ 20080320035409/ http:/ / www. hexview. com/ sdp/ node/ 24). HexView. Archived from the original (http:/ / www. hexview. com/ sdp/ node/ 24) on 2008-03-20. . Retrieved June 19, 2006. [59] "Protect Yourself from Fraudulent Emails" (https:/ / www. paypal. com/ us/ cgi-bin/ webscr?cmd=_vdc-security-spoof-outside). PayPal. . Retrieved July 7, 2006. [60] Markus Jakobsson, Alex Tsow, Ankur Shah, Eli Blevis, Youn-kyung Lim.. "What Instills Trust? A Qualitative Study of Phishing." (http:/ / www. informatics. indiana. edu/ markus/ papers/ trust_USEC. pdf) (PDF). USEC '06. . [61] Zeltser, Lenny (March 17, 2006). "Phishing Messages May Include Highly-Personalized Information" (http:/ / isc. incidents. org/ diary. php?storyid=1194). The SANS Institute. . [62] Markus Jakobsson and Jacob Ratkiewicz. "Designing Ethical Phishing Experiments" (http:/ / www2006. org/ programme/ item. php?id=3533). WWW '06. . [63] Kawamoto, Dawn (August 4, 2005). "Faced with a rise in so-called pharming and crimeware attacks, the Anti-Phishing Working Group will expand its charter to include these emerging threats." (http:/ / www. zdnetindia. com/ news/ features/ stories/ 126569. html). ZDNet India. . [64] "Social networking site teaches insecure password practices" (http:/ / blog. anta. net/ 2008/ 11/ 09/ social-networking-site-teaches-insecure-password-practices/ ). blog.anta.net. 2008-11-09. ISSN 1797-1993. . Retrieved 2008-11-09. [65] Brandt, Andrew. "Privacy Watch: Protect Yourself With an Antiphishing Toolbar" (http:/ / www. pcworld. com/ article/ 125739-1/ article. html). PC World – Privacy Watch. . Retrieved September 25, 2006. [66] Jøsangm Audun and Pope, Simon. "User Centric Identity Management" (http:/ / www. unik. no/ people/ josang/ papers/ JP2005-AusCERT. pdf) (PDF). Proceedings of AusCERT 2005. . Retrieved 2008. [67] " Phishing - What it is and How it Will Eventually be Dealt With (http:/ / www. arraydev. com/ commerce/ jibc/ 2005-02/ jibc_phishing. HTM)" by Ian Grigg 2005 [68] " Brand matters (IE7, Skype, Vonage, Mozilla) (https:/ / financialcryptography. com/ mt/ archives/ 000645. html)" Ian Grigg [69] Franco, Rob. "Better Website Identification and Extended Validation Certificates in IE7 and Other Browsers" (http:/ / blogs. msdn. com/ ie/ archive/ 2005/ 11/ 21/ 495507. aspx). IEBlog. . Retrieved May 20, 2006. [70] "Bon Echo Anti-Phishing" (http:/ / www. mozilla. org/ projects/ bonecho/ anti-phishing/ ). Mozilla. . Retrieved June 2, 2006. [71] "Safari 3.2 finally gains phishing protection" (http:/ / arstechnica. com/ journals/ apple. ars/ 2008/ 11/ 13/ safari-3-2-finally-gains-phishing-protection). Ars Technica. November 13, 2008. . Retrieved November 15, 2008. [72] "Gone Phishing: Evaluating Anti-Phishing Tools for Windows" (http:/ / web. archive. org/ web/ 20080114211315/ http:/ / www. 3sharp. com/ projects/ antiphish/ index. htm). 3Sharp. September 27, 2006. Archived from the original (http:/ / www. 3sharp. com/ projects/ antiphish/ index. htm) on 2008-01-14. . Retrieved 2006-10-20. [73] "Two Things That Bother Me About Google’s New Firefox Extension" (http:/ / www. oreillynet. com/ onlamp/ blog/ 2005/ 12/ two_things_that_bother_me_abou. html). Nitesh Dhanjani on O'Reilly ONLamp. . Retrieved July 1, 2007. [74] "Firefox 2 Phishing Protection Effectiveness Testing" (http:/ / www. mozilla. org/ security/ phishing-test. html). . Retrieved January 23, 2007. [75] Higgins, Kelly Jackson. "DNS Gets Anti-Phishing Hook" (http:/ / www. darkreading. com/ document. asp?doc_id=99089& WT. svl=news1_1). Dark Reading. . Retrieved October 8, 2006. [76] Krebs, Brian (August 31, 2006). "Using Images to Fight Phishing" (http:/ / blog. washingtonpost. com/ securityfix/ 2006/ 08/ using_images_to_fight_phishing. html). Security Fix. .

71

Phishing
[77] Seltzer, Larry (August 2, 2004). "Spotting Phish and Phighting Back" (http:/ / www. eweek. com/ article2/ 0,1759,1630161,00. asp). eWeek. . [78] Bank of America. "How Bank of America SiteKey Works For Online Banking Security" (http:/ / www. bankofamerica. com/ privacy/ sitekey/ ). . Retrieved January 23, 2007. [79] Brubaker, Bill (July 14, 2005). "Bank of America Personalizes Cyber-Security" (http:/ / www. washingtonpost. com/ wp-dyn/ content/ article/ 2005/ 07/ 13/ AR2005071302181. html). Washington Post. . [80] Stone, Brad (February 5, 2007). "Study Finds Web Antifraud Measure Ineffective" (http:/ / www. nytimes. com/ 2007/ 02/ 05/ technology/ 05secure. html?ex=1328331600& en=295ec5d0994b0755& ei=5090& partner=rssuserland& emc=rss). New York Times. . Retrieved February 5, 2007. [81] Stuart Schechter, Rachna Dhamija, Andy Ozment, Ian Fischer (May 2007). "The Emperor's New Security Indicators: An evaluation of website authentication and the effect of role playing on usability studies" (http:/ / web. archive. org/ web/ 20080406062148/ http:/ / www. deas. harvard. edu/ ~rachna/ papers/ emperor-security-indicators-bank-sitekey-phishing-study. pdf) (PDF). IEEE Symposium on Security and Privacy, May 2007. Archived from the original (http:/ / www. deas. harvard. edu/ ~rachna/ papers/ emperor-security-indicators-bank-sitekey-phishing-study. pdf) on 2008-04-06. . Retrieved February 5, 2007. [82] "Phishers target Nordea's one-time password system" (http:/ / www. finextra. com/ fullstory. asp?id=14384). Finextra. October 12, 2005. . [83] Krebs, Brian (July 10, 2006). "Citibank Phish Spoofs 2-Factor Authentication" (http:/ / blog. washingtonpost. com/ securityfix/ 2006/ 07/ citibank_phish_spoofs_2factor_1. html). Security Fix. . [84] Graham Titterington. "More doom on phishing" (http:/ / www. ovum. com/ news/ euronews. asp?id=4166). Ovum Research, April 2006. . [85] Schneier, Bruce. "Security Skins" (http:/ / www. schneier. com/ blog/ archives/ 2005/ 07/ security_skins. html). Schneier on Security. . Retrieved December 3, 2006. [86] Rachna Dhamija, J.D. Tygar (July 2005). "The Battle Against Phishing: Dynamic Security Skins" (http:/ / web. archive. org/ web/ 20080406062148/ http:/ / people. deas. harvard. edu/ ~rachna/ papers/ securityskins. pdf) (PDF). Symposium On Usable Privacy and Security (SOUPS) 2005. Archived from the original (http:/ / people. deas. harvard. edu/ ~rachna/ papers/ securityskins. pdf) on 2008-04-06. . Retrieved February 5, 2007. [87] http:/ / www. confidenttechnologies. com/ products/ anti-phishing [88] Madhusudhanan Chandrasekaran, Krishnan Narayanan, Shambhu Upadhyaya (March 2006). "Phishing E-mail Detection Based on Structural Properties" (http:/ / web. archive. org/ web/ 20080216101637/ http:/ / www. albany. edu/ iasymposium/ 2006/ chandrasekaran. pdf) (PDF). NYS Cyber Security Symposium. Archived from the original (http:/ / www. albany. edu/ iasymposium/ 2006/ chandrasekaran. pdf) on 2008-02-16. . [89] Ian Fette, Norman Sadeh, Anthony Tomasic (June 2006). "Learning to Detect Phishing Emails" (http:/ / reports-archive. adm. cs. cmu. edu/ anon/ isri2006/ CMU-ISRI-06-112. pdf) (PDF). Carnegie Mellon University Technical Report CMU-ISRI-06-112. . [90] "Anti-Phishing Working Group: Vendor Solutions" (http:/ / www. antiphishing. org/ solutions. html#takedown). Anti-Phishing Working Group. . Retrieved July 6, 2006. [91] McMillan, Robert (March 28, 2006). "New sites let users find and report phishing" (http:/ / www. linuxworld. com. au/ index. php/ id;1075406575;fp;2;fpid;1. ). LinuxWorld. . [92] Schneier, Bruce (2006-10-05). "PhishTank" (http:/ / www. schneier. com/ blog/ archives/ 2006/ 10/ phishtank. html). Schneier on Security. . Retrieved 2007-12-07. [93] "Phone Phishing" (http:/ / phonephishing. info). Phone Phishing. . Retrieved Feb 25, 2009. [94] "Federal Trade Commission" (http:/ / www. ftc. gov/ phonefraud). Federal Trade Commission. . Retrieved Mar 6, 2009. [95] Legon, Jeordan (January 26, 2004). "'Phishing' scams reel in your identity" (http:/ / www. cnn. com/ 2003/ TECH/ internet/ 07/ 21/ phishing. scam/ index. html). CNN. . [96] Leyden, John (March 21, 2005). "Brazilian cops net 'phishing kingpin'" (http:/ / www. channelregister. co. uk/ 2005/ 03/ 21/ brazil_phishing_arrest/ ). The Register. . [97] Roberts, Paul (June 27, 2005). "UK Phishers Caught, Packed Away" (http:/ / www. eweek. com/ article2/ 0,1895,1831960,00. asp). eWEEK. . [98] "Nineteen Individuals Indicted in Internet 'Carding' Conspiracy" (http:/ / www. cybercrime. gov/ mantovaniIndict. htm). . Retrieved November 20, 2005. [99] "8 held over suspected phishing fraud". The Daily Yomiuri. May 31, 2006. [100] "Phishing gang arrested in USA and Eastern Europe after FBI investigation" (http:/ / www. sophos. com/ pressoffice/ news/ articles/ 2006/ 11/ phishing-arrests. html). . Retrieved December 14, 2006. [101] "Phishers Would Face 5 Years Under New Bill" (http:/ / informationweek. com/ story/ showArticle. jhtml?articleID=60404811). Information Week. March 2, 2005. . [102] "Fraud Act 2006" (http:/ / www. opsi. gov. uk/ ACTS/ en2006/ 2006en35. htm). . Retrieved December 14, 2006. [103] "Prison terms for phishing fraudsters" (http:/ / www. theregister. co. uk/ 2006/ 11/ 14/ fraud_act_outlaws_phishing/ ). The Register. November 14, 2006. . [104] "Microsoft Partners with Australian Law Enforcement Agencies to Combat Cyber Crime" (http:/ / web. archive. org/ web/ 20051103190357/ http:/ / www. microsoft. com/ australia/ presspass/ news/ pressreleases/ cybercrime_31_3_05. aspx). Archived from the original (http:/ / www. microsoft. com/ australia/ presspass/ news/ pressreleases/ cybercrime_31_3_05. aspx) on November 3, 2005. . Retrieved August 24, 2005.

72

Phishing
[105] Espiner, Tom (March 20, 2006). "Microsoft launches legal assault on phishers" (http:/ / news. zdnet. co. uk/ 0,39020330,39258528,00. htm). ZDNet. . [106] Leyden, John (November 23, 2006). "MS reels in a few stray phish" (http:/ / www. theregister. co. uk/ 2006/ 11/ 23/ ms_anti-phishing_campaign_update/ ). The Register. . [107] "A History of Leadership - 2006" (http:/ / web. archive. org/ web/ 20070522231137/ http:/ / www. corp. aol. com/ whoweare/ history/ 2006. shtml). Archived from the original (http:/ / corp. aol. com/ whoweare/ history/ 2006. shtml) on 2007-05-22. . [108] "AOL Takes Fight Against Identity Theft To Court, Files Lawsuits Against Three Major Phishing Gangs" (http:/ / web. archive. org/ web/ 20070131204118/ http:/ / media. aoltimewarner. com/ media/ newmedia/ cb_press_view. cfm?release_num=55254535). Archived from the original (http:/ / media. aoltimewarner. com/ media/ newmedia/ cb_press_view. cfm?release_num=55254535) on 2007-01-31. . Retrieved March 8, 2006. [109] "HB 2471 Computer Crimes Act; changes in provisions, penalty." (http:/ / leg1. state. va. us/ cgi-bin/ legp504. exe?051+ sum+ HB2471). . Retrieved March 8, 2006. [110] Brulliard, Karin (April 10, 2005). "Va. Lawmakers Aim to Hook Cyberscammers" (http:/ / www. washingtonpost. com/ wp-dyn/ articles/ A40578-2005Apr9. html). Washington Post. . [111] "Earthlink evidence helps slam the door on phisher site spam ring" (http:/ / web. archive. org/ web/ 20070705211932/ http:/ / www. earthlink. net/ about/ press/ pr_phishersite/ ). Archived from the original (http:/ / www. earthlink. net/ about/ press/ pr_phishersite/ ) on 2007-07-05. . Retrieved December 14, 2006. [112] Prince, Brian (January 18, 2007). "Man Found Guilty of Targeting AOL Customers in Phishing Scam" (http:/ / www. pcmag. com/ article2/ 0,1895,2085183,00. asp). PCMag.com. . [113] Leyden, John (January 17, 2007). "AOL phishing fraudster found guilty" (http:/ / www. theregister. co. uk/ 2007/ 01/ 17/ aol_phishing_fraudster/ ). The Register. . [114] Leyden, John (June 13, 2007). "AOL phisher nets six years' imprisonment" (http:/ / www. theregister. co. uk/ 2007/ 06/ 13/ aol_fraudster_jailed/ ). The Register. . [115] Gaudin, Sharon (June 12, 2007). "California Man Gets 6-Year Sentence For Phishing" (http:/ / www. informationweek. com/ story/ showArticle. jhtml?articleID=199903450). InformationWeek. .

73

External links
• Anti-Phishing Working Group (http://www.antiphishing.org/) • Center for Identity Management and Information Protection (http://www.utica.edu/academic/institutes/cimip/ ) – Utica College • How the bad guys actually operate (http://ha.ckers.org/blog/20060609/how-phishing-actually-works/) – Ha.ckers.org Application Security Lab • Plugging the "phishing" hole: legislation versus technology (http://www.law.duke.edu/journals/dltr/articles/ 2005dltr0006.html) – Duke Law & Technology Review • Know Your Enemy: Phishing (http://www.honeynet.org/papers/phishing/) – Honeynet project case study • Banking Scam Revealed (http://www.securityfocus.com/infocus/1745) – forensic examination of a phishing attack on SecurityFocus • The Phishing Guide: Understanding and Preventing Phishing Attacks (http://www.technicalinfo.net/papers/ Phishing.html) – TechnicalInfo.net • A Profitless Endeavor: Phishing as Tragedy of the Commons (http://research.microsoft.com/en-us/um/people/ cormac/Papers/PhishingAsTragedy.pdf) – Microsoft Corporation • Database for information on phishing sites reported by the public (http://www.phishtank.com/) - PhishTank • The Impact of Incentives on Notice and Take-down (http://www.cl.cam.ac.uk/~rnc1/takedown.pdf) − Computer Laboratory, University of Cambridge (PDF, 344 kB) • One Gang Responsible For Most Phishing Attacks - InternetNews.com (http://www.internetnews.com/ security/article.php/3882136/One+Gang+Responsible+For+Most+Phishing+Attacks.htm)

Penetration test

74

Penetration test
A penetration test, occasionally pentest, is a method of evaluating the security of a computer system or network by simulating an attack from a malicious source, known as a Black Hat Hacker, or Cracker. The process involves an active analysis of the system for any potential vulnerabilities that could result from poor or improper system configuration, both known and unknown hardware or software flaws, or operational weaknesses in process or technical countermeasures. This analysis is carried out from the position of a potential attacker and can involve active exploitation of security vulnerabilities. Any security issues that are found will be presented to the system owner, together with an assessment of their impact, and often with a proposal for mitigation or a technical solution. The intent of a penetration test is to determine the feasibility of an attack and the amount of business impact of a successful exploit, if discovered. It is a component of a full security audit. For example, the Payment Card Industry Data Security Standard (PCI DSS), and security and auditing standard, requires both annual and ongoing penetration testing (after system changes).

Black box vs. White box
Penetration tests can be conducted in several ways. The most common difference is the amount of knowledge of the implementation details of the system being tested that are available to the testers. Black box testing assumes no prior knowledge of the infrastructure to be tested. The testers must first determine the location and extent of the systems before commencing their analysis. At the other end of the spectrum, white box testing provides the testers with complete knowledge of the infrastructure to be tested, often including network diagrams, source code, and IP addressing information. There are also several variations in between, often known as grey box tests. Penetration tests can also be described as "full disclosure" (white box), "partial disclosure" (grey box), or "blind" (black box) tests based on the amount of information provided to the testing party. The relative merits of these approaches are debated. Black box testing simulates an attack from someone who is unfamiliar with the system. White box testing simulates what might happen during an "inside job" or after a "leak" of sensitive information, where the attacker has access to source code, network layouts, and possibly even some passwords. The services offered by penetration testing firms span a similar range, from a simple scan of an organization's IP address space for open ports and identification banners to a full audit of source code for an application.

Rationale
A penetration test should be carried out on any computer system that is to be deployed in a hostile environment, in particular any Internet facing site, before it is deployed. This provides a level of practical assurance that any malicious user will not be able to penetrate the system. Black box penetration testing is useful in the cases where the tester assumes the role of an outside hacker and tries to intrude into the system without adequate knowledge of it.

Risks
Penetration testing can be an invaluable technique to any organization's information security program. Basic white box penetration testing is often done as a fully automated inexpensive process. However, black box penetration testing is a labor-intensive activity and requires expertise to minimize the risk to targeted systems. At a minimum, it may slow the organization's networks response time due to network scanning and vulnerability scanning. Furthermore, the possibility exists that systems may be damaged in the course of penetration testing and may be rendered inoperable, even though the organization benefits in knowing that the system could have been rendered

Penetration test inoperable by an intruder. Although this risk is mitigated by the use of experienced penetration testers, it can never be fully eliminated.

75

Methodologies
The Open Source Security Testing Methodology Manual is a peer-reviewed methodology for performing security tests and metrics. The OSSTMM test cases are divided into five channels which collectively test: information and data controls, personnel security awareness levels, fraud and social engineering control levels, computer and telecommunications networks, wireless devices, mobile devices, physical security access controls, security processes, and physical locations such as buildings, perimeters, and military bases. The OSSTMM focuses on the technical details of exactly which items need to be tested, what to do before, during, and after a security test, and how to measure the results. OSSTMM is also known for its Rules of Engagement which define for both the tester and the client how the test needs to properly run starting from denying false advertising from testers to how the client can expect to receive the report. New tests for international best practices, laws, regulations, and ethical concerns are regularly added and updated. The National Institute of Standards and Technology (NIST) discusses penetration testing in SP800-115.[1] [2] NIST's methodology is less comprehensive than the OSSTMM; however, it is more likely to be accepted by regulatory agencies. For this reason, NIST refers to the OSSTMM. The Information Systems Security Assessment Framework (ISSAF) is a peer reviewed structured framework from the Open Information Systems Security Group that categorizes information system security assessment into various domains and details specific evaluation or testing criteria for each of these domains. It aims to provide field inputs on security assessment that reflect real life scenarios. The ISSAF should primarily be used to fulfill an organization's security assessment requirements and may additionally be used as a reference for meeting other information security needs. It includes the crucial facet of security processes and, their assessment and hardening to get a complete picture of the vulnerabilities that might exist. The ISSAF, however, is still in its infancy.

Standards and certification
The process of carrying out a penetration test can reveal sensitive information about an organization. It is for this reason that most security firms are at pains to show that they do not employ ex-black hat hackers and that all employees adhere to a strict ethical code. There are several professional and government certifications that indicate the firm's trustworthiness and conformance to industry best practice. The Council of Registered Ethical Security Testers (CREST) is a non-profit association created to provide recognised standards and professionalism for the penetration testing industry.[3] For organisations, CREST provides a provable validation of security testing methodologies and practices, aiding with client engagement and procurement processes and proving that the member company is able to provide testing services to the CREST standard. Three certifications are currently offered: the CREST Registered Tester and two CREST Certified Tester qualifications, one for infrastructure and one for application testing.[4] The Information Assurance Certification Review Board (IACRB) manages a penetration testing certification known as the Certified Penetration Tester (CPT). The CPT requires that the exam candidate pass a traditional multiple choice exam, as well as pass a practical exam that requires the candidate to perform a penetration test against live servers. SANS provides a wide range of computer security training arena leading to a number of SANS qualifications. In 1999, SANS founded GIAC, the Global Information Assurance Certification, which according to SANS has been undertaken by over 20,000 members to date.[5] Two of the GIAC certifications are penetration testing specific: the GIAC Certified Penetration Tester (GPEN) certification; and the GIAC Web Application Penetration Tester (GWAPT) certification.

Penetration test Offensive Security offers an Ethical Hacking certification (Offensive Security Certified Professional) - a training spin off of the BackTrack Penetration Testing distribution. The OSCP is a real-life penetration testing certification, requiring holders to successfully attack and penetrate various live machines in a safe lab environment. Upon completion of the course students become eligible to take a certification challenge, which has to be completed within twenty-four hours. Documentation must include procedures used and proof of successful penetration including special marker files. Government-backed testing also exists in the US with standards such as the NSA Infrastructure Evaluation Methodology (IEM). For web applications, the Open Web Application Security Project (OWASP) provides a framework of recommendations that can be used as a benchmark. The Tiger Scheme offers two certifications: Qualified Tester (QST) and Senior Security Tester (SST). The SST is technically equivalent to CHECK Team Leader and QST is technically equivalent to the CHECK Team Member certification[6] . Tiger Scheme certifies the individual, not the company. The International Council of E-Commerce consultants certifies individuals in various e-business and information security skills. These include the Certified Ethical Hacker course, Computer Hacking Forensics Investigator program, Licensed Penetration Tester program and various other programs, which are widely available worldwide.

76

Web application penetration testing
Web application penetration testing refers to a set of services used to detect various security issues with web applications and identify vulnerabilities and risks, including: • Known vulnerabilities in COTS applications • Technical vulnerabilities: URL manipulation, SQL injection, cross-site scripting, back-end authentication, password in memory, session hijacking, buffer overflow, web server configuration, credential management, Clickjacking, etc, • Business logic errors: Day-to-Day threat analysis, unauthorized logins, personal information modification, pricelist modification, unauthorized funds transfer, breach of customer trust etc. OWASP, the Open Web Application Security Project, an open source web application security documentation project, has produced documents such as the OWASP Guide [7] and the widely adopted OWASP Top 10 [8] awareness document. The Firefox browser is a popular web application penetration testing tool, with many plugins [9] specifically designed for web application penetration testing. Damn vulnerable web app otherwise known as DVWA [10] is an open source web application which has been made to be vulnerable so that security professionals and students can learn more about web application security. Foundstone's Hacme Bank [11] simulates a banking application. It helps developers and auditors practice web application attacks, including input validation flaws such as SQL injection and Cross Site Scripting (XSS).

Penetration test

77

References
[1] Special Publication 800-42, Guideline on Network Security Testing (http:/ / csrc. nist. gov/ publications/ nistpubs/ 800-42/ NIST-SP800-42. pdf) [2] Special Publication 800-115, Technical Guide to Information Security Testing and Assessment, September 2008 (replaces SP800-42) (http:/ / csrc. nist. gov/ publications/ nistpubs/ 800-115/ SP800-115. pdf) [3] "Infosec 2008: UK association of penetration testers launched" (http:/ / www. computerweekly. com/ Articles/ 2008/ 04/ 24/ 230417/ infosec-2008-uk-association-of-penetration-testers. htm). Computer Weekly. 2008-04-24. . Retrieved 2008-08-16. [4] King, Leo (2008-04-24). "Security testing standards council launched" (http:/ / www. computerworlduk. com/ management/ security/ cybercrime/ news/ index. cfm?newsid=8730). Computerworld UK. . Retrieved 2008-08-16. [5] http:/ / www. sans. org/ why_certify. php SANS Institute [6] http:/ / www. cesg. gov. uk/ products_services/ iacs/ check/ index. shtml [7] http:/ / www. owasp. org/ index. php/ OWASP_Guide_Project [8] http:/ / www. owasp. org/ index. php/ OWASP_Top_Ten_Project [9] https:/ / addons. mozilla. org/ en-US/ firefox/ collection/ webappsec [10] http:/ / www. dvwa. co. uk/ [11] http:/ / www. foundstone. com/ us/ resources/ proddesc/ hacmebank. htm

• Johnny Long; Google Hacking for Penetration Testers, Syngress, 2007. ISBN 978-1597491761 • Stuart McClure; Hacking Exposed: Network Security Secrets and Solutions, McGraw-Hill, 2009. ISBN 978-0071613743

External links
• List of Network Penetration Testing software (https://mosaicsecurity.com/categories/ 27-network-penetration-testing), Mosaic Security Research

Physical information security
Physical information security is concerned with physically protecting data and means to access that data (apart from protecting it electronically). Many individuals and companies place importance in protecting their information from a software and/or network perspective, but fewer devote resources to protecting data physically. However, physical attacks to acquire sensitive information do frequently occur. Sometimes these attacks are considered a type of social engineering.

Background
Many individuals and companies consider it important to protect their information for a variety of reasons, including financial, competitive, and privacy-related purposes. People who wish to obtain this information may be computer crackers, corporate spies, or other malicious individuals. This information may be directly beneficial to them, such as industrial secrets or credit card numbers. It may also be indirectly beneficial to them. For example, computer passwords do not have inherent value. However, they provide computer system access that may be used to get other information or to disable a person/company electronically. Sometimes these malicious individuals use electronic means or social engineering to gain information. However, sometimes they use direct physical attacks.

Physical information security

78

Examples of physical attacks to obtain information
There are several ways to obtain information through physical attacks or exploitations. A few examples are described below.

Dumpster diving
Dumpster diving is the practice of searching through the trash of an individual or business in attempt to obtain something useful. In the realm of information security, this frequently means looking for documents containing sensitive information. However, as more and more information is being stored electronically, it is becoming increasingly useful to those seeking information through this means to search for computer disks or other computer hardware which may contain data. Sometimes this data can be restored to provide a wealth of information.

Overt document stealing
Sometimes attackers will simply go into a building and take the information they need. Frequently when using this strategy, an attacker will masquerade as someone who belongs in the situation. The thief may pose as a copy room employee, remove a document from someone's desk, copy the document, replace the original, and leave with the copied document. Alternatively, the individual may pose as a janitor, systematically collecting information and "throwing it away." The individual may then be able to walk right out of the building with a trash bag containing documents that were left out in the open or a sticky note which had been left in a partially open desk drawer on which a user had written his/her passwords.[1]

Common Physical Information Security Practices
There are many practices commonly used to decrease the possibility of success for these kind of attacks. Document shredding has become common, and the practice is still growing. Also electronic storage media are often prepared for disposal by purging, which erases files which may have been "deleted" by an operating system but never overwritten with other data. Many choose to restrict access to areas where information is kept to those possessing a proper identification badge and/or other form of authorization. This attempts both to decrease the ease with which someone could access documents and to decrease the possibility of someone physically tampering with computer equipment. Along the same lines, many companies train their employees to physically protect documents and other sources of sensitive information on an individual level by locking the information in a file cabinet or by some other means. Also, companies request that employees memorize their passwords rather than writing them down as the paper with the password could be seen or stolen.

References
[1] Granger, Sarah (2001-12-18). "Social Engineering Fundamentals, Part I: Hacker Tactics" (http:/ / www. securityfocus. com/ infocus/ 1527). Security Focus. . Retrieved 2006-08-27.

External links
• Social Engineering Fundamentals (http://www.securityfocus.com/infocus/1527)

SMiShing

79

SMiShing
In computing, Smishing is a form of criminal activity using social engineering techniques similar to phishing. The name is derived from "SMs phISHING". SMS (Short Message Service) is the technology used for text messages on cell phones. Similar to phishing, smishing uses cell phone text messages to deliver the "bait" to get you to divulge your personal information. The "hook" (the method used to actually "capture" your information) in the text message may be a web site URL, however it has become more common to see a phone number that connects to automated voice response system. The smishing message usually contains something that wants your "immediate attention", some examples include "We’re confirming you've signed up for our dating service. You will be charged $2/day unless you cancel your order on this URL: www.?????.com."; "(Name of popular online bank) is confirming that you have purchase a $1500 computer from (name of popular computer company). Visit www.?????.com if you did not make this online purchase"; and "(Name of a financial institution): Your account has been suspended. Call ###.###.#### immediately to reactivate". The "hook" will be a legitimate looking web site that asks you to "confirm" (enter) your personal financial information, such as your credit/debit card number, CVV code (on the back of your credit card), your ATM card PIN, SSN, email address, and other personal information. If the "hook" is a phone number, it normally directs to a legitimate sounding automated voice response system, similar to the voice response systems used by many financial institutions, which will ask for the same personal information. This is an example of a (complete) smishing message in current circulation: "Notice - this is an automated message from (a local credit union), your ATM card has been suspended. To reactivate call urgent at 866-###-####." In many cases, the smishing message will show that it came from "5000" instead of displaying an actual phone number. This usually indicates the SMS message was sent via email to the cell phone, and not sent from another cell phone. This information is then used to create duplicate credit/debit/ATM cards. There are documented cases where information entered on a fraudulent web site (used in a phishing, smishing, or vishing attack) was used to create a credit or debit card that was used halfway around the world, within 30 minutes.

External links
• Smishing article at ConsumerAffairs.com (http://www.consumeraffairs.com/news04/2006/11/smishing. html) • Smishing advice from Get Safe Online (http://www.getsafeonlineblog.org/?p=118)

Vishing

80

Vishing
Vishing is the criminal practice of using social engineering over the telephone system, most often using features facilitated by Voice over IP (VoIP), to gain access to private personal and financial information from the public for the purpose of financial reward. The term is a combination of "voice" and phishing. Vishing exploits the public's trust in landline telephone services, which have traditionally terminated in physical locations known to the telephone company, and associated with a bill-payer. The victim is often unaware that VoIP makes formerly difficult-to-abuse tools/features of caller ID spoofing, complex automated systems (IVR), low cost, and anonymity for the bill-payer widely available. Vishing is typically used to steal credit card numbers or other information used in identity theft schemes from individuals. Vishing is very hard for legal authorities to monitor or trace. To protect themselves, consumers are advised to be highly suspicious when receiving messages directing them to call and provide credit card or bank numbers. Rather than provide any information, if speaking to a human ask them for an incident number and then hang up. Then place a call to the number printed on your credit card or billing statement from a telephone number the bank has on file, usually your home land line. While consumer caller id is trivial to fake the bank's call center gets much more reliable billing information provided by trunked 1-800 service and thus both parties have high confidence the other party is who they claim to be. There is technology that monitors all public switched telephone network (PSTN)-based traffic and can identify vishing attempts as a result of patterns and anomalies in call activity. One example is a multiple calls from a limited set of skype numbers to call centers.

Example
1. The criminal either configures a war dialer to call phone numbers in a given region or accesses a legitimate voice messaging company with a list of phone numbers stolen from a financial institution. 2. Typically, when the victim answers the call, an automated recording, often generated with a text to speech synthesizer, is played to alert the consumer that their credit card has had fraudulent activity or that their bank account has had unusual activity. The message instructs the consumer to call the following phone number immediately. The same phone number is often shown in the spoofed caller ID and given the same name as the financial company they are pretending to represent. 3. When the victim calls the number, it is answered by automated instructions to enter their credit card number or bank account number on the key pad. 4. Once the consumer enters their credit card number or bank account number, the visher has the information necessary to make fraudulent use of the card or to access the account. 5. The call is often used to harvest additional details such as security PIN, expiration date, date of birth, etc. Although the use of automated responders and war dialers is preferred by the vishers, there have been reported cases where human operators play an active role in these scams, trying to persuade the victims. According to a study [1] conducted during 2009 on data collected from United States customers, the most recurrent words used in automated, recorded scams are different from those leveraged by human scammers. For instance, it is very frequent that automated voices contain words such as "press" (a button) or "number", while humans typically resort to more complex social engineering techniques. (In a common variation, an email "phish" is sent instead of war-dialing - the victim is instructed to call the following phone number immediately and credit card or bank account information is gathered) Another variation encourages a victim to install Scareware on an unrelated computer system at the same address as the Phone connection.

Vishing

81

External links
• • • • • • vnunet.com story: Cyber-criminals switch to VoIP 'vishing' [2] BBC News story: Criminals exploit net phone calls [3] The Paper PC: Messaging Security 2006: Vishing: The Next Big Cyber Headache? [4] The Register: FBI warns over "alarming" rise in american "vishing" [5] Phone Phishing: Phone Phishing - The First Phone Phishing and Scams Report Site [6] Anti Vishing: Anti-Vishing Video featuring excerpt from BBC Watchdog program [7]

References
[1] Federico Maggi (Are the con artists back? A preliminary analysis of modern phone frauds). IEEE Computer Society. ed. Proceedings of the 10th IEEE International Conference on Computer and Information Technology (CIT 2010) (Bradford, UK). http:/ / home. dei. polimi. it/ fmaggi/ downloads/ publications/ 2010_maggi_vishing. pdf. [2] http:/ / www. vnunet. com/ vnunet/ news/ 2160004/ cyber-criminals-talk-voip [3] http:/ / news. bbc. co. uk/ 1/ hi/ technology/ 5187518. stm [4] http:/ / paperpc. blogspot. com/ 2006/ 10/ messaging-security-2006-vishing-next. html [5] http:/ / www. theregister. co. uk/ 2008/ 01/ 21/ fbi_vishing_warning/ [6] http:/ / phonephishing. info [7] http:/ / www. youtube. com/ watch?v=4CKagCrX_XI

Moving scam
The moving industry in the United States was deregulated with the Household Goods Transportation Act of 1980. This act allowed interstate movers to issue binding or fixed estimates for the first time. Doing so opened the door to hundreds of new moving companies to enter the industry. This lead to an increase in competition and soon movers were no longer competing on services but on price. As competition drove prices lower and decreased what were already slim profit margins, "rogue" movers began hijacking personal property as part of a new scam. There are many versions to the moving scam but the basic scam takes place as follows. A prospective client contacts a moving company and requests a cost estimate. In today's market this often happens online via moving directories or brokers, or phone calls. These moving brokers are salesmen prone to quoting sometimes low, but usually reasonable prices with no room for the movers to provide a quality service. Once the rogue "moving company" has secured a move by providing a non-binding estimate, they arrive to pack and deliver the goods. Often the scam movers use deceptive pricing or weight measurements including prices based on the gross weight of the moving vehicle. After packing and loading, the client is informed that their goods went over the expected weight estimate and the additional weight will be charged at a substantially higher rate (often double the original price per pound). Rogue movers will not inform a client of these discrepancies until the client's goods have been weighed at a certifiable scale, far from the clients original pickup location. The new price may be four or five times higher than the original estimate. The scam movers know that most people will be forced to pay these exorbitant rates based on their need for the personal effects. The interstate moving industry in America is regulated by the Federal Motor Carrier Safety Administration (FMCSA), part of the U.S. Department of Transportation. Only a small staff (fewer than 20 people) is available to patrol hundreds of moving companies, making enforcement difficult. Before moving, always check with the DOT/FMCSA to verify that your mover is licensed and insured. This information is made available on their website. A moving resource provided by the FMCSA, called 'Your Rights And Responsibilities When You Move' is made available to citizens free of charge via request and goes into great depth of the topic and moving in general.

Moving scam

82

External links
• Protect Your Move [1] - a US government Web site on interstate moving regulations • American Moving & Storage Association [2] - provides consumer guidance when hiring a professional mover

References
[1] http:/ / www. protectyourmove. gov [2] http:/ / www. moving. org

List of confidence tricks
This list of confidence tricks and scams should not be considered complete, but covers the most common examples. Confidence tricks and scams are difficult to classify, because they change often and often contain elements of more than one type. Throughout this list, the perpetrator of the confidence trick is called the “con artist” or simply “artist”, and the intended victim is the “mark”.

Get-rich-quick schemes
Get-rich-quick schemes are extremely varied; these include fake franchises, real estate “sure things”, get-rich-quick books, wealth-building seminars, self-help gurus, sure-fire inventions, useless products, chain letters, fortune tellers, quack doctors, miracle pharmaceuticals, Nigerian money scams, and charms and talismans. Variations include the pyramid scheme, the Ponzi scheme, and the Matrix sale. Count Victor Lustig sold the “money-printing machine” which could copy $100 bills. The client, sensing huge profits, would buy the machines for a high price (usually over $30,000). Over the next twelve hours, the machine would produce just two more $100 bills, but after that it produced only blank paper, as its supply of hidden $100 bills would have become exhausted. This type of scheme is also called the “money box” scheme.

Salting
Salting or “salting the mine” are terms for a scam in which gemstones or gold ore are planted in a mine or on the landscape, duping the greedy mark into purchasing shares in a worthless or non-existent mining company.[1] During gold rushes, scammers would load shotguns with gold dust and shoot into the sides of the mine to give the appearance of a rich ore, thus “salting the mine”. Examples include the diamond hoax of 1872 and the Bre-X gold fraud of the mid-1990s. This trick was popularized in the HBO series Deadwood, when Al Swearingen and E. B. Farnum trick Brom Garret into believing gold is to be found on the claim Swearingen intends to sell him.

Spanish Prisoner
The Spanish Prisoner scam—and its modern variant, the advance-fee fraud or “Nigerian scam”—take advantage of the victim’s greed. The basic premise involves enlisting the mark to aid in retrieving some stolen money from its hiding place. The victim sometimes believes they can cheat the con artists out of their money, but anyone trying this has already fallen for the essential con by believing that the money is there to steal (see also Black money scam). Note that the classic Spanish Prisoner trick also contains an element of the romance scam (see below). Many conmen employ extra tricks to keep the victim from going to the police. A common ploy of investment scammers is to encourage a mark to use money concealed from tax authorities. The mark cannot go to the authorities without revealing that they have committed tax fraud. Many swindles involve a minor element of crime or some other misdeed. The mark is made to think that they will gain money by helping fraudsters get huge sums out of a country (the classic advance-fee fraud/Nigerian scam); hence marks cannot go to the police without revealing that

List of confidence tricks they planned to commit a crime themselves. In a recent twist on the Nigerian fraud scheme, the mark is told they are helping someone overseas collect debts from corporate clients. Large cheques stolen from businesses are mailed to the mark. These cheques are altered to reflect the mark's name, and the mark is then asked to cash them and transfer all but a percentage of the funds (his commission) to the con artist. The cheques are often completely genuine, except that the "pay to" information has been expertly changed. This exposes the mark not only to enormous debt when the bank reclaims the money from their account, but also to criminal charges for money laundering. A more modern variation is to use laser-printed counterfeit cheques with the proper bank account numbers and payer information.

83

Televised infomercial
Certain infomercials feature enthusiastic hosts and highlights of satisfied customers’ testimony extolling the benefits of get-rich-quick methods such as Internet auctioneering, real estate investment and marketing, for-profit toll phone business, classified advertising and unique products of questionable value requiring active marketing by the paying customers. Infomercials which fall under the aforementioned descriptions are highly likely to be scams devised and engineered to “bamboozle” the unsuspecting viewers for the express purpose of enriching the scheme inventors who produced the infomercials which often grossly exaggerate their claims, in conjunction with the clips of satisfied customers' over-excited testimonies with the superimposed captions of the alleged profits made. Don Lapre, creator of "Money Making Secrets", "The Ultimate Road to Success", "The Greatest Vitamin in the World" and other schemes, was reported by Internet customer watchdog organizations Ripoff Report, Better Business Bureau and Quackwatch, plus alternative newspaper publications such as Phoenix New Times as one of the premier confidence artists whose characteristic traits of overly positive attitude and over-enthusiastically cheerful and charismatic personality depend on the gullibility of the infomercial viewers to purchase the essentially useless products to gain substantial sums of profit by deception.

Wire game
The wire or delayed-wire game, as depicted in the movie The Sting, trades on the promise of insider knowledge to beat a gamble, stock trade or other monetary action. In the wire game, a "mob" composed of dozens of grifters simulates a "wire store", i.e., a place where results from horse races are received by telegram and posted on a large board, while also being read aloud by an announcer. The griftee is given secret foreknowledge of the race results minutes before the race is broadcast, and is therefore able to place a sure bet at the wire store. In reality, of course, the con artists who set up the wire store are the providers of the inside information, and the mark eventually is led to place a large bet, thinking it to be a sure win. At this point, some mistake is made, which actually makes the bet a loss. The grifters in The Sting use miscommunication about the race results to simulate a big mistake, and the bet is lost.[2]

Persuasion tricks
Persuasion fraud, when fraudsters persuade people only to target their money, is an old-fashioned type of fraud.

Missionary conspiracy
A missionary conspiracy is a scam that involves illegitimate missionaries who are part of a cult that converts an entire community to quasi-religious beliefs. This usually involves an authority figure like Jim Jones who then uses his authority to abuse followers or to use them for gain. Usually these communities are rural, isolated, and have no money, instead they are used for manual labor, in particular on plantations and manufacturing. This is referred to as a "conspiracy" because of the difficulty to prove and the scale of the scam. These faux missionaries tend to be the representative of these communities to and from the outside world which includes the handling of money. In addition, community members either revere the missionaries as people of their new deity or refuse to admit they had

List of confidence tricks fallen victim to the scam. This scam is particularly attributed to cults with strong authority figures and has taken place in Asia, Africa, Central and South America.

84

Romance scam
The traditional romance scam has now moved into internet dating sites. The con actively cultivates a romantic relationship which often involves promises of marriage. However, after some time it becomes evident that this Internet "sweetheart" is stuck in his home country, lacking the money to leave the country and thus unable to be united with the mark. The scam then becomes an advance-fee fraud or a check fraud. A wide variety of reasons can be offered for the trickster's lack of cash, but rather than just borrow the money from the victim (advance fee fraud), the con man normally declares that they have checks which the victim can cash on their behalf and remit the money via a non-reversible transfer service to help facilitate the trip (check fraud). Of course, the checks are forged or stolen and the con man never makes the trip: the hapless victim ends up with a large debt and an aching heart. This scam can be seen in the movie Nights of Cabiria.

Fortune telling fraud
One traditional swindle involves fortune telling. In this scam, a fortune teller uses her cold reading skill to detect that a client is genuinely troubled rather than merely seeking entertainment; or is a gambler complaining of bad luck. The fortune teller informs the mark that they are the victim of a curse, but that for a fee a spell can be cast to remove the curse. In Romany, this trick is called bujo "bag", from one traditional form: the mark is told that the curse is in their money; they bring money in a bag to have the spell cast over it, and leave with a bag of worthless paper.[3] Fear of this scam has been one justification for legislation that makes fortune telling a crime.[4] This scam got a new lease on life in the electronic age with the virus hoax. Fake antivirus software falsely claims that your computer is infected with viruses, and renders the machine inoperable with bogus warnings unless blackmail is paid. In the Datalink Computer Services incident, a mark was fleeced of several million dollars by a firm that claimed that his computer was infected with viruses, and that the infection indicated an elaborate conspiracy against him on the Internet.[5] [6] [7] The alleged scam lasted from August 2004 through October 2010 and is estimated to have cost the victim between 6–20 million USD.[5] [8]

Gold brick scams
Gold brick scams involve selling a tangible item for more than it is worth; named after selling the victim an allegedly golden ingot which turns out to be gold-coated lead.

Coin collecting
The coin collecting scam is a scam preying on inexperienced collectors. The conman convinces the mark by stating that a high-priced collection is for sale at a lower amount. The coin collector then buys the entire collection, believing it is valuable.

Pig-in-a-poke
Pig-in-a-poke originated in the late Middle Ages. The con entails a sale of a (suckling) "pig" in a "poke" (bag). The bag ostensibly contains a live healthy little pig, but actually contains a cat (not particularly prized as a source of meat). If one buys the bag without looking inside it, the person has bought something of less value than was assumed, and has learned firsthand the lesson caveat emptor. "Buying a pig in a poke" has become a colloquial expression in many European languages, including English, for when someone buys something without examining it beforehand. In Poland, Denmark, France, Belgium, Latvia, Israel and Germany, the "pig" in the phrase is replaced by "cat", referring to the bag's actual content, but the saying is otherwise identical. This is also said to be where the

List of confidence tricks phrase "letting the cat out of the bag" comes from, although there may be other explanations.

85

Thai gem
The Thai gem scam involves layers of con men and helpers who tell a tourist in Bangkok of an opportunity to earn money by buying duty-free jewelry and having it shipped back to the tourist's home country. The mark is driven around the city in a tuk-tuk operated by one of the con men, who ensures that the mark meets one helper after another, until the mark is persuaded to buy the jewelry from a store also operated by the swindlers. The gems are real but significantly overpriced. This scam has been operating for 20 years in Bangkok, and is said to be protected by Thai police and politicians. A similar scam usually runs in parallel for custom-made suits. Many tourists are hit by conmen touting both goods. People shopping for pirated software, illegal pornographic images, bootleg music, drugs, firearms or other forbidden or controlled goods may be legally hindered from reporting swindles to the police. An example is the "big screen TV in back of the truck": the TV is touted as "hot" (stolen), so it will be sold for a very low price. The TV is in fact defective or broken; it may, in fact, not even be a television at all, since some scammers have discovered that a suitably decorated oven door will suffice.[9] The buyer has no legal recourse without admitting to attempted purchase of stolen goods. This con is also known as "The Murphy Game".

White van speaker
In the white van speaker scam, low-quality loudspeakers are sold, stereotypically from a white van, as expensive units that have been greatly discounted. The salesmen explain the ultra-low price in a number of ways; they may, for instance, say that their employer is unaware of having ordered too many speakers, so they are sneakily selling the excess behind the boss's back. The scam may extend to the creation of Web sites for the bogus loudspeaker brand, which usually sounds similar to that of a respected loudspeaker company. The "speakermen" are ready to be haggled down to a seemingly gigantic discount, because the speakers they are selling, while usually technically functional, actually cost only a tiny fraction of their "list price" to manufacture. The "speakermen" will often place an ad in the "For sale" Classifieds of the local newspaper, for the speakers, at an exorbitant price. They will then show you a copy of this newspaper ad to "verify" their worth.

Extortion or false-injury tricks
Badger game
The badger game extortion is often perpetrated on married men. The mark is deliberately coerced into a compromising position, a supposed affair for example, then threatened with public exposure of his acts unless blackmail money is paid.

Clip joint
A clip joint or fleshpot is an establishment, usually a strip club or entertainment bar, typically one claiming to offer adult entertainment or bottle service, in which customers are tricked into paying money and receive poor, or no, goods or services in return. Typically, clip joints suggest the possibility of sex, charge excessively high prices for watered-down drinks, then eject customers when they become unwilling or unable to spend more money. The product or service may be illicit, offering the victim no recourse through official or legal channels.

List of confidence tricks

86

Foreign object in food
This scam involves a patron ordering food in a restaurant, and then placing a bug or foreign object in the food. The patron complains loudly to the restaurant managers and threatens to sue. Sometimes the patron receives a free meal or additional compensation, or tries to blackmail the restaurant. A notable attempt to perform this scam which failed was when a woman placed a severed finger in a bowl of chili and attempted to extort money from Wendy's, a fast food burger chain.[10]

Hydrophobia lie
The hydrophobia lie was popular in the 1920s, in which the con man pretended to have been bitten by the mark's allegedly rabid dog, hydrophobia being an alternative term for rabies.

Insurance fraud
Insurance fraud includes a wide variety of schemes which attempt insureds to defraud their own insurance carriers, but when the victim is a private individual, the con artist tricks the mark into damaging, for example, the con artist's car, or injuring the con artist, in a manner that the con artist can later exaggerate. One relatively common scheme involves two cars, one for the con artist, and the other for the shill. The con artist will pull in front of the victim, and the shill will pull in front of the con artist before slowing down. The con artist will then slam on his brakes to "avoid" the shill, causing the victim to rear-end the con artist. The shill will accelerate away, leaving the scene. The con artist will then claim various exaggerated injuries in an attempt to collect from the victim's insurance carrier despite having intentionally caused the accident. Insurance carriers, who must spend money to fight even those claims they believe are fraudulent, frequently pay out thousands of dollars—a tiny amount to the carrier despite being a significant amount to an individual—to settle these claims instead of going to court.[11] A variation of this scam occurs in countries where insurance premiums are generally tied to a Bonus-Malus rating: the con artist will offer to avoid an insurance claim, settling instead for a cash compensation. Thus, the con artist is able to evade a professional damage assessment, and get an untraceable payment in exchange for sparing the mark the expenses of a lowered merit class. The con can take up an insurance policy while traveling then claim theft when no wrong doing has occurred. The con will approach the police and create a false statement to fulfill the requirements of the insurance policy.

Melon drop
The melon drop is a scam in which the scammer will intentionally bump into the mark and drop a package containing (already broken) glass. He will blame the damage on the clumsiness of the mark, and demand money in compensation. This con arose when artists discovered that the Japanese paid large sums of money for watermelons. The scammer would go to a supermarket to buy a cheap watermelon, then bump into a Japanese tourist and set a high price.

Gambling tricks
Barred winner
Visitors to Las Vegas or other gambling towns often encounter the barred winner scam, a form of advance fee fraud performed in person. The artist will approach his mark outside a casino with a stack or bag of high-value casino chips and say that he just won big, but the casino accused him of cheating and threw him out without letting him redeem the chips. The artist asks the mark to go in and cash the chips for him. The artist will often offer a percentage of the winnings to the mark for his trouble. But, when the mark agrees, the artist feigns suspicion and asks the mark to put up something of value "for insurance". The mark agrees, hands over jewelry, a credit card or their wallet, then

List of confidence tricks goes in to cash the chips. When the mark arrives at the cashier, they are informed the chips are fake. The artist, by this time, is long gone with the mark's valuables.

87

Fake reward
The fake reward scam involves getting the mark to believe he has won some prizes after being randomly chosen. He is then required to get to a specific location to 'collect his prizes'. Once there, he is told that he only has to sign some papers to receive the rewards. These papers can range from agreeing to financial fraud or signing up for memberships.

Fiddle game
The fiddle game uses the pigeon drop technique. A pair of con men work together, one going into an expensive restaurant in shabby clothes, eating, and claiming to have left his wallet at home, which is nearby. As collateral, the con man leaves his only worldly possession, the violin that provides his livelihood. After he leaves, the second con man swoops in, offers an outrageously large amount (for example $50,000) for such a rare instrument, then looks at his watch and runs off to an appointment, leaving his card for the mark to call him when the fiddle-owner returns. The mark's greed comes into play when the "poor man" comes back, having gotten the money to pay for his meal and redeem his violin. The mark, thinking he has an offer on the table, then buys the violin from the fiddle player who "reluctantly" agrees to sell it for a certain amount that still allows the mark to make a "profit" from the valuable violin. The result is the two conmen are richer (less the cost of the violin), and the mark is left with a cheap instrument. This trick is also detailed in the Neil Gaiman novel American Gods and is the basis for The Streets' song "Can't Con an Honest John". It was also shown in an episode of Steptoe and Son in which Harold has a commode which he has purchased on his rounds (from a house wife). A passing antiques dealer sees the item and offers a large amount of money, but will return the next day. In the meantime the husband of the woman from whom Harold bought the commode demands that Harold sells it back to him; instead Harold offers the man an amount of money to keep the commode, believing that he can sell it to the dealer later that day. In an episode of Hustle the fiddle game is acted out, using a dog instead of a fiddle. In the 1981 Only fools and horses episode "Cash and Curry", the main character, Delboy, is tricked into paying £2000 for a statue worth £17, believing it to be worth £4000.[12]

Football picks
In the football picks scam the scammer sends out tip sheet stating a game will go one way to 100 potential victims and the other way to another 100. The next week, the 100 or so who received the correct answer are divided into two groups and fed another pick. This is repeated until a small population have (apparently) received a series of supernaturally perfect picks, then the final pick is offered for sale. Despite being well-known (it was even described completely on an episode of The Simpsons and used by Derren Brown in "The System"), this scam is run almost continuously in different forms by different operators. In Rex Stout's Novel And Be a Villain (1948) this horse race prediction scheme is described by Nero Wolfe as a sure way to make money if one was so inclined to commit a crime. The sports picks can also be replaced with securities, or any other random process, in an alternative form. This scam has also been called the inverted pyramid scheme, because of the steadily decreasing population of victims at each stage.

Glim-dropper
The glim-dropper scam requires several accomplices, one of whom must be a one-eyed man. One grifter goes into a store and pretends he has lost his glass eye. Everyone looks around, but the eye cannot be found. He declares that he will pay a thousand-dollar reward for the return of his eye, leaving contact information. The next day, an accomplice enters the store and pretends to find the eye. The storekeeper (the intended griftee), thinking of the reward, offers to take it and return it to its owner. The finder insists he will return it himself, and demands the owner’s address.

List of confidence tricks Thinking he will lose all chance of the reward, the storekeeper offers a hundred dollars for the eye. The finder bargains him up to $250, and departs. The one-eyed man, of course, cannot be found and does not return. (Described in A Cool Million, or, The Dismantling of Lemuel Pitkin (1934) by Nathanael West). Variants of this con have been used in movies such as The Flim-Flam Man, The Traveller (1997), Shade (2003), and Zombieland (2009), and also in books such as American Gods.

88

Lottery fraud by proxy
Lottery fraud by proxy is a particularly vicious scam, in which the scammer buys a lottery ticket with old winning numbers. He or she then alters the date on the ticket so that it appears to be from the day before, and therefore a winning ticket. He or she then sells the ticket to the mark, claiming it is a winning ticket, but for some reason, he or she is unable to collect the prize (not eligible, etc.). The particular cruelty in this scam is that if the mark attempts to collect the prize, the fraudulently altered ticket will be discovered and the mark held criminally liable. This con was featured in the movie Matchstick Men, where Nicolas Cage teaches it to his daughter. A twist on the con was shown in Great Teacher Onizuka, where the more than gullible Onizuka was tricked into getting a "winning ticket". The ticket wasn't altered, instead the daily newspaper reporting the day's winning numbers was rewritten with a black pen.

Three-card Monte
Three-card Monte, "find the queen", the "three-card trick", or "follow the lady", is (except for the props) essentially the same as the centuries-older shell game or thimblerig. The trickster shows three playing cards to the audience, one of which is a queen (the "lady"), then places the cards face-down, shuffles them around and invites the audience to bet on which one is the queen. At first the audience is skeptical, so the shill places a bet and the scammer allows him to win. In one variation of the game, the shill will (apparently surreptitiously) peek at the lady, ensuring that the mark also sees the card. This is sometimes enough to entice the audience to place bets, but the trickster uses sleight of hand to ensure that they always lose, unless the conman decides to let them win, hoping to lure them into betting much more. The mark loses whenever the dealer chooses to make him lose. This con appears in the Eric Garcia novel Matchstick Men and is featured in the movie Edmond. The scam is also central to the Pulitzer prize-winning play "Topdog/Underdog." It also appears in episodes of Newsradio, Everybody Hates Chris, and The Simpsons. A variation on this scam exists in Barcelona, Spain, but with the addition of a pickpocket. The dealer and shill behave in an overtly obvious manner, attracting a larger audience. When the pickpocket succeeds in stealing from a member of the audience, he signals the dealer. The dealer then shouts the word "aguas", and the three split up. "Aguas" is a colloquial that translates into "Watch Out!". The audience is left believing that the police are coming, and that the performance was a failed scam. A variant of this scam exists in Mumbai, India. The shill says loudly to the dealer that his cards are fake and that he wants to see it. He takes the cards and folds a corner and says in a hushed voice to the audience that he has marked the card. He first places the bet and wins. Then he asks the others to place bets as well. When one of the audience bets a large sum of money the cards are switched.

Online scams
Fake antivirus
Computer users unwittingly download & install malware disguised as antivirus software, usually through an ActiveX program, by following the messages which appear on their screen. The software then pretends to find multiple viruses on the victim's computer, "removes" a few, and asks for payment in order to take care of the rest. They are then linked to con artists' websites, professionally designed to make their bogus software appear legitimate, where they must pay a fee to download the "full version" of their "antivirus software".

List of confidence tricks

89

Phishing
A modern scam in which the artist communicates with the mark, masquerading as a representative of an official organization which the mark is doing business with, in order to extract personal information which can then be used, for example, to steal money. In a typical instance of phishing, the artist sends the mark an email pretending to be from a company (such as eBay). This email is formatted exactly like email from that business, and will ask the mark to "verify" some personal information at their website, to which a link is provided. The website itself is also fake but designed to look exactly like the business' website. The site will contain an HTML form asking for personal information such as credit card numbers. The mark will feel compelled to give this information because of words in the email or the site stating that they require the information again, for example to "reactivate your account". When the mark submits the form (not checking the URL), the information is sent to the swindler. Other online scams include advance-fee fraud, bidding fee schemes, click fraud, domain slamming, various spoofing attacks, web-cramming, and online versions of employment scams and romance scams.

Other confidence tricks and scams
Art student
The art student scam is common in major Chinese cities. A small group of 'students' will start a conversation, claiming that they want to practice their English. After a short time they will change the topic to education and will claim that they are art students and they want to take you to a free exhibition. The exhibition will usually be in a small, well hidden rented office and the students will show you some pieces which they claim to be their own work and will try to sell them at a high price, despite the pieces usually being nothing more than an internet printout worth a fraction of their asking price. They will often try 'guilt tricks' on people who try to bargain the price.

Beijing tea
The Beijing tea scam is a famous scam in and around Beijing. The artists (usually female and working in pairs) will approach tourists and try to make friends. After chatting, they will suggest a trip to see a tea ceremony, claiming that they have never been to one before. The tourist is never shown a menu, but assumes that this is how things are done in China. After the ceremony, the bill is presented to the tourist, charging upwards of $100 per head. The artists will then hand over their bills, and the tourists are obliged to follow suit. Similar scams involving restaurants, coffee shops and bars also take place.

Big store
The Big Store is a technique for selling the legitimacy of a scam and typically involves a large team of con artists and elaborate sets. Often a building is rented and furnished as a legitimate and substantial business.[13]

Cell phone grab
Usually occurs outside airports or train stations at the pick-up curb, requires two cons and a getaway car. The con will approach the mark and claim that their ride isn't here due to their plane or train being late or early, and that they don't have the change to use a pay phone, or their own cell phone battery is dead. They ask the mark if they can use their cell phone to call, usually reassuring the mark by saying that the call is local and it will not cost them much. If the mark refuses, the con will try to guilt trip them. The moment the mark hands over their cell phone, the con makes a break for it, often hopping into a waiting car to make a quick getaway.

List of confidence tricks

90

Change raising
Change raising is a common short con and involves an offer to change an amount of money with someone, while at the same time taking change or bills back and forth to confuse the person as to how much money is actually being changed. The most common form, "the Short Count", has been featured prominently in several movies about grifting, notably Nueve Reinas, The Grifters, Criminal, and Paper Moon. A con artist shopping at, say a gas station, pays for a cheap item (under a dollar) and gives the clerk a ten dollar bill. The con gets back nine ones and the change then tells the clerk he has a one and will exchange ten ones for a ten. Here's the con: get the clerk to hand over the $10 BEFORE handing over the ones. Then the con hands over nine ones and the $10. The clerk will assume a mistake and offer to swap the ten for a one. Then the con will probably just say, "Here's another one, give me a $20 and we're even". Notice that the con just swapped $10 for $20. The $10 was the store's money, not the con's. To avoid this con, keep each transaction separate and never ever permit the customer to handle the original ten before handing over the ten ones. Another variation is to flash a $20 bill to the clerk, then ask for something behind the counter. When the clerk turns away, the con artist can swap the bill they are holding to a lesser bill. The clerk might then make change for the larger bill, without noticing it has been swapped. The technique works better when bills are the same colour at a glance like, for instance, U.S. dollar bills.

Counterfeit cashier's check
In this scam the victim is sent a cashier's check or money order for payment on an item for sale on the internet. When this document is taken to the bank it may not be detected as counterfeit for 10 business days or more, but the bank will deposit the money into the victim's account and tell you that it has been "verified" or is "clear" in about 24 hours. This gives the victim a false feeling of security that the document is real, so they proceed with the transaction. When the bank does find that the check is counterfeit, they will come back to the customer for the entire amount of the check.

Empty car lot
The scammers will find a vacant lot that is essentially used as free car parking and then start to charge people at the entrance, saying that the building is under new management and now chargeable.

Fake raffle
The con artist sells tickets for a non-existent raffle, often either door-to-door or at a stall in a densely populated commercial space (i.e. a large shopping mall), to dozens of individual marks, making a sizeable profit in the process. Because the marks never expected to win the raffle, they generally never realise they've been stung; and may not even think about it at all afterwards, because they only parted with a small amount of money (several dollars, for example).

False charity
A con artist will go door-to-door saying that the mark's donation will help build better playgrounds, help starving children etc; thus the mark will pay the con artist. Sometimes the con artist will even print out fake papers explaining the good that they will be doing.

Gas can
The gas can scam happens on the street or in a parking lot, usually near a big-box store or mall. The con artist is well-dressed, and carrying a gas can. A story is given, usually involving a wife or teenage offspring waiting in the car (or occasionally, teenage offspring home alone) and then a request for ten to twenty bucks for gas. Often, the con artist will ask for your address to "return" your money. A variation of this scam has the con artist claiming that his car was towed, and he needs money to retrieve it from the towing company.

List of confidence tricks In a gas-can-free variation of this scam, the artist claims that his or her car ran out of gas, and he or she asks for gas money. A purportedly out-of-gas car might or might not be present.

91

Landlord
The landlord scam advertises an apartment for rent at an attractive price. The con artist, usually someone who is house-sitting or has a short-term sublet at the unit, takes a deposit and first/last month's rent from every person who views the suite. When move-in day arrives, the con artist is of course gone, and the apartment belongs to none of the angry people carrying boxes.

Neighbor's false friend
In the neighbor's false friend scam, the con artist rings the mark's door bell claiming to be a friend of a neighbor or someone who lives nearby and asks to borrow money for gas since they've left their wallet with all their money at their friend's house and now there's nobody home. The con artist is gambling that the mark knows the name of the "friend" and perhaps is an acquaintance so that it would be embarrassing to refuse assistance, but that the mark doesn't know very much else about the "friend", making verification difficult. Of course the con artist has just read the "friend's" name on a mailbox or a door bell.

Paranoia
The paranoia scam is a scam involving the conman telling the mark various lies about different scams and instigating false attempts so that the mark, by now feeling worried and with no place to hide their money from fraud, turns to the conman (of all people) for help. Used in an episode of Monk.

Pigeon drop
The pigeon drop, also featured early in the film The Sting, involves the mark or pigeon assisting an elderly, weak or infirm stranger to keep their money safe for them. In the process, the stranger (actually a confidence trickster) puts their money with the mark's money (in an envelope, briefcase or sack) which the mark is then entrusted with. The money is actually not put into the sack or envelope, but is switched for a bag full of newspaper (etc). The mark is enticed to make off with the con artist's money through the greed element and various theatrics, but in actuality, the mark is fleeing from their own money, which the con artist still has (or has handed off to an accomplice). In LOST this was Sawyer's preferred way of conning people out of money.

Pseudoscience and snake oil
In pseudoscience and snake oil scams, popular psychology confidence tricksters make money by falsely claiming to improve reading speed and comprehension using speed reading courses by fooling the consumer with inappropriate skimming and general knowledge tests. These popular psychology tricksters often employ popular assumptions about the brain and the cerebral hemispheres which are scientifically wrong, but attractive and plausible. A common myth is that we use only 10% of our brain.[14] [15] Similar scams involve the use of brain machines to alter brain waves, and intelligence amplification through balancing the mind and body. See Scientology.

Psychic surgery
Psychic surgery is a con game in which the trickster uses sleight of hand to apparently remove malignant growths from the mark's body. A common form of medical fraud in underdeveloped countries, it imperils victims who may fail to seek competent medical attention. The movie Man on the Moon depicts comedian Andy Kaufman undergoing psychic surgery, and it can also be seen in an episode of Jonathan Creek as well as an episode of Lost in which the character Rose travels to Australia in a last ditch effort to cure her cancer.

List of confidence tricks

92

Rainmaker
The con artist (a "rainmaker") convinces the mark to pay them to make something happen. If it happens, then the mark is convinced it is because they paid the rainmaker; if not, the rainmaker can say they need more money to do it. A major story arc in the third season of The Wire is Senator Clay Davis' shakedown of the Barksdale Organization. There is also an example of this in the Quantum Leap episode "A Single Drop of Rain" from Season 4.

Real estate
The real estate scam may vary according to the type of real estate, but the common goal is that the con artist tricks the seller into thinking that they are going to buy or rent the property and make monthly payments. In reality, the con artist has no intention of paying anything. This will usually continue until they are caught or evicted, but the catch here is this is hard to prove in a criminal court; the only legal recourse the seller has is to file a lawsuit against the person responsible. However, the con artist will usually scam the seller for an amount below the cost of its recovery through litigation.

Recovery room
A recovery room scam is a form of advance-fee fraud where the scammer (sometimes posing as a law enforcement officer or attorney) calls investors who have been sold worthless shares (for example in a boiler-room scam), and offers to buy them, to allow the investors to recover their investments.[16] The scam involves requiring an advance fee before the payment can take place, for example a "court fee".[17]

Rip deal
The Rip Deal is a swindle very popular in Europe and is essentially a pigeon drop confidence trick. In a typical variation scammers will target, say, a jeweler, and offer to buy some substantial amount of his wares at a large markup provided he perform some type of under-the-table cash deal, originally exchanging Swiss francs for euros. This exchange goes through flawlessly, at considerable profit for the mark. Some time later the scammers approach the mark with a similar proposition, but for a larger amount of money (and thus a larger return for the mark). His confidence and greed inspired by the previous deal, the merchant agrees—only to have his money and goods taken, by sleight-of-hand or violence, at the point of exchange. This scam was depicted in the movie Matchstick Men. The same term is used to describe a crime where a vendor (especially a drug dealer) is killed to avoid paying for goods.[18]

Robbed traveler
The robbed traveler scam usually takes place at airports and train stations. A person smartly dressed in suit and tie appears in distress and looks around bewildered, making sure the mark has noticed them. Then they approach and tell the story that their wallet or jacket has been stolen with all their money. They then appeal for help and ask if they can borrow a small amount of money for a taxi to their friend's house or a hotel where they're booked in, promising to pay it back as soon as they get access to their money. Experts at this game may even trick their mark into giving them the money (as opposed to merely lending it) in the belief that they are helping an upstanding member of society in genuine distress.

List of confidence tricks

93

Stranded Traveler Scam
This type of scam usually appears as an email message coming from the target's friend or acquaintance. In the appeal the victim claims to be out of the country and has lost their passport, credit card, plane tickets, or had them stolen. The con claims he/she cannot get home because they have no identification, or cannot pay their hotel bill or replace airline tickets. The con usually gains access to the friend's email account, cell phone, or social network account (e.g., Facebook). The con uses information about the target by reading old email messages or information on the social network. The tell is that the message usually contains spelling errors or uses language that the target's friend would not write. All foreign countries host embassies or consulates that will help travelers who are stranded abroad. Credit card issuers can be called collect to obtain an emergency replacement or assistance settling a hotel bill.

Street mechanic
The con artist approaches the mark's car and says something is wrong with it - usually something the mark cannot immediately see - the bumper is turning into the wheel, for example. The con artist tells the mark that it is a very expensive fix, but that they are a mechanic and will fix it. Really, the con artist is creating an illusion, perhaps by sitting on the bumper. They "fix" the problem in minutes. They may ask for only a ride at first, but then pretend to call their boss and pretend that they are late for work and their boss is angry, and tell the mark they have lost a customer. The mark is made to feel guilty and grateful, and believe that they have been helped by a kind mechanic who has charged less than the normal hourly rate (albeit plus a hefty tip) to replace the customer they lost. This scam has been found in the streets of downtown Baltimore.

Subway attendant
An individual dressed to resemble a subway attendant stands near a subway ticket machine at a downtown stop. The individual approaches people who appear to be out-of-towners headed back to the airport, and asks if they need directions, how their stay was, etc. They offer to sell a ticket to the airport directly from a handful they are carrying; however, these are merely used-up tickets collected from the trash. This has been seen on MARTA in Atlanta. The scammer is imitating legitimate attendants at the airport who show travelers how to use the vending machines but don't accept cash or give you tickets themselves.

Tow-truck scam
Similar to the gas can scam, the scammer will explain that his or her car broke down and that he needs money for the tow truck. The scammer might flash a wad of cash and ask the mark for "just a few dollars more" to have his car towed.

Undercover cop
The undercover cop scam is a scam where a con artist masquerades as an undercover police officer, usually by stopping the mark's vehicle and showing a fake badge, and tells the mark about a case they are investigating, and that the mark is a suspect. The conman asks for money to be checked, and when the mark is out of the vehicle, the con artist gets into the mark's car and drives away, having made sure there was more time to escape than it would take for the mark to get back to their vehicle. This scam is usually done to tourists, variations include their whole luggage being transferred to the conman's trunk "to be checked at a police station", or a fake immigration agent, asking for papers and then for money to clear up the problem.

List of confidence tricks

94

References
[1] Dan Plazak A Hole in the Ground with a Liar at the Top (Salt Lake: Univ. of Utah Press, 2006) ISBN 978-0-87480-840-7. [2] The Sting. Motion picture. Written by David S. Ward. 1973. Script: http:/ / www. imsdb. com/ scripts/ Sting,-The. html [3] W. W. Zellner, William M. Kephart, Extraordinary groups: an examination of unconventional lifestyles (Macmillan, 2000; ISBN 1-57259-953-7), pp. 121-122 (http:/ / books. google. com/ books?id=izrSSWrKu8cC& pg=PA121& lpg=PA121& dq=bujo+ gypsy+ scam& source=bl& ots=oktYov9_dK& sig=psavI5uf3jd-pQZnvWudOs2R7dA& hl=en& ei=Ci7jTNT1O8ainQeM6IDoDg& sa=X& oi=book_result& ct=result& resnum=3& ved=0CCEQ6AEwAg#v=onepage& q& f=false) [4] Spiritual Psychic Science Church v. City of Azusa (1985) 39 Cal.3d 501 , 217 Cal.Rptr. 225; 703 P.2d 1119 [5] "Heir to schlumberger OILfield services fortune fleeced of at least six million dollars" (http:/ / www. westchesterda. net/ pressreleases/ 001108mkarraign. htm). Press Release. Westchester County District Attorney. 11-08-2010. . Retrieved 10 November 2010. [6] EL-GHOBASHY, TAMER (November 9, 2010.). "Virus Leads to $20 Million Scam - WSJ.com" (http:/ / online. wsj. com/ article/ SB10001424052748703957804575602993406810012. html). The Wall Street Journal. . Retrieved 10 November 2010. [7] Fernandez, Manny (9 November 2010). "Man Held in Defrauding Roger Davidson, Musician" (http:/ / www. nytimes. com/ 2010/ 11/ 09/ nyregion/ 09fraud. html?partner=rss& emc=rss). The New York Times. . Retrieved 10 November 2010. [8] Zetter, Kim (November 9, 2010). "Computer Virus Leads to $20 Million Scam Targeting Pianist Composer" (http:/ / www. wired. com/ threatlevel/ 2010/ 11/ pianist-composer-bilked). Wired News. . Retrieved 10 November 2010. [9] Danny Allen (August 14, 2009). "Cops Bust Guy Selling Oven Door Disguised as HDTV" (http:/ / m. gizmodo. com/ 5337290/ cops-bust-guy-selling-oven-door-disguised-as-hdtv). gizmodo.com. . Retrieved 2011-02-14. [10] "Jail for Wendy's Finger Scam Couple" (http:/ / www. cbsnews. com/ stories/ 2006/ 01/ 18/ national/ main1218315. shtml). CBS News. 18 January 2006. . Retrieved 14 August 2009. [11] "What factors impact auto insurance rates?" (http:/ / www. ifaauto. com/ faq/ rate. asp). . Retrieved 25 August 2010. [12] Cash and Curry, episode synopsis, www.bbc.co.uk, accessed 1 August 2010 (http:/ / www. bbc. co. uk/ comedy/ onlyfools/ series1/ cashandcurry. shtml) [13] Maurer, David W. (1940). The Big Con: The Story of the Confidence Man and the Confidence Game. Bobbs Merrill. ISBN 0-7869-1850-8 [14] Do We Use Only 10% of Our Brain? online (http:/ / faculty. washington. edu/ chudler/ tenper. html) [15] Snopes: The Ten-Percent Myth online (http:/ / www. snopes. com/ science/ stats/ 10percnt. htm) [16] Wang, Wallace (2006). Steal This Computer Book 4.0 : What They Won't Tell You About the Internet. San Francisco: No Starch Press. ISBN 1-59327-105-0. [17] Weinberg, Michael C. (2008). Careers in Crime: An Applicant's Guide. Kansas City, MO: Andrews McMeel Publishing. ISBN 0-7407-5708-3. [18] Florence Bruce; Hagell, Ann; Renuka Yeyarajah-dent (2006). Children Who Commit Acts of Serious Interpersonal Violence: Messages for Best Practice. London: Jessica Kingsley Publishers. ISBN 1-84310-384-2.

Advance-fee fraud

95

Advance-fee fraud
An advance-fee fraud is a confidence trick in which the target is persuaded to advance sums of money in the hope of realizing a significantly larger gain.[1] Among the variations on this type of scam are the Nigerian Letter (also called the 419 fraud, Nigerian scam, Nigerian bank scam, or Nigerian money offer[2] ), the Spanish Prisoner, the black money scam as well as Russian/Ukrainian scam (also widespread, though far less popular than the former). The so-called Russian and Nigerian scams stand for wholly dissimilar organized-crime traditions; they therefore tend to use altogether different breeds of approaches. Although similar to older scams such as the Spanish Prisoner, the modern 419 scam originated in the early 1980s as the oil-based Nigerian economy declined. Several unemployed university students first used this scam as a means of manipulating business visitors interested in shady deals in the Nigerian oil sector before targeting businessmen in the west, and later the wider population. Scammers in the early-to-mid 1990s targeted companies, sending scam messages via letter,[3] fax, or Telex.[4] The spread of e-mail and easy access to e-mail-harvesting software significantly lowered the cost of sending scam letters by using the Internet. In the 2000s, the 419 scam has spurred imitations from other locations in Africa, Philippines, Malaysia, Russia, Australia, Canada, United Kingdom, and the United States. In particular advanced fee fraud in the United States primarily originates from the cities of Buffalo and Detroit. The number "419" refers to the article of the Nigerian Criminal Code (part of Chapter 38: "Obtaining Property by false pretences; Cheating") dealing with fraud.[5] The American Dialect Society has traced the term "419 fraud" back to 1992.[6] The advance-fee fraud is similar to a much older scam known as the Spanish Prisoner scam[7] in which the trickster tells the victim that a rich prisoner promised to share treasure with the victim in exchange for money to bribe prison guards. An older version of this scam existed by the end of 18th century, and is called "the Letter From Jerusalem" by Eugène François Vidocq, in his memoirs.[8] Insa Nolte, a lecturer of University of Birmingham's African Studies Department, stated that "The availability of e-mail helped to transform a local form of fraud into one of Nigeria's most important export industries."[9] Embassies and other organizations warn visitors to various countries about 419. Countries in West Africa with warnings cited include Nigeria,[7] [10] Ghana,[11] [12] Benin,[13] Côte d'Ivoire (Ivory Coast),[14] Togo,[15] [16] Senegal[17] and Burkina Faso.[18] Countries outside West Africa with 419 warnings cited include South Africa,[16] [19] Spain,[19] and the Netherlands.[20]

Implementation
This scam usually begins with a letter or e-mail[7] purportedly sent to a selected recipient but actually sent to many, making an offer that would result in a large payoff for the victim. The e-mail's subject line often says something like "From the desk of Barrister. [Name]", "Your assistance is needed", and so on. The details vary, but the usual story is that a person, often a government or bank employee, knows of a large amount of unclaimed money or gold which he cannot access directly, usually because he has no right to it. Such people, who may be real but impersonated people or fictitious characters played by the con artist, could include the wife or son of a deposed African or Indonesian leader or dictator who has amassed a stolen fortune, or a bank employee who knows of a terminally ill wealthy person with no relatives or a wealthy foreigner who deposited money in the bank just before dying in a plane crash (leaving no will or known next of kin),[21] a US soldier who has stumbled upon a hidden cache of gold in Iraq, a business being audited by the government, a disgruntled worker or corrupt government official who has embezzled funds, a refugee,[22] and similar characters. The money could be in the form of gold bullion, gold dust, money in a bank account, blood diamonds, a series of checks or bank drafts, and so forth. The sums involved are usually in the millions of dollars, and the investor is promised a large share, typically ten to forty percent, if they assist the scam

Advance-fee fraud character in retrieving the money. Whilst the vast majority of recipients do not respond to these e-mails, a very small percentage do, enough to make the fraud worthwhile as many millions of messages can be sent. Invariably sums of money which are substantial, but very much smaller than the promised profits, are said to be required in advance for bribes, fees, etc.—this is the money being stolen from the victim, who thinks he or she is investing to make a huge profit. Many operations are professionally organized in Nigeria, with offices, working fax numbers, and often contacts at government offices. The victim who attempts to research the background of the offer often finds that all pieces fit together. Such scammers can often lure wealthy investors, investment groups, or other business entities into scams resulting in multi-million dollar losses. However, many scammers are part of less organized gangs or are operating independently; such scammers have reduced access to the above connections and thus have little success with wealthier investors or business entities attempting to research them, but are still convincing to middle-class individuals and small businesses, and can bilk hundreds of thousands of dollars from such victims. If the victim agrees to the deal, the other side often sends one or more false documents bearing official government stamps, and seals. 419 scammers often mention false addresses and use photographs taken from the Internet or from magazines to falsely represent themselves. Often a photograph used by a scammer is not of any person involved in the scheme. Multiple "people" involved in schemes are fictitious; the author of the "West African Advance Fee Scams" article posted on the website of the Embassy of the United States in Abidjan, Côte d'Ivoire believes that in many cases one person controls many fictitious personas used in scams.[14] A scammer introduces a delay or monetary hurdle that prevents the deal from occurring as planned, such as "To transmit the money, we need to bribe a bank official. Could you help us with a loan?" or "For you to be a party to the transaction, you must have holdings at a Nigerian bank of $100,000 or more" or similar. More delays and more additional costs are added, always keeping the promise of an imminent large transfer alive, convincing the victim that the money they are currently paying is covered several times over by the payoff. Sometimes psychological pressure is added by claiming that the Nigerian side, to pay certain fees, had to sell belongings and borrow money on their house, or by pointing out the different salary scale and living conditions in Africa, compared to the West. Much of the time, however, the needed psychological pressure is self-applied; once the victims have put money in toward the payoff, they feel they have a vested interest in seeing the "deal" through. Some victims believe that they can cheat the con artist.[14] This idea is often encouraged by the fraudsters who write in a clumsy and uneducated style which presents them as naive and easily cheated by a sophisticated Westerner. The essential fact in all advance-fee fraud operations is that the promised money transfer never happens because the money or gold does not exist. The perpetrators rely on the fact that, by the time the victim realizes this (often only after being confronted by a third party who has noticed the transactions or conversation and recognized the scam), the victim may have sent thousands of dollars of their own money, and sometimes thousands or millions more that has been borrowed or stolen, to the scammer via an untraceable and/or irreversible means such as wire transfer.[14] In extreme cases the victim may not realize that he or she has been defrauded. A version of the scam is for the thief to claim to have contacts to facilitate legitimate business loans; the victim here is not persuaded that he is doing anything illegal. The fraudster meets the victim, and must be able to act the part of a well-connected and experienced loan broker. He asks for payment in advance, which is normal for large loans. Then the loan gradually falls through in a plausible way, and the victim may end up being defrauded of tens of thousands of dollars or pounds, thinking only that the deal simply failed. These frauds may go unreported, either because the victim does not realize he has been cheated, or due to reluctance to admit the facts. Because of "non-disclosure clauses" which may have been included in the fraudulent contract, reporting of the scam may be delayed until the victim becomes certain he has been cheated. The spam e-mails perpetrating these scams are often sent from Internet cafés equipped with satellite Internet. Recipient addresses and e-mail content are copied and pasted into a webmail interface using a standalone storage medium, such as a memory card. Many areas of Lagos, such as Festac, contain many cyber cafés that serve

96

Advance-fee fraud scammers; many cyber cafés seal their doors during afterhours, such as from 10:30 PM to 7:00 AM, so that scammers inside may work without fear of discovery.[23] Nigeria also contains many businesses that provide false documents used in scams; after a scam involving a forged signature of Nigerian President Olusegun Obasanjo in summer 2005, Nigerian authorities raided a market in the Oluwole section of Lagos. The police seized thousands of Nigerian and non-Nigerian passports, 10,000 blank British Airways boarding passes, 10,000 United States money orders, customs documents, false university certificates, 500 printing plates, and 500 computers.[23] During the courses of many schemes, scammers ask victims to supply bank account information. Usually this is a "test" devised by the scammer to gauge the victim's gullibility.[20] Scammers often request that payments be made using a wire transfer service like Western Union and Moneygram. The reason given by the scammer usually relates to the speed at which the payment can be received and processed, allowing quick release of the supposed payoff. The real reason is that wire transfers and similar methods of payment are irreversible, untraceable and, because identification beyond knowledge of the details of the transaction is often not required, completely anonymous.[14] Telephone numbers used by scammers tend to come from mobile phones. In Côte d'Ivoire (Ivory Coast) a scammer may purchase an inexpensive mobile phone and a pre-paid SIM card without submitting subscriber information. If the scammers believed they are being traced, they discard their mobile phones and purchase new ones.[14] In Benin, Nigerians operate scams with Beninese cooperating in the schemes.[13] Some crime syndicates employ fraudsters in the United States who conclude "deals" or threaten victims who try to leave deals.[24] [25]

97

Common elements
Fake cheques
Fraudulent cheques and money orders are key elements in many advance-fee scams, such as auction/classified listing overpayment, lottery scams, inheritance scams, etc., and can be used in almost any scam when a "payment" to the victim is required to gain, regain or further solidify the victim's trust and confidence in the validity of the scheme.[26] The use of cheques in a scam hinges on a US law (and common practice in other countries) concerning cheques: when an account holder presents a cheque for deposit or to cash, the bank must (or in other countries, usually) make the funds available to the account holder within 1–5 business days, regardless of how long it actually takes for the cheque to clear and funds to be transferred from the issuing bank.[27] The cheques clearing process normally takes 7–10 days and can in fact take up to a month when dealing with foreign banks. The time between the funds appearing as available to the account holder and the cheque clearing is known as the "float", during which time the bank could technically be said to have floated a loan to the account holder to be covered with the funds from the bank clearing the cheque. The cheque given to the victim is typically counterfeit but drawn on a real account with real funds in it. With a piece of software like QuickBooks and/or pre-printed blank cheque stock, using the correct banking information, the scammer can easily print a cheque that is absolutely genuine-looking, passes all counterfeit tests, and may even clear the paying account if the account information is accurate and the funds are available. However, whether it clears or not, it eventually becomes apparent either to the bank or the account holder that the cheque is a forgery. This can be as little as three days after the funds are available if the bank supposedly covering the cheque discovers the cheque information is invalid, or it could take months for a business or individual to notice the fraudulent draft on their account. It has been suggested that in some cases the cheque is genuine — however the fraudster has a friend (or bribes an official) at the paying bank to claim it is a fake weeks or even months later when the physical cheque arrives back at the paying bank.

Advance-fee fraud Regardless of the amount of time involved, once the cashing bank is alerted that the cheque is fraudulent, the transaction is reversed and the money removed from the victim's account. In many cases, this puts victims in debt to their banks as the victim has usually sent a large portion of the cheque by some non-reversible 'wire transfer' means (typically Western Union) to the scammer and, since more uncollected funds have been sent than funds otherwise present in the victim's account, an overdraft results.

98

Western Union/MoneyGram Wire Transfers
A central element of advance-fee fraud is that the transaction from the victim to the scammer must be untraceable and irreversible. Otherwise, the victim, once they become aware of the scam, can successfully retrieve their money and/or alert officials who can track the accounts used by the scammer. Wire transfers via Western Union and MoneyGram are ideal for this purpose. The wire transfer, if sent internationally, cannot be cancelled or reversed, and the person receiving the money cannot be tracked. In fact, that person often does not have to provide identification; they only have to know the identifiers of the transaction such as the control number (MTCN) and do not need the "secret question". Thus, the overwhelming majority of scams involve making payment via wire transfer. Other similar uncancellable forms of payment Western Union, Avenue de Choisy, Paris 13e include postal money orders and cashier's checks, but as wire transfer via Western Union or MoneyGram is the fastest method, it is the most common.

Anonymous communication
Since the scammer's operations must be untraceable to avoid identification, and because the scammer is often impersonating someone else, any communication between the scammer and his victim must be done through channels that hide the scammer's true identity. The following options in particular are widely used. Web-based e-mail Because many free e-mail services do not require valid identifying information, and also allow communication with many victims in a short span of time, they are the preferred method of communication for scammers. Some services go so far as to mask the sender's source IP address, making the scammer completely untraceable even to country of origin. Scammers can create as many accounts as they wish and often have several at a time. In addition, if e-mail providers are alerted to the scammer's activities and suspend the account, it is a trivial matter for the scammer to simply create a new account to resume scamming.

Advance-fee fraud E-mail hijacking/friend scams Some fraudsters hijack existing e-mail accounts and use them for advance-fee fraud purposes. The fraudsters e-mail associates, friends, and/or family members of the legitimate account owner in an attempt to defraud them.[29] This ruse generally requires the use of phishing or keylogger computer viruses to gain login information for the e-mail address. Fax transmissions Facsimile machines are commonly used tools of business, whenever a client requires a hard copy of a document. They can also be simulated using web services, and made untraceable by the use of prepaid phones connected to mobile fax machines or by use of a public fax machine such as one [28] Screenshot of Firefox 2.0.0.1 phishing suspicious site owned by a document processing business like FedEx warning Office/Kinko's. Thus, scammers posing as business entities often use fax transmissions as an anonymous form of communication. This is more expensive, as the prepaid phone and fax equipment cost more than e-mail, but to a skeptical victim it can be more believable. SMS messages Abusing SMS bulk senders such as WASPS, scammers subscribe to these services using fraudulent registration details and paying either via cash or stolen credit card details. They then send out masses of unsolicited SMS'es to victims stating they have won a competition or like event and they have to contact somebody to claim their prize. Typically the details of the party to be contacted will be an equally untraceable email address or a virtual telephone number. These messages may be sent over a weekend when abuse staff at the service providers are not working, enabling the scammer to be able to abuse the services for a whole weekend. Telecommunications relay services Many scams use telephone calls to convince the victim that the person on the other end of the deal is a real, truthful person. The scammer, possibly impersonating a US citizen or other person of a nationality, or gender, other than their own, would arouse suspicion by telephoning the victim. In these cases, scammers use TRS, a US federally-funded relay service where an operator or a text/speech translation program acts as an intermediary between someone using an ordinary telephone and a deaf caller using TDD or other TeleType device. The scammer may claim they are deaf, and that they must use a relay service. The victim, possibly drawn in by sympathy for a disabled caller, might be more susceptible to the fraud. FCC regulations and confidentiality laws require that operators relay calls verbatim, and that they adhere to a strict code of confidentiality and ethics. Thus, no relay operator may judge the legality and/or legitimacy of a relay call, and must relay it without interference. This means the relay operator may not warn victims, even when they suspect the call is a scam. MCI said that about one percent of their IP Relay calls in 2004 were scams.[30] Tracking phone-based relay services is relatively easy, so scammers tend to prefer Internet Protocol-based relay services such as IP Relay. In a common strategy, they bind their overseas IP address to a router or server located on US soil, allowing them to use US-based relay service providers without interference. TRS is sometimes used to relay credit card information to make a fraudulent purchase with a stolen credit card. In many cases however, it is simply a means for the con artist to further lure the victim into the scam.

99

Advance-fee fraud

100

Fake websites
Though 419 scams are often perpetrated by e-mail alone, some scammers enhance believability of their offer by using a sham website. They create these sites to impersonate real commercial sites, such as eBay, PayPal, or a banking site like Bank of America or The Natwest Bank for phishing. Others represent fictional companies or institutions to give the scam credibility. Though phishing is a secondary interest of most scam operations, as the object of the scammer is to deceive the victim into sending the money through legitimate means, the use of websites for advance-fee fraud is common. For instance, a scammer may create a website for a fictional bank, then give the victim details to login to the site, where the victim sees the money the scammer has promised sitting in the account. The victim believes the scammer and sends the requested advance payments. Fake (or hijacked) websites are the centerpiece of false online storefront scams. Another twist on scamming is where links are provided to real news sites covering events the scammer says are relevant to the transaction they propose. For instance, a scammer may use news of the death of a prominent government official as a backstory for a scam involving getting millions of dollars of the slain official's money out of the country. These are real websites covering legitimate news, but the scammer is usually not connected in any way with the events reported, and is simply using the story to gain the victim's sympathy.

Invitation to visit the country
Sometimes, victims are invited to a country to meet real or fake government officials. Some victims who do travel are instead held for ransom. Scammers may tell a victim that he or she does not need to get a visa or that the scammers will provide the visa.[31] If the victim does this, the scammers have the power to extort money from the victim.[32] Sometimes victims are ransomed or, as in the case of the 29 year old Greek George Makronalli who was lured to South Africa, killed.[33] [34]

Followup scamming
Scammers recognise that their victim who has just been scammed is more likely to fall for scamming attempts than a random person. Often after a scam, the victim is contacted again by the scammer, representing himself as a law enforcement officer. The victim is informed that a group of criminals has been arrested and that they have recovered his money. To get the money back, the victim must pay a fee for processing or insurance purposes. Even after the victim has realised that he has been scammed, this follow up scam can be successful as the scammer represents himself as a totally different party yet knows details about the transactions. The realization that he has lost a large sum of money and the chance he might get it back often leads to the victim transferring even more money to the same scammer.

Compensation scamming
The scammer sends a message thanking the victim for helping him start a transaction, and explaining that since they have been able to leave regime-torn Nigeria (with the victim's help), they have been residing and working in the UK and finishing the "transaction" without the victim's help. The scammer informs the victim of their recent inheritance or partnership with a Brazilian businessman, and their desire to compensate them for their "release of some money." In order to claim the money, the victim must contact the scammer's secretary immediately, or else miss out on their share of a multi-million dollar sum.

Advance-fee fraud

101

Variants
There are many variations on the most common stories, and also many variations on the way the scam works. The following are notable deviations from the standard Nigerian Letter scam, but still retain the core elements; the victim is deceived by some disproportionately large gain into sending an advance payment, which once made is irrecoverable.

Purchasing goods and services
A modern activity is advertising automobiles on websites. They list a (non-existent) high value car with a low price as bait to attract buyers eager to buy quickly. The scammer says "I am not in the country, but if you pay me first, a friend will drive the car around to you". The payment required may be the full price, or a deposit, but it would not be an insignificant fee. The victim never sees the car, as it does not exist. The scammers use e-mail only, as they know that the sound of their voice and their attitude will give them away as being high risk. Another scheme involves advertising fake academic conferences and enticing academics to apply to present papers. It is a common practice that the conference subsidizes or pays for the air travel of academics who present papers at the conference, but does not pay for accommodation. One way the scammer baits the hopeful attendee is they offer free air travel to the victim, but only as long as they pre-pay for hotel accommodation. The scammer can give a variety of reasons that the accommodation must be pre-paid — primarily that they don't trust the victim will attend the conference unless he pays upfront. Any goods or services may be used in the scam, but the idea is that the scammer baits the victim with a good deal, but the victim must pay upfront and electronically.

Check cashing
Some schemes are based solely on conning the victim into cashing a counterfeit check. The scammer contacts the victim to interest them in a "work-at-home" opportunity, or asks them to cash a check or money order that for some reason cannot be redeemed locally. A recently-used cover story is that the perpetrator of the scam wishes the victim to work as a "mystery shopper", evaluating the service provided by MoneyGram or Western Union locations within major retailers such as Wal-Mart.[35] The scammer sends the victim a check or money order, the victim cashes it, sends the cash to the scammer via wire transfer, and the scammer disappears. Later the forgery is discovered and the bank transaction is reversed, leaving the victim liable for the balance. Schemes based solely on check cashing usually offer only a small part of the check's total amount, with the assurance that many more checks will follow; if the victim buys in to the scam and cashes all the checks, the scammer can win big in a very short period of time. Other scams such as overpayment usually result in smaller revenues for the scammer, but have a higher success rate as the scammer's request seems more believable. Some check-cashing scammers use multiple victims at multiple stages of the scam. A victim in the US or other "safe" country such as the UK or Canada (often the country in which the cashing victim resides) is sometimes approached with an offer to fill out checks sent to them by the scammer and mail them to other victims who cash the check and wire the money to the scammer. The check mailer is usually promised a cut of the money from the scammer; this usually never occurs, and in fact the check mailer is often conned into paying for the production and shipping costs of the checks. The check information has either been stolen or fictionalized and the checks forged. The victim mailing the check is usually far easier to track (and prosecute) than the scammer, so when the checks turn up as fraudulent, the one mailing them usually ends up not only facing federal bank fraud and conspiracy charges, but liability for the full amount of the fraudulent checks. Because the check mailer is taking the fall, the scammer is even less likely to be caught, which makes it a popular variation of the scam for scammers in nations with tougher anti-fraud laws.

Advance-fee fraud A variation of the check-cashing scheme involves owners of vacation rentals. The scammer expresses interest in renting the unit for a much higher than normal rate, usually for an upcoming honeymoon, business trip, etc. The scammer also offers to pay all fees "up front," as soon as the unsuspecting unit owner agrees to the windfall rental. Eventually a very official looking money order/cashier's check arrives. About this time the scammer requests that a portion of the rental fee be returned for some compelling reason...wedding called off, death in the family, business failure, etc. Due to the supposed crises, it is requested that most of the rental fee be returned via wire transfer. The unit owner is encouraged to retain "a fair amount" to compensate him for his time. The wire transfer is sent, only to find out later that the official looking check was indeed fake and the entire amount is charged back to the unit owner by his bank.

102

Romance angle
A recent variant is the Romance Scam, which is a money-for-romance angle. The con artist approaches the victim on an online dating service, an Instant messenger (like Yahoo IM), or a social networking site. The scammer claims an interest in the victim, and posts pictures posted of an attractive person (not themselves). The scammer uses this communication to gain confidence, then asks for money. The con artist may claim to be interested in meeting the victim, but needs cash to book a plane, hotel room, or other expenses. In other cases, they claim they're trapped in a foreign country and need assistance to return, to escape imprisonment by corrupt local officials, to pay for medical expenses due to an illness contracted abroad, and so on. The scammer may also use the confidence gained by the romance angle to introduce some variant of the original Nigerian Letter scheme, such as saying they need to get money or valuables out of the country and offer to share the wealth, making the request for help in leaving the country even more attractive to the victim. In a newer version of the scam, the con artist claims to have 'information' about the fidelity of a person's significant other, which they will share for a fee. This information is garnered through social networking sites by using search parameters such as 'In a relationship' or 'Married'. Anonymous e-mails are first sent to attempt to verify receipt, then a new web based e-mail account is sent along with directions on how to retrieve the information.

Lottery scam
The lottery scam involves fake notices of lottery wins. The winner is usually asked to send sensitive information to a free e-mail account. The scammer then notifies the victim that releasing the funds requires some small fee (insurance, registration, or shipping). Once the victim sends the fee, the scammer invents another fee. Much like the various forms of overpayment fraud detailed above, a new variant of the lottery scam involves fake or stolen checks being sent to the 'winner' of the lottery (these checks representing a part payment of the winnings). The winner is more likely to assume the win is legitimate, and thus more likely to send the fee (which he does not realize is an advance fee). The check and associated funds are flagged by the bank when the fraud is discovered, and debited from the victim's account. In 2004 a variant of the lottery scam appeared in the United States. Fraud artists using the scheme call victims on telephones; a scammer tells a victim that a government has given them a grant and that they must pay an advance fee, usually around $250, to receive the grant.[36]

Hitman
An e-mail is sent to the victim's inbox, supposedly from a hitman who has been hired by a "close friend" of the recipient to kill him or her but will call off the hit in exchange for a large sum of money. This is usually backed up with a warning not to contact the local police or FBI, or the "hitman" will be forced to go through with the plan.[37] [38] This is less an advance-fee fraud and more outright extortion, but a reward can sometimes be offered in the form of the "hitman" offering to kill the man who ordered the original hit on the victim.

Advance-fee fraud

103

Bomb scams
Related to the hitman scam, the scammer contacts a business, mall, office building, or other commercial location with a bomb threat. The scammer says they will detonate the bomb unless the management of the business does as the scammer tells them. Often, the scammer says they have the store under surveillance; however, analysis of the calls by police have established that the vast majority of threat calls are made from other states or even from outside the country. Some evidence exists that points to the scammers hacking into the store's surveillance network, but this has not been confirmed.[39] The scammer usually demands that the store management or people in the headquarters office of the store (if the store is a chain) send money via wire transfer to the scammer to spare the store and the people in it. Other demands of these scammers have been more personal and humiliating, such as demanding that everyone in the store take off their clothes.[39] Because the underlying threat in the scam is a bomb threat, local law enforcement very quickly responds to the site under threat; however, because the scammer is usually nowhere near this location, the scammer is in little if any danger of being apprehended while the scam is playing out. Law enforcement, in the meantime, cannot assume the threat is anything but genuine, and therefore can do little to intervene without risking the detonation of the bomb. The fact that the threat was in reality a scam has usually not been discovered until long after the situation is over—and the extortionist has collected the money demanded.

Charity scams
The scammer poses as a charitable organization soliciting donations to help the victims of a natural disaster, terrorist attack (such as the Sept. 11 World Trade Center attack), regional conflict, or epidemic. Hurricane Katrina and the 2004 tsunami were popular targets of scammers perpetrating charity scams; other more timeless scam charities purport to be raising money for cancer, AIDS or Ebola virus research, children's orphanages (the scammer pretends to work for the orphanage or a non-profit associated with it), or impersonates charities such as the Red Cross or United Way. The scammer asks for donations, often linking to online news articles to strengthen their story of a funds drive. The scammer's victims are charitable people who believe they are helping a worthy cause and expect nothing in return. Once sent, the money is gone and the scammer often disappears, though many attempt to keep the scam going by asking for a series of payments. The victim may sometimes find themselves in legal trouble after deducting their supposed donations from their income taxes. United States tax law states that charitable donations are only deductible if made to a qualified non-profit organization.[40] The scammer may tell the victim their donation is deductible and provide all necessary proof of donation, but the information provided by the scammer is fictional, and if audited, the victim faces stiff penalties as a result of the fraud. Though these scams have some of the highest success rates especially following a major disaster, and are employed by scammers all over the world, the average loss per victim is less than other fraud schemes. This is because, unlike scams involving a large expected payoff, the victim is far less likely to borrow money to donate or donate more than they can spare. In a related variant, the scammer poses as a terminally ill mother, poor university student, or other down-on-their-luck person and simply begs the victim for money for college tuition, to sponsor their children, or a similar ruse. The money, they say, will be repaid plus interest by some third party at a later date (often these third parties are some fictitious agency of the Nigerian government, or the scammer themselves once a payment from someone else is made available to them). Once the victim starts paying money to the scammer, the scammer tells the victim that additional money is needed for unforeseen expenses, similar to most other variants; in the case of the ill mother, the children will fall ill as well and require money for a doctor's care and medicine (many scammers go as far as to say that as the sponsor of the children, the victim is legally liable for such costs), where the student might claim that a dormitory fire destroyed everything they own.

Advance-fee fraud

104

Fraud recovery scams
This variant targets former victims of scams. The scammer contacts the victim saying that their organization can track and apprehend the scammer and recover the money lost by the victim, for a price. Alternatively, the scammer may say that a fund has been set up by the Nigerian government to compensate victims of 419 fraud, and all that is required is proof of loss (which usually includes personal information) and a processing and handling fee to release the amount of the claim. The scammer is counting on the victim's dire need to recover their lost money, as well as the fact that they have fallen victim before and are therefore susceptible to such scams. Often, these scams are perpetrated by the same scammer who conned the victim in the first place, as an attempt to ensure the scammer gets every penny possible from the victim. Alternately, the original scammer "sells" a list of the people he has scammed but who have ceased contact to another scammer who runs the recovery scam. Sometimes the scammer impersonates the foremost "fraud related crime-fighters" in Nigeria, the EFCC (Economic and Financial Crimes Commission), which not only adds credibility to the scam, but tarnishes the reputation of the EFCC once this second scam is discovered.[14] [41]

Babysitting and Au-Pair scams
Another variation of the advance payment type of scam involves recruiting unsuspecting individuals for non-existent babysitting, nanny, or au-pair employment. In one variation a prospective employee may be given an "advance" on wages; in another the victim may be asked to verify pricing and ultimately purchase items for the scammer's non-existent child. Victims are often asked to submit résumés and references and jump through other hoops, cementing in the victim's mind that the employer must be legitimate and the high wages offered are real. Focusing the victim's thinking on proving their worthiness for employment consideration serves to distract the victim from considering whether the offer itself is worthy of replying to.

Pet scams
Another such scam is based on the adoption of a puppy or an exotic pet such as parrots or reptiles. A scammer first posts an advertisement or sets up a web page offering puppies for adoption or for sale at a ridiculously low price, most often using stolen pictures from other websites and respectable breeders. When a victim responds to the ad and questions the lowered price or the reason for giving up such an expensive pet, the scammer first explains that they have recently moved to Nigeria or Cameroon from the US for work (usually volunteer work as missionaries or a UN transfer) or for studies, and claims either to have no time to properly care for the pet, that the weather has had such a terrible toll on the pet, or that they have too many pets to care for- often asking for follow-up holiday photos of the pet and a continued line of communication so that the victim does not suspect a scam. The scammer and victim exchange a few e-mails to build trust. They may even send (fake or stolen) photo IDs to further prove their credibility. Once it is established that the victim offers the right home for the pet, the scammer offers to ship the pet, and requests the victim only pay for shipping, or comes off the original price substantially to seem legitimate. The victim, who now has an emotional attachment to the pet, feels obligated and even happy to do so, as shipping is a small price to pay compared to the pet's full price at a shop or breeder. The scammer requests Western Union or MoneyGram (untraceable and irreversible) to keep the deal going in a timely fashion as the pet is ready to go to a new home and the victim is now excited. However, after wiring money, the victim does not receive the pet (as it does not exist), and if the victim does hear from the scammer again it is only for more money (to get animal out of airport holding/quarantine, "refundable" life-insurance fees or to pay unexpected vet bills that have come up) until the victim stops responding. This is extremely common currently in Nigeria and Cameroon.[42] Another type of scam that is beginning to appear is the selling of a pet by the victim. The scammer typically contacts the victim by a newspaper ad or through an online service with the aid of a call-relay service. After this call has been made, communication is done through email. As mentioned above, trust is built between the scammer and the victim by emails. The structure of the scam is that the seller of the animal (victim) will have the asking price of the animal

Advance-fee fraud plus the shipping price sent to him/her through a fake check. The victim will then deposit the check then wire the funds to the scammer through a Western Credit Union location. The "shipper" is often non-existent and described as being "private". Once the money has been wired, the scammer wins.

105

Craigslist
The popular online classifieds website, Craigslist, has been plagued with scammers using advance-fee fraud and similar techniques, usually involving fake checks, to con people out of their money. Sometimes many scammers contact a person who is either attempting to buy or sell items on Craigslist, and attempt to perpetrate exactly the same scam. Many of the same elements as the Nigerian 419 scams are used often on Craigslist, including persons conducting transactions from outside the country, sending realistic looking bank checks, sending more money than is owed, and requesting that money be wired back to the scammer.[43] [44] Another advance-fee method that has been used recently on Craigslist is where the scammer will contact someone selling an item and ask them to ship the item to a location outside the US, then provide the tracking number for the shipped item in exchange for payment. The seller then sends the item and provides the tracking number, after which the scammer never provides payment. Sometimes the scammer will approach someone offering a room or apartment for rent and pose as someone moving in to their area from overseas. They will create a scenario in which they are pressured to secure the room in advance, and ask if they can secure their occupancy with a deposit. The deposit check that they send will be a fake check for far more than the amount requested for a deposit. When the check arrives, the scammer will ask for a refund of the difference between the check they sent and the agreed upon amount. The fake check will bounce and the victim has lost whatever money they "refunded" to the scammer. A similar scam exists on the rental model, particularly in the United Kingdom - the scammer posts an ad on a classifieds site such as Craigslist or Gumtree (also known as "Scamtree") for an apartment or house for rent (and the rent is far below the normal market rate) with a fantastic description and pictures taken from other adverts or other websites. The victim contacts the scammer in order to secure a viewing, but is told that in order to do so they must go to a Western Union outlet, do a money transfer to a relative for the amount of the deposit and then provide a scanned receipt. Ostensibly this is to prove that the victim can afford the deposit before they view the apartment, and they'll get the money back after the viewing. But in actuality the property may or may not actually exist, and the receipt allows the scammer to collect the funds without any viewing ever taking place. Alternatively, the scammer forwards a rental application, or asks for information typically given on a rental application, such as driver's license number, bank account information, Social Security Number, etc.

Bona vacantia
In the United Kingdom, bona vacantia is ownerless property which has passed to the Crown. This property is administered by the Bona Vacantia Division of the Treasury Solicitor's Department. Fraudulent emails and letters, claiming to be from this department, have been reported which inform the recipient that they are the beneficiary of a legacy but requiring payment of a fee before sending more information or releasing the money.[45]

Fake job offer
A new scam targets people who have posted their resumes on job sites. The scammer sends a letter with a falsified company logo. The job offer usually indicates exceptional salary and benefits and requests that the victim needs a "work permit" for working in the country and includes the address of a (fake) "government official" to contact. The fake "government official" then proceeds to fleece the victim by extracting fees from the unsuspecting user for the work permit and other fees. A variant of the job scam recruits freelancers seeking legitimate gigs (such as in editing or translation), then offers "pre-payment" for their work. Many legitimate (or at least fully registered) companies work on a similar basis, using this method as their primary source of earnings. Some modelling and escort agencies will tell applicants that they have a number of clients lined

Advance-fee fraud up, but that they require a "registration fee" of sorts to account for processing and marketing expenses, or so it is claimed, which is paid in a number of untraceable methods, most often by cash; once the fee is paid, the applicant is informed that the client has cancelled, and thereafter they never contact the applicant again.

106

Rental scams
A foreign student, doctor, etc. contacts a landlord seeking accommodation. Once the terms are negotiated, a forged check is forwarded for a greater amount than negotiated. Then some emergency comes up where some part of the amount is requested to be urgently wired back. The reverse may also happen, where a scammer posts an accommodation, and requests monies be wired as deposit. The victim arrives to discover they have no accommodation.

Attorney Collection Scams
Attorneys that do collections often practice based on contingency. The attorney is contacted by a scammer posing as a representative of a large international firm headquartered in another country. The scammer states that the company has no legal representation in the attorney's state, and needs to collect a debt from a company in that state. Scammer requests attorney email standard retainer agreement. This is commonly done, so attorney emails agreement, scammer signs and returns, and informs attorney that because legal representation has been obtained, the debtor has agreed to pay the debt by the end of the month. Red flag #1 is when the scammer requests attorney not contact the debtor company because the client wishes to maintain a working relationship with the debtor, saving litigation as a last resort. The attorney is instructed to contact the debtor only if the promised payment isn't made on the promised date. On the promised date, the huge check is delivered to the attorney, who deposits in the law firm trust account, keeps the attorney's contingency fee, and sends the rest to the scammer. Red flag #2 is that the scammer will request the money be wired to a foreign country, or insists on quick remittance. Sophisticated scammers will file articles of organization with both states, build web sites, and purchase prepaid cell phones with local phone numbers with scammers posing as both client and debtor. All of that can be done cheaply and easily on the internet.

Consequences
Monetary loss estimates
Estimates of the total losses due to the scam vary widely. Although the "success rate" of the scam is hard to gauge, some experienced 419 scammers get one or two interested replies for every thousand messages. Stephanie Nolen of The Globe and Mail said that an experienced scammer can expect to make at least several thousand dollars per successful scam letter.[46] Since 1995, the United States Secret Service has been involved in combating these schemes. The organization doesn't investigate unless the monetary loss is in excess of 50,000 US Dollars. However, very few arrests and prosecutions have been made due to the international aspect of this crime. In 2006, a report by a research group concluded that Internet scams in which criminals use information they trick from gullible victims and commonly strip their bank accounts cost the United Kingdom economy £150 million per year, with the average victim losing £31,000.[47] Between May 1992 and July 1994, a San Diego-based businessman, James Adler, was swindled out of $5.2 million by a Nigeria-based advance fee scam. In 2000, the U.S. Court of Appeals for the Ninth Circuit affirmed the trial court's findings that (1) various Nigerian government officials (including a governor of the Central Bank of Nigeria) had been directly or indirectly involved; (2) the Nigerian government officials could be sued in U.S. courts under the "commercial activity" exception to the Foreign Sovereign Immunities Act; and (3) Adler's case was completely barred by the doctrine of unclean hands because he had knowingly entered into a contract with the criminal purpose of helping Nigerian officials embezzle funds from their own government.[48]

Advance-fee fraud Nelson Sakaguchi, a director at the Brazilian bank Banco Noroeste, transferred hundreds of millions of U.S. dollars to Chief Emmanuel Nwude, Nigeria's most accomplished scammer.[49] The scam led to at least two murders, including that of one of the scammers, Mr. Bless Okereke. The scam was the third biggest in banking history, after Nick Leeson's activities at Barings Bank, and the looting of the Iraqi Central Bank during the buildup to the U.S.-led invasion of Iraq.[49] In 2008, an Oregon woman, Janella Spears, lost $400,000 to a Nigerian advance-fee fraud scam, after an e-mail told her she had inherited money from her long-lost grandfather. Her curiosity was piqued because she actually had a grandfather whom her family had lost touch with, and whose initials matched those given in the e-mail. Spears sent hundreds of thousands of dollars over a period of more than two years, despite her family, bank staff and law enforcement officials all urging her to stop.[50] [51]

107

Physical harm or death
• Some victims have hired private investigators in Nigeria or have personally travelled to Nigeria, without ever retrieving their money. There are cases of victims being unable to cope with the losses and committing suicide.[52] In November 2003, Leslie Fountain, a senior technician at Anglia Polytechnic University in England, set himself on fire after falling victim to a scam; Mr. Fountain died of his injuries.[53] In 2006 an American living in South Africa hanged himself in Togo after being defrauded by a Ghanaian 419 con man.[54] In 2007, a Chinese student at the University of Nottingham killed herself after she discovered that she fell for a lottery scam.[55] • In February 2003, Jiří Pasovský, a 72 year-old scam victim from the Czech Republic, shot and killed 50-year old Michael Lekara Wayid, an official at the Nigerian embassy in Prague, and injured another person, after the Nigerian Consul General explained he could not return $600,000 that Pasovský had lost to a Nigerian scammer.[49] [56] [57] [58] [59] Kidnapping • Osamai Hitomi, a Japanese businessman was lured to Johannesburg, South Africa in a 419 scam and kidnapped on 26 September 2008. The kidnappers took him to Alberton, south of Johannesburg and demanded a $5 million ransom from his family. Seven people were arrested.[60] • On 23 September 2008, a Kenth Sadaaki Suzuki, a Swedish businessman, was lured to South Africa and kidnapped. He was taken to a house in Rosettenville in Johannesburg and robbed of all his belongings. Thereafter a ransom of €20,000 was demanded from his family. Two people were arrested. They are also linked to the kidnappings of three American citizens and possibly other similar cases.[61] • On 2 June 1996 in Lomé, Togo, 419ing kidnappers held a Swedish businessman for $500,000. Swedish police and the kidnappers negotiated before the kidnappers released the man on 12 June 1996.[37] • From September 1995 to April 1997, conmen in Nigeria held at least eight Americans against their will. In 1996 the U.S. embassy helped repatriate ten Americans who fell victim to 419 schemes.[37] • Joseph Raca, a former mayor of Northampton, England, was kidnapped by scammers in Johannesburg, South Africa in July 2001. The captors released Raca after they became nervous.[62] • Dănuţ Tetrescu, a Romanian who flew from Bucharest to Johannesburg to meet with con men in the Soweto area of Johannesburg, was kidnapped in 1999 and held for $500,000.[63]

Advance-fee fraud Murder • 29-year old George Makronalli, a Greek man, was murdered in South Africa in December 2004 after his family refused to pay a ransom.[33] • Kjetil Moe, a Norwegian businessman, was reported missing and ultimately killed after a trade with Nigerian scammers in Johannesburg, South Africa (September 1999).[64] • One American was murdered in Nigeria in June 1995 after being lured by a 419 scam.[65] • From 1994 to April 1997, 419 scammers murdered 15 people in total.[37]

108

Emotional harm
Victims, in addition to having lost large sums of money, often also lose their ability to trust. The 419 Eater website says, "Although there is no serious physical injury, many victims of con-men speak of the betrayal as the psychological equivalent of rape". Victims may blame themselves for what has happened, resulting in overwhelming guilt and shame. If the victim has borrowed money from others to pay the scammer, these feelings are magnified. Further compounding the problem is the public opinion of scam letters and scam victims. Scam letters are often viewed as humorously moronic, and the people who fall for them equally so. The victim, having lost money through the scammer's manipulation of payment methods such as money orders or checks, may become distrustful of the financial system. Scam victims may stop trusting and giving money to churches, legitimate charities and, in the extreme, even service providers such as their electric company because of their requests for money. Some victims commit suicide.[52] [53] In other cases, the victim continues to contact the scammer after being shown proof that they are being scammed or even being convicted of crimes relating to the scam, having been drawn so deeply into the web of deception that their trust in what the scammer tells them overrides everything else in their life.[66] Such victims are easy prey for future scams, digging themselves even deeper into financial and legal trouble.

Arrests
In 2004, fifty-two suspects were arrested in Amsterdam after an extensive raid.[67] An Internet service provider noticed the increased e-mail traffic. None were jailed or fined, due to lack of evidence. They were released in the week of 12 July 2004. On 8 November 2004, Nick Marinellis of Sydney, Australia, was sentenced to 4 1⁄3 to 5 1⁄4 years for sending Nigerian 419 e-mails.[68] In October 2006 the Amsterdam police launched Operation Apollo to fight Internet fraud scams operated by West Africans and notably Nigerians. Following this investigation police have arrested eighty suspects, most of them from Nigeria, and seized from their homes lists of e-mail addresses, as well as fake documents. On 16 June 2007, 111 people were arrested for being in the Netherlands illegally and suspicion of fraud, although their implication with the e-mail scams is yet unknown.[69] Authorities in Nigeria have been slow to take action and for many years nothing was done. Nigeria has a reputation for criminals being able to avoid convictions through bribery and rumours abounded of official connivance in the scams.[70] In 2003 however the Economic and Financial Crimes Commission (EFCC) was charged with tackling the problem.[71] A couple of success stories including convictions in a large 419 case were reported in 2005.[72] Edna Fiedler, 44, of Olympia, Washington, on 25 June 2008, pleaded guilty in a Tacoma court and was sentenced to 2 years imprisonment and 5 years of supervised release or probation in an Internet $1 million "Nigerian check scam." She conspired to commit bank, wire and mail fraud, against US citizens, specifically using the Internet, and by having an accomplice ship her counterfeit checks and money orders from Lagos, Nigeria, last November. Fiedler shipped out $ 609,000 fake check and money orders when arrested and prepared to send additional $1.1 million counterfeit materials. The US Postal Service recently intercepted counterfeit checks, lottery tickets and eBay overpayment schemes with a face value of $2.1 billion.[73] [74]

Advance-fee fraud In March 2009, agents from Spain's technological investigation squad, UDEF Central, arrested 23 people who were accused of defrauding 150 people in both the United States and Europe. According to the police, the suspects sent out 20,000 scam e-mails per day[75] and had a list of the e-mail addresses of 55,000 potential victims in their possession.[76] In October 2009, the Nigerian government announced that they are launching "Operation Eagle Claw", a joint effort with Microsoft to apprehend Nigerian 419 scammers.[75]

109

Victim becoming a criminal
Victims of the fraud sometimes fall directly into crime by borrowing or stealing money to pay the advanced fees, believing an early payday is imminent. Credit-card fraud, check kiting, and embezzlement are among the crimes committed to pay the advances, with an expectation of having the money to repay the unauthorized loans. • Former Alcona County (Michigan) Treasurer Thomas A. Katona was sentenced to 9–14 years for his embezzlement of more than US$1.2 million in county funds in a Nigerian fraud scheme, which represented 25% of the county's budget for 2006.[77] • Robert Andrew Street,[78] a Melbourne-based financial adviser, who fleeced his clients for over AU$1 million which he sent to the scammers in the hope of receiving US$65 million in return. Eventually the Australian Securities and Investments Commission (ASIC) investigated the victim, who had now become a con man himself. • A bookkeeper for the Michigan law firm[79] Olsman Mueller & James who in 2002 emptied the company bank account of US$2.1 million in expectation of a US$4.5 million payout. • John W. Worley, a Massachusetts psychotherapist, fell for a Nigerian scam and was convicted of taking money under false pretenses, his case being such that The New Yorker dubbed him The Perfect Mark in a headline.[80] • According to Kurt Eichenwald, author of The Informant, Mark Whitacre defrauded Archer Daniels Midland, a food products manufacturer for which he was a division president, embezzling US$9 million during the same period of time that he was acting as an informant for the FBI in a price fixing scheme that ADM was involved in. His illegal activities in trying to procure funds for payment of his supposed Nigerian benefactors cost him his immunity in the price-fixing scandal, according to Eichenwald. James Lieber, author of Rats in the Grain and an attorney, also wrote a book about Whitacre in which he disagreed with Eichenwald's conclusions about Whitacre and the Nigerian scam.[81] [82] [83] • In 2008, Georg Weiner, a German businessman was sentenced to 4 years in jail for fraud. He promised to save the professional team handball club TUSEM Essen from financial difficulties with the fictional money that turned out to be part of several advance fee fraud schemes. Besides the money that he himself may have lost, Weiner also made the then club manager pay $31000 to the scammers. When the money did not materialize, the club lost its licence and was forcibly relegated to the third division.[84] [85] [86]

Scam baiting
Various groups and individuals have engaged against "419" frauds by making scammers lose their time or some amount of money.[87] One widely propagated report of such a scam baiting involved an American who identified himself as "James T Kirk" to a Nigerian completely unaware of the Star Trek television series.[88]

Terms used by 419-scammers
These terms are common words in the Nigerian pidgin English. Fall mugu (to) To be fooled, to become victim of advance-fee fraud Flash of account

Advance-fee fraud Cause a victim's bank account to temporarily show a large credit (which the bank reverses when they discover its false origins) to convince the victim the deal is legitimate. Format Scheme or script of an advance-fee fraud, e.g., the late dictator format, the next of kin format, the lottery format... Guyman, guy Con artist engaged in advance-fee fraud Jokeman, Joker A scam-baiter Luxcini An investment scam involving a line of men's luxury clothing based in Beverly Hills, California Maga, mugu, mugun, mahi, magha,[23] mahee, mayi, mayee, mgbada Victim of advance-fee fraud ("Mugu" means "fool"—often used as an insult by scam-baiters) Modality Method of funds transfer;[89] Oga or Chairman Boss Owner of the job, Catcher Con artist who makes first contact with the victim, then passes him to another scammer to finish Run An illegal activity Yahoo millionaire,[90] yahoo boy
[91]

110

Scammers

Yahoo Yahoo Someone who cons through e-mail, particularly through a Yahoo! address

Popular culture references
• In the 2007 Futurama movie, Bender's Big Score, Professor Farnsworth falls for a Lottery scam after he thought he'd won the lottery by giving away his personal details on the Internet. • In the BBC program The Real Hustle broadcast in the United Kingdom, the hustlers demonstrated the 419 Scam to the hidden cameras in the 'High Stakes' series of the show. The hustle involved claims of moving vast sums of money to the victims bank account from Sierra Leone but the victim needed to pay £5,000 for the paperwork in exchange for a bogus-bouncing check with the promise that he can keep 30% of the funds, which never materialized. • Nerdcore rapper MC Frontalot has written a song (Message No. 419) about the 419 scam on his debut album Nerdcore Rising. • In the HBO comedy series, Flight of The Conchords episode The New Cup, the band's manager, Murray, uses the band's emergency funds for an investment with a Nigerian, Mr. Nigel Soladu, who promises to offer "1000% profit." However, it turns out that Nigel Soladu is a real person and the investment offer is legitimate. The band receives a 1000% profit, which they use to get bailed out of jail. • In an episode of NBC series The Office in which Michael Scott tries to sell his subordinates on what he does not realize to be a pyramid scheme, Toby Flenderson asks, "Didn't you lose a lot of money on that other investment?

Advance-fee fraud The email?", to which Michael replies, "You know what Toby, when the son of the deposed king of Nigeria emails you directly, asking for help, you help! His father ran the freaking country! Okay?" In The Sun Cow episode of the Nickelodeon TV series, Back at the Barnyard, Otis, Pig and Abby received an e-mail from a Nigerian prince requesting for help, to which Abby replies with the farmer's credit card number and stating that the Internet does not lie. In a 2009 episode of A&E documentary Intervention, a man habitually gives his family's money away to 419 scammers. Two songs promoting advance fee fraud are popular in Nigeria: "I Go Chop Your Dollar - 419 Song" by Osuofia with the chorus "419 is just a game, you are the loser, I am the winner",[92] and "Maga Don Pay" (The victims pay) by Kelly Hansome, with the chorus Maga don pay, shout hallelujah. In response to this song, 9 R&B and rap artists (Banky W, Bez, Cobhams, MI, Modele, Omawumi, Rooftop MCs, The Wordsmith) released the song "Maga No Need Pay". The lyrics and the chorus Maga no need pay for me to buy correct motor, for me to take make my dough explain to the youngsters that they can make a good living and that they will help their country by staying away from advance fee fraud. Fela! The Musical makes several references to code 419. One of the series featured in webcomic Irregular Webcomic! stars the Nigerian Finance Minister.[93]

111

• •

• •

• In the television series Sit Down, Shut Up, the teacher Stuart Proszakian sends money to a Nigerian Scam despite the other teachers' warnings. But at the end it turns out there really was a Nigerian Prince, and thanks Stuart for the donation.

References
[1] " How to identify and avoid hoax or fraudulent e-mail scams (http:/ / www. microsoft. com/ protect/ yourself/ phishing/ hoaxes. mspx)," Microsoft [2] " Nigerian Money Offer Scams (http:/ / www. aarp. org/ money/ wise_consumer/ scams/ a2002-10-02-FraudsNigerianMoneyOffer. html)," AARP [3] " 'Nigerian Scam' Lures Companies (http:/ / query. nytimes. com/ gst/ fullpage. html?res=9E0CE5DC1638F932A15756C0A964958260)," The New York Times [4] " International Financial Scams – Internet Dating, Inheritance, Work Permits, Overpayment, and Money-Laundering (http:/ / travel. state. gov/ pdf/ international_financial_scams_brochure. pdf)," United States Department of State [5] "Nigerian Criminal Code" (http:/ / www. nigeria-law. org/ Criminal Code Act-Part VI to the end. htm). . Retrieved 2007-03-24. [6] "ADS-L, 9 February 2005" (http:/ / listserv. linguistlist. org/ cgi-bin/ wa?A2=ind0502B& L=ADS-L& P=R2863& I=-3). . Retrieved 2006-03-24. [7] "Nigerian Scam" (http:/ / www. snopes. com/ crime/ fraud/ nigeria. asp). Snopes. 2003-09-06. . Retrieved 2006-07-09. [8] Eugène François Vidocq (1834). Memoirs of Vidocq, Principal agent to the French police until 1827 (http:/ / books. google. com/ books?id=uGQoAAAAYAAJ& pg=PA58& dq=vidocq+ jerusalem+ letter). Google Books. p. 58. . Retrieved 14 September 2010. [9] " Baiters Teach Scammers a Lesson (http:/ / www. wired. com/ techbiz/ it/ news/ 2006/ 08/ 71387)," Wired [10] " Travel Warning Nigeria (http:/ / travel. state. gov/ travel/ cis_pa_tw/ tw/ tw_928. html)," Bureau of Consular Affairs United States Department of State [11] " "419 SCAM" (http:/ / accra. usembassy. gov/ wwwhscam419. html)," US Diplomatic Mission to Ghana [12] " Scam Alert ! (http:/ / www. intercontinentalbankgh. com/ web/ scamalert/ index. php)," Intercontinental Bank Ghana [13] " Benin: 2005 Country Commercial Guide (http:/ / benin. usembassy. gov/ benin_ccguide2005_. html)," Embassy of the United States Cotonou, Benin [14] "West African Advance Fee Scams" (http:/ / abidjan. usembassy. gov/ art_of_scam. html). Regional Security. United States Embassy in Abidjan, Côte d'Ivoire. . [15] " Togo (http:/ / travel. state. gov/ travel/ cis_pa_tw/ cis/ cis_1041. html#crime)," United States Department of State [16] " Advance Fee Fraud (http:/ / www. hampshire. police. uk/ Internet/ advice/ advice/ advancefeefraud. htm)," Hampshire Constabulary [17] " American Victims of Crimes in Senegal (http:/ / dakar. usembassy. gov/ service/ emergency-services/ victims-of-crime-in-senegal. html)," Embassy of the United States Dakar, Senegal [18] " Burkina Faso Consular Information Sheet 05 October 2005 (http:/ / statelists. state. gov/ scripts/ wa. exe?A3=ind0510a& L=DOSTRAVEL& E=0& P=84754& B=------_=_NextPart_001_01C5C9DF. 70CD9B60& T=text/ plain; charset=iso-8859-1)," United States Department of State [19] " Advance Fee Fraud (http:/ / www. bba. org. uk/ customer/ article/ advance-fee-fraud/ fraud/ )," British Bankers' Association

Advance-fee fraud
[20] " Fraud Scheme Information (http:/ / amsterdam. usconsulate. gov/ advance_fee_fraude. html)," United States Consulate General of Amsterdam [21] " Latest e-mail uses Alaska Airlines crash victims to scam (http:/ / blog. seattlepi. nwsource. com/ consumersmarts/ archives/ 125509. asp)," Seattle Post-Intelligencer [22] " Zimbabwe appeal (http:/ / www. docep. wa. gov. au/ ConsumerProtection/ scamnet/ Scams/ Zimbabwe_Appeal. html)," WA ScamNet of West Australia [23] 'I Will Eat Your Dollars' (http:/ / web. archive. org/ web/ 20051029165224/ http:/ / news. yahoo. com/ s/ latimests/ 20051020/ ts_latimes/ iwilleatyourdollars) By Robyn Dixon Times Staff Writer Thu Oct 20, 7:55 AM ET [24] "Nigerian Cyber Scammers" (http:/ / www. latimes. com/ technology/ la-fg-scammers20oct20,0,301315. story?page=2& collection=la-yahoostorylinks). Los Angeles Times. . [25] "Nigerian Cyber Scammers" (http:/ / www. latimes. com/ technology/ la-fg-scammers20oct20,0,301315. story?page=3& collection=la-yahoostorylinks). Los Angeles Times. . Retrieved 14 September 2010. Angeles [26] Stevenson, Joseph A. (2010-08-11). "Bogus Cheques Writing Jobs" (http:/ / careerfield. org/ blog/ 2010/ 08/ 04/ real-job-or-scam/ ). Careerfield. . Retrieved 2010-08-11. [27] Mayer, Caroline E. (2006-06-01). "Banks Honor Bogus Cheques and Scam Victims Pay" (http:/ / www. washingtonpost. com/ wp-dyn/ content/ article/ 2006/ 05/ 31/ AR2006053102004. html). Washington Post. p. A01. . Retrieved 2006-07-09. [28] "Firefox Release Notes" (http:/ / www. mozilla. com/ en-US/ firefox/ 2. 0. 0. 1/ releasenotes/ ). Mozilla. . Retrieved 14 September 2010. [29] " E-Mail Scammers Ask Your Friends for Money (http:/ / bits. blogs. nytimes. com/ 2007/ 11/ 09/ e-mail-scammers-ask-your-friends-for-money/ index. html?ex=1352264400& en=597277d1a0cbde58& ei=5088& partner=rssnyt& emc=rss)," The New York Times [30] Con artists target phone system for the deaf (http:/ / msnbc. msn. com/ ID/ 4781806), MSNBC [31] " Nigerian Advance Fee Fraud (http:/ / www. state. gov/ www/ regions/ africa/ naffpub. pdf)." United States Department of State Bureau of International Narcotics and Law Enforcement Affairs. 6. Retrieved on December 1, 2010. [32] " Nigerian Advance Fee Fraud (http:/ / www. state. gov/ www/ regions/ africa/ naffpub. pdf)." United States Department of State Bureau of International Narcotics and Law Enforcement Affairs. 11-12. Retrieved on December 1, 2010. [33] Philip de Braun (2004-12-31). "SA cops, Interpol probe murder" (http:/ / www. news24. com/ SouthAfrica/ News/ SA-cops-Interpol-probe-murder-20041231). News24. . Retrieved 2010-11-27. [34] " Scam Bait - the Nigerian Scam (http:/ / freebies. about. com/ library/ weekly/ aa110302a. htm)," About.com [35] "Denton Woman Says Mystery Shopper Job Was Scam — NBC5i.com, Dallas" (http:/ / www. nbc5i. com/ newsbycounty/ 14519865/ detail. html). Nbc5i.com. . Retrieved 2009-06-10. [36] " Grant's Boon (http:/ / www. snopes. com/ crime/ fraud/ govgrant. asp)." Snopes. [37] " Nigerian Advance Fee Fraud (http:/ / www. state. gov/ www/ regions/ africa/ naffpub. pdf)." United States Department of State Bureau of International Narcotics and Law Enforcement Affairs [38] " Hitman Bribe Scam (http:/ / www. snopes. com/ crime/ fraud/ hitman. asp)", Snopes [39] " FBI looks overseas in ongoing bomb scam (http:/ / www. msnbc. msn. com/ id/ 20532032/ )," MSNBC [40] " Charitable Contributions (http:/ / www. irs. gov/ pub/ irs-pdf/ p526. pdf)," Internal Revenue Service [41] " Scam Me Twice, Shame on Me... (http:/ / www. snopes. com/ info/ notes/ nigeria01. asp)," Snopes [42] Rolfe, John (2009-02-11). "Puppy love the latest tactic of Nigerian web scammers" (http:/ / www. news. com. au/ dailytelegraph/ story/ 0,22049,25036245-5001021,00. html). News.com.au. . Retrieved 2009-06-10. [43] "about > scams" (http:/ / www. craigslist. org/ about/ scams). craigslist. . Retrieved 2009-06-10. [44] "A Craigslist Scam You Might Fall For at" (http:/ / www. smartmoney. com/ spending/ rip-offs/ a-craigslist-scam-you-might-fall-for-0/ ). Smartmoney.com. . Retrieved 2009-06-10. [45] BonaVacantia.gov.uk (http:/ / www. bonavacantia. gov. uk/ default. asp?pageid=1415): Scam email [46] " Nigerian e-mail scammers feeding on greed, gullibility (http:/ / www. theglobeandmail. com/ servlet/ Page/ document/ v5/ content/ subscribe?user_URL=http:/ / www. theglobeandmail. com/ servlet/ story/ RTGAM. 20051205. gtemail05/ BNStory/ Technology/ )," The Globe and Mail [47] "Nigeria scams 'cost UK billions'" (http:/ / news. bbc. co. uk/ 1/ hi/ business/ 6163700. stm). BBC News. 2006-11-20. . Retrieved 2006-11-20. [48] Adler v. Republic of Nigeria, 219 F.3d 869 (9th Cir. 2000). [49] Misha Glenny. McMafia. Vintage Books. pp. 138–141. ISBN 9780099481256. [50] "Woman out $400K to 'Nigerian scam' con artists | KATU.com — Portland, Oregon | News" (http:/ / www. katu. com/ news/ 34292654. html). KATU.com. 2008-11-21. . Retrieved 2009-06-10. [51] "Woman Loses 400000 to Nigerian Scam" (http:/ / www. youtube. com/ watch?v=j1vW9cIlnVI). YouTube. 2009-04-19. . Retrieved 2009-06-10. [52] "Fraud Alert - 419 Fraud" (http:/ / www. met. police. uk/ fraudalert/ 419. htm). London Metropolitan Police. . Retrieved 2006-07-09. [53] "Suicide of Internet Scam Victim" (http:/ / news. bbc. co. uk/ 1/ hi/ england/ cambridgeshire/ 3444307. stm). British Broadcasting Corporation. 2004-01-30. . Retrieved 2006-09-26. [54] " Surge in global Internet scams prompts new US warning to Internet users (http:/ / www. iht. com/ articles/ ap/ 2007/ 03/ 02/ america/ NA-GEN-US-Internet-Scams. php)," International Herald Tribune

112

Advance-fee fraud
[55] " Web scam drove student to suicide (http:/ / news. bbc. co. uk/ 2/ hi/ uk_news/ england/ nottinghamshire/ 7380093. stm)," BBC News [56] "Nigerian scam continues to thrive" (http:/ / www. msnbc. msn. com/ id/ 3078489/ ), MSNBC [57] "Internet technology fueling Nigerian scam" (http:/ / www. avma. org/ onlnews/ javma/ apr03/ 030401d. asp). Journal of the American Veterinary Medical Association. 2003-04-01. . Retrieved 2006-07-09. [58] "Czech pensioner charged with murdering Nigerian consul" (http:/ / www. radio. cz/ en/ news/ 37806). Radio Prague. 2003-02-20. . Retrieved 2006-07-09. [59] " Nigerian Slain Over E-Mail Scam (http:/ / www. wired. com/ culture/ lifestyle/ news/ 2003/ 02/ 57760)," Wired [60] "Seven in court for 419 kidnap" (http:/ / www. news24. com/ Africa/ News/ Seven-in-court-for-419-kidnap-20080930). . [61] "?" (http:/ / www. news24. com/ News24/ South_Africa/ News/ 0,,2-7-1442_2399032,00. html). . Retrieved 14 September 2010. "R100m in fraud crackdown" (http:/ / www. news24. com). . Retrieved 14 September 2010. [62] " Kidnapped Briton tells of terror (http:/ / news. bbc. co. uk/ 1/ hi/ uk/ 1438872. stm)," BBC [63] " "I Brought You A Good News," An Analysis of Nigerian 419 Letters (http:/ / www. businesscommunication. org/ conventions/ Proceedings/ 2005/ PDFs/ 07ABC05. pdf)," Oregon Institute of Technology [64] " Moe funnet død (http:/ / www. dagbladet. no/ nyheter/ 2000/ 05/ 26/ 205694. html)," Dagbladet [65] " Woman falls for Nigerian scam (http:/ / www. njherald. com/ 326099832547533. php)," New Jersey Herald [66] " Nigerian scam victims maintain the faith (http:/ / www. smh. com. au/ news/ business/ nigerian-scam-victims-maintain-the-faith/ 2007/ 05/ 14/ 1178995057764. html)," The Sydney Morning Herald [67] Dutch 419 inside job (http:/ / www. theregister. co. uk/ 2004/ 07/ 05/ dutch_419_inside_job/ ), The Register. Retrieved 31 December 2006. [68] Haines, Lester (2004-11-08). "Nigerian 419 Scam Spammer Sentenced to Five Years in Prison" (http:/ / www. theregister. co. uk/ 2004/ 11/ 08/ aussie_419er_jailed/ ). Theregister.co.uk. . Retrieved 2009-06-10. [69] Dutch act on 'Nigerian scams' (http:/ / australianit. news. com. au/ story/ 0,24897,21923565-15306,00. html), The Australian. Retrieved 18 June 2007. [70] "Skeptics Journal 1998" (http:/ / www. skeptics. com. au/ journal/ 1998/ 1. pdf) (PDF). . Retrieved 2009-07-03. [71] "About the Economic and Financial Crimes Commission". (http:/ / www. efccnigeria. org/ index. php?option=com_content& task=section& id=5& Itemid=69) EFCC website accessed 25 July 2007. [72] "Text of A Media Conference by Mallam Nuhu Ribadu, Executive Chairman, EFCC" (http:/ / www. efccnigeria. org/ index. php?option=com_content& task=view& id=716& Itemid=2) (Monday, 21 November 2005). EFCC website retrieved 25 July 2007. [73] "Woman gets prison for 'Nigerian' scam" (http:/ / www. upi. com/ Top_News/ 2008/ 06/ 26/ Woman_gets_prison_for_Nigerian_scam/ UPI-73791214521169/ ). Upi.com. 2008-06-26. . Retrieved 2009-06-10. [74] "Cisco to start paying a dividend before summer" (http:/ / tech. yahoo. com/ news/ pcworld/ 147575). Yahoo! News. . Retrieved 14 September 2010. ??? [75] (AFP) – Oct 22, 2009 (2009-10-22). "Nigeria's anti graft police shuts 800 scam websites" (http:/ / www. google. com/ hostednews/ afp/ article/ ALeqM5iV7uw_rlEABbsQCt-GvZexDLbRqw). Google.com. . Retrieved 2010-11-12. [76] "Desarticulada una banda que enviaba diariamente 20.000 'cartas nigerianas'" (http:/ / www. elpais. com/ articulo/ espana/ Desarticulada/ banda/ enviaba/ diariamente/ 20000/ cartas/ nigerianas/ elpepuesp/ 20090317elpepunac_11/ Tes). Elpais.com. . Retrieved 2010-11-12. [77] " Former Alcona County Treasurer Sentenced to 9-14 Years in Nigerian Scam Case (http:/ / mi. gov/ ag/ 0,1607,7-164-34739-170122--,00. html)," Office of the Attorney General, Michigan [78] 419ers take Aussie financial advisor for AU$1m (http:/ / www. theregister. co. uk/ 2004/ 10/ 19/ aussie_419_victim/ ), The Register, Published Tuesday 19th October 2004 GMT [79] Haines, Lester. " Woman falls for Nigerian scam, steals $2.1m from law firm (http:/ / www. theregister. co. uk/ 2002/ 09/ 23/ woman_falls_for_nigerian_scam/ )," The Register [80] " Annals of Crime: The Perfect Mark (http:/ / www. newyorker. com/ archive/ 2006/ 05/ 15/ 060515fa_fact?printable=true& currentPage=all) ," The New Yorker [81] " Supermarket for Scandal (http:/ / www. upenn. edu/ gazette/ 1100/ 1100books. html)," University of Pennsylvania [82] " Rats In the Grain. - Review - book review (http:/ / findarticles. com/ p/ articles/ mi_m0HIC/ is_1_16/ ai_75477934)" [83] "Rats in the grain: The Dirty Tricks and Trials of Archer Daniels Midland The Supermarket to the World" (http:/ / www. populist. com/ 00. 16. krebs. html). Populist.com. . Retrieved 2009-06-10. [84] "Luftschlösser gebaut" (http:/ / www. derwesten. de/ sport/ lokalsport/ essen/ tusem/ Luftschloesser-gebaut-id894146. html), Der Westen, 17.07.2008 (in german) [85] "Ego statt Geld" (http:/ / www. sueddeutsche. de/ sport/ 386/ 446122/ text/ ), Süddeutsche Zeitung, 21.06.2008 (in german) [86] "Großes Ganovenstück" (http:/ / www. derwesten. de/ staedte/ essen/ Grosses-Ganovenstueck-id1242365. html), Der Westen, 19.06.2008 (in german) [87] Baiting Nigerian scammers for fun (not so much for profit) (http:/ / arstechnica. com/ web/ news/ 2009/ 05/ baiting-nigerian-scammers-for-fun-not-so-much-for-profit. ars) at ArsTechnica. [88] "Dumb Nigerian Con-Artists" (http:/ / web. archive. org/ web/ 20070209072152/ spl. haxial. net/ nigerian-fraud/ ). Web.archive.org. . Retrieved 2010-11-12. [89] " Advance fee fraud schemes (http:/ / www. yale. edu/ its/ email/ spam/ fraud. html)," Yale University [90] " Online scams create "Yahoo! millionaires" (http:/ / money. cnn. com/ magazines/ fortune/ fortune_archive/ 2006/ 05/ 29/ 8378124/ )," CNN Money

113

Advance-fee fraud
[91] " Nigeria cracks down on e-mail scams (http:/ / www. csmonitor. com/ 2005/ 1215/ p07s02-woaf. html)," Christian Science Monitor [92] "Home: Advance Fee Fraud: Encyclopedia" (http:/ / www. baldfaceliars. com/ Advance_fee_fraud/ encyclopedia. htm). BaldFaceLiars.com. . [93] "Nigerian Finance Minister" (http:/ / www. irregularwebcomic. net/ cast/ nigerianfinanceminister. html). Irregular Webcomic!. . Retrieved 2010-03-18.

114

Books
• Apter, Andrew (2005). "The Politics of Illusion". The Pan-African Nation: Oil and the Spectacle of Culture in Nigeria. Chicago: University of Chicago Press. ISBN 0226023559. • Berry, Michael (2006). Greetings in Jesus Name!: The Scambaiter Letters (http://books.google.com/ books?id=tL7tAAAACAAJ). Harbour Books. ISBN 1905128088. • Dillon, Eamon (2008). "Chapter 6: The 419ers" (http://www.dilloninvestigates.com/index_files/Page390. htm). The Fraudsters — How Con Artists Steal Your Money. Merlin Publishing. ISBN 9781903582824. • Edelson, Eve (2006). Scamorama: Turning the Tables on Email Scammers (http://books.google.com/ books?id=piSbAAAACAAJ). Disinformation Company. ISBN 1932857389. • Nwaubani, Adaobi Tricia (2009). I Do Not Come to You By Chance (novel) (http://www.hyperionbooks.com/ titlepage.asp?ISBN=1401323111&SUBJECT=Fiction). Hyperion Books. • Tive, Charles (2006). 419 Scam: Exploits of the Nigerian Con Man (http://books.google.com/ books?id=tT_WX_2pvFwC). iUniverse.com. ISBN 0595413862. • Van Wijk, Anton (2009). Mountains of gold; An exploratory research on Nigerian 419-fraud: backgrounds (http:/ /419.swpbook.com). SWP Publishing. ISBN 978-90-8850-028-2.

External links
• Advance-fee fraud (http://www.dmoz.org//Society/Issues/Fraud/Advance_Fee_Fraud//) at the Open Directory Project • UK Metro Police Antifraud (http://www.met.police.uk/): Metro Police UK Antifraud Division • ScamWatch (http://www.scamwatch.gov.au/): Australia's ScamWatch • RomanceScam (http://www.romancescam.com/): Nigerian Dating Scammers • Interview with an ex-scammer, January 2010 (http://www.scam-detectives.co.uk/blog/2010/01/22/ interview-with-a-scammer-part-one): Scam Detectives • RentScams (http://www.rentscams.org/): Rental Property Scams • VP44 Spam & Scam Database (http://spamdb.vp44.com/): large repository of 419 scam samples

Pig in a poke

115

Pig in a poke
The idioms pig in a poke and sell a pup (or buy a pup) refer to a confidence trick originating in the Late Middle Ages, when meat was scarce, but cats and dogs (puppies) were not.[1] [2] [3] The idiom pig in a poke can also simply refer to someone buying a low-quality pig in a bag because he or she did not carefully check what was in the bag.[4] The scheme entailed the sale of a suckling pig or pup in a poke (bag). The bag would actually contain a cat or dog (not particularly prized as a source of meat), which was sold to the victim in an unopened bag. The French idiom acheter (un) chat en poche (to buy a cat in a bag) refers to an actual sale of this nature, as do many European equivalents, while the English expression refers to the appearance of the trick.[5] The common English colloquial expressions such as turn out to be a pig in a poke or buy a pig in a poke mean that something is sold or bought without the buyer knowing its true nature or value, especially when buying without inspecting the item beforehand. The phrase can also be applied to accepting an idea or plan without a full understanding of its basis. Similar expressions exist in other European languages, most of them referring to the purchase of a cat in a bag, with some exceptions:
Language Bulgarian Catalan Croatian Czech Danish Dutch Estonian French Finnish German Greek Hebrew Hungarian Icelandic Indonesian Irish Latvian Lithuanian Phrase да купиш котка в торба Donar/Prendre gat per llebre kupiti mačka u vreći koupit zajíce v pytli at købe katten i sækken een kat in de zak kopen ostma põrsast kotis acheter un chat dans un sac ostaa sika säkissä die Katze im Sack kaufen Translation to buy a cat in a bag to give/to take cat instead of hare to buy a cat in a sack to buy a hare in a sack to buy the cat in the sack to buy a cat in the sack to buy a piglet in a sack to buy a cat in a bag to buy a pig in a sack to buy the cat in the sack

αγοράζω γουρούνι στο σακκί to buy a pig in a sack ‫קשב לותח‬ zsákbamacska að kaupa köttinn í sekknum kucing dalam karung ceannaigh muc i mala pirkt kaķi maisā pirkti katę maiše cat in a sack cat in a sack to buy the cat in the sack cat in a sack buying a pig in a bag to buy a cat in a sack to buy a cat in a sack to buy the cat in a sack to buy the cat in the sack to buy the cat in the sack to buy a cat in a sack to buy a cat instead of a hare to buy with closed eyes to buy a cat in a sack

Luxembourgish d'Kaz am Sak kafen Macedonian Norwegian Polish Portuguese Romanian Russian да купиш мачка во вреќа kjøpe katta i sekken kupić kota w worku comprar gato por lebre a cumpăra cu ochii închiși купить кота в мешке

Pig in a poke

116
Spanish Spanish Serbian Slovak Slovene Swedish dar gato por liebre hay gato encerrado купити мачку у џаку kúpiť mačku vo vreci kupiti mačka v žaklju köpa grisen i säcken to give a cat instead of a hare there is a cat shut inside to buy a cat in a sack to buy a cat in a sack to buy a cat in a sack to buy the pig in the sack

This trick also appears to be the origin of the expression "let the cat out of the bag",[6] meaning to reveal that which is secret (if the would-be buyer opened the bag, the trick would be revealed).[5]

References
Notes
[1] [2] [3] [4] [5] [6] pig in a poke (http:/ / idioms. yourdictionary. com/ pig-in-a-poke) at YourDictionary.com pup (http:/ / www. ldoceonline. com/ dictionary/ pup) at Longman Dictionary of Contemporary English be sold a pup (http:/ / idioms. thefreedictionary. com/ be+ sold+ a+ pup) at The Free Dictionary pig in a poke (http:/ / www. idiomdictionary. com/ definition/ pig-in-a-poke. html) at IdiomDictionary.com Brewer, Dictionary of Phrase and Fable, 1898. Let the cat out of the bag (http:/ / www. phrases. org. uk/ meanings/ 227250. html) on The Phrase Finder

Bibliography
• E. Cobham Brewer, Dictionary of Phrase and Fable (http://www.bartleby.com/81/13246.html). 1898. • Funk, Charles Earle, A Hog on Ice: & Other Curious Expressions. HarperResource, 2002. ISBN 0-06-051329-2. • National Lampoon's European Vacation, The television game show the Griswolds played that won them the trip.

Thai gem scam

117

Thai gem scam
The Thai Gem Scam (also known as the Bangkok Gem Scam) is a confidence trick performed in Bangkok, Thailand as well as other cities in the country. It is one of the most pervasive scams in Thailand. Most of the shops are gold or jewelry shops. It has been alleged that this scam has been operating for the past 20 years, sometimes in the same premises. It has been suggested that individuals in the Royal Thai Police and even politicians protect this scam. The scam was demonstrated on an episode of the BBC series, The Real Hustle, except the hustlers used a tourist hot-spot in Ibiza as opposed to Thailand.

The scam
A network of touts and con men present the mark with an opportunity to profit from buying discount gems from a jewelry shop. The mark is convinced that he can buy gems at duty free price and bring them overseas for a threefold or more profit. Through a network of helpers, each of whom tells the mark bits of information, the mark is guided to the jewelry shop. 1. A tout will be on the lookout at popular tourist spots like the Grand Palace, Wat Pho, Khaosan Road, Siam Square, or other temples or tourist attractions in Bangkok. (Also, the scam may often be initiated by a tuk-tuk driver.) The tout will be dressed as a student or gentleman and will approach the mark to tell him the place he is about to visit is closed today because of some made-up holiday. The tout, taking advantage of the Thai people's reputation for friendliness, may strike up a conversation, asking where the mark is from, and if this is his first time in Bangkok. The tout will also tell the mark that a certain tuk-tuk waiting nearby is cheap or even free because it has been sponsored by the tourism ministry and can bring him to other temples elsewhere to visit. Sometimes this gentleman finds out which country the mark is from and informs the con man at the next layer about it. 2. If the mark gets on the tuk-tuk, the driver will bring him to a secluded temple in the city, drop him off, and wait for him to return. 3. When the mark walks into the temple, there will be a gentleman praying inside. That person will tell him about a scheme by the government which allows people to buy jewelry duty free and make a profit when the gems are shipped to their home country, adding that today is the last day of this scheme. 4. The tuk-tuk may take the mark to another temple, where another person (sometimes a Thai, sometimes a Westerner) tells the same story, building up the mark's confidence through a seemingly "independent" verification. If the mark is interested, the person will tell the tuk-tuk driver to take him to the jewelry store. 5. At the shop the mark will be pressured to buy jewelry. If the mark purchases the jewelry, the gem will be packaged and shipped directly to the mark's address in his home country so that he will not have a chance to get the gem appraised or return it for a refund. In the purchase process the mark may be told to go to a nearby gold shop to purchase gold to be exchanged for the gem - this money laundering ensures that any stop-payment on the part of the mark will not affect the gem store's profits. 6. The mark returns to his home country, only to find the jewelry to be worth far less than he paid for it. Other scams include fake Thai Mikimoto certificates. Once in a store, a variety of selling tactics are employed, including bait and switch, and "educating" gemstone novices about "fake gems" which are in fact real, and selling them "real gems" which are in fact fake.

Thai gem scam

118

References External links
• The Bangkok Gem Scam (http://www.dailymail.co.uk/travel/holidaytypeshub/article-588986/ The-Bangkok-Gem-Scam.html) - The Daily Mail • Malaysians falling prey to Bangkok gems scam (http://thestar.com.my/news/story.asp?file=/2010/1/2/ nation/20100102151817&sec=nation) - The Star

White van speaker scam
The white van speaker scam is a scam sales technique in which a salesman makes a buyer believe he is getting a good price on audio merchandise. Con artists in this type of scam call themselves "speakerguys" or "speakermen".

Process
The typical white van speaker scam involves one to three individuals, who are usually casually dressed or wearing uniforms. They drive an SUV, minivan or a commercial vehicle (usually a white commercial van, which may be rented inexpensively) that often displays a company logo. To find suitable targets, the van operators set up their con in moderately-trafficked areas, such as parking lots, gas stations, colleges, or large apartment complexes. Alternatively, they may target people driving expensive cars and wave them down. The marks (victims) are usually affluent young men, college students, or others thought to have large amounts of disposable income. The marks may also be foreigners or people who are unfamiliar with typical business transactions in Western countries. The operators often claim that they work for an audio retailer or audio installer and that, through some sort of corporate error (warehouse operator mistake, bookkeeping mistakes, computer glitch, etc.) or due to the client changing the order after supplies were purchased, they have extra speakers. Sometimes, it is implied that the merchandise may be stolen. For varying reasons they need to dispose of the speakers quickly and are willing to get rid of them at "well below retail" prices. The con artists will repeatedly state the speaker's "value" as anywhere between $1800 and $3500, prices often purportedly verified by showing a brochure or a magazine advertisement. They will usually also have an official-looking website verifying their claims. If the mark declines the offer, the scammer uses various high-pressure negotiation sales tactics. Among these techniques are producing glossy material that details the quality and high retail value of the speakers, and bombarding the potential customer with technical jargon, whether correctly or incorrectly used. If still unable to convince the mark that he is turning down an incredible offer, the con artist will almost always lower the price significantly. Some con artists will even suggest that, since the customer got such a great deal, he should pay a little extra as beer money for his supposed benefactor.

White van speaker scam

119

Economics
Distributors rent a warehouse and obtain licenses and distribution rights, then import large quantities of poorly made goods. They ship these goods to local warehouses in major cities and hire 'salesmen' to distribute the shoddy goods. North American distribution operations are in major cities across the continent.[1] The marketers at each office establish a promotion, benefit, and bonus scale for the speaker sales teams. Bonuses may be paid in cash or speakers. In Australia the same tactic is used. Receipts are issued, but the contact details are usually fake so that the goods cannot be returned. As an added measure, vehicles are leased so that they can not be traced to either the distributor or 'sales person' driving.

Online availability
White van speakers and home theater systems are now commonly found online on such sites as Craigslist, Kijiji and eBay. Speakers and projectors are popular scams because they are not easily tested. Buyers are misled into purchasing low quality knock off brands. with reviews showing these speakers or electronics to be outclassed by even inexpensive "home theater in a box" systems sold by legitimate manufacturers. One online technique used on Craigslist is for the seller to post ads for the speakers for the "retail price" printed on their boxes, which is often in the thousands of dollars. Any box of speakers with an MSRP printed on it should be considered a counterfeit. Then the seller will post another ad with different wording at a "deal" price, a fraction of the original price. Both ads will have links to the phony speaker brand's web site. The higher priced advertisement is meant to fool any prospective buyer into thinking that they have done their due diligence. In addition to the phony prices, other common verbiage includes: "my loss is your gain", "received as a gift", "won it at a raffle or company award", "I am an audio installer", "having a baby", "need to pay rent or a fine", "already have one don't need 2", "moving out of town", "great buy!", "need to sell fast" and "still in the box." A more recent development in ad postings are self-perpetuating scams—those claiming to be victims of the scam, when exposed, say they are trying to recoup some of their loss.

Techniques used
The brand name of the speakers is often confusingly similar to a well-regarded speaker manufacturer. For example, the reputations of manufacturers such as Klipsch, Polk Audio, Paradigm, Dahlquist, and Wharfedale are used to sell low-quality speakers with fake brand names like Kirsch, Volk Audio, Paradyme, Dahlton, and Grafdale. Another brand called Millennium Theater Systems or MTS,[2] is similar to MTX, and a brand called Paramax Audio[3] has been claimed to be jointly owned by Paramount Studios and the IMAX Corporation. "Matrix Audio Concepts" is another fictional brand that returns additional related websites with an Internet search query for that term. Some sites, such as for Theater Research[4] , also list customer service telephone numbers or support e-mail addresses. These methods of contact are often dead ends. Another recent technique is to parrot but not mimic, the names of reputable companies. For example, Genesis Media Labs is a white van scam name that trades on the American "Genesis" brand of loudspeakers [5] [6] , while DiVinci trades on the name of the Swiss "DaVinci" company.

White van speaker scam

120

Technology and quality of the product
Overall, the quality of the product is inferior. For example, Denmark Audio's home theatre system has been quoted as sounding like a hornet's nest. The Denmark Audio system has been tested on a test bench and proven to be of very low quality.[7] Another line that appears is the shock people have when they try to hook up the home theatre system to high definition television sets and find out it cannot be done — the claim of HD compatibility made for the white van system is just another element of the scam. Systems (typically amplifiers with speakers, sold as sets) with low numbers (2 or 3) of inputs and/or audio switching only (no video inputs/switching) with only analogue L/R/6ch RCA jacks are common in this scheme.

Organizations connected to the distribution side of the scam
• • • • • • • • • • • • • Bang Audio - Registered Business Number WA BN11169709 (Western Australia, Australia)[8] Paramount Audio Performance Pty. Ltd. (Victoria, Australia)[9] American Sound System (Walter Hawthorne) Oliver Beling (Sole trader with registered ABN) (Victoria, Australia)[10] Sonic Audio Distributors (a.k.a Sonic Audio Distribution) (Victoria, Australia)[10] XRT Distributors Arlington, TX Prestige Sound and Audio, San Carlos, CA. STFO Trading, LLC., Elmhurst, NY and Sunset Beach, CA.[11] Eran Electronics Inc., Toronto, Canada [12] Wahldorf Home Theater, West Palm Beach, Florida Empire Audio, 2001 E. 74th Ave suite B, Denver, CO ORKA Distributors (AKA - Sound Studio Lab) - 11357 Pyrites Way Rancho Cordova, CA 95670 Glenn Smith - North American distributor - office (714) 379-8326 or (714) 894-5888

Product safety concerns
Consumers have reported receiving products which have been faulty for some time now.[10] This is a result of sub-standard quality and manufacturing processes. However, during June 2008 another, more serious warning emerged. Denmark Audio systems inter alia had been found to have an impedance curve dropping below two ohms.[13] The result of this fault will damage amplifiers connected to the load when it drops, however it could also lead to overheating and short circuits.[13] Therefore these systems could potentially cause a fire if left unattended. Products are not UL listed nor CSA approved.

Brands reported to be sold out of white vans
• Accusound[14] (Not related to Accusound Australia nor the Accusound speakers made by Audiosphere in Canada) • Acoustic Monitor, Acoustic Studio Monitor 3311/3312, Acoustic Response, Acoustic Image, Acoustic Lab Technology, Acoustic Reference[15] [16] • Advanced Sound Technologies (AST)[16] • Afinity[17] • Ashton, Ashton Home Theater Systems[18] • Audio Resource[14] • Audio-Tech, Audio Tech Pro[16] • Audiofile[15] [19] [20] • BSS - Brendle Sound Systems[21] (No relation to BSS Audio, part of the Harman Pro Group), also Brendel, BrendelElectronics [22]

White van speaker scam Bjorn and Wielder [23] Camelot Audio[14] Carlson Audio[14] Cerwin Vega (counterfeit)[24] Cinemax Loudspeakers Cleo Acoustics (Singapore) [25] Columbia Audio [10] Crystal Home Theater (Not related to Crystal Home Audio) [26] Definitive Sound Technology [27] (no relation to Definitive Technology) Denmark, Denmark Audio, Denmark Optics[9] [15] [19] Deutsch Akustik [28] Dogg Digital, Digital Dogg Audio[15] [16] [29] DanWave, Dan Wave[16] Dahlton[15] [16] Digital Pro Audio, Pro Audio, Digital Audio,Digital Galaxy, Digital Audio Professional Speaker Systems, Digital Audio Skyline, Digital Research[15] [16] [19] • DiVinci[16] [19] • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • Dreamland, Dream Land[10] Dynalab[15] [19] Elite Audio[30] EDS, Elite Digital Sound[31] EKO[14] Eurosound[14] Epiphany Audio[15] [32] Fleetwood Audio[33] Genesis Media Labs, Genisis Media Labs[16] (no relation to Genesis Technologies) Glatten Audio[14] Grafdale[15] [16] Hauffman[16] Hy-line Sound Electronics [16] I-Cinema[34] Icon MediaLab, Icon Media Lab Digital Fusion[10] [35] (No relation to LBi Ltd., the registered trademark owners of the Icon MediaLab name) Image Audio Concepts[36] Image Reference[37] JBL (counterfeit)[24] Jannsonn & Fynn [38] Kauffman[39] Kinetic[17] Kirsch, Kirsh[16] [19] Linear Acoustik[14] Linear Phase[19] London[32] Matrix Audio[16] Mantooth Audio[16]

121

• Marc Vincent Audio [40] • Millennium Theater Systems (MTS)[16] [19]

White van speaker scam • • • • • • • • • • • • • • • • • • • • • • • • • • • • Norway Audio[41] Olin Ross [42] Omni Audio[15] Oracle Projector[43] Orix[14] Palermo[17] Paradyme[19] (no relation to Paradigm) Paragon Paramax[16] [17] [19] [42] [44] Proline Acoustic[16] Pro-Optics, 3D Optics, 3D Optiks[43] Protechnik[43] [44] [45] [46] Protecsound (PTS)[15] [47] PSD[15] [16] PurTone [48] RDX [49] Rothdale [50] Samaurai[16] [19] Skyline[19] Sutherland Technology[16] (no relation to Sutherland Engineering) Theater Logic[51] Theater Research, Theatre Research, Theater Innovations[15] [16] [19] US Acoustics[52] VAV[14] VisionMax[53] Vokl Audio [54] Volk Audio (also has a projector branch known as Volk Cinema) [55] Wahldorf Home Theater [56]

122

References
[1] [2] [3] [4] [5] [6] [7] [8] [9] Scam Shield - Distributor Locations (http:/ / www. scamshield. com/ Help. asp?id=4) MTS Speakers (http:/ / www. mtsspeakers. com/ ) http:/ / paramaxaudio. com/ Paramax Audio website Theater Research website (http:/ / www. trtheaterresearch. com/ ) Genesis Loudspeakers by Genesis Advanced Technologies (http:/ / www. genesisloudspeakers. com) Genesis Model 5.2 review at Stereophile Magazine (http:/ / www. stereophile. com/ floorloudspeakers/ 206gen/ ) Warning - white van scammers out in Melbourne (http:/ / www. ls1. com. au/ forum/ showthread. php?t=90432& page=2) OzRipOff - BangAudio (http:/ / www. ozripoff. com/ report-view/ 299-bangaudiocomau-scam) Minister for Consumer Affairs - Government of South Australia (http:/ / www. ocba. sa. gov. au/ assets/ medicomms/ mrelease_itinertraders. pdf) [10] ScamShield Listing Australia (http:/ / www. scamshield. com/ Sighting. asp?state=none& country=Australia& article=1) [11] United States Patent Office (http:/ / tarr. uspto. gov/ servlet/ tarr?regser=serial& entry=77797734) [12] Panjiva Shipping records (http:/ / panjiva. com/ Eran-Electronic-Inc/ 4036298) [13] Kitsap Sun (http:/ / www. kitsapsun. com/ news/ 2008/ jun/ 26/ sound-system-scammers-traveling-in-white-van-get) [14] VR-Zone Forum: "White Van" speaker brand listing (http:/ / forums. vr-zone. com/ showthread. php?t=219074) [15] Kuro5hin story (http:/ / www. kuro5hin. org/ story/ 2004/ 4/ 9/ 224439/ 1810) [16] ScamShield Listing Canada (http:/ / www. scamshield. com/ Sighting. asp?state=none& country=Canada& article=1) [17] ScamShield Listing Texas (http:/ / www. scamshield. com/ Sighting. asp?country=none& state=Texas& article=1) [18] Ripoff Report: George Grover - The Home Theater Store (http:/ / www. ripoffreport. com/ Stereos/ George-Grover-The-Ho/ george-grover-the-home-theat-mm5p5. htm) [19] ScamShield Listing Colorado (http:/ / www. scamshield. com/ Sighting. asp?country=none& state=Colorado& article=1)

White van speaker scam
[20] ScamShield Listing UK (http:/ / www. scamshield. com/ Sighting. asp?state=none& country=United Kingdom& article=1) [21] Bss M-250's - 440 Forums (http:/ / en. 440forums. com/ forums/ ?act=ST& f=3& t=8149& lang=EN& ) [22] Forum warning about Brendel amplifiers (http:/ / www. the-home-cinema-guide. com/ connecting-brendel-power-amplifier-to-a-surround-sound-system. html) [23] Scam Shield: Australian White Van Speaker Scam Sightings (http:/ / www. scamshield. com/ Sighting. asp?state=none& country=Australia& article=1) [24] ProSoundWeb Live Audio Board: The White Van Scam (http:/ / srforums. prosoundweb. com/ index. php/ mv/ tree/ 27816/ 72/ ) [25] Singapore Hardwarezone Forum: Scam at around Sim Lim Area - Warning (http:/ / forums. hardwarezone. com. sg/ showthread. php?t=1705581) [26] White Van Speaker Scam - North Carolina (http:/ / www. scamshield. com/ Sighting. asp?country=none& state=North Carolina& article=1) [27] (http:/ / www. avforums. com/ forums/ speakers/ 847651-definitive-sound-technology-dst-303-speakers-hoax. html) (http:/ / www. defsoundtech. com/ ) - Forum Review and Definitive Sound Technology Website [28] (http:/ / www. DeutschAkustik. com) [29] Santa Barbara BBB News: Dogg Digital Audio (http:/ / www. santabarbara. bbb. org/ BBBWEB/ Forms/ General/ BBBNewsArchivesPageDetail. aspx?News_ID=73& sm=) [30] Sonicflare: The White Van of the Apocalypse (http:/ / www. sonicflare. com/ archives/ the-white-van-of-the-apocalypse. php) [31] (http:/ / lansing. craigslist. org/ ele/ 1998133685. html) [32] ScamShield Listing Tennessee (http:/ / www. scamshield. com/ Sighting. asp?country=none& state=Tennessee& article=1) [33] Ripoff Report: Fleetwood Audio (http:/ / www. ripoffreport. com/ reports/ 0/ 167/ RipOff0167727. htm) [34] Playa.info: Anyone heard of i-Cinema? (http:/ / www. playa. info/ playa-del-carmen-forum/ 52661-anyone-heard-i-cinema. html) [35] Northern Territory News (http:/ / www. ntnews. com. au/ article/ 2009/ 04/ 03/ 43015_ntnews. html) [36] Rip-off Report: Image Audio Concepts Theatre System IA-905S (http:/ / www. ripoffreport. com/ reports/ 0/ 443/ RipOff0443536. htm) [37] ScamShield Listing North Carolina, USA (http:/ / www. scamshield. com/ Sighting. asp?country=none& state=North Carolina& article=1) [38] "Hifi-Forum" Warning! (http:/ / www. hifi-forum. de/ viewthread-55-9234. html) [39] "Kauffman" Anyone heard of this brand?? (http:/ / forums. audioholics. com/ forums/ showthread. php?t=55666) [40] Review of the product, plus comments from scam victims (http:/ / www. jackcola. org/ blog/ 82-do-not-buy-a-marc-vincent-audio-sound-system) [41] Ripoff Report: Norway Audio Systems I was basically taken for a $500 ride for a $50 "home theater system" (http:/ / www. ripoffreport. com/ miscellaneous-electronics/ norway-audio-systems/ norway-audio-systems-i-was-ba-8aa96. htm) [42] ScamShield Listing California (http:/ / www. scamshield. com/ Sighting. asp?country=none& state=California& article=1) [43] Protechnik projector scam (http:/ / www. curtpalme. com/ forum/ viewtopic. php?p=226583) [44] ScamShield listing: Washington (http:/ / www. scamshield. com/ Sighting. asp?country=none& state=Washington& article=1) [45] Northern Territory Department of Justice (http:/ / www. caba. nt. gov. au/ documents/ CApressrelease_Itinerant_Traders_Home_Theatre_Sellers. pdf) [46] Review of the product, plus comments from scam victims (http:/ / www. jackcola. org/ blog/ 82-do-not-buy-a-marc-vincent-audio-sound-system) [47] Ripoff Report: PTS Protecsound (http:/ / www. ripoffreport. com/ reports/ 0/ 065/ RipOff0065577. htm) [48] (http:/ / www. scamshield. com/ Sighting. asp?country=none& state=North Carolina& article=1) [49] Ripoff Report: RDX Surround Speaker scam Richmond British Columbia Canada (http:/ / www. ripoffreport. com/ reports/ 0/ 408/ RipOff0408520. htm) [50] (http:/ / www. scamshield. com/ Sighting. asp?country=none& state=Virginia& article=1) [51] Remote Central: Theater Logic Home Cinema L6 (http:/ / www. remotecentral. com/ cgi-bin/ mboard/ rc-theater/ thread. cgi?3244) [52] (http:/ / phorums. com. au/ archive/ index. php/ t-114022. html) [53] (http:/ / www. ripoffreport. com/ electronic-manufacturers/ visionmax/ visionmax-fred-herrmann-projec-cc8d8. htm) [54] Audio Asylum: Any one heard of VOKL AUDIO? (http:/ / www. audioasylum. com/ cgi/ t. mpl?f=shady& m=3914) [55] (http:/ / www. polkaudio. com/ forums/ showthread. php?t=90708) [56] (http:/ / www. wahldorfhometheater. com)

123

White van speaker scam

124

External links
A great deal of information and warnings on the topic of "white van speakers" can be found using search engines. Some of the more informative links include: • A Kuro5hin story on "The Great International White Van Speaker Scam". (http://www.kuro5hin.org/story/ 2004/4/9/224439/1810) • This American Life did an episode called Suckers (http://www.thislife.org/Radio_Episode.aspx?episode=222), one segment of which concerned white van speakers. • Scamshield entry on white van speakers. (http://www.scamshield.com/Feature.asp?id=1) • Crimes-of-Persuasion.com on Speaker Scams (http://www.crimes-of-persuasion.com/Crimes/InPerson/ speaker_scams.htm) • http://www.fbaa.us/ (http://web.archive.org/web/20070404002512/http://www.fbaa.us/) -- Fake Better Business Bureau that claims to "certify" these companies (via Archive.org)

Badger game
The badger game is an extortion scheme, often perpetrated on married men, in which the victim or "mark" is tricked into a compromising position to make him vulnerable to blackmail. There are two competing explanations for the origin of the term badger game. One explanation is that the term originated in the practice of badger baiting. Another says that it derives its name from the state of Wisconsin (the Badger State), where the con allegedly either originated or was popularized. This con has been around since at least the early 19th century. There are several variations of the con; in the most typical form an attractive woman approaches a man, preferably a lonely, married man of some financial means from out of town, and entices him to a private place with the intent of maneuvering him into a compromising position, usually involving some sort of sexual act. Afterward an accomplice presents the victim with photographs, video, or similar evidence, and threatens to expose him unless blackmail money is paid. The woman may also claim that the sexual encounter was non-consensual and threaten the victim with a rape charge. It can also involve such things as the threat of a sexual harassment charge which may endanger the victim's career. In the days before photography or video, the accomplice would usually burst into the room during the act, claiming to be the woman's husband, father, older brother, etc., and demand justice. The con was particularly effective in the 19th and earlier 20th century when the social repercussions of adultery were much greater. A famous person known to have been victimized by the scheme was Alexander Hamilton, whose adulterous affair with Maria Reynolds was used by her husband to extort money and information from him. Variants of the con involve luring the mark with homosexual acts, underage girls, child pornography, bizarre sexual fetishes, or other activities deemed to have a particular social stigma. Another form involves accusations of professional misconduct. In an example of this form of the con, a "sick" woman would visit a physician, describing symptoms that required her to disrobe for the examination, require the doctor to examine the genitals, or ensure similar scrutiny from the doctor. During the examination an "outraged husband" or "outraged father" would enter the room and accuse the doctor of deviant misconduct. The "sick" woman, who is of course part of the con, takes the side of her accomplice and threatens the doctor with criminal charges or a lawsuit. This form of the badger game was first widely publicized in an article in the August 25, 1930 edition of Time magazine. Non-sexual versions of this con also exist, particularly among ethnic or religious groups with strong social taboos; for example coercing a Mormon to gamble or drink alcohol. The badger game has been featured as a plot device in numerous books, movies and television shows.

Badger game

125

References

Clip joint
A clip joint or fleshpot is an establishment, usually a strip club or entertainment bar, typically one claiming to offer adult entertainment or bottle service, in which customers are tricked into paying money and receive poor goods or services, or none, in return. Typically, clip joints suggest the possibility of sex, charge excessively high prices for watered-down drinks, and then eject customers when they become unwilling or unable to spend more money. The product or service may be illicit, offering the victim no recourse through official or legal channels. In the United States, clip joints were widespread during the national prohibition of alcohol from 1920 to 1933. They are generally outlawed in America now. For instance, the New York State Liquor Authority will impose penalties against any licensed premise permitting such conduct. Clip joints still operate openly in some areas of the world, such as Shanghai, where they prey on visiting foreigners.[1] [2]

The Scam
A typical scenario involves a young adult male (typically a tourist) being approached by a beautiful woman (typically either a local or claiming to be) who recommends a "favourite local" bar or club. The man is usually seated at a table and joined by a "hostess," who may or may not order drinks. Whether or not any "services" are performed or drinks are ordered has little bearing on the outlandish bill received at the end of the night. Bills are commonly hundreds of pounds, listing things like a "hostess fee" or "service charge." The arrival of the bill typically corresponds with the arrival of a few large bouncers to ensure payment. The beautiful woman or women who originally lured the mark to the location will often make an excuse and leave prior to the arrival of the bill. If confronted the establishment will claim that they have no connection with the woman and indicate that she arrived with the mark, and as such the mark is responsible for all of the items on the bill. This scam is in a legal grey area if extortion is not explicitly involved, since there is no law against charging high prices and the customer is primarily responsible for determining the prices of services to be rendered before accepting them. Often, a clip joint employee will wait near a legitimate club, and invite passing pedestrians into a "VIP" area. The potential customers are meant to believe that the person works for the nearby club, though they may not explicitly say so. Once inside, drinks are usually alcohol free (as they usually don't have a licence) or watered down and overpriced with no prices listed on the menu, and (as is typical) unrequested companion(s) may also arrive at the table.

Clip joints in the United Kingdom
A number of clip joints (or "near beer bars") still operate in London's Soho area, alongside legitimate strip bars. Since 2007, the London Local Authorities Act reclassified clip joints as sex establishments, meaning that they required relevant licences, closing a loophole where these businesses did not need a licence to operate because they did not serve food or alcohol or provide entertainment. [3] As recently as 2009, 2 people were jailed for 36 and 14 months respectively after threatening an undercover police officer. [4]

Clip joint

126

Bottle service clubs
The Manhattan bottle service club, Arena, was sued in 2007 for their version of the clip joint scam. In December 2007, a patron knowingly purchased a $350 bottle of vodka, but was not told of a 3 bottle minimum. At the end of the night, he was presented with a $1050 tab that included two unordered bottles. When he refused to pay, the Arena bouncers beat him up. The patron agreed to get money from an ATM. The bouncers escorted him two blocks to the ATM, where his debit card was declined. The bouncers then dragged him back to the bar, where he was held until police arrived. He was arrested for theft of services but the charges were dismissed. [5]

References
[1] "Warnings Or Dangers: Shanghai. Hustlers, pimps and beggars" (http:/ / members. virtualtourist. com/ m/ 7987e/ f4fc8/ 8/ ). virtualtourist.com. 2 December 2006. . Retrieved 30 May 2010. [2] "Tea Ceremony Scam in Shanghai" (http:/ / www. tripadvisor. in/ ShowTopic-g294211-i642-k1172540-Tea_Ceremony_Scam_in_Shanghai_BEWARE-China. html). 30 April 2007. . Retrieved 30 May 2010. [3] http:/ / www. opsi. gov. uk/ Acts/ localact2007/ ukla_20070002_en_5 [4] "Cracking down on clip joint scams" (http:/ / news. bbc. co. uk/ 1/ hi/ uk/ 8175510. stm). BBC News. 6 October 2009. . Retrieved 30 April 2010. [5] Del, John (31 December 2007). "Roughed-Up Reveler Sues Club Over 3 Bottle Shakedown" (http:/ / gothamist. com/ 2007/ 12/ 31/ roughedup_revel. php). Gothamist. . Retrieved 10 September 2009.

External links
• Soho clip joints (http://www.melonfarmers.co.uk/arsssoho.htm) • NY Post article on Arena (http://www.nypost.com/seven/12302007/news/regionalnews/ bruising_battle_on_boozy__147966.htm) • Soho clip joints to be forced out of business by police (http://www.guardian.co.uk/crime/article/ 0,2763,1158894,00.html), Guardian story: dated 29 February 2004, accessed 16 September 2006 • Bottle Club Patron Roughed Up (http://gothamist.com/2007/12/31/roughedup_revel.php)

Insurance fraud

127

Insurance fraud
Insurance fraud is any act committed with the intent to fraudulently obtain payment from an insurer. Insurance fraud has existed ever since the beginning of insurance as a commercial enterprise.[1] Fraudulent claims account for a significant portion of all claims received by insurers, and cost billions of dollars annually. Types of insurance fraud are very diverse, and occur in all areas of insurance. Insurance crimes also range in severity, from slightly exaggerating claims to deliberately causing accidents or damage. Fraudulent activities also affect the lives of innocent people, both directly through accidental or purposeful injury or damage, and indirectly as these crimes cause insurance premiums to be higher. Insurance fraud poses a very significant problem, and governments and other organizations are making efforts to deter such activities.

Causes
The “chief motive in all insurance crimes is financial profit.”[1] Insurance contracts provide both the insured and the insurer with opportunities for exploitation. One reason that this opportunity arises is in the case of over-insurance, when the amount insured is greater than the actual value of the property insured.[1] This condition can be very difficult to avoid, especially since an insurance provider might sometimes encourage it in order to obtain greater profits.[1] This allows fraudsters to make profits by destroying their property because the payment they receive from their insurers is of greater value than the property they destroy. Insurance companies are also susceptible to fraud because false insurance claims can be made to appear like ordinary claims. This allows fraudsters to file claims for damages that never occurred, and so obtain payment with little or no initial cost. The most common form of insurance fraud is inflating of loss.

Losses due to insurance fraud
It is virtually impossible to determine an exact value for the amount of money stolen through insurance fraud. Insurance fraud is designed to be undetectable, unlike visible crimes such as robbery or murder. As such, the number of cases of insurance fraud that are detected is much lower than the number of acts that are actually committed.[1] The best that can be done is to provide an estimate for the losses that insurers suffer due to insurance fraud. The Coalition Against Insurance Fraud estimates that in 2006 a total of about $80 billion was lost in the United States due to insurance fraud.[2] According to estimates by the Insurance Information Institute, insurance fraud accounts for about 10 percent of the property/casualty insurance industry’s incurred losses and loss adjustment expenses.[3] The National Health Care Anti-Fraud Association estimates that 3% of the health care industry’s expenditures in the United States are due to fraudulent activities, amounting to a cost of about $51 billion.[4] Other estimates attribute as much as 10% of the total healthcare spending in the United States to fraud—about $115 billion annually.[5] In the United Kingdom, the Insurance Fraud Bureau estimates that the loss due to insurance fraud in the United Kingdom is about £1.5 billion ($3.08 billion), causing a 5% increase in insurance premiums.[6] The Insurance Bureau of Canada estimates that personal injury fraud in Canada costs about C$500 million annually.[7]

Insurance fraud

128

Hard vs. soft fraud
Insurance fraud can be classified as either hard fraud or soft fraud.[8] Hard fraud occurs when someone deliberately plans or invents a loss, such as a collision, auto theft, or fire that is covered by their insurance policy in order to receive payment for damages. Criminal rings are sometimes involved in hard fraud schemes that can steal millions of dollars.[9] Soft fraud, which is far more common than hard fraud, is sometimes also referred to as opportunistic fraud.[8] This type of fraud consists of policyholders exaggerating otherwise legitimate claims. For example, when involved in a collision an insured person might claim more damage than was really done to his or her car. Soft fraud can also occur when, while obtaining a new insurance policy, an individual misreports previous or existing conditions in order to obtain a lower premium on their insurance policy.[8]

Types of insurance fraud
Life insurance
An example of life insurance fraud is the John Darwin disappearance case, an ongoing investigation into the faked death of British former teacher and prison officer John Darwin, who turned up alive in December 2007, five years after he was thought to have died in a canoeing accident. Darwin was reported as "missing" after failing to report to work following a canoeing trip on March 21, 2002. He reappeared on December 1, 2007, claiming to have no memory of the past five years.

Health care insurance
According to Roger Feldman, Blue Cross Professor of Health Insurance at the University of Minnesota, one of the main reasons that medical fraud is such a prevalent practice is that nearly all of the parties involved find it favorable in some way. Many physicians see it as necessary to provide quality care for their patients. Many patients, although disapproving of the idea of fraud, are sometimes more willing to accept it when it affects their own medical care. Program administrators are often lenient on the issue of insurance fraud, as they want to maximize the services of their providers.[10] The most common perpetrators of healthcare insurance fraud are health care providers. One reason for this, according to David Hyman, a Professor at the University of Maryland School of Law, is that the historically prevailing attitude in the medical profession is one of “fidelity to patients”.[11] This incentive can lead to fraudulent practices such as billing insurers for treatments that are not covered by the patient’s insurance policy. To do this, physicians often bill for a different service, which is covered by the policy, than that which was rendered.[12] Another motivation for insurance fraud in the healthcare industry, just as in all other types of insurance fraud, is a desire for financial gain. Public healthcare programs such as Medicare and Medicaid are especially conducive to fraudulent activities, as they are often run on a fee-for-service structure.[13] Physicians use several fraudulent techniques to achieve this end. These can include “up-coding” or “upgrading,” which involve billing for more expensive treatments than those actually provided; providing and subsequently billing for treatments that are not medically necessary; scheduling extra visits for patients; referring patients to another physician when no further treatment is actually necessary; "phantom billing," or billing for services not rendered; and “ganging,” or billing for services to family members or other individuals who are accompanying the patient but who did not personally receive any services.[13]

Insurance fraud

129

Automobile insurance
The Insurance Research Council estimated that in 1996, 21 to 36 percent of auto-insurance claims contained elements of suspected fraud.[14] There is a wide variety of schemes used to defraud automobile insurance providers. These ploys can differ greatly in complexity and severity. Richard A. Derrig, vice president of research for the Insurance Fraud Bureau of Massachusetts, lists several ways that auto-insurance fraud can occur. Examples of soft auto-insurance fraud can include filing more than one claim for a single injury, filing claims for injuries not related to an automobile accident, misreporting wage losses due to injuries, or reporting higher costs for car repairs than those that were actually paid. Hard auto-insurance fraud can include activities such as staging automobile collisions, filing claims when the claimant was not actually involved in the accident, submitting claims for medical treatments that were not received, or inventing injuries.[15] Hard fraud can also occur when claimants falsely report their vehicle as stolen. Soft fraud accounts for the majority of fraudulent auto-insurance claims.[14] Another example is that a person may illegally register their car to a location that would net them cheaper insurance rates than where they actually live, sometimes called "rate evasion". For example, some drivers in Brooklyn drive with Pennsylvania license plates because registering their car in a rural part of Pennsylvania will cost a lot less than registering it in Brooklyn. Another form of automobile insurance fraud, known as "fronting," involves registering someone other than the real primary driver of a car as the primary driver of the car. For example, parents might list themselves as the primary driver of their children's vehicles to avoid young driver premiums. "Crash for cash" scams may involve random unaware strangers, set to appear as the perpetrators of the orchestrated crashes.[16] Such techniques are the classic rear-end shunt (the driver in front suddenly slams on the brakes, eventually with brake lights disabled), the decoy rear-end shunt (when following one car, another one pulls in front of it, causing it to brake sharply, then the first car drives off) or the helpful wave shunt (the driver is waved in to a line of queuing traffic by the scammer who promptly crashes, then denies waving)[17] Organized crime rings can also be involved in auto-insurance fraud, sometimes carrying out schemes that are very complex. An example of one such ploy is given by Ken Dornstein, author of Accidentally, on Purpose: The Making of a Personal Injury Underworld in America. In this scheme, known as a “swoop-and-squat,” one or more drivers in “swoop” cars force an unsuspecting driver into position behind a “squat” car. This squat car, which is usually filled with several passengers, then slows abruptly, forcing the driver of the chosen car to collide with the squat car. The passengers in the squat car then file a claim with the other driver’s insurance company. This claim often includes bills for medical treatments that were not necessary or not received.[18] An incident that took place on Golden State Freeway June 17, 1992, brought public attention to the existence of organized crime rings that stage auto accidents for insurance fraud. These schemes generally consist of three different levels. At the top, there are the professionals--doctors or lawyers who diagnose false injuries and/or file fraudulent claims and these earn the bulk of the profits from the fraud. Next are the "cappers" or "runners", the middlemen who obtain the cars to crash, farm out the claims to the professionals at the top, and recruit participants. These participants at the bottom-rung of the scheme are desperate people (poor immigrants or others in need of quick cash) who are paid around $1000 USD to place their bodies in the paths of cars and trucks, playing a kind of Russian roulette with their lives and those of unsuspecting motorists around them. According to investigators, cappers usually hire within their own ethnic groups. What makes busting these staged-accident crime rings difficult is how quickly they move into jurisdictions with lesser enforcement, after a crackdown in a particular region. As a result, in the US several levels of police and the insurance industry have cooperated in forming task forces and sharing databases to track claim histories. [19] [20]

Insurance fraud

130

Property insurance
Possible motivations for this can include obtaining payment that is worth more than the value of the property destroyed, or to destroy and subsequently receive payment for goods that could not otherwise be sold. According to Alfred Manes, the majority of property insurance crimes involve arson.[21] One reason for this is that any evidence that a fire was started by arson is often destroyed by the fire itself. According to the United States Fire Administration, in the United States there were approximately 31,000 fires caused by arson in 2006, resulting in losses of $755 million.[22] Example: The Moulin Rouge in Las Vegas was struck by arson twice within 6 years.[23]

Council compensation claims
The fraud involving claims from the councils' insurers suppose staging damages blamable on the local authorities (mostly falls and trips on council owned land) or inflating the value of existing damages.[24]

Detecting insurance fraud
The detection of insurance fraud generally occurs in two steps. The first step is to identify suspicious claims that have a higher possibility of being fraudulent. This can be done by computerized statistical analysis or by referrals from claims adjusters or insurance agents. Additionally, the public can provide tips to insurance companies, law enforcement and other organizations regarding suspected, observed, or admitted insurance fraud perpetrated by other individuals. Regardless of the source, the next step is to refer these claims to investigators for further analysis. Due to the sheer number of claims submitted each day, it would be far too expensive for insurance companies to have employees check each claim for symptoms of fraud.[25] Instead, many companies use computers and statistical analysis to identify suspicious claims for further investigation.[26] There are two main types of statistical analysis tools used: supervised and unsupervised.[25] In both cases, suspicious claims are identified by comparing data about the claim to expected values. The main difference between the two methods is how the expected values are derived.[25] In a supervised method, expected values are obtained by analyzing records of both fraudulent and non-fraudulent claims.[25] According to Richard J. Bolton and David B. Hand, both of Imperial College in London, this method has some drawbacks as it requires absolutely certainty that those claims analyzed are actually either fraudulent or non-fraudulent, and because it can only be used to detect types of fraud that have been committed and identified before.[25] Unsupervised methods of statistical detection, on the other hand, involve detecting claims that are abnormal.[25] Both claims adjusters and computers can also be trained to identify “red flags,” or symptoms that in the past have often been associated with fraudulent claims.[27] Statistical detection does not prove that claims are fraudulent; it merely identifies suspicious claims that need to be investigated further.[25] Fraudulent claims can be one of two types. They can be otherwise legitimate claims that are exaggerated or “built up,” or they can be false claims in which the damages claimed never actually occurred. Once a built up claim is identified, insurance companies usually try to negotiate the claim down to the appropriate amount.[28] Suspicious claims can also be submitted to “special investigative units”, or SIUs, for further investigation. These units generally consist of experienced claims adjusters with special training in investigating fraudulent claims.[29] These investigators look for certain symptoms associated with fraudulent claims, or otherwise look for evidence of falsification of some kind. This evidence can then be used to deny payment of the claims or to prosecute fraudsters if the violation is serious enough.[30]

Insurance fraud

131

Legislation
National and local governments, especially in the last half of the twentieth century, have recognized insurance fraud as a serious crime, and have made efforts to punish and prevent this practice. Some major developments are listed below:

United States
• Insurance Fraud is specifically classified as a crime in all states, though a minority of states only criminalize certain types (i.e. Oregon only outlaws Worker Compensation fraud).[8] • 19 states require mandatory insurer fraud plans. This requires companies to form programs to combat fraud and in some cases to develop investigation units to detect fraud.[8] • 41 states have fraud bureaus. These are law enforcement agencies where “investigators review fraud reports and begin the prosecution process.”[8] • Section 1347 of Title 18 of the United States Code states that whoever attempts or carries out a “scheme or artifice” to “defraud a health care benefit program” will be “fined under this title or imprisoned not more than 10 years, or both.” If this scheme results in bodily injury, the violator may be imprisoned up to 20 years, and if the scheme results in death the violator may be imprisoned for life.[31]

Canada
• The Insurance Crime Prevention Bureau was founded in 1973 to help fight insurance fraud. This organization collects information on insurance fraud, and also carries out investigations. Approximately one third of these investigations result in criminal conviction, one third result in denial of the claim, and one third result in payment of the claim.[32] • British Columbia’s Traffic Safety Statutes Amendment Act of 1997 states that any person who submits a motor vehicle insurance claim that contains false or misleading information may on the first offence be fined C$25,000, imprisoned for two years, or both. On the second offense, that person may be fined C$50,000, imprisoned for two years, or both.[33]

United Kingdom
• A major portion of the Financial Services Act of 1986 was intended to help prevent fraud.[34] • The Serious Fraud Office, set up in 1987 under the Criminal Justice Act, was established to “improve the investigation and prosecution of serious and complex fraud.”[34] • The Fraud Act 2006 specifically defines fraud as a crime. This act defines fraud as being committed when a person “makes a false representation,” “fails to disclose to another person information which he is under a legal duty to disclose,” or abuses a position in which he or she is “expected to safeguard, or not to act against, the financial interests of another person.” This act also defines the penalties for fraud as imprisonment up to ten years, a fine, or both.[35]

Examples
Following are some examples of real instances of insurance fraud that occurred in recent years: • According to a report by a United States district court in Illinois, a psychiatrist who practiced as the Assistant Medical Director and Medical Director at a psychiatric facility in Illinois from 1998 through 2002 submitted claims to Medicare for psychiatric and psychotherapy services that he in fact never actually provided. He also “up-coded,” or billed for more expensive services than those that were actually provided, many claims that he submitted to Medicare. In addition, he admitted patients that did not qualify for treatment so that he could submit bills for hospital care even though it was not medically necessary for those patients. Through these schemes, this

Insurance fraud psychiatrist was able to fraudulently obtain $875,881 in Medicare Reimbursements before his conviction in February 2005.[36] • The Insurance Information Institute estimates that in New York, fraud and abuse in the state’s no-fault auto system cost New York drivers $229 million in 2009 as a result of dishonest medical service providers who file inflated and often bogus medical claims, unscrupulous lawyers who sue insurers that challenge these claims and others who help defraud insurers by staging accidents and recruiting supposedly injured claimants to fraudulent medical clinics. The average cost of a no-fault insurance claim in New York soared to $8,690 by the third quarter of 2009 and was the third-highest in the U.S. after Michigan and New Jersey. The average cost of a no-fault insurance claim in New York was up 55 percent from $5,615 at the end of 2004. [37] • According to the Coalition Against Insurance Fraud, a former business executive from Chicago resorted to insurance fraud to pay off his debt of over $672,000. He set fire to his own home in order to collect insurance money on it. In order to disguise this act of arson, he trapped his ninety year old mother in the basement while the house was burning so that the fire would appear to be a suicide. He received about $600,000 in insurance money, but was eventually convicted on several charges and sentenced to 190 years in federal prison.[38]

132

Bibliography
• Bolton, Richard J. and David J. Hand. "Statistical Fraud Detection: A Review." Statistical Science. 17.3 (2002): 235-249. • Clarke, Michael. "The Control of Insurance Fraud, A Comparative View." The British Journal of Criminology. 30.1 (1990): 1-23. • Coalition Against Insurance Fraud. Annual Report. Washington, DC: Coalition Against Insurance Fraud, 2006. • Coalition Against Insurance Fraud. "Insurance Fraud Hall of Shame: Mother Almost Blamed for Son's Arson." 31 12 2006. Coalition Against Insurance Fraud. 13 December 2007.[39] • Coalition Against Insurance Fraud. "Learn About Fraud." Coalition Against Insurance Fraud. 1 December 2007.[40] • Derrig, Richard A. "Insurance Fraud." The Journal of Risk and Insurance. 69.3 (2002): 271-287. • Dornstein, Ken. Accidentally on Purpose: The Making of a Personal Injury Underworld in America. New York: St. Martin's Press, 1996. • Feldman, Roger. "An Economic Explanation for Fraud and Abuse in Public Medical Care Programs." The Journal of Legal Studies. 30.2 (2001): 569-577. • Ghezzi, Susan Guarino. "A Private Network of Social Control: Insurance Investigative Units." Social Problems. 30.5 (1983): 521-531. • Hyman, David A. "Health Care Fraud and Abuse: Market Change, Social Norms, and the Trust 'Reposed in the Workmen'." The Journal of Legal Studies. 30.2 (2001): 531-567. • Insurance Information Institute. "Fraud." Insurance Information Institute. 1 December 2007.[41] • Insurance Information Institute. "Insurance Fraud." Insurance Information Institute. 1 December 2007.[42] • Insurance Information Institute. "No-Fault Insurance Fraud in N.Y. State." Insurance Information Institute. 1 December 2007.[43] • Legislative Assembly of British Columbia. "Traffic Safety Statutes Amendment Act." 1997. • Manes, Alfred. "Insurance Crimes." Journal of Criminal Law and Criminology 35.1 (1945): 34-42. • Ministry of Justice. "Fraud Act 2006." 11 August 2006. The UK Statute Law Database. 13 December 2007.[44] • National Health Care Anti-Fraud Association. "The Problem of Health Care Fraud." National Health Care Anti-Fraud Association. 1 December 2007.[45] • Office of the Law Revision Counsel, U.S. House of Representatives. "United States Code; Title 18, Section 1347." 2 January 2006.[46]

Insurance fraud • Pontell, Henry N., Paul D. Jesilow and Gilbert Geis. "Policing Physicians: Practitioner Fraud and Abuse in a Government Medical Program." Social Problems. 30.1 (1982): 117-125. • Staple, George. "Serious and Complex Fraud: A New Perspective." The Modern Law Review. 56.2 (1993): 127-137. • Tennyson, Sharon and Pau Salsas-Forn. "Claims Auditing in Automobile Insurance: Fraud Detection and Deterrence Objectives." The Journal of Risk and Insurance. 69.3 (2002): 289-308. • U.S. Fire Administration. "Arson Fire Statistics." 11 October 2007. U.S. Fire Administration. 13 December 2007.[47] • United States of America v. Naseem Chaudhry. United States District Court, Northern District of Illinois, Eastern Division. February 2005. • Viaene, Stijn, et al. "A Comparison of State-of-the-Art Classification Techniques for Expert Automobile Insurance Claim Fraud Detection." The Journal of Risk and Insurance. 69.3 (2002): 373-421.

133

Citations
[1] [2] [3] [4] Manes, Alfred. "Insurance Crimes." p. 34. Coalition Against Insurance Fraud. Annual Report. Insurance Information Institute. "Insurance Fraud." National Health Care Anti-Fraud Association. "The Problem of Health Care Fraud."

[5] Hyman, David A. "Health Care Fraud and Abuse." p. 532. [6] Insurance Fraud Bureau. "Fighting Organized Insurance Fraud." p. 2. [7] Insurance Bureau of Canada. "Cost of Personal Injury Fraud." [8] Insurance Information Institute. "Fraud." [9] Coalition Against Insurance Fraud. "Learn About Fraud." [10] Feldman, Roger. "Economic Explanation." p. 569-570. [11] Hyman, David A. "Health Care Fraud and Abuse." p. 541. [12] Hyman, David A. "Health Care Fraud and Abuse." p. 547. [13] Pontell, Henry N., et al. "Policing Physicians." p. 118. [14] Tennyson, Sharon et al. "Claims Auditing" p. 289. [15] Derrig, Richard A. "Insurance Fraud." p. 274. [16] "BBC News - Car crash scams at record level" (http:/ / www. bbc. co. uk/ news/ uk-11046344). Bbc.co.uk. 2010-08-21. . Retrieved 2010-08-21. [17] The One Show Team - September 15, 2008 3:50 PM (2008-09-15). "Crash for cash - a scam for the unquestioning? - Consumer" (http:/ / www. bbc. co. uk/ blogs/ theoneshow/ consumer/ 2008/ 09/ 15/ crashing-in-on-crime. html). Bbc.co.uk. . Retrieved 2010-08-21. [18] Dornstein, Ken. Accidentally on Purpose. p. 3. [19] (http:/ / motherjones. com/ politics/ 1993/ 09/ swoop-and-squats#) [20] (http:/ / www. theglobeandmail. com/ report-on-business/ how-small-time-auto-insurance-scams-have-evolved-into-big-business-in-canada/ article1850088/ ) [21] Manes, Alfred. "Insurance Crimes." p. 35. [22] U.S. Fire Administration. "Arson Fire Statistics." [23] Mercury News 05/06/2009 http://www.mercurynews.com/breakingnews/ci_12308730 [24] "Housing and Council Tax Benefit fraud - Allerdale Borough Council" (http:/ / www. allerdale. gov. uk/ advice-and-benefits/ benefits/ housing-benefit/ housing-benefit-fraud. aspx). Allerdale.gov.uk. 2009-11-02. . Retrieved 2010-08-21. [25] Bolton, Richard J. “Statistical Fraud Detection.” p. 236. [26] Derrig, Richard A. "Insurance Fraud." p. 277. [27] Viaene, Stijn, et al. "Insurance Claim Fraud Detection." p. 375. [28] Derrig, Richard A. "Insurance Fraud." p. 278. [29] Viaene, Stijn, et al. "Insurance Claim Fraud Detection." p. 374. [30] Ghezzi, Susan Guarino. " Private Network." [31] Office of the Law Revision Counsel, U.S. House of Representatives. "United States Code." [32] Clarke, Michael. “The Control of Insurance Fraud.” p. 10. [33] Legislative Assembly of British Columbia. "Traffic Safety Statutes Amendment Act." [34] Staple, George. "Serious and Complex Fraud." p. 127. [35] Ministry of Justice. "Fraud Act 2006." [36] United States of America v. Naseem Chaudhry. [37] Insurance Information Institute. "No-Fault Insurance Fraud."

Insurance fraud
[38] Coalition Against Insurance Fraud. "Insurance Fraud Hall of Shame." p. 99. [39] "Articles on insurance fraud" (http:/ / www. insurancefraud. org/ article. lasso?RecID=1532). Insurancefraud.org. 2006-12-31. . Retrieved 2010-08-21. [40] "Learn about fraud" (http:/ / www. insurancefraud. org/ learn_about_fraud. htm). Insurancefraud.org. . Retrieved 2010-08-21. [41] "Fraud" (http:/ / www. iii. org/ media/ facts/ statsbyissue/ fraud/ ). III. . Retrieved 2010-08-21. [42] "Insurance Fraud" (http:/ / www. iii. org/ media/ hottopics/ insurance/ fraud/ ). III. . Retrieved 2010-08-21. [43] "Conozca los deducibles por huracanes y si aplica a su póliza de seguro de propietario de vivienda" (http:/ / www. iii. org/ media/ research/ newyorknofaultauto/ ). III. . Retrieved 2010-08-21. [44] "Fraud Act 2006 (c. 35) - Statute Law Database" (http:/ / www. statutelaw. gov. uk/ content. aspx?LegType=All+ Legislation& title=fraud& Year=2006& searchEnacted=0& extentMatchOnly=0& confersPower=0& blanketAmendment=0& sortAlpha=0& TYPE=QS& PageNumber=1& NavFrom=0& parentActiveTextDocId=2922456& ActiveTextDocId=2922458& fi). Statutelaw.gov.uk. 2007-01-15. . Retrieved 2010-08-21. [45] "Anti-Fraud Resource Center" (http:/ / www. nhcaa. org/ eweb/ DynamicPage. aspx?webcode=anti_fraud_resource_centr& wpscode=TheProblemOfHCFraud). Nhcaa.org. . Retrieved 2010-08-21. [46] "U.S. Code" (http:/ / uscode. house. gov/ uscode-cgi/ fastweb. exe?getdoc+ uscview+ t17t20+ 687+ 0+ + () AND ((18) ADJ USC):CITE AND (USC w/ 10 (1347)):CITE ). Uscode.house.gov. . Retrieved 2010-08-21. [47] "USFA Arson Fire Statistics" (http:/ / www. usfa. dhs. gov/ statistics/ arson/ index. shtm). Usfa.dhs.gov. 2010-01-05. . Retrieved 2010-08-21.

134

Zalma, Barry "Insurance Fraud" an E- Book available at http://www.zalma.com/Insurance Fraud.htm

External links
• Insurance Information Institute (http://www.iii.org/). Insurance Information Institute. • National Health Care Anti-Fraud Association (http://www.nhcaa.org/). National Health Care Anti-Fraud Association. • National Insurance Crime Bureau (http://www.nicb.org/). National Insurance Crime Bureau. • Insurance Bureau of Canada (http://www.ibc.ca/). Insurance Bureau of Canada. • UK Insurance Fraud Bureau (http://www.insurancefraudbureau.org/). • U.S. Fire Administration (http://www.usfa.dhs.gov/) • Insurance Research Council (http://www.ircweb.org/). Insurance Research Council. • 2009 Florida report: Impacts of the Economy and Insurance Fraud (http://www.myfloridacfo.com/fraud/ forms/Economic_Impacts_8-2009.pdf)

Fiddle game

135

Fiddle game
The fiddle game is a confidence trick, involving two men. The first enters a restaurant, dressed poorly and carrying a violin, and asks to be seated. He eats his meal, then contrives a reason to leave (typically he is short a little money, but this could be any of a variety of reasons, as long as it allows for a swift return for payment). No host would allow him to do so, but as insurance he offers his violin, praising its sentimental value and emphasizing its necessary return. An agreement is reached; the man leaves. His partner then approaches the host, requesting to inspect the instrument. Doing so, he makes much ado about its hidden value, revealing it to be a lost masterpiece. He offers a large sum for it, but cannot wait for its owner to return; he leaves his card with the host and ask that he pass it along. This con, as many do, relies on the inherent dishonesty of the mark. An honest mark, upon the first man's return, will hand over both card and instrument, leaving the partners out the cost of two dinners, but still in possession of the violin. The other response, and the one the con artists hope for, is the dishonest man's. With the return of the first man, the mark will attempt to purchase the violin, banking on making a quick profit with the number of the collector. The first man parts with the violin, but very reluctantly, driving up the amount the mark is willing to pay. At the end, the partners split whatever the mark paid them for the violin; the mark is left with a cheap wooden toy and a bogus business number.

References

Pigeon drop
Pigeon drop is a confidence trick in which a mark or "pigeon" is persuaded to give up a sum of money in order to secure the rights to a larger sum of money, or more valuable object.[1] [2] [3] [4] In reality, the scammers make off with the money and the mark is left with nothing. In the process, the stranger (actually a confidence trickster) puts his money with the mark's money (in an envelope, briefcase, or sack) which the mark is then entrusted with. The money is actually not put into the sack or envelope, but is switched for a bag full of newspaper or other worthless material. Through various theatrics, the mark is given the opportunity to make off with money without the stranger realising. In actuality, the mark would be fleeing from his own money, which the con man still has (or has handed off to an accomplice).

References
[1] Swierczynski, Duane (2003), The complete idiot's guide to frauds, scams, and cons, Alpha Books, p. 28, ISBN 9780028644158 [2] "Psychology Today - How to Run a Con" (http:/ / blogs. psychologytoday. com/ blog/ the-moral-molecule/ 200811/ how-run-a-con). Blogs.psychologytoday.com. 2008-11-13. . Retrieved 2009-07-03. [3] Arrington, Rick (2006), Crime prevention: the law enforcement officer's practical guide, Jones & Bartlett Publishers, p. 103, ISBN 9780763741303 [4] Bercowetz, Cynthia (2004), Don't Get Ripped Off! Get Help! Tell It to George, Buy Books on the web, p. 219, ISBN 9780741422286

External links
• Video of a live pigeon drop (http://www.youtube.com/watch?v=Ur3nMiP-XV0) • How to Run a Con (http://blogs.psychologytoday.com/blog/the-moral-molecule/200811/how-run-a-con)

Art student scam

136

Art student scam
The art student scam is a confidence trick in which cheap, mass-produced paintings or prints are misrepresented as original works of art, often by young people pretending to be art students trying to raise money for art supplies or tuition fees.[1] [2] [3] [4] In some early instances of the scam the sellers represented themselves as Israeli art students, but the scam is now international, with instances of Chinese, French, Chilean, and other nationalities posing as art students or dealers in Australia, Canada, China, New Zealand and the United States since at least 2000. The art is often sold door-to-door, bypassing exhibition sites or art galleries.[4] [5] [6] [7] [8]

Mass-produced paintings
Most mass-produced prints and paintings originate in Asia. Some are essentially posters, sometimes referred to as "Hong Kong horrors", printed on rough paper, making the lack of brush strokes less apparent. Oil paintings are mass-produced in China, which does a booming business in legitimate replicas of old masters. In Dafen, in Shenzhen, China, 10,000 painters produce up to 30 paintings a day and some five million paintings are exported each year, about 10% of which are not copies, but original works. The paintings sell for as little as US$10 each.[9]

United States
From the summer of 2000, news outlets in the Pacific Northwest reported young people posing as Israeli students selling mass-produced oil paintings, both copies and originals, for US$80–$200 each. The 'art students' were said to be going door-to-door primarily targeting residential neighborhoods and businesses with people "who might like art". They claimed to be studying at art universities in Israel, and to be in the United States selling works by talented fellow students to raise money for art supplies or school fees.[3] Through the early 2000s some 130 separate incidents of 'art student' encounters" were reported across the United States. Allegations of Israeli spying were raised after the leaking of an internal DEA report suggesting a connection between the art scammers and a spy ring.[10] Several dozen Israelis in their twenties, including supposed art students, were deported for undertaking paid work not allowed by their visas.[11] Israel dismissed claims of spying as "nonsense."[10] In 2010 the scam surfaced again in Saratoga Springs, Northern Utah County, with allegations that the Israeli art students were asking about the new National Security Agency's data center being built at Camp Williams.[12]

Australia and New Zealand
People posing as Israeli art students were reported in Australia and New Zealand from as early as 2003.[4] [13] The paintings are worth around A$5, but are passed off as being worth hundreds of dollars.[5] Three backpackers, an Israeli and two Chileans, were taken to court in Dunedin for the scam in 2003, but were discharged as the judge said that they were "minnows" in the organisation. They reportedly made NZ$15,000 in three weeks from the scam. The NZ Consumers' Institute suspected that an Auckland man was the organiser of the operation.[8] A 23-year-old man was arrested in New South Wales, Australia, for operating the scam and 50 oil paintings were found in his car.[14] An adviser for the New Zealand Consumer Affairs Ministry said that "All around the world, students from various countries are doing this". She suggested that the scam's organiser may place advertisements in backpackers’ lodges to recruit students.[15] The scammers have also claimed to be Greek, Argentinian and French.[16] [17]

Art student scam

137

Canada
In 2004, a group of Israelis said to have been selling mass-produced paintings as their own work, for hundreds of dollars each, were deported from Canada for working in violation of their visas.[18] The scam recurred in 2009 in Calgary, and Warman, Saskatchewan; eight people claiming to be students from Israel, Germany and France were arrested and 100 paintings were seized by the Royal Canadian Mounted Police and Border Services.[19]

China
In China, scammers approach tourists at popular attractions such as the Forbidden City and Tiananmen Square.[20] The scammer speaks English well enough to get into a conversation with the foreigner. The scammer claims to be an art student whose works are on display at a nearby exhibition which is part of the scam and sells mass-produced art reproductions at exorbitant prices. There are warnings about this scam in tourist guides.[21] [22]

References
[1] "Scam art ripples Peninsula 'Students' up-sell cheap, mass-produced works door-to-door". Peace Arch News (The (White Rock, British Columbia, Canada)): p. 1. Tuesday, August 10, 2004. ""An Israeli art scam with suggested links to espionage and fundamentalist fundraisers may have turned up on the Semiahmoo Peninsula. At least half a dozen locals-probably more-were likely duped by the hoax, which has for years puzzled North American authorities.Young Israelis posing as art students travel door-to-door hocking mass-produced art as their own. The works are worth little, but still sell for hundreds of dollars to naive customers."" [2] Wilton, Suzanne, "Art-sales-scam ringleaders ordered to leave Canada", Vancouver Sun, Vancouver, B.C.: Aug 7, 2004. pg. A.8. [3] "Information On An Israeli Art Scam" (http:/ / www. komonews. com/ news/ archive/ 4007381. html). Komo News. August 30, 2006. . [4] Moyes, Sarah; Michelle Robinson (5 March 2010). "Warning on art scam" (http:/ / www. stuff. co. nz/ auckland/ local-news/ east-bays-courier/ 3403169/ Warning-on-art-scam). East And Bays Courier. . Retrieved 29 July 2010. [5] "Foreign students caught up in fake art scam" (http:/ / www. abc. net. au/ news/ stories/ 2008/ 04/ 18/ 2220627. htm). Australian Broadcasting Corporation. April 18, 2008. . [6] Gandia, Renato (August 19, 2009). ""Israeli art scam" preying on people's kindness" (http:/ / www. calgarysun. com/ news/ alberta/ 2009/ 08/ 19/ 10523156. html). Calgary Sun. . [7] "Oil painting scam hits the Border" (http:/ / www. bordermail. com. au/ news/ local/ news/ general/ oil-painting-scam-hits-the-border/ 1494344. aspx). Border Mail. April 22, 2009. . [8] Dye, Stuart (February 4, 2004). "Brush with law reveals art scam" (http:/ / www. nzherald. co. nz/ nz/ news/ article. cfm?c_id=1& objectid=3547311). NZ Herald. . Coulter, Narelle (January 18, 2006). "Door slammed on ‘original’ art scam" (http:/ / www. starnewsgroup. com. au/ story/ 8437). Star News Group. . Feek, Belinda (January 19, 2010). "Warnings out over art scam" (http:/ / findarticles. com/ p/ news-articles/ waikato-times/ mi_8054/ is_20100119/ warnings-art-scam/ ai_n48688542/ ?tag=content;col1). Waikato Times. . [9] Chinese Art (http:/ / www. shanghai-central. com/ shanghai art. html), shanghai-central.com. [10] Guttman, Nathan (May 7, 2002). "Spies, or students? Were the Israelis just trying to sell their paintings, or agents in a massive espionage ring?" (http:/ / www. haaretz. com/ print-edition/ features/ spies-or-students-1. 45243). Haaretz. . [11] "Israeli student 'spy ring' revealed" (http:/ / www. guardian. co. uk/ education/ 2002/ mar/ 06/ internationaleducationnews. highereducation). London: The Guardian. March 6, 2002. . Retrieved March 6, 2010. [12] Door-to-door spies in Utah County? (http:/ / www. abc4. com/ content/ news/ slc/ story/ Door-to-door-spies-in-Utah-County/ sjOWsjk_zEqf6QeAfk4ZJw. cspx) ABC4 News 9/29/01. [13] Rogers, Sy (2 March 2009). "Beware of “Israeli” door-to-door art scams!" (http:/ / www. designfederation. net/ general/ beware-of-door-to-door-art-scams/ ). Design Federation. . Retrieved 29 July 2010. [14] "Police arrest 23yo over alleged art scam" (http:/ / www. abc. net. au/ news/ stories/ 2008/ 12/ 13/ 2445638. htm?site=idx-nsw). ABC News (Australia). 13 December 2008. . Retrieved 29 July 2010. [15] Robinson, Michelle (4 March 2010). "Door-to-door art scam" (http:/ / www. stuff. co. nz/ auckland/ local-news/ north-shore-times/ 3399549/ Door-to-door-art-scam). North Shore Times. . Retrieved 29 July 2010. [16] Thomson, Alister (12 April 2010). "Bogus student touting art fakes around Clive" (http:/ / www. hawkesbaytoday. co. nz/ local/ news/ bogus-student-touting-art-fakes-around-clive/ 3912395/ ). Hawke's Bay Today. . Retrieved 29 July 2010. [17] "Art sellers painting a suspect picture" (http:/ / www. northernadvocate. co. nz/ local/ news/ art-sellers-painting-a-suspect-picture/ 3912676/ ). The Northern Advocate. 18 April 2010. . Retrieved 29 July 2010. [18] "Scam art ripples Peninsula 'Students' up-sell cheap, mass-produced works door-to-door". Peace Arch News (The (White Rock, British Columbia, Canada)): p. 1. Tuesday, August 10, 2004. ""An Israeli art scam with suggested links to espionage and fundamentalist fundraisers may have turned up on the Semiahmoo Peninsula. At least half a dozen locals-probably more-were likely duped by the hoax, which has for

Art student scam
years puzzled North American authorities. Young Israelis posing as art students travel door-to-door hocking mass-produced art as their own. The works are worth little, but still sell for hundreds of dollars to naive customers."" [19] Slobodian, Erin (4 September 2009). "Scam 'Artists' in Warman" (http:/ / www. newstalk980. com/ story/ 20090904/ 21900). News Talk 980. . Retrieved 29 July 2010. [20] "The famous art show ripoff in Tiananmen Square was recently cleaned up for the Olympics. This was a pretty funny one, where English-speaking 'art students' would strike up conversation with overseas visitors and tell them they happen to be in town for an art show across the street. The show was closing today when I first heard the spiel in 2006, it was closing today when I returned to Beijing in 2007, but the pre-Olympics cleanup really seems to have closed the collection of knockoff art." (http:/ / www. startbackpacking. com/ travel/ china-scam/ ). See also (http:/ / www. virtualtourist. com/ travel/ Asia/ China/ Beijing_Shi/ Beijing-1024960/ Tourist_Traps-Beijing-Art_Students-BR-1. html). [21] Frommer's China, Wiley, ISBN 978-0-470-52658-3, p. 140. (http:/ / books. google. com/ books?id=1DqjMGlyY5QC) "You should also be leery of any English-speaking youngsters who claim to be art students and offer to take you to a special exhibit of their work. [...] The art, which you will be pressured to buy, almost always consists of assembly-line reproductions of famous (or not-so-famous) paintings offered at prices several dozen times higher than their actual value." [22] China Tourism Scams (http:/ / www. chinaprimer. com/ china-travel-tips/ china-tourism-scams. html)

138

Psychic surgery

139

Psychic surgery
Psychic Surgery

Terminology
Definition The use of paranormal means to conduct an alleged invasive medical procedure. Signature Status See also The apparent insertion of the practitioner's hands into a patient's body. Debunked as sleight of hand. Some results may be attributed to placebo. sleight of hand

Psychic surgery is a procedure typically involving the supposed creation of an incision using only the bare hands, the supposed removal of pathological matter, and the seemingly spontaneous healing of the incision. Psychic surgery has been condemned in many countries as a form of medical fraud.[1] [2] [3] It has been denounced by the US Federal Trade Commission as a "total hoax",[2] and the American Cancer Society maintains that psychic surgery may cause needless death by keeping the ill away from life-saving medical care.[3] Medical professionals and skeptics classify it as sleight of hand and any positive results as a placebo effect.[4] [5] [6] [7] It first appeared in the Spiritualist communities of the Philippines and Brazil in the mid-1900s, and it has taken different paths in those two countries.

Procedure
Although psychic surgery varies by region and practitioner, it usually follows some common lines. Without the use of a surgical instrument, a practitioner will press the tips of his/her fingers against the patient's skin in the area to be treated. The practitioner's hands appear to penetrate into the patient's body painlessly and blood seems to flow. The practitioner will then show organic matter or foreign objects apparently removed from the patient's body, clean the area, and then end the procedure with the patient's skin showing no wounds or scars. Most cases do not involve actual surgery although some practitioners make real incisions.[8] In regions of the world where belief in evil spirits is prevalent, practitioners will sometimes exhibit objects, such as glass, explaining that the foreign bodies were placed in the patient's body by evil spirits.[3]

History
Accounts of psychic surgery started to appear in the Spiritualist communities of the Philippines and Brazil in the mid-1900s.

Philippines
In the Philippines, the procedure was first noticed in the 1940s, when performed routinely by Eleuterio Terte. Terte and his pupil Tony Agpaoa, who was apparently associated with the Union Espiritista Christiana de Filipinas (The Christian Spiritist Union of the Philippines), trained others in this procedure.[3] In 1959, the procedure came to the attention of the U. S. public after the publication of Into the Strange Unknown by Ron Ormond and Ormond McGill. The authors called the practice "fourth dimensional surgery," and wrote "[we] still don’t know what to think; but we have motion pictures to show it wasn’t the work of any normal magician, and could very well be just what the Filipinos said it was — a miracle of God performed by a fourth dimensional surgeon."[9]

Psychic surgery Alex Orbito, who became well-known in the U. S. through his association with actress Shirley MacLaine[10] was one said practitioner of the procedure. On June 14, 2005, Orbito was arrested by Canadian authorities and indicted for fraud.[11] On Jan 20, 2006, the charges were dropped as it then seemed unlikely that Orbito would be convicted.[12] Psychic surgery made U.S. tabloid headlines in March 1984 when comedian Andy Kaufman, diagnosed with large cell carcinoma (a rare lung cancer), traveled to the Philippines for a six-week course of psychic surgery.[13] Practitioner Jun Labo claimed to have removed large cancerous tumors and Kaufman declared to believe the cancer had been removed. Kaufman died from renal failure as consequence of a metastatic lung cancer, on May 16, 1984.[14] [15]

140

Brazil
The origins of the practice in Brazil are obscure; but by the late 1950s several "spiritual healers" were practicing in the country. Many of them were associated with Kardecism, a major spiritualistic movement in Brazil, and claimed to be performing their operations merely as channels for spirits of deceased medical doctors.[16] Others were following practices and rituals known as "Umbanda", a shamanic ritualistic religion with mediumistic overtones inherited from the African slaves brought to the country in colonial times. A known Brazilian psychic healer who routinely practiced psychic surgery was Zé Arigó, who claimed to be channeling for a deceased medical doctor of name Dr. Fritz. Unlike most other psychic healers, who work bare-handed, Arigó used a non surgical blade.[17] Other psychic healers who claimed to channel for Dr. Fritz were Edson Queiroz and Rubens Farias Jr..[18] Popular today (especially abroad) is João de Deus, a psychic healer in Abadiânia, state of Goiás.[19] According to the descriptions of Yoshiaki Omura, Brazilian psychic surgery appears to be different from that practiced in the Philippines. Omura calls attention to the fact that practitioners in Brazil use techniques resembling Qi Gong, Shiatsu massage, and chiropractic manipulation. Some patients are also injected with a brown liquid, and alleged minor surgery was performed in about 20% of the cases observed.[20] While Arigó performed his procedures using kitchen knives in improvised settings, Omura reports that the clamping of blood vessels and the closing of the surgical wounds are now performed by licensed surgeons or licensed nurses.[16]

Medical and legal criticism
In 1975, the Federal Trade Commission declared that "'psychic surgery' "is nothing but a total hoax"."[2] Judge Daniel H. Hanscom, when granting the FTC an injunction against travel agencies promoting psychic surgery tours, declared: "Psychic surgery is pure and unmitigated fakery. The 'surgical operations' of psychic surgeons ... with their bare hands are simply phony."[21] In 1990, the American Cancer Society stated that it found no evidence that "psychic surgery" results in objective benefit in the treatment of any medical condition, and strongly urged individuals who are ill not to seek treatment by psychic surgery.[3] The British Columbia Cancer Agency "strongly urges individuals who are ill not to seek treatment by psychic surgeon."[22] While not directly hazardous to the patient, the belief in the alleged benefits of psychic surgery may carry considerable risk for individuals with diagnosed medical conditions, as they may delay or forgo conventional medical help, sometimes with fatal consequences.[3] [23]

Psychic surgery

141

Accusations of fraud
According to stage magician James Randi, psychic surgery is a sleight-of-hand confidence trick. He has said that in personal observations of the procedure, and in movies showing the procedures, he can spot sleight-of-hand moves that are evident to experienced stage magicians, but might deceive a casual observer. Randi has replicated the appearance of psychic surgery himself through the use of sleight-of-hand.[24] Professional magicians Milbourne Christopher and Robert Gurtler have also observed psychic surgeons at work, and claimed to have spotted the use of sleight-of-hand. On his A&E show Mindfreak in the episode "Sucker," illusionist Criss Angel performed "Psychic Surgery," showing first-hand how it may be done (fake blood, plastic bags and chicken livers were used). In Randi's view, the healer would slightly roll or pinch the skin over the area to be treated. When his flattened hand reaches under the roll of skin, it looks and feels as if the practitioner is actually entering into the patient's body. The healer would have prepared in advance small pellets or bags of animal entrails which would be palmed in his hand or hidden beneath the table within easy reach. This organic matter would simulate the "diseased" tissue that the healer would claim to be removing. If the healer wants to simulate bleeding, he might squeeze a bladder of animal blood or an impregnated sponge. If done properly, this procedure may deceive patients and observers. However, some "psychic surgery" procedures do not rely solely on the "sleight of hand" described, as at least one Brazilian performer also cuts his victims' skin to heighten the illusion.[25] The practitioners are using sleight of hand techniques to produce blood or blood-like fluids, animal tissue or substitutes, and/or various foreign objects from folds of skin of the patient as part of a confidence game for financial benefit of the practitioner. Two psychic surgery practitioners provided testimony in a Federal Trade Commission trial that, to their knowledge, the organic matter supposedly removed from the patients usually consists of animal tissue and clotted blood.[3]

In popular culture
• In the 1989 film Penn & Teller Get Killed, comedic magicians Penn and Teller demonstrate how to perform the illusion of psychic surgery. • A 1989 episode of Unsolved Mysteries featured a police officer whose mother claimed to have been cured by psychic surgery, only to die shortly thereafter; her autopsy revealed several tumors. The policeman described himself going undercover to feign illness and desiring psychic surgery, and having the feeling of the practitioner using sleight of hand to supposedly dig into his tissue, as well suspecting that the "cysts" and "tumors" being removed from his body were in actuality ready made chicken parts. • In the TV show Criss Angel Mindfreak, Season 2 Episode "Sucker", Criss explains psychic surgery as a deception. • In the BBC documentary Full Circle with Michael Palin, Michael Palin visits two psychic surgeons while venturing through the Philippines and even assists one of them on a procedure. • In the 1998 Christmas special "Black Canary" of BBC series Jonathan Creek, Jonathan as an expert and designer of illusions exposes the psychic surgeon as being a hoax. • In the 1999 movie Man on the Moon, a movie based on the life of Andy Kaufman, Kaufman receives psychic surgery and notices the "sleight of hand". • In a 2008 episode of a Turkish talk show, "Brian Brushwood", bizarre magician and host of Revision3's Scam School, demonstrated the practice on someone with appendicitis, exposing the fraudulent practices.

Psychic surgery

142

Footnotes
[1] "FTC Decision, July–December 1975" (http:/ / www. ftc. gov/ os/ decisions/ docs/ vol86/ FTC_VOLUME_DECISION_86_(JULY_-_DECEMBER_1975)PAGES_715-825. pdf). . Retrieved 2007-08-19. [2] "F.T.C. Curtails the Promotion Of All Psychic Surgery Tours - The New York Times" (http:/ / select. nytimes. com/ gst/ abstract. html?res=F20E17F73C5B157493C7AB178BD95F418785F9). 1975-10-25. . Retrieved 2007-08-19. [3] "Psychic surgery" (http:/ / caonline. amcancersoc. org/ cgi/ reprint/ 40/ 3/ 184). CA: a cancer journal for clinicians 40 (3): 184–8. 1990. doi:10.3322/canjclin.40.3.184. PMID 2110023. . Retrieved 2007-08-19. [4] Randi, James (1989). The Faith Healers. Prometheus Books. ISBN 0-87975-535-0. [5] David Vernon in Skeptical - a Handbook of Pseudoscience and the Paranormal, ed Donald Laycock, David Vernon, Colin Groves, Simon Brown, Imagecraft, Canberra, 1989, ISBN 0731657942, p47 [6] Evan, Dylan (2003). Placebo. Mind over matter in modern medicine.. Great Britain: Harper Collins Publishers. ISBN 0-00-712613-1. [7] Brody, Howard M.D. PhD (2000). The Placebo response. New York: Harper Collins Publishers. ISBN 0-06-019493-6. [8] Spence, Lewis (2003). Encyclopedia of Occultism & Parapsychology Vol. 2. Kessinger Publishing Co. pp. 750. ISBN 978-0766128170. [9] Into the Strange Unknown By the Two Men Who Lived Every Moment of it (http:/ / www. biblio. com/ details. php?dcx=134022077& aid=frg). The Esoteric Foundation. 1959. ISBN 0-87975-535-0. . [10] "Fake healing" (http:/ / www. rickross. com/ reference/ general/ general475. html). . Retrieved 2007-08-19. [11] "The Filipino Reporter" (http:/ / www. filipinoreporter. com/ archive/ 3327/ headline03. htm). . Retrieved 2007-08-19. [12] "The Filipino Reporter" (http:/ / www. filipinoreporter. com/ archive/ 3424/ headline05. htm). . Retrieved 2007-08-19. [13] ", Psychic Surgery" (http:/ / www. benatural. org/ psychic-surgery. html). . Retrieved 2007-08-19. [14] "Andy Kaufman's death certificate" (http:/ / www. findadeath. com/ Deceased/ k/ Andy Kauffman/ dc. jpg). . Retrieved 2007-08-19. [15] California Death Index (http:/ / vitals. rootsweb. com/ ca/ death/ search. cgi) [16] "Yoshiaki Omura on psychic surgery in Brazil" (http:/ / www. aegis. com/ aidsline/ 1997/ oct/ M97A0099. html). . Retrieved 2007-08-19. [17] "James Randi Educational Foundation — Arigó, José" (http:/ / www. randi. org/ encyclopedia/ Arigo, Jose. html). . Retrieved 2007-08-19. [18] "Rio Journal;Live, in Brazil (Again): The Reincarnated Dr. Fritz - New York Times" (http:/ / query. nytimes. com/ gst/ fullpage. html?res=9A07E1DD1039F931A25752C0A960958260& sec=health& spon=& pagewanted=all). The New York Times. 1996-01-12. . Retrieved 2007-08-19. [19] "John of God" (http:/ / skepdic. com/ johnofgod. html). . Retrieved 2007-08-19. [20] Omura Y. Impression on observing psychic surgery and healing in Brazil which appear to incorporate (+) qi gong energy & the use of acupuncture points. Acupunct Electrother Res. 1997;22(1):17-33. PMID: 9188913 [21] "F.T.C. Curbs Philippines Flights For Cures by 'Psychic Surgery'"; New York Times March 15, 1975, p. 11 (Judge Hanscom: "pure and unmitigated fakery... simply phony") [22] "Unconventional therapies--Psychic surgery" (http:/ / web. archive. org/ web/ 20070202112741/ http:/ / www. bccancer. bc. ca/ PPI/ UnconventionalTherapies/ PsychicSurgery. htm). British Columbia Cancer Agency. February 2000. Archived from the original (http:/ / www. bccancer. bc. ca/ PPI/ UnconventionalTherapies/ PsychicSurgery. htm) on 2007-02-02. . Retrieved 2007-04-01. [23] "NCAHF Statements on Faith Healing and Psychic Surgery" (http:/ / www. ncahf. org/ pp/ faith. html). . Retrieved 2007-08-19. [24] The following images are of Randi demonstrating "psychic surgery": • prepare (http:/ / www. csicop. org/ webmaster/ randi/ prepare. jpg) • go in (http:/ / www. csicop. org/ webmaster/ randi/ go-in. jpg) • come out (http:/ / www. csicop. org/ webmaster/ randi/ come-out. jpg) [25] Commentary, February 18, 2005, A Special Analysis (http:/ / www. randi. org/ jr/ 021805a. html#5)

External links
• James Randi debunks "psychic surgery" (http://youtube.com/watch?v=p3RC3M5VKAQ) • Turkish Television (http://www.youtube.com/watch?v=vuwMhDkd6Qo) Brian Brushwood debunks psychic surgery • Unconventional therapies - Psychic Surgery (http://www.bccancer.bc.ca/PPI/UnconventionalTherapies/ PsychicSurgery.htm) — overview by the British Columbia Cancer Agency • Psychic "surgery" (http://skepdic.com/psurgery.html) — definition in the Skeptic's Dictionary • Fake Healing (http://www.rickross.com/reference/general/general475.html) - a description of an event involving Mr. Orbito with editorial commentary. • Abstract (http://www.ncbi.nlm.nih.gov/entrez/query.fcgi?cmd=Retrieve&db=PubMed& list_uids=9188913&dopt=Abstract) • "Psychic Surgery" (1990) Ca. Cancer J. Clin. 40(3) 184-8 Abstract (http://caonline.amcancersoc.org/cgi/ content/abstract/40/3/184) Full text (http://caonline.amcancersoc.org/cgi/reprint/40/3/184.pdf)

Psychic surgery Terte/Agpaoa origins; exposed by Milbourne Christopher and Robert Gurtler. • "Sideshows of Science," David Perlman, San Francisco Chronicle, January 8, 2001; text (http://www.rickross. com/reference/general/general327.html). Reference to "psychic underground" • 'Psychic surgeon' a heel, not a healer, police say (http://www.theglobeandmail.com/servlet/story/RTGAM. 20050616.wxfraud16/BNStory/National/) Globe and Mail story on Orbito's 2005 arrest in Toronto • Psychic surgeon charged (http://www.filipinoreporter.com/archive/3327/headline03.htm) Filipino Reporter story on Orbito's 2005 arrest in Toronto

143

Organized crime

144

Organized crime

Al Capone, a face commonly associated with organized crime.

Criminology and penology Theories Anomie Differential association theory Deviance Labeling theory Psychopathy Rational choice theory (criminology) Social control theory Social disorganization theory Social learning theory Strain theory Subcultural theory Symbolic interactionism · Victimology Types of crimes Blue-collar crime · Corporate crime Juvenile crime Organized crime Political crime · Public order crime Public order case law in the U.S. State crime · State-corporate crime White-collar crime · Victimless crime Penology Deterrence · Prison

Organized crime

145
Prison reform · Prisoner abuse Prisoners' rights · Rehabilitation Recidivism · Retribution Utilitarianism
Criminal justice portal

See also: Wikibooks:Social Deviance

Organized crime or criminal organizations are transnational, national, or local groupings of highly centralized enterprises run by criminals for the purpose of engaging in illegal activity, most commonly for monetary profit. Some criminal organizations, such as terrorist organizations, are politically motivated (see Violent non-state actor (VNSA)). Gangs may become "disciplined" enough to be considered "organized". An organized gang or criminal set can also be referred to as a mob. Mafia is a term used to describe a number of criminal organizations around the world. The first organization to bear the label was the Sicilian Mafia based in Sicily, known to its members as Cosa Nostra. In the United States, "the Mafia" generally refers to the Italian American Mafia. Other organizations described as mafias include the Russian Mafia, the Irish Mob, the Chinese Triads, the Albanian Mafia, Bosnian mafia, the Japanese Yakuza, the Neapolitan Camorra, the Calabrian 'Ndrangheta, the Apulian Sacra Corona Unita, the Indian Mafia, the Corsican Mafia, the Serbian Mafia, the Mexican Mafia and the Bulgarian mafia. There are also a number of localized mafia organizations around the world bearing no link to any specific ethnic background. In the United States the Organized Crime Control Act (1970) defines organized crime as "The unlawful activities of [...] a highly organized, disciplined association [...]".[1] Criminal activity as a structured group is referred to as racketeering and such crime is commonly referred to as the work of the Mob.

Origins and conceptual background
Today, crime is sometimes thought of as an urban phenomenon, but for most of human history it was the rural world that was crime-ridden. Pirates, highwaymen and bandits attacked trade routes and roads, at times severely disrupting commerce, raising costs, insurance rates and prices to the consumer. According to criminologist Paul Lunde, "Piracy and banditry were to the pre-industrial world what organized crime is to modern society."[2]

"If we take a global rather than strictly domestic view, it becomes evident even crime of the organized kind has a long if not necessarily noble heritage. The word 'thug' dates to early 13th-century India, when Thugs, or gangs of criminals, roamed from town to town, looting and pillaging. Smuggling and drug-trafficking rings are as old as the hills in Asia and Africa, and extant criminal organizations in Italy and Japan [3] trace their histories back several centuries..."

As Lunde states, "Barbarian conquerors, whether Vandals, Goths, Norsemen, Turks or Mongols are not normally thought of as organized crime groups, yet they share many features associated with successful criminal organizations. They were for the most part non-ideological, predominantly ethnically based, used violence and intimidation, and adhered to their own codes of law."[2] Organized crime most typically flourishes when a central government and civil society is disorganized, weak, absent or untrusted. This may occur in a society facing periods of political, economic or social turmoil or transition, such as a change of government or a period of rapid economic development, particularly if the society lacks strong and established institutions and the rule of law. The dissolution of the Soviet Union and the Revolutions of 1989 in Eastern Europe that saw the downfall of the Communist Bloc created a breeding ground for organized criminal organizations. The newest growth sectors for organized crime are identity theft and online extortion. These activities are troubling because they discourage consumers from using the Internet for e-commerce. E-commerce was supposed to level the

Organized crime playing ground between small and large businesses, but the growth of online organized crime is leading to the opposite effect; large businesses are able to afford more bandwidth (to resist denial-of-service attacks) and superior security. Furthermore, organized crime using the Internet is much harder to trace down for the police (even though they increasingly deploy cybercops) since most police forces and law enforcement agencies operate within a local or national jurisdiction while the Internet makes it easier for criminal organizations to operate across such boundaries without detection. In the past criminal organizations have naturally limited themselves by their need to expand. This has put them in competition with each other. This competition, often leading to violence, uses valuable resources such as manpower (either killed or sent to prison), equipment and finances. In the United States, the Irish Mob boss of the Winter Hill Gang (in the 1980s) turned informant for the Federal Bureau of Investigation (FBI). He used this position to eliminate competition and consolidate power within the city of Boston which led to the imprisonment of several senior organized crime figures including Gennaro Angiulo, underboss of the Patriarca crime family. Infighting sometimes occurs within an organization, such as the Castellamarese war of 1930–31 and the Boston Irish Mob Wars of the 1960s and 1970s. Today criminal organizations are increasingly working together, realizing that it is better to work in cooperation rather than in competition with each other. This has led to the rise of global criminal organizations such as Mara Salvatrucha and the 18th Street gang. The Italian-American Mafia in the U.S. have had links with organized crime groups in Italy such as the Camorra, the 'Ndrangheta, Sacra Corona Unita, and Sicilian Mafia. The Cosa Nostra has also been known to work with the Irish Mob (John Gotti of the Gambino family Mugshot of Charles Luciano in 1936, Sicilian and James Coonan of the Westies are known to have worked together, mobster. with the Westies operating as a contract hit squad for the Gambino family after they helped Coonan come to power), the Japanese Yakuza and the Russian Mafia. The United Nations Office on Drugs and Crime estimated that organized crime groups held $322 billion in assets in 2005.[4] This rise in cooperation between criminal organizations has meant that law enforcement agencies are increasingly having to work together. The FBI operates an organized crime section from its headquarters in Washington, D.C. and is known to work with other national (e.g., Polizia di Stato, Russian Federal Security Service (FSB), and the Royal Canadian Mounted Police), federal (e.g., Bureau of Alcohol, Tobacco, Firearms, and Explosives, Drug Enforcement Administration, United States Marshals Service, and the United States Coast Guard), state (e.g., Massachusetts State Police Special Investigation Unit and the New York State Police Bureau of Criminal Investigation) and city (e.g., New York City Police Department Organized Crime Unit and the Los Angeles Police Department Special Operations Division) law enforcement agencies.

146

Notable criminal organizations
Perhaps the best known criminal organizations are the Sicilian and Italian American Cosa Nostra, most commonly known as the Mafia. The Neopolitan Camorra, the Calabrian and Italian Canadian 'Ndrangheta, and the Apulian Sacra Corona Unita are similar Italian organized crime groups. Other organized criminal enterprises include the Russian mafia, Irish mob,Corsican mafia, Chinese Triads and the Japanese Yakuza. On the lower level in the criminal food chain may be street or youth gangs such as the Bloods and Crips. Criminal organizations may function both inside and outside of prison. Such prison gangs include the Mexican Mafia and Aryan Brotherhood. Biker gangs such as the Hells Angels and Outlaws are also believed to be involved in organized crime.

Organized crime

147

Human rights law
Another use of the term "criminal organization" exists in human rights law and refers to an organization which has been found guilty of crimes against humanity. Once an organization has been determined to be a criminal organization, one must only demonstrate that an individual belonged to that organization and not that the individual actually individually committed illegal acts. This concept of the criminal organization came into being during the Nuremberg Trials. Several public sector organizations of Nazi Germany such as the SS and Gestapo were judged to be criminal organizations, while other organizations such as the German Army High Command were indicted but acquitted of charges. This conception of criminal organizations was, and continues to be, controversial, and has not been used in human rights law since the trials at Nuernberg.

Ideological crime
In addition to what is considered traditional organized crime involving direct crimes of fraud swindles, scams, racketeering and other Racketeer Influenced and Corrupt Organizations Act (RICO) predicate acts motivated for the accumulation of monetary gain, there is also non-traditional organized crime which is engaged in for political or ideological gain or acceptance. Such crime groups are often labeled terrorist organizations and include such groups as Al-Qaeda, Animal Liberation Front, Army of God, Black Liberation Army, The Covenant, The Sword, and the Arm of the Lord, Earth Liberation Front, Hamas, Hezbollah, Irish Republican Army, Kurdistan Workers' Party, Lashkar e Toiba, May 19th Communist Organization, The Order, Revolutionary Armed Forces of Colombia, Symbionese Liberation Army, Taliban, United Freedom Front and Weather Underground.

Typical activities
Organized crime often victimize businesses through the use of extortion or theft and fraud activities like hijacking cargo trucks, robbing goods, committing bankruptcy fraud (also known as "bust-out"), insurance fraud or stock fraud (inside trading). Organized crime groups also victimize individuals by car theft (either for dismantling at "chop shops" or for export), art theft, bank robbery, burglary, jewelry theft, computer hacking, credit card fraud, economic espionage, embezzlement, identity theft, and securities fraud ("pump and dump" scam). Some organized crime groups defraud national, state, or local governments by bid-rigging public projects, counterfeiting money, smuggling or manufacturing untaxed alcohol (bootlegging) or cigarettes (buttlegging), and providing immigrant workers to avoid taxes. Organized crime groups seek out corrupt public officials in executive, law enforcement, and judicial roles so that their activities can avoid, or at least receive early warnings about, investigation and prosecution. Organized crime groups also provide a range of illegal services and goods, such as loansharking of money at very high interest rates, assassination, blackmailing, bombings, bookmaking and illegal gambling, confidence tricks, copyright infringement, counterfeiting of intellectual property, kidnapping, prostitution, drug trafficking, arms trafficking, oil smuggling, organ trafficking, contract killing, identity document forgery, illegal dumping of toxic waste, illegal trading of nuclear materials, military equipment smuggling, nuclear weapons smuggling, passport fraud, providing illegal immigration and cheap labor, people smuggling, trading in endangered species, and trafficking in human beings. Organized crime groups also do a range of business and labour racketeering activities, such as skimming casinos, insider trading, setting up monopolies in industries such as garbage collecting, construction and cement pouring, bid rigging, getting "no-show" and "no-work" jobs, money laundering, political corruption, bullying and ideological clamping.

Organized crime

148

Footnotes
[1] [2] [3] [4] http:/ / www. atf. gov/ pub/ fire-explo_pub/ xcomplete. htm Paul Lunde, Organized Crime, 2004. Sullivan, Robert, ed. Mobsters and Gangsters: Organized Crime in America, from Al Capone to Tony Soprano. New York: Life Books, 2002. "Market Value of Organized Crime-Havocscope Black Market" (http:/ / www. havocscope. com/ market-value-of-organized-crime-322-billion/ ). .

External links
• Mob Life: Gangster Kings of Crime (http://www.life.com/image/first/in-gallery/37642/ mob-life-gangster-kings-of-crime#index/0) - slideshow by Life magazine • BBC radio series on global crime (including audio files) (http://www.bbc.co.uk/worldservice/programmes/ global_crime_report/radioseries/) • UNODC - United Nations Office on Drugs and Crime (http://www.unodc.org/unodc/en/organized-crime/ index.html) — Sub-section dealing with organized crime worldwide • Organized Crime Research (http://www.organized-crime.de) — Has a vast collection of definitions of organized crime, reviews of books on organized crime, research papers, and other material • IOCNI (http://www.iocni.com) International organized crime news and information • Crimestoppers (http://www.crimestoppers-uk.org) — Pass on information about crime anonymously to the crime-fighting charity • Squeezing a balloon? (http://www.cmi.no/publications/file/3399-squeezing-a-balloon.pdf) — Squeezing a balloon? Challenging the nexus between organised crime and corruption • "Organized Crime." Oxford Bibliographies Online: Criminology. (http://oxfordbibliographiesonline.com/ display/id/obo-9780195396607-0021) • Havocscope Black Market (http://www.havocscope.com/) Data on organized crime businesses and activities • An Inside Look at Mexican Guns and Arms Trafficking (http://www.mexidata.info/id2684.html) • Organised Crime Research Resources (http://www.sccjr.ac.uk/subjects/Organised-and-WhiteCollar-Crime/6) by the Scottish Centre for Crime and Justice Research (http://www.sccjr.ac.uk) • Compilation of useful resources about Organised Crime (http://www.sccjr.ac.uk/pubs/ Information-Resources-on-Organised-Crime/247) developed and regularly maintained by the Scottish Centre for Crime and Justice Research (http://www.sccjr.ac.uk) and the Scottish Crime and Drug Enforcement Agency (SCDEA) (http://www.sdea.police.uk/)

Identity theft

149

Identity theft
Identity theft is a form of fraud or cheating of another person's identity in which someone pretends to be someone else by assuming that person's identity, typically in order to access resources or obtain credit and other benefits in that person's name. The victim of identity theft (here meaning the person whose identity has been assumed by the identity thief) can suffer adverse consequences if he or she is held accountable for the perpetrator's actions. Organizations and individuals who are duped or defrauded by the identity thief can also suffer adverse consequences and losses, and to that extent are also victims. The term identity theft was coined in 1964[1] and is actually a misnomer, since it is not literally possible to steal an identity as such - more accurate terms would be identity fraud or impersonation or identity cloning but identity theft has become commonplace. "Determining the link between data breaches and identity theft is challenging, primarily because identity theft victims often do not know how their personal information was obtained," and identity theft is not always detectable by the individual victims, according to a report done for the FTC.[2] Identity fraud is often but not necessarily the consequence of identity theft. Someone can steal or misappropriate personal information without then committing identity theft using the information about every person, such as when a major data breach occurs. A US Government Accountability Office study determined that "most breaches have not resulted in detected incidents of identity theft".[3] the report also warned that "the full extent is unknown". A later unpublished study by Carnegie Mellon University noted that "Most often, the causes of identity theft is not known," but reported that someone else concluded that "the probability of becoming a victim to identity theft as a result of a data breach is ... around only 2%".[4] More recently, an association of consumer data companies noted that one of the largest data breaches ever, accounting for over four million records, resulted in only about 1,800 instances of identity theft, according to the company whose systems were breached.[5] A recent article entitled, “Cyber Crime Made Easy" explained the level to which hackers are using malicious software. As one security specialist named Gunter Ollmann said, “Interested in credit card theft? There’s an app for that.” This statement summed up the ease with which these hackers are accessing all kinds of information online. The new program for infecting users’ computers is called Zeus; and the program is so hacker friendly that even an inexperienced hacker can operate it. Although the hacking program is easy to use, that fact does not diminish the devastating effects that Zeus (or other software like Zeus) can do to a computer and the user. For example, the article stated that programs like Zeus can steal credit card information, important documents, and even documents necessary for homeland security. If the hacker were to gain this information, it would mean identity theft or even a possible terrorist attack. (Giles, Jim. "Cyber Crime Made Easy." New Scientist 205.2752 (2010): 20-21. Academic Search Premier. EBSCO. Web. 3 Oct. 2010.)

Types
Sources such as the non-profit Identity Theft Resource Center[6] sub-divide identity theft into five categories: • • • • • Business/commercial identity theft (using another's business name to obtain credit) Criminal identity theft (posing as another person when apprehended for a crime) Financial identity theft (using another's identity to obtain credit, goods and services) Identity cloning (using another's information to assume his or her identity in daily life) Medical identity theft (using another's identity to obtain medical care or drugs)

Identity theft may be used to facilitate or fund other crimes including illegal immigration, terrorism, and espionage. There are cases of identity cloning to attack payment systems, including online credit card processing and medical insurance.[7]

Identity theft Identity thieves occasionally impersonate others for non-financial reasons—for instance, to receive praise or attention for the victim's achievements.[8]

150

Identity cloning and concealment
In this situation, the identity thief impersonates someone else in order to conceal their own true identity. Examples might be illegal immigrants, people hiding from creditors or other individuals, or those who simply want to become "anonymous" for personal reasons. Unlike identity theft used to obtain credit which usually comes to light when the debts mount, concealment may continue indefinitely without being detected, particularly if the identity thief is able to obtain false credentials in order to pass various authentication tests in everyday life.

Criminal identity theft
When a criminal fraudulently identifies himself to police as another individual at the point of arrest, it is sometimes referred to as "Criminal Identity Theft." In some cases criminals have previously obtained state-issued identity documents using credentials stolen from others, or have simply presented fake ID. Provided the subterfuge works, charges may be placed under the victim's name, letting the criminal off the hook. Victims might only learn of such incidents by chance, for example by receiving court summons, discovering their drivers licenses are suspended when stopped for minor traffic violations, or through background checks performed for employment purposes. It can be difficult for the victim of a criminal identity theft to clear their record. The steps required to clear the victim's incorrect criminal record depend on what jurisdiction the crime occurred in and whether the true identity of the criminal can be determined. The victim might need to locate the original arresting officers and prove their own identity by some reliable means such as fingerprinting or DNA fingerprinting, and may need to go to a court hearing to be cleared of the charges. Obtaining an expungement of court records may also be required. Authorities might permanently maintain the victim's name as an alias for the criminal's true identity in their criminal records databases. One problem that victims of criminal identity theft may encounter is that various data aggregators might still have the incorrect criminal records in their databases even after court and police records are corrected. Thus it is possible that a future background check will return the incorrect criminal records.[9] This is just one example of the kinds of impact that may continue to affect the victims of identity theft for some months or even years after the crime, aside from the psychological trauma that being 'cloned' typically engenders.

Synthetic identity theft
A variation of identity theft which has recently become more common is synthetic identity theft, in which identities are completely or partially fabricated. The most common technique involves combining a real social security number with a name and birthdate other than the ones associated with the number. Synthetic identity theft is more difficult to track as it doesn't show on either person's credit report directly, but may appear as an entirely new file in the credit bureau or as a subfile on one of the victim's credit reports. Synthetic identity theft primarily harms the creditors who unwittingly grant the fraudsters credit. Individual victims can be affected if their names become confused with the synthetic identities, or if negative information in their subfiles impacts their credit ratings.[10]

Medical identity theft
Medical identity theft occurs when someone uses a person's name and sometimes other parts of their identity—such as insurance information—without the person's knowledge or consent to obtain medical services or goods, or uses the person’s identity information to make false claims for medical services or goods. Medical identity theft frequently results in erroneous entries being put into existing medical records, which may in turn lead to inappropriate and potentially life-threatening decisions by medical staff.[11]

Identity theft

151

Techniques for obtaining and exploiting personal information for identity theft
Identity thieves typically obtain and exploit personally identifiable information about individuals, or various credentials they use to authenticate themselves, in order to impersonate them. Examples include: • Rummaging through rubbish for personal information (dumpster diving) • Retrieving personal data from redundant IT equipment and storage media including PCs, servers, PDAs, mobile phones, USB memory sticks and hard drives that have been disposed of carelessly at public dump sites, given away or sold on without having been properly sanitized • Using public records about individual citizens, published in official registers such as electoral rolls • Stealing bank or credit cards, identification cards, passports, authentication tokens ... typically by pickpocketing, housebreaking or mail theft • Skimming information from bank or credit cards using compromised or hand-held card readers, and creating clone cards • Using 'contactless' credit card readers to acquire data wirelessly from RFID-enabled passports • Observing users typing their login credentials, credit/calling card numbers etc. into IT equipment located in public places (shoulder surfing) • Stealing personal information from computers using malware, particularly Trojan horse keylogging programs or other forms of spyware • Hacking computer networks, systems and databases to obtain personal data, often in large quantities • Exploiting breaches that result in the publication or more limited disclosure of personal information such as names, addresses, Social Security number or credit card numbers • Advertising bogus job offers in order to accumulate resumes and applications typically disclosing applicants' names, home and email addresses, telephone numbers and sometimes their banking details • Exploiting insider access and abusing the rights of privileged IT users to access personal data on their employers' systems • Infiltrating organizations that store and process large amounts or particularly valuable personal information • Impersonating trusted organizations in emails, SMS text messages, phone calls or other forms of communication in order to dupe victims into disclosing their personal information or login credentials, typically on a fake corporate website or data collection form (phishing) • Brute-force attacking weak passwords and using inspired guesswork to compromise weak password reset questions • Obtaining castings of fingers for falsifying fingerprint identification ... or famously using gummy bears to fool low quality fingerprint scanners[12] • Browsing social networking websites for personal details published by users, often using this information to appear more credible in subsequent social engineering activities • Diverting victims' email or post in order to obtain personal information and credentials such as credit cards, billing and bank/credit card statements, or to delay the discovery of new accounts and credit agreements opened by the identity thieves in the victims' names • Using false pretenses to trick individuals, customer service representatives and help desk workers into disclosing personal information and login details or changing user passwords/access rights (pretexting) • Stealing checks to acquire banking information, including account numbers and bank routing numbers[13] • Guessing Social Security numbers by using information found on Internet social networks such as Facebook and MySpace [14]

Identity theft

152

Individual identity protection
The acquisition of personal identifiers is made possible through serious breaches of privacy. For consumers, this is usually a result of them naively providing their personal information or login credentials to the identity thieves as a result of being duped but identity-related documents such as credit cards, bank statements, utility bills, checkbooks etc. may also be physically stolen from vehicles, homes and offices, or directly from victims by pickpockets and bag snatchers. Guardianship of personal identifiers by consumers is the most common intervention strategy recommended by the US Federal Trade Commission, Canadian Phone Busters and most sites that address identity theft. Such organizations offer recommendations on how individuals can prevent their information falling into the wrong hands. Identity theft can be partially mitigated by not identifying oneself unnecessarily (a form of information security control known as risk avoidance). This implies that organizations, IT systems and procedures should not demand excessive amounts of personal information or credentials for identification and authentication. Requiring, storing and processing personal identifiers (such as Social Security number, national identification number, drivers license number, credit card number, etc.) increases the risks of identity theft unless this valuable personal information is adequately secured at all times. To protect themselves against electronic identity theft by phishing, hacking or malware, individual are well advised to maintain computer security, for example by keeping their operating systems fully patched against known security vulnerabilities, running antivirus software and being cautious in their use of IT. Identity thieves sometimes impersonate dead people, using personal information obtained from death notices, gravestones and other sources to exploit delays between the death and the closure of the person's accounts, the inattentiveness of grieving families and weaknesses in the processes for credit-checking. Such crimes may continue for some time until the deceased's families or the authorities notice and react to anomalies.[15] In recent years, commercial identity theft protection/insurance services have become available in many countries. These services purport to help protect the individual from identity theft or help detect that identity theft has occurred in exchange for a monthly or annual membership fee or premium.[16] The services typically work either by setting fraud alerts on the individual's credit files with the three major credit bureaus or by setting up credit report monitoring with the credit bureaux. While identity theft protection/insurance services have been heavily marketed, their value has been called into question.[17]

Identity protection by organizations
In their May 1998 testimony before the United States Senate, the Federal Trade Commission (FTC) discussed the sale of Social Security numbers and other personal identifiers by credit-raters and data miners. The FTC agreed to the industry's self-regulating principles restricting access to information on credit reports.[18] According to the industry, the restrictions vary according to the category of customer. Credit reporting agencies gather and disclose personal and credit information to a wide business client base. Poor stewardship of personal data by organizations, resulting in unauthorized access to sensitive data, can expose individuals to the risk of identity theft. The Privacy Rights Clearinghouse has documented over 900 individual data breaches by US companies and government agencies since January 2005, which together have involved over 200 million total records containing sensitive personal information, many containing social security numbers.[19] Poor corporate diligence standards which can result in data breaches include: • failure to shred confidential information before throwing it into dumpsters • failure to ensure adequate network security • the theft of laptop computers or portable media being carried off-site containing vast amounts of personal information. The use of strong encryption on these devices can reduce the chance of data being misused should a criminal obtain them.

Identity theft • the brokerage of personal information to other businesses without ensuring that the purchaser maintains adequate security controls • Failure of governments, when registering sole proprietorships, partnerships, and corporations, to determine if the officers listed in the Articles of Incorporation are who they say they are. This potentially allows criminals access to personal information through credit-rating and data mining services. The failure of corporate or government organizations to protect consumer privacy, client confidentiality and political privacy has been criticized for facilitating the acquisition of personal identifiers by criminals.[20] Using various types of biometric information, such as fingerprints, for identification and authentication has been cited as a way to thwart identity thieves, however there are technological limitations and privacy concerns associated with these methods as well.

153

Regional legal responses
Australia
In Australia, each state has enacted laws that dealt with different aspects of identity or fraud issues. Some States have now amended relevant criminal laws to reflect crimes of identity theft, such as the Criminal Law Consolidation Act 1935 (SA), Crimes Amendment (Fraud, Identity and Forgery Offences) Act 2009 and also in Queensland under the Criminal Code 1899 (QLD). Other States and Territories are in states of development in respect of regulatory frameworks relating to identity theft such as Western Australia in respect of Criminal Code Amendment (Identity Crime) Bill 2009. On the Commonwealth level, under the Criminal Code Amendment (Theft, Fraud, Bribery & Related Offences) Act 2000 which amended certain provisions within the Criminal Code Act 1995,

135.1 General dishonesty (3) A person is guilty of an offence if: a) the person does anything with the intention of dishonestly causing a loss to another person; and b) the other person is a Commonwealth entity. Penalty: Imprisonment for 5 years.

Likewise, each state has enacted their own privacy laws to prevent misuse of personal information and data. The Commonwealth Privacy Act is applicable only to Commonwealth and territory agencies, and to certain private sector bodies (where for example they deal with sensitive records, such as medical records, or they have more than $3 million turnover PA).

Canada
Under section 402.2 of the Criminal Code of Canada,

“ “

Everyone commits an offence who knowingly obtains or possesses another person’s identity information in circumstances giving rise to a reasonable inference that the information is intended to be used to commit an indictable offence that includes fraud, deceit or falsehood as an element of the offence. is guilty of an indictable offence and liable to imprisonment for a term of not more than five years; or is guilty of an offence punishable on summary conviction.

” ”

Under section 403 of the Criminal Code of Canada,
(1) Everyone commits an offence who fraudulently personates another person, living or dead, (a) with intent to gain advantage for themselves or another person; (b) with intent to obtain any property or an interest in any property; (c) with intent to cause disadvantage to the person being personated or another person; or (d) with intent to avoid arrest or prosecution or to obstruct, pervert or defeat the course of justice. is guilty of an indictable offence and liable to imprisonment for a term of not more than 10 years; or guilty of an offence punishable on summary conviction.

In Canada, Privacy Act (federal legislation) covers only federal government, agencies and crown corporations. Each province and territory has its own privacy law and privacy commissioners to limit the storage and use of personal

Identity theft data. For the private sector, the purpose of the Personal Information Protection and Electronic Documents Act ( 2000, c. 5 ) (known as PIPEDA) is to establish rules to govern the collection, use and disclosure of personal information; except for the provinces of Quebec, Ontario, Alberta and British Columbia were provincial laws have been deemed substantially similar.

154

France
In France, a person convicted of identity theft can be sentenced up to five years in prison and fined up to €75,000.[21]

Hong Kong
Under HK Laws. Chap 210 Theft Ordinance, sec. 16A Fraud

(1) If any person by any deceit (whether or not the deceit is the sole or main inducement) and with intent to defraud induces another person to commit an act or make an omission, which results either- (a) in benefit to any person other than the second-mentioned person; or (b) in prejudice or a substantial risk of prejudice to any person other than the first-mentioned person, the first-mentioned person commits the offense of fraud and is liable on conviction upon indictment to imprisonment for 14 years.

Under the Personal Data (Privacy) Ordinance, it established the post of Privacy Commissioner for Personal Data and mandate how much personal information one can collect, retain and destruction. This legislation also provides citizens the right to request information held by businesses and government to the extent provided by this law.

India
Under the Information Technology Act 2000 Chapter IX Sec 43 (b)

If any person without permission of the owner or any other person who is incharge of a computer, computer system or computer network, (b) downloads, copies or extracts any data, computer data base or information from such computer, computer system or computer network including information or data held or stored in any removable storage medium; he shall be liable to pay damages by way of compensation not exceeding one crore rupees to the person so affected.

[22]

Sweden
Sweden have had relatively little problems with identity theft. This is because only Swedish identity documents have been accepted for identity verification. Stolen documents are traceable by banks and some other institutions. The banks have the duty to check the identity of people withdrawing money or getting loans. If a bank gives money to someone using an identity document reported as stolen, the bank must take the loss. From 2008 any EU passport are valid in Sweden for identity check, and Swedish passports are valid all over the EU. This makes it harder to detect stolen documents, but still banks in Sweden must ensure that stolen documents are not accepted. Other types of identity theft than over the bank desk have become more common in Sweden. One common example is ordering a credit card to someone who has an unlocked letterbox and is not home on daytime. The thief steals the letter with the credit card and then the letter with the code which typically arrives a few days later. Usage of a stolen credit card is hard in Sweden, since an identity document or a PIN code it is normally demanded. If the shop does not demand that, it must take the loss from stolen credit cards. The method of observing someone using the credit card PIN code, stealing the card or skimming it, and then use the card, has become more common. Legally, Sweden is an open society. The Principle of Public Access says that all information kept by public authorities must be available for anyone except in certain cases. Specificially anyone's address, income, taxes etc. are available to anyone. This makes fraud easier (the address is protected for certain people needing it). To impersonate someone else and gain money from it is a kind of fraud, which is described in the Criminal Code (Swedish:Brottsbalken).

Identity theft

155

United Kingdom
In the United Kingdom personal data is protected by the Data Protection Act 1998. The Act covers all personal data which an organization may hold, including names, birthday and anniversary dates, addresses, telephone numbers, etc. Under English law (which extends to Wales but not necessarily to Northern Ireland or Scotland), the deception offences under the Theft Act 1968 increasingly contend with identity theft situations. In R v Seward (2005) EWCA Crim 1941[23] the defendant was acting as the "front man" in the use of stolen credit cards and other documents to obtain goods. He obtained goods to the value of £10,000 for others who are unlikely ever to be identified. The Court of Appeal considered sentencing policy for deception offenses involving "identity theft" and concluded that a prison sentence was required. Henriques J. said at para 14:"Identity fraud is a particularly pernicious and prevalent form of dishonesty calling for, in our judgment, deterrent sentences." Increasingly, organizations, including Government bodies will be forced to take steps to better protect their users' data.[24] Stats released by CIFAS on the 2nd of February 2010, show that in 2009 in the UK that there were 85,000 victims of impersonation and 24,000 victims of bank account takeovers. this represents a 35% and 15% increase respectively from 2008 levels.[25]

United States
The increase in crimes of identity theft lead to the drafting of the Identity Theft and Assumption Deterrence Act.[26] In 1998, The Federal Trade Commission appeared before the United States Senate.[27] The FTC discussed crimes which exploit consumer credit to commit loan fraud, mortgage fraud, lines-of-credit fraud, credit card fraud, commodities and services frauds. The Identity Theft Deterrence Act (2003)[ITADA] amended U.S. Code Title 18, § 1028 [28] ("Fraud related to activity in connection with identification documents, authentication features, and information"). The statute now makes the possession of any "means of identification" to "knowingly transfer, possess, or use without lawful authority" a federal crime, alongside unlawful possession of identification documents. However, for federal jurisdiction to prosecute, the crime must include an "identification document" that either: (a) is purportedly issued by the United States, (b) is used or intended to defraud the United States, (c) is sent through the mail, or (d) is used in a manner that affects interstate or foreign commerce. See 18 U.S.C. § 1028 [29](c). Punishment can be up to 5, 15, 20, or 30 years in federal prison, plus fines, depending on the underlying crime per 18 U.S.C. § 1028 [29](b). In addition, punishments for the unlawful use of a "means of identification" were strengthened in § 1028A ("Aggravated Identity Theft"), allowing for a consecutive sentence under specific enumerated felony violations as defined in § 1028A(c)(1) through (11). The Act also provides the Federal Trade Commission with authority to track the number of incidents and the dollar value of losses. Their figures relate mainly to consumer financial crimes and not the broader range of all identification-based crimes.[30] If charges are brought by state or local law enforcement agencies, different penalties apply depending on the state. Six Federal agencies conducted a joint task force to increase the ability to detect identity theft. Their joint recommendation on "red flag" guidelines is a set of requirements on financial institutions and other entities which furnish credit data to credit reporting services to develop written plans for detecting identity theft. The FTC has determined that most medical practices are considered creditors and are subject to requirements to develop a plan to prevent and respond to patient identity theft.[31] I These plans must be adopted by each organization's Board of Directors and monitored by senior executives.[32] Identity theft complaints as a percentage of all fraud complaints decreased from 2004-2006.[33] The Federal Trade Commission reported that fraud complaints in general were growing faster than ID theft complaints.[33] The findings were similar in two other FTC studies done in 2003 and 2005. In 2003, 4.6 percent of the US population said they

Identity theft were a victim of ID theft. In 2005, that number had dropped to 3.7 percent of the population.[34] [35] The Commission's 2003 estimate was that identity theft accounted for some $52.6 billion of losses in the preceding year alone and affected more than 9.91 million Americans;[36] the figure comprises $47.6 billion lost by businesses and $5 billion lost by consumers. According to the Federal Trade Commission (FTC), a report released in 2007 revealed that 8.3 million American adults, or 3.7 percent of all American adults, were victims of identity theft in 2005.[37] The latest report from the FTC showed that ID theft increased by 21% in 2008. However, credit card fraud, that crime which is most closely associated with the crime of ID theft, has been declining as a percentage of all ID theft. In 2002, 41% of all ID theft complaints involved a credit card. That percentage has dropped to 21% in 2008.[38] Two states, California[39] and Wisconsin[40] have created an Office of Privacy Protection to assist their citizens in avoiding and recovering from identity theft. In Massachusetts in 2009-2010, Governor Deval Patrick made a commitment to balance consumer protection with the needs of small business owners. His Office of Consumer Affairs and Business Regulation announced certain adjustments to Massachusetts' identity theft regulations that maintain protections and also allows flexibility in compliance. These updated regulations went into effect on March 1, 2010. The regulations are clear that their approach to data security is a risk-based approach important to small businesses and might not handle a lot of personal information about customers.[41] [42] Notification Most states followed California's lead and enacted mandatory data breach notification laws. As a result, companies that report a data breach typically report it to all their customers.[43]

156

Spread and impact
Surveys in the USA from 2003 to 2006 showed a decrease in the total number of victims and a decrease in the total value of identity fraud from US$47.6 billion in 2003 to $15.6 billion in 2006. The average fraud per person decreased from $4,789 in 2003 to $1,882 in 2006. The 2003 survey from the Identity Theft Resource Center[44] found that: • Only 15% of victims find out about the theft through proactive action taken by a business • The average time spent by victims resolving the problem is about 330 hours • 73% of respondents indicated the crime involved the thief acquiring a credit card In a widely publicized account,[45] Michelle Brown, a victim of identity fraud, testified before a U.S. Senate Committee Hearing on Identity Theft. Ms. Brown testified that: "over a year and a half from January 1998 through July 1999, one individual impersonated me to procure over $50,000 in goods and services. Not only did she damage my credit, but she escalated her crimes to a level that I never truly expected: she engaged in drug trafficking. The crime resulted in my erroneous arrest record, a warrant out for my arrest, and eventually, a prison record when she was booked under my name as an inmate in the Chicago Federal Prison." In Australia, identity theft was estimated to be worth between AUS$1billion and AUS$4 billion per annum in 2001.[46] In the United Kingdom the Home Office reported that identity fraud costs the UK economy £1.2 billion annually[47] (experts believe that the real figure could be much higher)[48] although privacy groups object to the validity of these numbers, arguing that they are being used by the government to push for introduction of national ID cards. Confusion over exactly what constitutes identity theft has led to claims that statistics may be exaggerated.[49]

Identity theft

157

Famous identity thieves
• • • • Frank Abagnale Albert Gonzalez Radovan Karadžić Michael Sabo

Cultural references
The public fascination with impostors has long had an effect on popular culture and extends to modern literature, and cinema.[50] • Catch Me If You Can is a 2002 American crime film based on the life of Frank Abagnale Jr., who, before his 19th birthday, successfully conned millions of dollars by posing as a Pan American World Airways pilot, a Georgia doctor and Louisiana attorney and parish prosecutor. His primary crime was cheque forgery, becoming so skillful that the FBI eventually turned to him for help in catching other cheque forgers. • In East Bound and Down HBO (Chapter 7) Kenny Powers moves to Mexico and steals Stevie Janowski's Identity • The story of Michelle Brown has been made into a film.[51] • In Frederick Forsyth's novel The Day of the Jackal the would-be assassin of General de Gaulle steals three identities. Firstly, he assumes the identity of a dead child by obtaining the child's birth certificate and using it to apply for a passport. He also steals the passports of a Danish clergyman and an American tourist, and disguises himself as each of those persons in turn. The assumption of a dead person's identity is now generally known as "Jackal Fraud".[52] • In the 1995 movie The Net, Sandra Bullock plays a computer consultant whose life is taken over with the help of computer assisted identity theft. • In Jonathan Smith's novel Night Windows the action is based on the horrific and real life theft of Smith's own identity. • In the webcomic Kevin and Kell the character Danielle Kindle dies and is later "replaced" by a double from a parallel world. After an attempt at taking over her predecessor's identity, Danielle Kendall confesses her true nature and gets accepted by the predecessor's family—if not by all the readers. • T. Coraghessan Boyle's 2006 novel Talk Talk describes the theft of Dana Halter's identity, and her and Martin Bridger's chase of the thief across the country. • In Susan Schaab's novel Wearing the Spider a female attorney gets caught in a web of sexual harassment, identity theft and political intrigue. • In the Family Guy episode "Back to the Woods", James Woods, having gotten his hands on Peter's wallet, steals Peter's identity, so Peter retaliates by stealing Woods' identity and angering people. • In Harry Potter and the Goblet of Fire, Barty Crouch Jr. magically steals the identity of Mad-Eye Moody. • In The Talented Mr. Ripley novel (1955) and movie (1999), after murdering Greenleaf, Ripley assumes his identity, living off the latter's allowance. • In The Office (Season 3 Episode 21), Jim steals Dwight's identity as a prank. • In Gattaca (1997), Vincent borrows the identity of another person in a society which analyzes peoples DNA and predetermines how successful you can or can not be (coined in the movie as a "borrowed ladder"). • That Mitchell and Webb Sound features a sketch in which a bank manager tells a customer that his identity has been stolen, although the customer claims that he is still himself and it is in fact his money that has been stolen and therefore the bank's fault and not his. • In Mad Men, Dick Whitman, an enlisted man from a poor background, is wounded in the Korean War and switches identities with Donald Draper, an officer who has been killed. As 'Don Draper', he becomes a successful advertising man.

Identity theft • Puccini's opera Gianni Schicchi, based on a reference in Dante's Inferno, tells of a character who impersonates a recently deceased man in order to make himself the beneficiary of his will. • In Paper Mario The Thousand Year Door, Doopliss stole the identity of Mario just as a prank.

158

References
[1] "[[Oxford English Dictionary (http:/ / dictionary. oed. com/ cgi/ entry/ 50111220/ 50111220se23)] online"]. Oxford University Press. September 2007. . Retrieved 27 September 2010. [2] Federal Trade Commission – 2006 Identity Theft Survey Report, p.4 [3] "Data Breaches Are Frequent, but Evidence of Resulting Identity Theft Is Limited; However, the Full Extent Is Unknown" (http:/ / www. gao. gov/ new. items/ d07737. pdf). Highlights of GAO-07-737, a report to congressional requesters. gao.gov. . Retrieved 22 September 2010. [4] Sasha Romanosky. "Do Data Breach Disclosure Laws Reduce Identity Theft?" (http:/ / www. heinz. cmu. edu/ research/ 241full. pdf). Heinz First Research Paper. heinz.cmu.edu. . [5] "Story" (http:/ / pressherald. mainetoday. com/ story. php?id=256153). Pressherald.maintoday.com. . [6] "Identity Theft Resource Center website" (http:/ / www. idtheftcenter. org/ ). idtheftcenter.org. . [7] "Medical Identity Theft: What to Do if You are a Victim (or are concerned about it)" (http:/ / www. worldprivacyforum. org/ medidtheft_consumertips. html), World Privacy Forum [8] Former Major League Baseball player Reno Stephens was impersonated for over twenty years by an individual with the same name. There is no evidence that the impersonator gained financially from the impersonation but he did receive significant local attention. [9] Privacy Rights Clearinghouse (http:/ / www. privacyrights. org/ fs/ fs17g-CrimIdTheft. htm) - "Fact Sheet 17g: Criminal Identity Theft: What to Do if It Happens to You " [10] McFadden, Leslie (2007-05-16). "Detecting synthetic identity fraud" (http:/ / www. bankrate. com/ brm/ news/ pf/ identity_theft_20070516_a1. asp). Bankrate.com. pp. 1–2. . Retrieved 2008-09-21. [11] "Medical Identity Theft" (http:/ / www. fightidentitytheft. com/ blog/ medical-identity-theft-protect-yourself). fightidentitytheft.com. . Retrieved 27 September 2010. [12] "Biometric Devices and Fingerprint Spoofing" (http:/ / www. washjeff. edu/ users/ ahollandminkley/ Biometric/ index. html), ITL 233: Cyberattacks], January 2006, , Washington & Jefferson College [13] "Identity Theft" (http:/ / www. douglascountysheriff. org/ idtheft/ idtheftmain. htm), Douglas County Sheriff's Office, Washington [14] Olmos, David (2009-07-06). "Social Security Numbers Can Be Guessed From Data, Study Finds" (http:/ / www. bloomberg. com/ apps/ news?pid=newsarchive& sid=aKbjO. Ew4S2E). Bloomberg. . Retrieved 2011-01-04. [15] IDtheftcenter.org (http:/ / www. idtheftcenter. org/ artman2/ publish/ c_tips/ Fact_Sheet_117_IDENTITY_THEFT_AND_THE_DECEASED_-_PREVENTION_AND_VICTIM_TIPS. shtml), Identity Theft Resource Center Fact Sheet 117 Identity Theft and the Deceased - Prevention and Victim Tips. [16] Identity Theft Protection Services (http:/ / www. nextadvisor. com/ identity_theft_protection_services/ compare. php) retrieved on 2008-12-16 [17] Identity-Theft Protection: What Services Can You Trust? (http:/ / www. pcworld. com/ article/ 145077/ identitytheft_protection_what_services_can_you_trust. html) PC World.com, retrieved on 2008-12-16 [18] Testimony before the Subcommittee on Technology, Terrorism and Government Information (http:/ / www. ftc. gov/ os/ 1998/ 05/ identhef. htm), Committee of the Judiciary, United States Senate May 20, 1998 pp 5,6 [19] A Chronology of Data Breaches (http:/ / www. privacyrights. org/ ar/ ChronDataBreaches. htm) [20] Internet Identity Theft - A Tragedy for Victims (http:/ / www. siia. net/ software/ pubs/ iit-00. pdf), Software and Information Industry Association. Retrieved June 30, 2006. [21] Journaldunet.com (http:/ / www. journaldunet. com/ juridique/ juridique040309. shtml) [22] The Information Technology Act 2000 (http:/ / nicca. nic. in/ pdf/ itact2000. pdf) [23] R v Seward (2005) EWCA Crim 1941 (http:/ / www. bailii. org/ ew/ cases/ EWCA/ Crim/ 2005/ 1941. html) [24] Government Bodies Must Play Their Part in Securing Against Identity Theft (http:/ / www. infocycle. co. uk/ index. php?option=com_content& task=view& id=43& Itemid=43) [25] UK Fraud Prevention Agency Say ID Theft Increase of 32% in 2009 (http:/ / id-theft-uk. blogspot. com/ 2010/ 02/ uk-fraud-prevention-agency-say-id-theft. html), Identity Theft UK Blog, 3 February 2010 [26] FTC.gov (http:/ / www. ftc. gov/ os/ statutes/ itada/ itadact. htm), Public Law 105-318, 112 Stat. 3007 (Oct. 30, 1998) [27] Prepared Statement of the Federal Trade Commission on "Identity Theft" (http:/ / www. ftc. gov/ os/ 1998/ 05/ identhef. htm), May 20, 1998 [28] http:/ / www. law. cornell. edu/ uscode/ uscode18/ usc_sec_18_00001028---A000-. html [29] http:/ / www. law. cornell. edu/ uscode/ 18/ 1028. html [30] Federal Trade Commission (http:/ / www. consumer. gov/ idtheft/ ). Retrieved June 30, 2006. [31] Michael,Sara "Getting Red Flag Ready" (http:/ / www. physicianspractice. com/ index/ fuseaction/ newsletterArticles. view/ articleID/ 87. htm) PhysiciansPractice.com, 2009-05-21. Retrieved July 2, 2009. [32] 72 Fed. Reg. 70944 (http:/ / www. ftc. gov/ os/ fedreg/ 2007/ december/ 071213factafurnisheraccuracy. pdf) (PDF). Retrieved 2008-01-29.

Identity theft
[33] Law Enforcement Contact1 January 1 December 31, 2001 (http:/ / www. ftc. gov/ bcp/ edu/ microsites/ idtheft/ downloads/ clearinghouse_2006. pdf) [34] FTC-Synovate Rep Final 26Aug.PDF (http:/ / www. ftc. gov/ bcp/ edu/ microsites/ idtheft/ downloads/ synovate_report. pdf) [35] Federal Trade Commission: 2006 Identity Theft Survey Report: Prepared for the Commission by Synovate (November 2007) (http:/ / www. ftc. gov/ os/ 2007/ 11/ SynovateFinalReportIDTheft2006. pdf) [36] FTC.gov (http:/ / www. ftc. gov/ opa/ 2003/ 09/ idtheft. shtm), releases Survey of Identity Theft in U.S. 27.3 Million Victims in past 5 Years, Billions in Losses for Businesses and Consumers [37] 8.3 Million Identity Theft Victims, Start Shredding (http:/ / blog. monomachines. com/ 2008/ 05/ identity-theft-93-million/ ); MonoMachines.com Retrieved 2008-06-19. [38] Consumer Sentinel Network Data Book (http:/ / www. ftc. gov/ sentinel/ reports/ sentinel-annual-reports/ sentinel-cy2008. pdf) (PDF), Federal Trade Commission [39] California Office of Identity Protection (http:/ / www. privacyprotection. ca. gov/ ) [40] Wisconsin's Office of Privacy Protection (http:/ / privacy. wi. gov/ ) [41] "Consumer Identity Theft" (http:/ / www. mass. gov/ ?pageID=ocatopic& L=3& L0=Home& L1=Consumer& L2=Identity+ Theft& sid=Eoca). Commonwealth of Massachusetts, 2010 [42] "Frequently Asked Question Regarding 201 CMR 17.00" (http:/ / www. mass. gov/ Eoca/ docs/ idtheft/ 201CMR17faqs. pdf), Commonwealth of Massachusetts, Office of Consumer Affairs and Business Regulation, November 3, 2009 [43] States Offer Data Breach Protection (http:/ / www. naag. org/ states-offer-data-breach-protection. php), NAAG [44] IDtheftcenter.org (http:/ / www. idtheftcenter. org) [45] Verbal Testimony by Michelle Brown (http:/ / www. privacyrights. org/ cases/ victim9. htm), July 2000, U.S. Senate Committee Hearing on the Judiciary Subcommittee on Technology, Terrorism and Government Information – "Identity Theft: How to Protect and Restore Your Good Name" [46] Identity Crime Research and Coordination (http:/ / www. acpr. gov. au/ research_idcrime. asp), Australasian Center for Policing Research. Retrieved June 30, 2006. [47] Home Office (May 26, 2004). "What is Identity theft?" (http:/ / www. identitytheft. org. uk/ ). identitytheft.co.uk. . Retrieved September 27, 2010. [48] "Free help, tips and advice on avoiding and dealing with Identity Theft" (http:/ / identity-theft. weebly. com/ what-is-it. html). identity-theft.weebly.com. . [49] Bruce Schneier. "Identity Theft Over-Reported" (http:/ / www. schneier. com/ blog/ archives/ 2005/ 11/ identity_theft. html). . Retrieved June 30, 2006. [50] Pintér Róbert (2007), D5.2c: Identity related crime in the world of films (http:/ / www. fidis. net/ resources/ deliverables/ forensic-implications/ #c1774), FIDIS deliverable Del 5.2 [51] IMDb: Identity Theft: The Michelle Brown Story (2004) (http:/ / www. imdb. com/ title/ tt0430211/ ) [52] The Day of the Jackal

159

External links
• The New Era of Identity Theft (http://www.criminal-justice-careers.com/crime/id-theft.html)–[Criminal Justice Resources] • Identity theft (http://www.ftc.gov/bcp/edu/microsites/idtheft/) – United States Federal Trade Commission • The President’s Task Force on Identity Theft (http://www.idtheft.gov) – a government task force established by US President George W. Bush to fight identity theft. • Identity theft (http://www.dmoz.org/Society/Crime/Theft/Identity_Theft/) at the Open Directory Project • Identity Theft (http://www.mysecurecyberspace.org/encyclopedia/index/identity-theft.html#msc. encyclopedia.identitytheft) – Carnegie Mellon University • Identity Theft: A Research Review, National Institute of Justice 2007 (http://www.ojp.usdoj.gov/nij/topics/ crime/id-theft/welcome.htm) • Identity Theft and Fraud (http://www.usdoj.gov/criminal/fraud/websites/idtheft.html) – United States Department of Justice • Get ID Smart (http://www.getidsmart.com/) 'Public service site offering free prevention tips' • Dateline NBC investigation (http://www.msnbc.msn.com/id/17805134/) 'To Catch an ID Thief' • Downloadable identity theft curriculum for educators (http://incredibleinternet.com/identity-theft/ id-theft-curriculum) • "Transcript of Attorney General Alberto R. Gonzales and FTC Chairman Deborah Platt Majoras Announcing the Release of the President's Identity Theft Task Force" (http://web.archive.org/web/20070911112747/http://

Identity theft www.usdoj.gov/ag/speeches/2007/ag_speech_0704231.html). US Department of Justice. April 23, 2007. Archived from the original (http://www.usdoj.gov/ag/speeches/2007/ag_speech_0704231.html) on September 11, 2007. Retrieved 2007-04-24. • ID Theft Prevention: Nine Ways to Protect Yourself (http://www.creditlearningcenter.com/ ID-Theft-Prevention/Nine-Ways-to-Protect-Yourself-from-Identity-Theft.html)

160

Money laundering
Money laundering is generally regarded as the practice of engaging in financial transactions to conceal the identity, source, and/or destination of illegally gained money by which the proceeds of crime are converted into assets which appear to have a legitimate origin. In the United Kingdom the statutory definition is wider.[1] It is common to refer to money legally obtained as “clean”, and money illegally obtained as “dirty”. Money laundering occurs over a period of three steps: the first involves the physical distribution of the cash (“placement”), the second involves carrying out complex financial transactions in order to camouflage the illegal source (“layering”), and the final step entails acquiring wealth generated from the transactions of the illicit funds (“integration”). In the past, the term money laundering was applied only to financial transactions related to organized crime. Today its definition is often expanded by government and international regulators such as the U.S. Office of the Comptroller of the Currency to mean any financial transaction which generates an asset or a value as the result of an illegal act, which may involve actions such as tax evasion or false accounting. In the UK, it does not even need to involve money, but any economic good. Courts involve money laundering committed by private individuals, drug dealers, businesses, corrupt officials, members of criminal organizations such as the Mafia, and even states. As financial crime has become more complex, and "Financial Intelligence" (FININT) has become more recognized in combating international crime and terrorism, money laundering has become more prominent in political, economic, and legal debate. Money laundering is ipso facto illegal; the acts generating the money almost always are themselves criminal in some way (for if not, the money would not need to be laundered).

Cashing up
A business taking large amounts of small change each week (e.g. a convenience store) needs to deposit that money in a bank. If its deposits vary greatly for no obvious reason this can draw suspicion; but if the transactions are regular and roughly the same the suspicion is easily discounted. This is the basis of all money laundering, a track record of depositing clean money before slipping through dirty money. In the United states for example, cash transactions and deposits of more than $10,000 must be reported by the cashier (the bank etc.) as "significant cash transactions" to the Financial Crimes Enforcement Network FinCEN, with any other suspicious financial activity identified as "suspicious activity reports" In other jurisdictions suspicion-based requirements may be placed on financial services employees and firms to report any suspicious activity to the authorities.

Captive business
Another method is to start a business whose cash inflow cannot be monitored, and funnel the small change into it and pay taxes on it. But all bank employees are trained to be constantly on the lookout for transactions that seem to be trying to get around reporting requirements. To avoid suspicion, shell companies should deal directly with the public, perform some service (not provide physical goods), and have a business that reasonably would accept cash as a matter of course. Dealing directly with the public in cash gives a plausible reason for not having a record of customers. For example, a hairstylist is paid in cash, and even if she knows her customers' names, she does not know their bank details. A record of a haircut must ostensibly be accepted as prima facie evidence. Service businesses have

Money laundering the advantage of the anonymity of resources—but the disadvantage that they must deal in cash. A business that sells computers has to account for the computers, whereas the hairstylist does not have to produce the cut hair, but the receipt for the computer, even if inflated, exists—that for the haircut probably does not. It is of course also possible to invent customers, purely for the purpose of accepting money from them.

161

Structuring
In structuring, (also known as "smurfing"), money is put into the licit economy in such a way as to avoid legal record keeping and reporting requirements. For example: deposits of less than $10,000 (anything over that amount would require a report to be filed with the IRS) are made into multiple bank accounts that are then withdrawn after a sufficient amount of time has passed to avoid suspicion.

Legislation
Many jurisdictions adopt a list of specific predicate crimes for money laundering prosecutions as a "self launderer".

Bangladesh
In Bangladesh, this issue has been dealt with by the Prevention of Money Laundering Act, 2002 (Act No. VII of 2002). In terms of section 2, "Money Laundering means (a) Properties acquired or earned directly or indirectly through illegal means; (b) Illegal transfer, conversion, concealment of location or assistance in the above act of the properties acquired or earned directly of indirectly through legal or illegal means." In this Act, “Properties means movable or immovable properties of any nature and description”. To prevent these Illegal uses of money Bangladesh Govt. has introduced the Money Laundering Prevention Act. The Act was last amended in the year 2009 and all the Financial Institutes are following this act. Till today there are 26 Circulars issued by Bangladesh Bank under this act. To prevent Money laundering a banker must do the following: While opening a new account, the account opening form should be duly filled up by all the information of the Customer. The KYC has to be properly filled up The TP (Transaction Profile) is mandatory for a client to understand his/her transactions. If needed, the TP has to be updated at the Client’s consent. All other necessary papers should be properly collected along with the Voter ID card. If there is any suspicious transaction is notified, the BAMLCO (Branch Anti Money Laundering Compliance Officer) has to be notified and accordingly the STR (Suspicious Transaction Report) reporting has to be done. The Cash department should be aware of the Transactions. It has to be noted if suddenly a big amount of money is deposited in any account. Proper documents will be required if any Client does this type of transaction. Structuring, over/ under Invoicing is another way to do Money Laundering. The Foreign Exchange Department should look into this matter cautiously. If in any account there is a transaction exceeding 7.00 lac in a single day that has to be reported as CTR (cash Transaction report) All the Bank Officials must go through all the 26 Circulars and must use in doing the Banking.

Money laundering

162

Canada
The National Initiative to Combat Money Laundering, with the involvement of the Solicitor General of Canada, the RCMP, Justice Canada, Canada Customs and Revenue Agency, and, Citizenship and Immigration, began operation in 1998.

India
The Prevention of Money-Laundering Act, 2002 came into effect on 1 July 2005. Section 3 of the Act makes the offense of money-laundering cover those persons or entities who directly or indirectly attempt to indulge or knowingly assist or knowingly are party or are actually involved in any process or activity connected with the proceeds of crime and projecting it as untainted property, such person or entity shall be guilty of offense of money-laundering. Section 4 of the Act prescribes punishment for money-laundering with rigorous imprisonment for a term which shall not be less than three years but which may extend to seven years and shall also be liable to fine which may extend to five lakh rupees and for the offences mentioned [elsewhere] the punishment shall be up to ten years. Section 12 (1) prescribes the obligations on banks, financial institutions and intermediaries (a) to maintain records detailing the nature and value of transactions which may be prescribed, whether such transactions comprise of a single transaction or a series of transactions integrally connected to each other, and where such series of transactions take place within a month; (b) to furnish information of transactions referred to in clause (a) to the Director within such time as may be prescribed and t records of the identity of all its clients. Section 12 (2) prescribes that the records referred to in sub-section (1) as mentioned above, must be maintained for ten years after the transactions finished. The provisions of the Act are frequently reviewed and various amendments have been passed from time to time. The recent activity in money laundering in India is through political parties corporate companies and share market.

United Kingdom
Money laundering and terrorist funding legislation in the UK is governed by four Acts of primary legislation:• • • • Terrorism Act 2000[2] Anti-terrorism, Crime and Security Act 2001[3] Proceeds of Crime Act 2002[4] Serious Organised Crime and Police Act 2005[5]

The Proceeds of Crime Act 2002 contains the primary UK anti-money laundering legislation,[6] including provisions requiring businesses within the 'regulated sector' (banking, investment, money transmission, certain professions, etc.) to report to the authorities suspicions of money laundering by customers or others.[7] Money laundering is widely defined in the UK.[8] In effect any handling or involvement with any proceeds of any crime (or monies or assets representing the proceeds of crime) can be a money laundering offence. An offender's possession of the proceeds of his own crime falls within the UK definition of money laundering.[9] The definition also covers activities which would fall within the traditional definition of money laundering as a process by which proceeds of crime are concealed or disguised so that they may be made to appear to be of legitimate origin.[10] Unlike certain other jurisdictions (notably the USA and much of Europe), UK money laundering offences are not limited to the proceeds of serious crimes, nor are there any monetary limits, nor is there any necessity for there to be a money laundering design or purpose to an action for it to amount to a money laundering offence. A money laundering offence under UK legislation need not involve money, since the money laundering legislation covers assets of any description. In consequence any person who commits an acquisitive crime (i.e. one from which he obtains some benefit in the form of money or an asset of any description) in the UK will inevitably also commit a money laundering offence under UK legislation.

Money laundering This applies also to a person who, by criminal conduct, evades a liability (such as a taxation liability) - referred to by lawyers as "obtaining a pecuniary advantage" - as he is deemed thereby to obtain a sum of money equal in value to the liability evaded.[8] The principal money laundering offences carry a maximum penalty of 14 years imprisonment.[11] Secondary regulation is provided by the Money Laundering Regulations 2003[12] and 2007[13] One consequence of the Act is that solicitors, accountants, and insolvency practitioners who suspect (as a consequence of information received in the course of their work) that their clients (or others) have engaged in tax evasion or other criminal conduct from which a benefit has been obtained, are now required to report their suspicions to the authorities (since these entail suspicions of money laundering). In most circumstances it would be an offence, 'tipping-off', for the reporter to inform the subject of his report that a report has been made.[14] These provisions do not however require disclosure to the authorities of information received by certain professionals in privileged circumstances or where the information is subject to legal professional privilege. Professional guidance (which is submitted to and approved by the UK Treasury) is provided by industry groups including the Joint Money Laundering Steering Group[15] and the Law Society.[16] However there is no obligation on banking institutions to routinely report monetary deposits or transfers above a specified value. Instead reports have to be made of all suspicious deposits or transfers, irrespective of their value. The reporting obligations include reporting suspicions relating to gains from conduct carried out in other countries which would be criminal if it took place in the UK.[17] Exceptions were later added to exempt certain activities which were legal in the location where they took place, such as bullfighting in Spain.[18] There are more than 200,000 reports of suspected money laundering submitted annually to the authorities in the UK (there were 240,582 reports in the year ended 30 September 2010 - an increase from the 228,834 reports submitted in the previous year[19] ). Most of these reports are submitted by banks and similar financial institutions (there were 186,897 reports from the banking sector in the year ended 30 September 2010[20] ). Although 5,108 different organisations submitted suspicious activity reports to the authorities in the year ended 30 September 2010 just four organisations submitted approximately half of all reports, and the top 20 reporting organisations accounted for three-quarters of all reports.[21] The offence of failing to report a suspicion of money laundering by another person carries a maximum penalty of 5 years imprisonment.[11] Bureaux de change All UK Bureaux de change are registered with Her Majesty's Revenue and Customs which issues a trading licence for each location. Bureaux de change and money transmitters, such as Western Union outlets, in the UK fall within the 'regulated sector' and are required to comply with the Money Laundering Regulations 2007.[13] Checks can be carried out by HMRC on all Money Service Businesses.

163

United States
In U.S. law, "reasonably accepting cash" means the business must regularly perform services that on average are less than $500 each. It is assumed that above that amount most people pay with a check, a credit card, or another (traceable) payment method. The company should actually function on a legitimate level. In the hairstyler example, it is perfectly reasonable for a lot of the business to involve mostly labour (dyes and machine oil and so forth being relatively small concerns), and for most transactions to be settled in cash. But it is unreasonable for all of the business to work without parts and just on cash. So the legitimate business will generate a legitimate (if low) level of parts use, and enough traceable transactions to mask the illegitimate ones. Anti-money laundering (AML/CFT) laws typically have other offences such as "tipping off (warning)", "willful blindness", "not reporting suspicious activity", "conscious facilitation of a money launderer", "assisting a terrorist

Money laundering financier with moving terrorist financing". The Bank Secrecy Act of 1970 requires banks to report cash transactions of $10,000.01 or more. The Money Laundering Control Act of 1986 further defined money laundering as a federal crime. The U.S.A PATRIOT Act of 2001 expanded the scope of prior laws to more types of financial institutions, and added a focus on terrorist financing, specifying that financial institutions take specific actions to "know your customer" (KYC). In the United States, Federal law provides: "Whoever ... knowing[ly] ... conducts or attempts to conduct ... a financial transaction which in fact involves the proceeds of specified unlawful activity ... with the intent to promote the carrying on of specified unlawful activity ... shall be sentenced to a fine of not more than $500,000 or twice the value of the property involved in the transaction, whichever is greater, or imprisonment for not more than twenty years, or both. While money laundering typically involves the flow of "dirty money" (criminal proceeds) into a clean bank account or negotiable instrument, terrorist financing frequently involves the reverse flow: apparently clean funds converted to "dirty" purposes. A hawala may launder drug proceeds and help fund a terrorist, netting the incoming and outgoing funds with only occasional small net settlement transactions. NASA case From 1992 to 1996 a nine-agency Federal Task Force investigation led by NASA's Office of Inspector General investigated Omniplan Corporation of Houston and California. It became the largest count indictment and conviction in NASA history, with the owner of Omniplan, Ralph Montijo, being convicted of 179 felonies in his multi-million dollar embezzlement scheme. Five of his companies were also convicted of felonies, they were, Omniplan, Papa Primo's of Texas, Papa Primo's of Arizona, Omnipoint Production Services and Mercury Trust. These companies, together with two unincorporated companies, Space Industries Leasing and Space Industries Properties were liquidated. Each embezzlement count was associated with a corresponding money laundering count which resulted in dozens of convictions for money laundering. In a New York Times story, NASA Office of Inspector General Senior Special Agent Joseph Gutheinz, who led the Omniplan investigation, said "We didn't get any pizzas, but we got the bills", referring to the fact that some of the alleged mischarging to the NASA contract also involved costs associated with two of Ralph Montijo's pizza companies, Papa Primo's of Texas, and Papa Primo's of Arizona. Laundered or not? Money obtained by an illegal action is not, of itself, laundered money in most jurisdictions (an exception being the United Kingdom where mere possession of the proceeds of any crime is itself capable of being a money laundering offence[9] ). The laundering offence comes from the attempt to conceal its source, not because the transaction was itself illegal (which is a separate offence). The Supreme Court of the United States on June 2, 2008, rendered two judgments in favour of defendants, narrowing the application of the federal money-laundering statute. In a unanimous opinion written by Justice Clarence Thomas, the Court reversed Acuna, Mexico's Humberto Cuellar's conviction and ruled that "hiding $81,000 in cash under the floorboard of a car and driving toward Mexico is not enough to prove the driver was guilty of money laundering; instead, prosecutors must also prove the driver was traveling to Mexico for the purpose of hiding the true source of the funds." That is, the prosecution had not made its prima facie case. The Court further ruled "that federal prosecutors have gone too far in their use of money laundering charges to combat drug traffickers and organized crime; that money laundering charges under the Money Laundering Control Act of 198, Sec. 18 U.S.C. § 1956 [22](a)(2)(B)(i) apply only to profits of an illegal gambling ring and cannot be used when the only evidence of a possible crime is when a courier headed to the Texas-Mexico border with $81,000 in cash proceeds of a cannabis transaction; it cannot be proven merely by showing that the funds were concealed in a secret compartment of a Volkswagen Beetle; instead, prosecutors must show that the purpose of transporting funds in a money laundering case was to conceal their ownership, source or control; the

164

Money laundering secrecy must be part of a larger design to disguise the source or nature of the money." Later, in a divided decision, the Court reversed the convictions of Efrain Santos of Indiana and Benedicto Diaz for money laundering based on cash from an illegal lottery. In the plurality opinion, Justice Antonin Scalia wrote that the law referred to the "proceeds of some form of unlawful activity; paying off gambling winners and compensating employees who collect the bets don't qualify as money laundering; the word “proceeds” in the federal money-laundering statute, 18 U.S.C. § 1956 [22], and §1956(a)(1)(A)(i) and §1956(h), applies only to transactions involving criminal profits, not criminal receipts; those are expenses, and prosecutors must show that profits were used to promote the illegal activity." Congress clarified the meaning of the statute in the Fraud Enforcement and Recovery Act of 2009, defining proceeds explicitly to include both profits and gross receipts. Congress enacted the 1986 statute after the President's Commission on Organized Crime stressed the problem of "washing" criminal proceeds through overseas bank accounts and legitimate businesses. It imposes a 20-year maximum prison term.

165

Fighting money laundering
The first defense against money laundering is the requirement on financial intermediaries to know their customers—often termed KYC know your customer requirements. Knowing one's customers, financial intermediaries will often be able to identify unusual or suspicious behavior, including false identities, unusual transactions, changing behaviour, or other indicators of laundering. But for institutions with millions of customers and thousands of customer-contact employees, traditional ways of knowing their customers must be supplemented by technology. Many Companies provide software and databases to help perform these processes. Bank and corporate security directors can also play an important role in fighting money laundering.

Using information technology
Information technology can never be a replacement for a well-trained investigator, but as money laundering techniques become more sophisticated, so too does the technology used to fight it. Before anti-money laundering programs became commonplace, in the U.S. the Bank Secrecy Act required financial institutions to file Currency Transaction Reports for cash transactions of more than $10,000. These CTRs prove invaluable for investigators, but money launderers began to structure their transactions to avoid the reporting requirements. As a result, the U.S. passed laws against structuring transactions to avoid the reporting requirements, and most structuring would trigger a Suspicious Activity Report by the financial institution. The various software packages are capable of name analysis, rule-based systems, statistical and profiling engines, neural networks, link analysis, peer group analysis, and time sequence matching. Also, there are specific KYC solutions that offer case-based account documentation acceptance and rectification, as well as automatic risk scoring of the customer taking account of country, business, entity, product, transaction risks that can be reviewed intelligently. Other elements of AML technology include portals to share knowledge and e-learning for training and awareness. This software is not used exclusively to track money laundering, but more often the common theft of credit cards or bank details. Unusual activity on an account may trigger a call from the card issuer to make sure it has not been misused. Financial Crimes Enforcement Network FinCEN is an organization created by the United States Department of the Treasury. FinCEN receives Suspicious Activity Reports from financial institutions, analyses them, and shares their data with U.S. law enforcement agencies and Financial Intelligence Units FIUs of other countries. One of its strategic goals is to improve information-sharing through eGovernment. It offers training and advice to organizations of foreign governments to help improve the efficacy of their own anti-money laundering programs.

Money laundering

166

Anti-money laundering (AML) software
Anti-money laundering (AML) software is a type of computer program used by financial institutions to analyze customer data and detect suspicious transactions. Anti-laundering systems filter customer data, classify it according to level of suspicion and inspect it for anomalies. Such anomalies would include any sudden and substantial increase in funds or a large withdrawal. In both the United States and Canada, all transactions of $10,000 or greater must be reported. Smaller transactions that meet certain criteria may be also be flagged as suspicious. For example, a person who wants to avoid detection will sometimes deposit a large sum as multiple smaller sums within a brief period of time. That practice, known as "structuring," will also lead to flagged transactions. The software flags names that have been blacklisted and transactions involving countries that are thought to be hostile to the host nation. Once the software has mined data and flagged suspect transactions, it generates a report. Important aspects of AML software:• • • • • • • • • Suspicious Activity Detection Know Your Customer (KYC) Management Caution / Watch List Management & Checking Of Customers / Prospects Customer Risk Categorization Link Tracing Large Cash Transaction Reporting Regulatory Reporting KPI / KRI Dashboards for Chief Compliance Officers Online AML and List Check for Remittance Transactions

9/11 and the international response to the underground economy
After September 11, 2001, money laundering became a major concern of the United States' war on terror, although critics argue that it has become less and less important for the White House. Clearstream International, based in Luxembourg, was a central securities depository and clearing house, a "bank of banks" which practiced financial clearing and centralized debit and credit operations for hundreds of banks. It was accused of being a major operator of the underground economy via a system of unpublished accounts. Bahrain International Bank, owned by Osama bin Laden, would have profited from these transfer facilities.[23] The scandal prompted André Lussi, Clearstream's CEO, to resign on 31 December 2001; several judicial investigations were opened and the European Commission was interpelled by Members of the European Parliament (MEPs) Harlem Désir, Glyn Ford, and Francis Wurtz, who asked the Commission to investigate the accusations and to ensure that the 10 June 1990 directive (91/308 CE) on control of financial establishment was applied in all member states, including Luxembourg, effectively.[24] The international response to the underground economy has been coordinated by the [25] "FATF" (also known by its French acronym of "GAFI"), whose original 40 principles form the basis of most international responses to money laundering. A further 8 principles, designed to counteract funding to terrorist organisations, were added on 30 June 2003, in response to the 9/11, with another added 22 October 2004, to form what are now known as the [26] (AML/CFT). Compliance with these principles, or at least a move towards them, is now seen as a requirement of an internationally active bank or other financial service entity.

Money laundering

167

FATF: Financial Action Task Force against Money Laundering
Formed in 1989 by the G7 countries, the Financial Action Task Force on Money Laundering (FATF) is an intergovernmental body whose purpose is to develop and promote an international response to combat money laundering. In October 2001, FATF expanded its mission to include combating the financing of terrorism. FATF is a policy-making body, which brings together legal, financial and law enforcement experts to achieve national legislation and regulatory AML and CFT reforms. Currently, its membership consists of 31 countries and territories and two regional organizations. In addition, FATF works in collaboration with a number of international bodies and organizations. These entities have observer status with FATF, which does not entitle them to vote, but permits full participation in plenary sessions and working groups.

Amounts
Many regulatory and governmental authorities quote estimates each year for the amount of money laundered, either worldwide or within their national economy. A frequently cited figure is 2-5% of the worldwide global economy, stated by the IMF. But some academics note that such figures are usually simply "best guesses". In 1997 the FATF, an arm of the OECD set up to combat money laundering, frankly admitted "the vast majority of FATF members lack sufficient data to support any credible estimate."[27] Although admissions of that nature are no longer maintained, there is still a dearth of data on the actual amounts of money laundered worldwide. Some academic commentators have expressed real concerns about the reliability and basis of figures used by governmental and multinational organizations. It is always hard to find out real figures about illegal acts. We are faced with the problem that there has been little work to develop an objective academic analysis of the true extent of laundering, which means that we do not have a framework within which the appropriateness of legislative measures can be evaluated. Without this, it is difficult to challenge the 'alarmist' position of the authorities whereby such estimates have been put forward, quoted and repeated, becoming, through such repetition, seemingly established truths. It can be argued ... that global estimates are little more than informed guesses: "large numbers are frequently thrown around without serious support" (Reuter and Truman, 2005, p.56), reproduced to the point at which they gain, through mere repetition, some form of reliable accuracy.[28]

References
[1] [2] [3] [4] [5] Part 7 Proceeds of Crime Act 2002 "OPSI: Terrorism Act" (http:/ / www. opsi. gov. uk/ acts/ acts2000/ ukpga_20000011_en_1). . Retrieved 2009-02-14. "OPSI: Anti-Terrorist Crime & Security Act" (http:/ / www. opsi. gov. uk/ Acts/ acts2001/ ukpga_20010024_en_1). . Retrieved 2009-02-14. "OPSI: Proceeds of Crime Act" (http:/ / www. opsi. gov. uk/ acts/ acts2002/ ukpga_20020029_en_1). . Retrieved 2009-02-14. "OPSI: Serious Organised Crime and Police Act 2005" (http:/ / www. opsi. gov. uk/ acts/ acts2005/ ukpga_20050015_en_1). . Retrieved 2009-02-14. [6] Sections 327 - 340, Proceeds of Crime Act 2002 [7] Section 330, Proceeds of Crime Act 2002 [8] Section 340, Proceeds of Crime Act 2002 [9] Section 329, Proceeds of Crime Act 2002 [10] Section 327, Proceeds of Crime Act 2002 [11] Section 334, Proceeds of Crime Act 2002 [12] "OPSI: Money Laundering Regulations 2003" (http:/ / www. opsi. gov. uk/ si/ si2003/ 20033075. htm). . Retrieved 2009-02-14. [13] "OPSI: Money Laundering Regulations 2007" (http:/ / www. opsi. gov. uk/ si/ si2007/ uksi_20072157_en_1). . Retrieved 2009-02-14. [14] Section 333A, Proceeds of Crime Act 2002 [15] "Joint Money Laundering Steering Group" (http:/ / www. jmlsg. org. uk/ bba/ jsp/ polopoly. jsp;jsessionid=aH1DPtXgUly-?d=749). . Retrieved 2009-02-14. [16] "Law Society AML Guidance" (http:/ / www. lawsociety. org. uk/ newsandevents/ news/ majorcampaigns/ view=newsarticle. law?CAMPAIGNSID=217590). . Retrieved 2009-02-14. [17] Section 340(2), Proceeds of Crime Act 2002 [18] David Winch, "Money Laundering Law Changes" (http:/ / www. accountingevidence. com/ documents/ articles/ Money laundering law changes. pdf) (2006)

Money laundering
[19] 'The Suspicious Activity Reports Regime Annual Report 2010 published by SOCA [20] 'The Suspicious Activity Reports Regime Annual Report 2010 published by SOCA [21] 'The Suspicious Activity Reports Regime Annual Report 2010 published by SOCA [22] http:/ / www. law. cornell. edu/ uscode/ 18/ 1956. html [23] Lucy Komisar (October 4, 2001). "Tracking Terrorist Money - 'Too Hot for U.S. to handle?'" (http:/ / www. webcom. com/ hrin/ magazine/ money. html). Pacific News Service. . Retrieved February 2006. [24] (French) Official March 2000 French Parliamentary Report on the obstacles on the control and repression of financial criminal activity and of money-laundering in Europe (http:/ / www. assemblee-nationale. fr/ rap-info/ i2311-51. asp#P1089_155970) by French MPs Vincent Peillon and Arnaud Montebourg, third section on "Luxembourg's political dependency toward the financial sector: the Clearstream affair" (pp.83-111 on PDF version) [25] Financial Action Task Force on Money Laundering (http:/ / www. fatf-gafi. org) [26] "40 + 9" principles of anti-money laundering and combating the financing of terrorism (http:/ / www. fatf-gafi. org/ dataoecd/ 7/ 40/ 34849567. PDF) [27] FATF 1997 report into global money laundering, page 3 [28] Harvey, Dr Jackie (June 2008). Money Laundering Bulletin.

168

• Anti money laundering software and methods (http://finance.vsoni.com/money-laundering-1)

External links
• Money laundering (http://www.dmoz.org/Society/Crime/Research/Money_Laundering//) at the Open Directory Project • UNODC - United Nations Office on Drugs and Crime - on money-laundering and countering the financing of terrorism (http://www.unodc.org/unodc/en/money-laundering/index.html)

Extortion
Extortion, outwresting, and/or exaction is a criminal offense which occurs when a person unlawfully obtains either money, property or services from a person(s), entity, or institution, through coercion. Refraining from doing harm is sometimes euphemistically called protection. Extortion is commonly practiced by organized crime groups. The actual obtainment of money or property is not required to commit the offense. Making a threat of violence which refers to a requirement of a payment of money or property to halt future violence is sufficient to commit the offense. Exaction refers not only to extortion or the unlawful demanding and obtaining of something through force,[1] but additionally, in its formal definition, means the infliction of something such as pain and suffering or making somebody endure something unpleasant.[2] In the United States, extortion may also be committed as a federal crime across a computer system, phone, by mail or in using any instrument of "interstate commerce". Extortion requires that the individual sent the message "willingly" and "knowingly" as elements of the crime. The message only has to be sent (but does not have to reach the intended recipient) to commit the crime of extortion. Extortion is distinguished from robbery. In "strong arm" robbery, the offender takes goods from the victim with use of immediate force. In "robbery" goods are taken or an attempt is made to take the goods against the will of another—with or without force. A bank robbery or extortion of a bank can be committed by a letter handed by the criminal to the teller. (Comedian Artie Lange was accused and charged with extortion after he handed a bank teller a note claiming he had a weapon and would use it if the bank did not give him $10,000 in unmarked bills; Lange later explains it was simply a joke to flirt with the bank teller and was released shortly after incarceration). In extortion, the victim is threatened to hand over goods, or else damage to their reputation or other harm or violence against them may occur. Under federal law extortion can be committed with or without the use of force and with or without the use of a weapon. A key difference is that extortion always involves a written or verbal threat whereas robbery can occur without any verbal or written threat (refer to U.S.C. 875 and U.S.C. 876).

Extortion The term extortion is often used metaphorically to refer to usury or to price-gouging, though neither is legally considered extortion. It is also often used loosely to refer to everyday situations where one person feels indebted against their will, to another, in order to receive an essential service or avoid legal consequences. For example, certain lawsuits, fees for services such as banking, automobile insurance, gasoline prices, and even taxation, have all been labeled "legalized extortion" by people with various social or political beliefs. Neither extortion nor blackmail require a threat of a criminal act, such as violence, merely a threat used to elicit actions, money, or property from the object of the extortion. Such threats include the filing of reports (true or not) of criminal behavior to the police, revelation of damaging facts (such as pictures of the object of the extortion in a compromising position), etc.

169

References
[1] Exaction - definition of exaction by the Free Online Dictionary, Thesaurus and Encyclopedia (http:/ / www. thefreedictionary. com/ exaction) [2] "Exact definition - Dictionary - MSN Encarta" (http:/ / www. webcitation. org/ 5kwc1Rfdf). Archived from the original (http:/ / encarta. msn. com/ dictionary_1861609570/ exact. html) on 2009-10-31. .

External links
• Legaltree (http://legaltree.ca/node/554), a Canadian legal portal, contains an article describing the elements of the offence of extortion under Canadian criminal law.

Hacker (computer security)
In common usage, a hacker is a stereotypical person who breaks into computers and computer networks, either for profit or motivated by the challenge.[1] The subculture that has evolved around hackers is often referred to as the computer underground but is now an open community.[2] Other definitions of the word hacker exist that are not related to computer security. They are subject to the long standing hacker definition controversy about the true meaning of hacker. In this controversy, the term hacker is reclaimed by computer programmers who argue that someone breaking into computers is better called cracker,[3] not making a difference between computer criminals ("black hats") and computer security experts ("white hats"). Some white hat hackers claim that they also deserve the title hacker, and that only black hats should be called crackers. None of this controversy has gained any relevance in mainstream media, TV and movies, however.

History
In today's society understanding the term "hacker" is complicated because it has many different definitions. The term can be traced back to MIT (Massachusetts Institute Technology). MIT was the first institution to offer a course in computer programming and computer science and it is here in 1960 where a group of MIT students taking a lab on artificial intelligence first coined this word. These students called themselves hackers because they were able to take programs and have them perform actions not intended for that program. “The term was developed on the basis of a practical joke and feeling of excitement because the team member would “hack away” at the keyboard hours at a time.” (Moore R., 2006).[4] Hacking developed alongside phone phreaking, a term referred to exploration of the phone network without authorization, and there has often been overlap between both technology and participants. The first recorded hack was accomplished by Joe Engressia also known as The Whistler. Engressia is known as the grandfather of phreaking. His hacking technique was that he could perfectly whistle a tone into a phone and make free call.[5] Bruce Sterling traces part of the roots of the computer underground to the Yippies, a 1960s counterculture movement which published the Technological Assistance Program (TAP) newsletter.[6] Other sources of early 1970s hacker culture

Hacker (computer security) can be traced towards more beneficial forms of hacking, including MIT labs or the Homebrew Computer Club, which later resulted in such things as early personal computers or the open source movement.

170

Artifacts and customs
The computer underground[1] is heavily dependent on technology. It has produced its own slang and various forms of unusual alphabet use, for example 1337speak. Writing programs and performing other activities to support these views is referred to as hacktivism. Some go as far as seeing illegal cracking ethically justified for this goal; a common form is website defacement. The computer underground is frequently compared to the Wild West.[7] It is common among hackers to use aliases for the purpose of concealing identity, rather than revealing their real names.

Hacker groups and conventions
The computer underground is supported by regular real-world gatherings called hacker conventions or "hacker cons". These drawn many people every year including SummerCon (Summer), DEF CON, HoHoCon (Christmas), ShmooCon (February), BlackHat, Hacker Halted, and H.O.P.E... In the early 1980s Hacker Groups became popular, Hacker groups provided access to information and resources, and a place to learn from other members. Hackers could also gain credibility by being affiliated with an elite group.[8]

Hacker attitudes
Several subgroups of the computer underground with different attitudes and aims use different terms to demarcate themselves from each other, or try to exclude some specific group with which they do not agree. Eric S. Raymond (author of The New Hacker's Dictionary) advocates that members of the computer underground should be called crackers. Yet, those people see themselves as hackers and even try to include the views of Raymond in what they see as one wider hacker culture, a view harshly rejected by Raymond himself. Instead of a hacker/cracker dichotomy, they give more emphasis to a spectrum of different categories, such as white hat, grey hat, black hat and script kiddie. In contrast to Raymond, they usually reserve the term cracker. According to (Clifford R.D. 2006) a cracker or cracking is to "gain unauthorized access to a computer in order to commit another crime such as destroying information contained in that system".[9] These subgroups may also be defined by the legal status of their activities.[10] White hat A white hat hacker breaks security for non-malicious reasons, for instance testing their own security system. This classification also includes individuals who perform penetration tests and vulnerability assessments within a contractual agreement. Often, this type of 'white hat' hacker is called an ethical hacker. The International Council of Electronic Commerce Consultants, also known as the EC-Council [11] has developed certifications, courseware, classes, and online training covering the diverse arena of Ethical Hacking.[10] Black hat A black hat hacker, sometimes called a cracker, is someone who breaks computer security without authorization or uses technology (usually a computer, phone system or network) for malicious reasons such as vandalism, credit card fraud, identity theft, piracy, or other types of illegal activity.[10] [12] Grey hat A grey hat hacker is a combination of a Black Hat and a White Hat Hacker. A Grey Hat Hacker may surf the internet and hack into a computer system for the sole purpose of notifying the administrator that their system has been hacked, for example. Then they may offer to repair their system for a small fee.[4] Elite hacker

Hacker (computer security) A social status among hackers, elite is used to describe the most skilled. Newly discovered exploits will circulate among these hackers. Elite groups such as Masters of Deception conferred a kind of credibility on their members.[13] :86,90,117 Elite (e.g. 31337) gives the term leet speak its name. Script kiddie A script kiddie is a non-expert who breaks into computer systems by using pre-packaged automated tools written by others, usually with little understanding of the underlying concept—hence the term script (i.e. a prearranged plan or set of activities) kiddie (i.e. kid, child—an individual lacking knowledge and experience, immature).[12] Neophyte A neophyte, "n00b", or "newbie" is someone who is new to hacking or phreaking and has almost no knowledge or experience of the workings of technology, and hacking.[4] Blue hat A blue hat hacker is someone outside computer security consulting firms who is used to bug test a system prior to its launch, looking for exploits so they can be closed. Microsoft also uses the term BlueHat [14] to represent a series of security briefing events.[15] [16] [17] Hacktivist A hacktivist is a hacker who utilizes technology to announce a social, ideological, religious, or political message. In general, most hacktivism involves website defacement or denial-of-service attacks. In more extreme cases, hacktivism is used as tool for cyberterrorism.

171

Attacks
Computer security Secure operating systems Security architecture Security by design Secure coding Computer insecurity Vulnerability Social engineering Eavesdropping Exploits Trojans Viruses and worms Denial of service Backdoors Rootkits Keyloggers

Payloads

A typical approach in an attack on Internet-connected system is: 1. Network enumeration: Discovering information about the intended target. 2. Vulnerability analysis: Identifying potential ways of attack. 3. Exploitation: Attempting to compromise the system by employing the vulnerabilities found through the vulnerability analysis.[18] In order to do so, there are several recurring tools of the trade and techniques used by computer criminals and security experts.

Hacker (computer security)

172

Security exploits
A security exploit is a prepared application that takes advantage of a known weakness. Common examples of security exploits are SQL injection, Cross Site Scripting and Cross Site Request Forgery which abuse security holes that may result from substandard programming practice. Other exploits would be able to be used through FTP, HTTP, PHP, SSH, Telnet and some web-pages. These are very common in website/domain hacking.

Techniques
Vulnerability scanner A vulnerability scanner is a tool used to quickly check computers on a network for known weaknesses. Hackers also commonly use port scanners. These check to see which ports on a specified computer are "open" or available to access the computer, and sometimes will detect what program or service is listening on that port, and its version number. (Note that firewalls defend computers from intruders by limiting access to ports/machines both inbound and outbound, but can still be circumvented.) Password cracking Password cracking is the process of recovering passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password. Packet sniffer A packet sniffer is an application that captures data packets, which can be used to capture passwords and other data in transit over the network. Spoofing attack A spoofing attack involves one program, system, or website successfully masquerading as another by falsifying data and thereby being treated as a trusted system by a user or another program. The purpose of this is usually to fool programs, systems, or users into revealing confidential information, such as user names and passwords, to the attacker. Rootkit A rootkit is designed to conceal the compromise of a computer's security, and can represent any of a set of programs which work to subvert control of an operating system from its legitimate operators. Usually, a rootkit will obscure its installation and attempt to prevent its removal through a subversion of standard system security. Rootkits may include replacements for system binaries so that it becomes impossible for the legitimate user to detect the presence of the intruder on the system by looking at process tables. Social engineering Social engineering is the art of getting persons to reveal sensitive information about a system. This is usually done by impersonating someone or by convincing people to believe you have permissions to obtain such information. Trojan horses A Trojan horse is a program which seems to be doing one thing, but is actually doing another. A trojan horse can be used to set up a back door in a computer system such that the intruder can gain access later. (The name refers to the horse from the Trojan War, with conceptually similar function of deceiving defenders into bringing an intruder inside.) Viruses A virus is a self-replicating program that spreads by inserting copies of itself into other executable code or documents. Therefore, a computer virus behaves in a way similar to a biological virus, which spreads by inserting itself into living cells.

Hacker (computer security) While some are harmless or mere hoaxes most computer viruses are considered malicious. Worms Like a virus, a worm is also a self-replicating program. A worm differs from a virus in that it propagates through computer networks without user intervention. Unlike a virus, it does not need to attach itself to an existing program. Many people conflate the terms "virus" and "worm", using them both to describe any self-propagating program. Key loggers A key logger is a tool designed to record ('log') every keystroke on an affected machine for later retrieval. Its purpose is usually to allow the user of this tool to gain access to confidential information typed on the affected machine, such as a user's password or other private data. Some key loggers uses virus-, trojan-, and rootkit-like methods to remain active and hidden. However, some key loggers are used in legitimate ways and sometimes to even enhance computer security. As an example, a business might have a key logger on a computer used at a point of sale and data collected by the key logger could be used for catching employee fraud.

173

Notable security hackers
• Kevin Mitnick is a computer security consultant and author, formerly the most wanted computer criminal in United States history.[19] • Eric Corley (also known as Emmanuel Goldstein) is the long standing publisher of 2600: The Hacker Quarterly. He is also the founder of the H.O.P.E. conferences. He has been part of the hacker community since the late '70s. • Gordon Lyon, known by the handle Fyodor, authored the Nmap Security Scanner as well as many network security books and web sites. He is a founding member of the Honeynet Project and Vice President of Computer Professionals for Social Responsibility. • Solar Designer is the pseudonym of the founder of the Openwall Project. • Michał Zalewski (lcamtuf) is a prominent security researcher. • Gary McKinnon is a British hacker facing extradition to the United States to face charges of perpetrating what has been described as the "biggest military computer hack of all time".[20]

Hacking and the media
Hacker magazines
The most notable hacker-oriented magazine publications are Phrack, Hakin9 and 2600: The Hacker Quarterly. While the information contained in hacker magazines and ezines was often outdated, they improved the reputations of those who contributed by documenting their successes.[8]

Hackers in fiction
Hackers often show an interest in fictional cyberpunk and cyberculture literature and movies. Absorption of fictional pseudonyms, symbols, values, and metaphors from these fictional works is very common. Books portraying hackers: • The cyberpunk novels of William Gibson — especially the Sprawl Trilogy — are very popular with hackers.[21] • Merlin, the protagonist of the second series in The Chronicles of Amber by Roger Zelazny is a young immmortal hacker-mage prince who has the ability to traverse shadow dimensions. • Hackers (short stories) • Snow Crash • Helba from the .hack manga and anime series. • Little Brother by Cory Doctorow

Hacker (computer security) • Rice Tea by Julien McArdle • Lisbeth Salander in The Girl with the Dragon Tattoo by Stieg Larsson Films also portray hackers:
• • • • • • Cypher Tron WarGames The Matrix series Hackers Swordfish • • • • • • The Net The Net 2.0 Antitrust Enemy of the State Sneakers Untraceable • • • • • Firewall Die Hard "4": Live Free or Die Hard Eagle Eye Take Down Weird Science

174

• Pirates of silicon valley (related to hacker like Steve Jobs, not crackers)

Non-fiction books
• • • • • • • • Hacking: The Art of Exploitation, Second Edition by Jon Erickson The Hacker Crackdown The Art of Intrusion by Kevin D. Mitnick The Art of Deception by Kevin D. Mitnick Takedown The Hacker's Handbook The Cuckoo's Egg by Clifford Stoll Underground by Suelette Dreyfus

Fiction books
• Ender's Game • Neuromancer • Evil Genius (novel)

References
Taylor, 1999 Taylor, Paul A. (1999). Hackers. Routledge. ISBN 9780415180726.
[1] Sterling, Bruce (1993). "Part 2(d)". The Hacker Crackdown. McLean, Virginia: IndyPublish.com. p. 61. ISBN 1-4043-0641-2. [2] Blomquist, Brian (May 29, 1999). " FBI's Web Site Socked as Hackers Target Feds (http:/ / archive. nypost. com/ a/ 475198)". New York Post. Retrieved on October 21, 2008. [3] S. Raymond, Eric. "Jargon File: Cracker" (http:/ / catb. org/ jargon/ html/ C/ cracker. html). . Retrieved 2010-05-08. "Coined ca. 1985 by hackers in defense against journalistic misuse of hacker" [4] Moore, Robert (2006). Cybercrime: Investigating High-Technology Computer Crime (1st ed.). Cincinnati, Ohio: Anderson Publishing. ISBN 9781593453039. [5] Kizza, Joseph M. (2005). Computer Network Security. New York, LLC: Springer-Verlag. [6] TAP Magazine Archive. http:/ / servv89pn0aj. sn. sourcedns. com/ ~gbpprorg/ 2600/ TAP/ [7] Tim Jordan, Paul A. Taylor (2004). Hacktivism and Cyberwars. Routledge. pp. 133–134. ISBN 9780415260039. "Wild West imagery has permeated discussions of cybercultures." [8] Thomas, Douglas. Hacker Culture. University of Minnesota Press. p. 90. ISBN 9780816633463. [9] Clifford, Ralph D. (2006). Cybercrime:The Investigation, Prosecution and Defense of a Computer-Related Crime Second Edition. Durham, North Carolina: Carolina Academic Press. [10] Wilhelm, Douglas. "2". Professional Penetration Testing. Syngress Press. pp. 503. ISBN 9781597494250. [11] http:/ / www. eccouncil. org/ [12] Andress, Mandy; Cox, Phil; Tittel, Ed. CIW Security Professional. New York, NY: Hungry Minds, Inc.. p. 10. ISBN 0764548220. [13] Thomas, Douglas (2002). Hacker Culture. University of Minnesota Press. ISBN 9780816633463. [14] http:/ / www. microsoft. com/ technet/ security/ bluehat/ default. mspx

Hacker (computer security)
[15] "Blue hat hacker Definition" (http:/ / www. pcmag. com/ encyclopedia_term/ 0,2542,t=blue+ hat+ hacker& i=56321,00. asp). PC Magazine Encyclopedia. . Retrieved 31 May 2010. "A security professional invited by Microsoft to find vulnerabilities in Windows." [16] Fried, Ina (June 15, 2005). ""Blue Hat" summit meant to reveal ways of the other side" (http:/ / news. cnet. com/ Microsoft-meets-the-hackers/ 2009-1002_3-5747813. html). Microsoft meets the hackers. CNET News. . Retrieved 31 May 2010. [17] Markoff, John (October 17, 2005). "At Microsoft, Interlopers Sound Off on Security" (http:/ / www. nytimes. com/ 2005/ 10/ 17/ technology/ 17hackers. html?pagewanted=1& _r=1). New York Times. . Retrieved 31 May 2010. [18] Hacking approach (http:/ / www. informit. com/ articles/ article. aspx?p=25916) [19] United States Attorney's Office, Central District of California (9 August 1999). "Kevin Mitnick sentenced to nearly four years in prison; computer hacker ordered to pay restitution ..." (http:/ / www. usdoj. gov/ criminal/ cybercrime/ mitnick. htm). Press release. . Retrieved 10 April 2010. [20] Boyd, Clark (30 July 2008). "Profile: Gary McKinnon" (http:/ / news. bbc. co. uk/ 2/ hi/ technology/ 4715612. stm). BBC News. . Retrieved 2008-11-15. [21] Staples, Brent (May 11, 2003). "A Prince of Cyberpunk Fiction Moves Into the Mainstream" (http:/ / www. nytimes. com/ 2003/ 05/ 11/ opinion/ 11SUN3. html?ex=1367985600& en=9714db46bfff633a& ei=5007& partner=USERLAND). . Retrieved 2008-08-30. "Mr. Gibson's novels and short stories are worshiped by hackers"

175

Related literature
• Kevin Beaver. Hacking For Dummies (http://books.google.com/books?id=ulZ7ln6ORBAC&lpg=PP1& ots=BbHPy4NvPN&dq=Kevin Beaver.Hacking For Dummies.&pg=PP1#v=onepage&q&f=false). ISBN 978-0764557842. • Richard Conway, Julian Cordingley. Code Hacking: A Developer's Guide to Network Security. ISBN 978-1584503149. • “Dot.Con: The Dangers of Cyber Crime and a Call for Proactive Solutions,” (http://www.scribd.com/doc/ 14361572/Dotcon-Dangers-of-Cybercrime-by-Johanna-Granville) by Johanna Granville, Australian Journal of Politics and History, vol. 49, no. 1. (Winter 2003), pp. 102–109. • Katie Hafner & John Markoff (1991). Cyberpunk: Outlaws and Hackers on the Computer Frontier. Simon & Schuster. ISBN 0-671-68322-5. • David H. Freeman & Charles C. Mann (1997). @ Large: The Strange Case of the World's Biggest Internet Invasion. Simon & Schuster. ISBN 0-684-82464-7. • Suelette Dreyfus (1997). Underground: Tales of Hacking, Madness and Obsession on the Electronic Frontier. Mandarin. ISBN 1-86330-595-5. • Bill Apro & Graeme Hammond (2005). Hackers: The Hunt for Australia's Most Infamous Computer Cracker. Five Mile Press. ISBN 1-74124-722-5. • Stuart McClure, Joel Scambray & George Kurtz (1999). Hacking Exposed. Mcgraw-Hill. ISBN 0-07-212127-0. • Michael Gregg (2006). Certfied Ethical Hacker. Pearson. ISBN 978-0789735317. • Clifford Stoll (1990). The Cuckoo's Egg. The Bodley Head Ltd. ISBN 0-370-31433-6.

External links
• CNN Tech PCWorld Staff (November 2001). Timeline: A 40-year history of hacking from 1960 to 2001 (http:// archives.cnn.com/2001/TECH/internet/11/19/hack.history.idg/) • Discovery Channel Documentary. History of Hacking Documentary video (http://vodpod.com/watch/ 31369-discovery-channel-the-history-of-hacking-documentary)

Article Sources and Contributors

176

Article Sources and Contributors
Confidence trick  Source: http://en.wikipedia.org/w/index.php?oldid=415713020  Contributors: 10lbs of potatoes, 16@r, 17helpmeout21, 4waldopepper, A. B., ARUNKUMAR P.R, Aatox, Abscissa, AbsolutDan, Acebrock, Active Banana, Adam Conover, Addled1, Admiral Norton, Ados, Aidyonline, Airplaneman, Alan Liefting, Alansohn, Albepang, Alec Tgint, Aleksandr Grigoryev, Alexius08, AlistairMcMillan, AllenHansen, Alpha Quadrant, Altenmann, Alvis, Amcfarlanee, Anabus, Anatolyb, AndarielHalo, AndreTorres95, Andycjp, Antonio ak57, Aosman, Apiroglu, Aravn, Argolin, Arienh4, Arloz, Armour Hotdog, Atomheart, Avengerx, Azhyd, Barefootguru, Bastique, Bdve, Bebop, Beland, Benji64, Bhadani, BigC9heese, BigCow, BillFlis, Binadot, Biruitorul, Black Falcon, BlongerBros, Bloodplace44, Bobjuch, Bobmack89x, Boccobrock, Bongwarrior, Bootleg42, Boredzo, Born2x, Bowlhover, BradBeattie, Bravo009, Brazzy, Brequinda, Brusk, BryanG, Btball, Bubba73, Bunco man, Butterboy, Bwithh, CNerd2025, CNichols, California-View, Caliga10, Calliopejen1, Caltas, Camus21, Camw, CapitalR, Carax, Cardshark, Cardsplayer4life, Carminetzato, Cassowary, Cavan, Ccacsmss, Ch604, Cham Zord, Chris 42, Chris the speller, Chrylis, Claude girardin, CliffC, Closedmouth, Cmdrjameson, Cobra libre, Coder Dan, Coewiddabikdik, Colipon, Comradeash, ConradPino, Corti, CovertS, Coyoteofftherez, Crazygoblin, Csawww, Cspalletta, Curps, Czolgolz, DJD, DO11.10, Damian Yerrick, Damian.kelleher, Daniel J. Leivick, DarkFalls, David Shankbone, Dcrt100, DeadEyeArrow, Dealwithitnj, Deinonychus, Demong, Diannaa, Digidak, Discospinster, Dismas, DividedByNegativeZero, Dlabtot, Dmgmem, DocWatson42, Doh286, DoktorMax, DozenAttempts, Dr.K., DrMel, DrTofu83, Dragonmaster84, Drat, Dreadstar, DreamGuy, Drett, Drewice, Drewshaker, Duff@houseofdeception.com, Dumpster, Dutchdabomb, Dvyost, EBlack, EamonnPKeane, Ecosciences, Ed g2s, ElTchanggo, Eleland, Ellisjudd, Elmarco, Elmeri B. Suokirahvi, Enrique Cavalitto, Enter The Crypt, Ergy, Erkferrari, Espoo, Ethank, Everyking, EvilCouch, Ewlyahoocom, Exit2DOS2000, FCYTravis, Fallout boy, Fcimiami, Feisty.gibbon, Fibonacci, Fintelia, FirstPrinciples, Fl, FlashSheridan, Flibbert, Florizel, Flyer22, Foetusized, Foobaz, Frecklefoot, Fred Bauder, Furrykef, Fvw, G.O.L.A.Z., Galaxiaad, Galphi, Gamgee, Garrett Albright, Gdr, GeeJo, GenericBob, Geniac, Geo8rge, George100, Ghostwo, Glane23, Gloomy, Goclenius, GodSka, Gogo Dodo, Goldfritha, GreyCat, Gromlakh, Gropo, Ground Zero, Gurch, Gwernol, Hank chapot, Haoie, Harvestdancer, Hawkinseve, Heron, HexaChord, Hrodulf, Hu12, Hut 8.5, Hydrogen Iodide, IRelayer, Ian Pitchford, Ianmacm, Icarus3, Icundell, IdLoveOne, Ike9898, Ikluft, Illumini85, Immblueversion, Imperial Monarch, Infoleague, Inky, Insanity Incarnate, Int3gr4te, IrishJew, Irishguy, Ixfd64, J.delanoy, JBsupreme, Jackv39, Jameshfisher, Jan7436790, JasonHockeyGuy, Jasong27, Jay, Jebba, Jeff Silvers, Jeffreyese, Jeromealden 85, Jerry, Jerzy, Jessicacissej, Jlimerick, JodieWhistle, John Foley, John Hill, Johnherro, Jokestress, Jonathan F, Jooler, Joseph Solis in Australia, Jossi, Jpark3909, Jwjwj, Jxg, K.C. Tang, KFP, Kalathalan, Kar98, Karada, Kaszeta, Keebler, Keefwivanef, Keilana, Kelly Martin, Keraunos, KimChee, Kimiko, Kingboyk, Kittybrewster, Kjkolb, Kloth, KnowledgeOfSelf, Koiwonder, Komusou, Kotra, KrakatoaKatie, Kristen Eriksen, Kurt Shaped Box, L Kensington, LAS1180, Lakemirror, Lanka007, Larrykoen, Less than pat, Lightblue LF, Liko81, LinDrug, Livewireo, Lockley, Lockwood Like, Logan, LoneStarState, LordCirth, Loren.wilton, Lots42, Lpool09, Luk, M4701, MER-C, Mac Davis, Maelnuneb, Magioladitis, Magnetic Rag, Malaysiacapitalist, Man pl, Manga25, Marcika, Mardus, Mark Donnely, Mark v1.0, Mark.Murphy, Martin451, Masgatotkaca, Mashford, Matthew Platts, Mattwilkins, Maup, Maurauth, Maury Markowitz, Mayur cfe, Mbarbier, McSly, Mckaysalisbury, Mdukas, Mdurand, MegX, Megashredder, Meishern, Michael Essmeyer, Michael Hardy, MichaelAWilson, Michaelas10, Michaelink, Michaeljantonio, Mikolik, Mindmatrix, Mintguy, MisterHand, MistyHora, Mnmngb, MonRa, Monkeyman, Monkeyzpop, Moogie700, Morenooso, Morghulis, Mpaedon, Mr Goodbyte, Mr. Billion, Mr.Grave, MrOllie, Mushycookie, Mwickens, Nakon, Natalie Erin, NawlinWiki, Neelix, NegativeCharlie, Nestorius, Noirish, NukeMTV, Nunn101, Nuwewsco, Obsnooks, Oddity-, Odobo1, Ohanian, OldNick, Omaunder, Omegatron, Otisjimmy1, Ozkaplan, PMDrive1061, Paniq, Paradiso, Parker Gabriel, Pathless, Patrick, Paul A, Pedant, Penbat, Pengo, Pentasyllabic, Perdustin, Perraj, PeteThePill, PeterAS, PeterHuntington, Pgan002, PhantomS, Piet Delport, Piguy, Pillar Of Coolness, Pinkie Snarq, Pious7, PizzaMargherita, Plazak, Pleasantville, Plrk, Plymouthpictures, Pnevares, Pontificake, Poochy, Populus, Portillo, PotentialDanger, Powerzilla, Primeromundo, Protonk, Psiphiorg, Psychonaut, Pxma, Queermo69, Quuxplusone, Qwasty, Qwertyuiopl,mnbvcxza, R'n'B, R'son-W, RSLancastr, Raul654, Rbreen, Reginmund, Remember, RemoWilliams, Renamed user, RepublicanJacobite, Retired username, ReyBrujo, Rich Farmbrough, Richard D. LeCour, RiseAbove, Rjwilmsi, Rkamboj123, RobertMSullivan060368, Robertcathles, Robertjkoenig, Rocmike3, Ronjermany, Roychang, Rubicon, Rudolph meyer, Ryulong, SPUI, SRobbins, STPgroup, Saga City, Sam Hocevar, SamKamin, Samikula, Samohyl Jan, Saponification, Sceptre, Scottrothstein, Scrawlspacer, Screwdover, Sdcoates1978, Sebasbronzini, Sgomberg, Shantavira, Sharper56, Shell Kinney, Shenme, Shinerunner, Shirik, Shr, SidP, Sikon, Sjlewis, Skiffboy, SkyWalker, Skysmith, SlayerK, Smallbones, SmartGuy, SnappingTurtle, SooperJoo, Sphivo, SpinyNorman, SpookyMulder, Squidward2602, Ssbohio, Stainless steel, StephenBuxton, Steve8675309, Strikeforce13, Suffusion of Yellow, Superm401, Suruena, Svetovid, Swartzturfle, Sycho67, THB, THobern, TTLightningRod, Tarquin, TarseeRota, Tavilis, Ted Wilkes, Terabandit, Tesi1700, The Anome, The JPS, The Thing That Should Not Be, The grifter, TheDoober, TheFarix, TheRingess, Themfromspace, Themindset, Theniemi, Thetruthtold, Thingg, Thodale, Thomas97531, Thomaskibu, Thomaskorp, Thumperward, Tianjie0901, Ticklemygrits, Tide rolls, Tinajbarton, Todeswalzer, Tom Duff, Tom harrison, Tombadevil, Tomkent, Toon81, Tpb, Treekids, Trusilver, Trustfraud, TruthLocating, Tunapul, Ultramandk, Uncle Milty, UninvitedCompany, Valentinebear, ValeriaFSM, Vanished user 03, Verne Equinox, Versageek, Vicki Rosenzweig, Viridae, Vishnava, VolatileChemical, WATCHTHECON, WWGB, Wackymax, Warlord dehacker, Watercolour, Wavelength, We66er, WeatherFug, Wes Richards, WhisperToMe, Whoohoonick, Whosasking, Wiikipedian, Wikibleh, Wikibob, Willondon, Woland1234, Wolfkeeper, Wongm, Woohookitty, WriterHound, Wrs1864, Wtmitchell, Wuwei327, X201, Xarvia, Xeworlebi, Yablaka, Yaturi3, Ybelov, Yun-Yuuzhan (lost password), Yvwv, Zafiroblue05, Zahd, Zanaq, Zaqq, Ziko, ZimZalaBim, Zoicon5, Zotel, 1204 anonymous edits Cups and balls  Source: http://en.wikipedia.org/w/index.php?oldid=408506407  Contributors: 1JustinHart, 23pokrzywa, Adrian M. H., Ahruman, Aiken drum, Alex, Avenged Eightfold, Bill Palmer, Billtaylor, Blankfaze, Blue Caterpillar, Bourne, Cactus.man, Captain Infinity, Captain Wikify, Carsonmitre, Cata-girl, Criverstamu09, Cryptic, Cupsandballsmagic, D.valued, DavidWBrooks, DeltaQuad, Doc Meroe, DonnieBuckley, Dysprosia, Eratticus, Ergative rlt, Everyking, FisherQueen, GUllman, GraemeL, Groyolo, Halsteadk, Halvermac, Insineratehymn, IronGargoyle, JMiall, Jeudegobelets, John Dalton, Kevin B12, Krash, Kuru, Lee.Sailer, LilHelpa, MacGyverMagic, MagicErik, MagicValentina, McGee09, Mephistophelian, Midgrid, Mwv2, Nascar1996, Orangemike, Pekitiben, RJFJR, RJHall, Reywas92, Rjstott, Rray, RxS, Savidan, Scarlet Lioness, Schristensen, Sickyicky, TStone, TenOfAllTrades, Th1rt3en, The Green Skittle, TheHYPO, Thirteen squared, Tom-, Tommy2010, Twooars, Vuongc, Warlock1, Welsh, Wguynes, WikHead, WilliamHarrison, Wiwaxia, Wlee1994, Zazpot, 102 anonymous edits Shell game  Source: http://en.wikipedia.org/w/index.php?oldid=414145427  Contributors: Abscissa, AmbassadorShras, Anabus, Angr, Arjun01, Ashmoo, Ataru, Augustusxxx, AxelBoldt, AzaToth, Binadot, BorgHunter, Breadcult, Bunco man, CFIF, Can't sleep, clown will eat me, Cata-girl, Coemgenus, Colin Kimbrell, Dannywein, Deltabeignet, Dlabtot, Elonka, Erianna, Erujiu12, Foobaz, Furrykef, Geeoharee, Gh87, Gjd001, Gohst, Greswik, Hans Dunkelberg, Hertog, Holger.Ellgaard, Hooperbloob, Invertzoo, Ivan Pozdeev, Jaredroberts, Javierito92, JayKeaton, Jaysbro, Jeffq, Jh51681, John Dalton, Kairos, Lid, Luci Sandor, Masterwiki, Mr Minchin, NHRHS2010, NickVertical, NorwegianBlue, Notfar, Nuggetboy, Oliver202, Pdxgoat, Penbat, Petriot333, Phoenixrod, Postdlf, Proficient, Quasirandom, RapzehIT, Raul654, Reywas92, Robby, Robogun, RoyBatty42, Savidan, Seabifar, Skomorokh, Sottolacqua, TPIRFanSteve, Tad Lincoln, Tomballguy, TravisM, Unfocused, Wik, Yvwv, 90 anonymous edits Three-card Monte  Source: http://en.wikipedia.org/w/index.php?oldid=409156370  Contributors: $yD!, 2005, 47of74, AHMartin, Alai, Aleph4, Aleque, Angela, Astharoth1, Beconfly, Beetstra, Bejnar, Ben Ben, Bjnick, Bubba73, Bunco man, Cahk, Calliopejen1, Ccastill, CoolGuy, Crobichaud, DJ Clayworth, Danhiel, Dannywein, Davemcarlson, Dddstone, Deltabeignet, DickClarkMises, DragonflySixtyseven, Dricherby, EhJJ, Eliamo, Elonka, Feezo, Fibonacci, Fooboograss, Frazzydee, Frecklefoot, Gaius Cornelius, Generuffalo, Gilbus, GraemeL, Graham87, Grick, Halibutt, Heinlein Fanatic, IMR, Iain, Infrogmation, Invertzoo, Itai, Jason Quinn, Jeffr, JerryFriedman, Joedeshon, John Bessa, Jostub01, Jtalledo, Jushi, K88, KenFehling, Kleg, Krash, Krenakarore, Ling.Nut, Litefantastic, Lord Cornwallis, MER-C, Mahoogin v3, MarkSutton, MarkSweep, Martarius, Mfrisk, Mighty mickey, Mike.Gayner, Mk5384, Moulder, Mrtrey99, Mrwojo, Muad, NathanV, Neo139, Nightkey, Nivi, Omicronpersei8, Pekinensis, Penbat, Peter S., PhilipR, Populus, Rayoflight278, Renevith, Rich Farmbrough, Ripe, Rjstott, Rnb, RoyBatty42, RoySmith, Sade, Scwlong, SidP, Slinga, SmartGuy, Sonett72, Stephan Leeds, Stifle, Swmcd, Sylocat, Takethemud, Teucer, Texaswikiman, The Red Hat of Pat Ferrick, The undertow, Thecyberwasp, Tktktk, Tmdean, Tommyt, Trainik, Vegaswikian, Wikiisaac, XMog, ZOMG.co, 159 anonymous edits Shill  Source: http://en.wikipedia.org/w/index.php?oldid=415492047  Contributors: 2005, 259, AI, Adaru, Agateller, Aleks001, Altenmann, Andkore, Andreas Kaganov, Andycjp, Angr, Anthony Nolan O'Nymous, Arancaytar, Archival McTannith, Arthena, Artie p, Audiovideo, Bent8rover, Billywhack, Bryan Derksen, Bunco man, Chaizzilla, Chrism, Cjwright79, Clovis Sangrail, Common Man, Courtmelange, Cowbert, Cparker, Criptych, DOSGuy, DavidFarmbrough, Ddon, Deltabeignet, DimaDorfman, Epbr123, Eric Shalov, Espoo, Euske, FiggyBee, Finbarr Saunders, Flagboy, Fubar Obfusco, Furrykef, Gaius Cornelius, Glogger, Greenshed, GunnarRene, Gurkbuster, Heron, Hikingkyle393, Horologium, Ihcoyc, Ikrieg, Ireneshusband, Itsmeiam, JGerretse, JHTaylorJr, JLaTondre, Jasperfish, Jeffq, Jehochman, Joel S. Hirschhorn, Julia Rossi, Justin Alvarez Jr., KTo288, KansaiKitsune, Kenyon, Kirils, KissL, L.Willms, Lee Daniel Crocker, Lotje, Luqui, Macaddct1984, Makipedia, Mateo LeFou, Matthew Platts, Maurreen, Mav, Medullaoblongata, Melanotan, Mostly Rainy, Mydogategodshat, Nach0king, NathanV, Nehrams2020, Olivier, OnBeyondZebrax, Onyx86, Patrick, Paul1953h, Penbat, PeterEastern, PeterSmithee, Phearson, Pressforaction, RachelBartlett, Redeagle688, Reswobslc, Riitoken, Rsduhamel, Ryright, S zigmond, Sakasune, Scientus, Scwlong, Sdbsdf, Senor Freebie, SidP, Skinwalker, Stredler, Tangurena, Tarquin, Tasteslikechimp, The Anome, The Letter J, Thincat, Thismightbezach, Tjwolfbear, Trevalyx, Verne Equinox, Wavelength, Wikipedical, Wikiti, Zantolak, ZimZalaBim, 169 anonymous edits Sleight of hand  Source: http://en.wikipedia.org/w/index.php?oldid=415588423  Contributors: 2wingo, A930913, Abriotelon, Agnellous, Ajaf2005, Alexmorgan, AnonymousIdiot, Astronaut, Benjaburns, BillC, BingAndWiki, BingVsWiki, Blue fandango, Brainmouse, Brandon.Beckman, Brycebenton, Buddyholly24, COMPFUNK2, Calieber, Chachilongbow, ClamDip, DRTllbrg, DaftAda, Deiz, Dougweller, Dragoonix816, Dvorak729, EdGl, Elabro, Eltener, Enginear, Epson291, Fbv65edel, Feezo, Fr33ke, FrankelHuang, Gamesfreak, Gjs238, Gogo Dodo, Grim Revenant, Haydini, HelloAnnyong, Houdin654jeff, Huw Powell, IngSoc BigBrother, Invizzible, Jehde, Jkeene, Jslack, Julia Rossi, KSmrq, KingTT, Kippson, Kitoba, Krash, Krenakarore, Lee.Sailer, Leeasher, LietKynes, Lowellian, Magicalmayfield, Magiinfomation, Mairi, MakeRocketGoNow, Maolmhuire, MartinSmith0412, Martinphi, Materialscientist, Mego'brien, Michael Hardy, Michaelfeldman, Mike Rosoft, Mindspillage, MosheZadka, Mtpascoe, Muchosucko, Navy.enthusiast, NawlinWiki, Noddycr, Ohnoitsjamie, Omfghax0rs, Pablocitos, PatrikR, Peligro, Phoenixrod, Phr, Picapica, Postdlf, Pt, QueenCake, Qwertyus, Rboerner, RebirthThom, Rifleman 82, Robinchanning, Ryan11429, Saminatorff, Siyavash, Sk8ajoe, Skysmith, Slepkov, Steevm, SteinbDJ, Stephanbim, Stewartadcock, Swifthand, Tassedethe, TeslaMaster, TimMagic, Tnxman307, TomasBat, Tothebarricades.tk, Trellis, TrulyBlue, Vlad, Wasabi.is.green, WhiteBoy, Wtaylor0435, XxTimberlakexx, Zzuuzz, 230 anonymous edits Misdirection  Source: http://en.wikipedia.org/w/index.php?oldid=348163823  Contributors: FrenchIsAwesome, James Chenery, Moonwolf14, Phearson, 2 anonymous edits Fraud  Source: http://en.wikipedia.org/w/index.php?oldid=413340573  Contributors: 159753, 16@r, 28675, A8UDI, AAAAA, Aaaa123, Adrian, AeonicOmega, Ahmed badda, Ahoerstemeier, Alain, Alanraywiki, Alansohn, Alec Tgint, Alfieross, Alihaig, Alucard (Dr.), Amagase, Amazerolle, Andeggs, Andrewa, Andrewpmk, Andries, Andrus Kallastu, Andy Dingley, Andystyart,

Article Sources and Contributors
Angel ivanov angelov, Angusng, Anna512, Antientropic, Argon233, Arichnad, Armando82, Artemis-Arethusa, Avalyn, Avenue, Avihu, Awerty, BD2412, BIG4PAPA, Badagnani, Barticus88, Beachgirl55, Bearcat, Bearian, Bettergeorgia, Bgpaulus, Billiefan2000, Black Kite, Bleeblublahblafflesnifflesnork, BlindEagle, Bluerasberry, Bobmack89x, Bobo192, Bongwarrior, Born2x, Boxmoor, Bradk95, Brian Crawford, Brothejr, Bryan Derksen, BullRangifer, Bzhamm, CART fan, CATSPEKE, CLCPI, Cacla8383, CambridgeBayWeather, CarbonCopy, Caspian blue, Charles Matthews, Chris814, Civil Engineer III, Cleanupman, Clovis Sangrail, Consumed Crustacean, Cool3, Corp Vision, Corporalusmc, Courcelles, Cprovenzano, CraigNKeys, CrimestoppersUK, Ctbolt, Cuddlyopedia, Cutler, Cvosters, D6, DJ Clayworth, DVD R W, DVdm, Da Stressor, DaGizza, Daibut, Daniel Case, Daniel5127, David91, DeadEyeArrow, Deiaemeth, DevastatorIIC, Deville, Diamondsonthesolesofhershoes, Dina, DocendoDiscimus, Dosai, DozenAttempts, Dp983, Drewshaker, Ducrecon, Dukered, Dumaka, Edgar181, Eewild, Ekem, ElinorD, Eliyak, Elonka, Emw, Everyking, Evil saltine, Exor674, FCYTravis, FT2, Face, Fat&Happy, Father Goose, Fcimiami, Feb30th1712, Fightfraud, Finlay McWalter, FirstPrinciples, Flowanda, FlyingToaster, Fortisever, Fourdee, Fredbauder, Frosted14, FrozenPurpleCube, Fubar Obfusco, Future Perfect at Sunrise, Galoubet, Geomason, Gilliam, Gimmetrow, Gjd001, Glane23, Gogo Dodo, Goobergunch, Graham87, Ground Zero, Gscshoyru, Guanaco, Gurch, Gzornenplatz, Hadal, Harrywiganboy, Haukurth, Heatonbb, HendrikJansen, Heron, HookEMhrns008, Hu12, Hucz, I already forgot, Ikluft, Inghem, Insommia, Int21h, Intrigue, IronGargoyle, Ishikawa Minoru, Ixfd64, J.Rohrer, J.delanoy, JJay, Jackyboybcb, James Maxx, James P Twomey, Jammycakes, Jaxl, Jeandré du Toit, Jerryseinfeld, Jmlk17, JoanneB, JodieWhistle, Joe House, John Vandenberg, John254, Johnvanzyl, Josiah Rowe, Jredmond, Juliancolton, Jusdafax, Katieh5584, Keelefreerepublic, Ketsuekigata, Khosrow II, Kim Bukstein, King of Hearts, Kismetmagic, Kjkolb, Kmccoy, Kmsiever, Knowsetfree, Kuru, Kusunose, LOLMUCHWAYNE, Lachns, Lawdog396, Lawdogtoo, LeadSongDog, Legalskeptic, Leuko, Levineps, Lichnowsky, Lithium72990, LizardJr8, Logan, Lopsidedman, LouI, Luna Santin, Lvlarx, Lvtrab, MPerel, Malcolm Farmer, Materialscientist, Matthew Platts, Mayur cfe, Meerkate, Meishern, Mesonofgib, Mholland, Michael Hardy, MichaelAWilson, Mieciu K, Mike 7, Million Little Gods, Mindmatrix, Minesweeper, Mintleaf, Miracleimpulse, Mladifilozof, Mnmngb, Modular, Moofus, Moondyne, Morwen, Mr Snowy, Mr pand, Mrb161089, Ms21608, Nardus1, Natalie Erin, Nbarth, Neil916, Neilbradford, Nicho3698, Nigosh, Noleskid16, Norby001, Nthep, Nywallst, Oblivious6, Ohnoitsjamie, Oobyduby, Ornil, OwenX, Pandaplodder, Password1, Patrick, Pedant, Pedro, Peterlewis, Pgreenfinch, Pigman, Pinar, Pnm, Pol098, Pseudomonas, Quantumor, Quartertone, Qwyrxian, REACHist, REDyellowGreenBLUE, RK, RUL3R, Radagast83, RafaBarnes, Raymond arritt, Rbj, Reedy, Regancy42, RekishiEJ, Retired username, Rfl, Rianvisser, Rotationx, RoyBoy, Ryan.danielsmithsmith, Ryanmer, Ryulong, SDC, Saaga, Saga City, SamKamin, Samkremer, SamuraiClinton, Samwb123, SandyCheekers, Sardanaphalus, Sccshawn1983, SchuminWeb, Sctechlaw, Seelum, Seraphimblade, Sgt Pinback, Shanoman, Shentino, Shiromi25, Shoessss, Siggyber, Silly rabbit, Sina Kardar, Sixpence, Sjakkalle, Skysmith, Skyy Train, Smallbones, Somno, SpaceFlight89, SpeedyGonsales, Splash, Staffwaterboy, Stoph, Strayan, SuperDude115, Suraky, Team Tysoe, Ted Wilkes, Tempshill, Tetracube, Teveten, The Anome, The Cunctator, The Golden Circle, Theologyprofessor, Thomas97531, Thomasmack8, Tide rolls, TimothyPilgrim, Tom Duff, Tom.k, Tommy2010, Tony Fox, Tregoweth, Trolldon1, TruthLocating, Ttiotsw, Tunapul, Turlo Lomon, Tygrrr, UninvitedCompany, Vald, Vanished user 03, Verdatum, VivaEmilyDavies, Walton One, Webrunner69, Wetman88, Why Not A Duck, Wikitanvir, Wimt, Woohookitty, Wow3, Xeno, Ybelov, Zragon, Zzyzx11, ‫ 075 ,יש דוד‬anonymous edits Ponzi scheme  Source: http://en.wikipedia.org/w/index.php?oldid=415569113  Contributors: 159753, 3inverness0, 5ko, 7&6=thirteen, Aaronp808, Academic Challenger, Acdx, Aceyducey, Acracia, Addshore, Aditya Gune, Adso, Agateller, Ahhcpdm, Ahkond, Al Lemos, Alan Liefting, Alansohn, Alastairgbrown, Alfred Centauri, AlisonW, Alsandro, Anarchangel, Anarchyboy, Andrew c, Andsam, AndyTheGrump, Anog, AnonMoos, Anonyguru, Anxietycello, ArglebargleIV, Arojr, Arthur Rubin, Artzrouni, Arzel, Asbjbo, Ashted, Ataru, AtticusX, Avatar, Barabum, Barneca, Bcloughjungmann, Bender235, Berean Hunter, Bettergeorgia, Bigjimr, Bilestone, Bitchen, Blanchette, Blueboy96, Bobak, Bogey97, Bored intellectual, Bovineone, Briaboru, Brian Crawford, Brion VIBBER, Bryan Derksen, CIreland, CTho, Carewser, Ccacsmss, Chip Dilbeck, ChristineD, Clauds2009, Clinevol98, Collard, Colonypod, Cool Hand Luke, Corvus cornix, Courcelles, Courtjester555, Cpiral, Cpl Syx, Cputrdoc, Creativeembassy, CrimeBustersNow, Crunch, Cyanolinguophile, Cyclones carr, DBaba, Daffodillman, Danielfolsom, Dannown, Dausuul, David Shankbone, David.Monniaux, Davidfstr, DeadEyeArrow, Denelson83, Deor, Der Eberswalder, DerGraph, Dgies, Dialog, Dick Shane, Dieuwer, Dionyseus, Dirc, Discospinster, Dismas, Dissolve, DocendoDiscimus, Dodiad, Donfbreed, Dou Gweler, Dougiefresh, Dougofborg, DozenAttempts, Dr Asha Joliet, Dreamyshade, Drshivam, Duncicall folly, Dwainberg, ECWAGuru, ETO Buff, Eastlaw, Eclecticology, Ed Fitzgerald, Eddy2099, Edison, Eewild, Emurphy42, Entirelybs, Eptalon, Erick91, Erik9, Erissiva, Evilmoo, Eyreland, Eyrian, FFthird, Fabrictramp, FalconZero, Fat&Happy, Finbarr Saunders, Fisch723, Fishisfast, Flex, Florentino floro, Flup, Frankiebaby1986, Franz-kafka, Frecklefoot, FriedKilljoy, Furrykef, Furtive admirer, Fuzbaby, Fuzzy510, GCarty, GFHandel, GM Pink Elephant, Gaius Cornelius, Gareth Owen, Gary D, George415, GeraldH, Gerweck, Ghirlandajo, Ghosts&empties, Gigemag76, Giraffedata, Gnfnrf, Gobonobo, GoldDragon, Grafxlvr, GrannyTranny, Grasberger23, Gregalton, Grungebob, Gsp, Gugustiuci, Guy Harris, Gxam, Halcyonhazard, Harmon1630, Hateless, Haus, Hbdragon88, Headlines, Heatonbb, Helixweb, Hellno2, Hoary, Hokanomono, Huangdi, Huey45, Hunter1084, I already forgot, Idleguy, Insommia, Intelligentsium, Ipatrol, Itai, J.delanoy, JBsupreme, Jabornick, Jackfork, JamesMLane, January, Jedibob5, Jeff Muscato, Jeff Silvers, Jeffhos, Jeffq, JeremiahLS, Jesse Viviano, Jimaisenberg, Jjmerelo, Jmrowland, Jni, Joao.caprivi, JodieWhistle, Joeymilla, Johan Lont, John Broughton, Johnathondoe, Johnchiu, Johnpdeever, Johnteslade, Jollyroger, Jonkerz, Joseph Solis in Australia, JoshDuffMan, Jrrs, Jstanley01, Justanother, Justice1915, Jweiss11, KJBurns, Kace7, Kaiwhakahaere, Kaplanmyrth, Karmaisking, Keimzelle, Kerr avon, Khatru2, Kingboyk, Kittybrewster, LeilaniLad, Leonard G., Lerdsuwa, Leuce, Leuko, Lightmouse, Lizards 99, Locworks, Lou.weird, Lquilter, Lstellar, Lulugo, Lumos3, Lusanders, MMTbureau, MSTCrow, MZMcBride, Male1979, Malik Shabazz, Malikbek, Mani1, Manning Bartlett, MariusStrom, Maury Markowitz, Maxschmelling, Metroccfd, Mild Bill Hiccup, Minesweeper, Minna Sora no Shita, Mintee, MisterSheik, Mjgrenier, Monkeyman, Mr.Z-man, Msridhar, Mxn, Mydogategodshat, Mysteryshunter, Naniwako, NawlinWiki, Ndenison, Neoman2026, Neurolysis, Neutrality, Newsfan08, Niel Malan, Nigelloring, Nikai, Ninjainventor, Nirvana2013, NoHitHair, Norm mit, NormalAsylum, Oden, Okcavenger, OlEnglish, Omegatron, OrangeDog, Orphan Wiki, Osomec, Padillah, Pakaran, Panfakes, PatríciaR, Patsw, Pauli133, Penbat, Peter.thelander, Peterlewis, Pik0, Piperh, Pjakubo86, Pointillist, Ponyo, Ponzi Nemesis, Postdlf, Prestonmcconkie, Proxy User, Ptdecker, PurplePower46, PushThinker, Pvkeller, Pyrospirit, Quebec99, RL0919, RScheiber, RWEcon, Raeky, RainbowOfLight, Rallette, Rapido, RashBold, Rastriffler, Raul654, Redvers, Retail Investor, Rinconsoleao, Rizalninoynapoleon, Rjwilmsi, Rl, Rnickel, Rogerborg, Romanski, Ronark, Rrburke, Ruakh, Ruby.red.roses, Rufous, Rumping, Runcorn, SNIyer12, Sam Korn, Samfreed, Saturno v, Savidan, Schlice, ScottyWZ, Seduisant, Seeleschneider, Seglea, Shadowjams, Shalom Yechiel, Sherwood Cat, Shidosuru, Shieber, Shii, ShipofFoolz, Sjock, Sketchmoose, SkreeHunter, SmartGuy, Smee, Smelendez, Snarkyboy, Softlavender, Sonett72, Sophixer, Soultaco, Soundray, Squandermania, Srochinski, StephenRH, Stomassen, Stormhit, Superm401, Swaq, Swpb, Synchronism, Tabletop, TaintedMustard, Tak'n, TastyPoutine, Taxman, Taxrefund, Tekana, Tempodivalse, Testtesttest222, Th1rt3en, Thadius856AWB, Thayerw, The Anome, The Inedible Bulk, The Kasparov of Sheshbesh, The Thing That Should Not Be, The Wordsmith, The sock that should not be, TheMaestro, TheOtherBob, Thecurran, Thegingerone, Thegn, Thingg, Thomas419ca, Tibas, Tide rolls, Timdlocklear, Timtrent, Tizio, Tom harrison, TomyDuby, Tony Fox, Tovojolo, Trafford09, Trainik, Transit2000, TravellerDMT-07, Tris2000, Truthteller21, Ucanlookitup, Uncle Milty, Unewydd, Unyoyega, Vagrantdead, Veghead, Virat1208, Vishnu2011, Vlad, Vzbs34, W0129, WRK, WadeSimMiser, Wafulz, WeatherFug, Webzu, Weregerbil, Wesley, Wetiii, Whistleblower 911, WhiteDragon, Wicked, Wigert, Wiki4jb, WildKard84, WillOakland, Wimstead, Wizardman, Wizzard2k, Xyzzyplugh, YUL89YYZ, Yamamoto Ichiro, Yayoirc, Yellowdesk, Yosri, Z10x, Zhumber, Zven, 大西洋鲑, 873 anonymous edits Pyramid scheme  Source: http://en.wikipedia.org/w/index.php?oldid=415474414  Contributors: !---slappdash---!, A M Spock, A M Spock (usurped), A bit iffy, A. Parrot, Aaronp808, Abberley2, Abeer.ag, Acroterion, Adam Clotfelter, Afa86, Aitias, Akigawa, Alansohn, AlexS1899, Alexander VII, Altenmann, An Hero, AnOddName, AndreasJS, Andressoler, Android1996, AnonGuy, AnonMoos, Anonyguru, Ap90033, Argyriou, Ariya shookh, Aronzak, Artypants, Arzel, Ashmoo, Asiananimal, Astrale01, Ataru, Avarkonyi, Avsa, BAILOPAN, BIG KEEF, BIL, BT14, Babasach, Barry Kent, Benlisquare, Benqish, Berliner, BerserkerBen, Bhushan.in, Biancasimone, Blueboy96, Blutfink, Bmicomp, Bob Blaylock, Bobmack89x, Boomcoach, Born2x, Brentford, BrightBlackHeaven, Bruce89, BruceGrubb, Bsheppard, BuickCenturyDriver, Bwoodhi1, CalPaterson, Camilo Sanchez, Capricorn42, Ceejayoz, Ceyockey, Chuckhoffmann, Clemmy, Coffeepusher, Colchicum, Colsanders48, Computer Guru, Confuzion, CrunchyMush, Cyberssecurity, D, DPdH, DWarrior, Dabigkid, Danielmatalon, DarkBolt500, Darrenhusted, David from Downunder, Davidbod, Dbollard99, Deltabeignet, Derek Ross, Diamondblade2008, Diego wilson, DillonThompson, Dirc, Dj manton, DozenAttempts, Dr who1975, Dreadstar, Drewshaker, Drpibb81, Drummondjacob, Ducucch2, Duplode, E Wing, EBC2000, EOZyo, ESkog, Earth, Ed g2s, Edcolins, Eep², Egmontaz, Elementrider77, Elfsborgarn, Elkman, Emersoni, Emperorbma, Emurphy42, Enric Naval, Epbr123, Equalmen, Era417, Erianna, Erick7777, Erick91, Euchiasmus, Fafi2, Falcon8765, Fences and windows, Filipop, Finbarr Saunders, Frade, Freudianr, Fubar Obfusco, Fuzbaby, Fuzheado, GCarty, Gakmo, Gapagos, Gary D, Gaurav roy, Gautamdogra, Gazpacho, Gd, Gigemag76, Gogo Dodo, GoodDamon, Goodvibes7, Gracefool, Grandmasapt, GregorB, Guardian Tiger, Guido del Confuso, Guoguo12, Hackmachine, Happyme07, Hemens, Henry W. Schmitt, HkCaGu, Hooriaj, ID89172354, Ida Shaw, Idleguy, Igrogo, Infoleague, Inkypaws, Insider201283, Iridescent, Ivan Pozdeev, J.delanoy, JD554, JFreeman, JaGa, Jack who built the house, Jahiegel, Jaimeastorga2000, Jalinoos, JamesMLane, Jasmineshinga, Jeff G., JeremiahLS, Jeremjay24, Jesse Viviano, Jevansen, Jimaisenberg, Jimviv, JodieWhistle, Johanpolhem, John Quiggin, John of Reading, JohnCD, JohnDoe0007, JohnnyCalifornia, Jonathon A H, Karl-Henner, Kbh3rd, Keimzelle, Kinu, Kittybrewster, Kleeneze guy, Knverma, Kungfuadam, Kuru, Kuvempunagar, KyNephi, Lancetheman, Laraspal00, Lawranceofarabia, LeeHunter, Liarblair, LietKynes, Liftarn, Londonsista, LordOfRandomness, Lucky number 49, Lyricist5207, MMTbureau, MagicMoose, Malikbek, Manning Bartlett, Mantipula, MarkGallagher, Markeilz, Marshall Williams2, MathiasRav, Mattey55, Matticus78, Maurreen, Maury Markowitz, Maxim, McSly, Mcsee, Metamatic, Michael Essmeyer, Michael Hardy, Missionary, Mobius Clock, Modemac, Modernmonalisa, Moe Epsilon, Monkeysocks2, Moogoat, Mr Accountable, Mr. Ables, MrOllie, Mrwrite, Mudd1, Mutinus, Mx3, Mycomp, Mydogategodshat, Mygerardromance, Mysid, Nahum Reduta, NeoXenophon, NeonMerlin, Nicolas1981, Nicolay77, Niri.M, Nirvana2013, Niteowlneils, Nixeagle, No1up, Nologolon, Nopromisesmade, Nutmegger, Nwbeeson, Ohnoitsjamie, OmnioscientOne, Optics233, Ornil, Otend, PSUMark2006, Paranoid, ParanoidCT, PatPeter, Paul D. Anderson, Pdbs, Penbat, Pgreenfinch, Phelp102, Philwkpd, PhotoBox, Pi zero, Pietpetoors, Poccil, Pokerjoe, Pouchkidium, PrincessofLlyr, Pt, Ptdecker, PyramidsOrFood?, QueenofBattle, Qwyrxian, R3m0t, Radon210, Rajakhr, RazorICE, Rdsmith4, Repku, Resolute, Revolutionary, RexNL, Rhobite, Rich Farmbrough, Riconoen, Rillian, Rjwilmsi, Rm999, Ronhjones, Ronz, RoyBoy, Ruakh, SJP, Sandakanboy, SchuminWeb, ScottDavis, Sean D Martin, Sean.best1, Sesel, Sesu Prime, Shado godx, Shadowjams, Sigmundur, Simon123, Slashme, Sluggo412, SmartGuy, Smee, Smrits, Snowy150, Solstice1319, Sonett72, Sonicology, Soojmagooj, Soulrefrain, Stannered, Stomassen, StuRat, Stupid Corn, Subbu, Subsolar, SummerPhD, Superm401, Surge79uwf, Susfele, THE KING, TShilo12, Takeaway, Tardis, Tbrown6218, Techman224, That Guy, From That Show!, The Anome, The Epopt, The Rambling Man, The.eternal.pilgrim, TheKaizen, Thefriedpiper, Thingg, TimDQ, Timanderso, TimothyHorrigan, Tiredofscams, Tobych, Tom Strong, Tom612pl, Tomwalden, Tony Fox, TonyLechner, Tonythiru, Tregoweth, Trevor MacInnis, Trivialist, Tunapul, Turbinator, Uncle Milty, UncleNinja, Underaverage, Useight, V-moili, VeryVerily, Vetbook, Vicki Rosenzweig, VictorLaszlo, Vrenator, Weaseloid, WhiteDragon, Wick29, Wiki4jb, WikiLaurent, Wikidemon, Wikprovider007, Will2k, William Pietri, Wknight94, Wolfrock, Xavexgoem, Xyzzyplugh, Yamamoto Ichiro, Zaak, Zhumber, Zntrip, 747 anonymous edits Soapy Smith  Source: http://en.wikipedia.org/w/index.php?oldid=408430518  Contributors: 2005, 6afraidof7, AaronY, Addshore, Agrumer, Albatross2147, Alereon, Angusmclellan, AnonMoos, Astral, Az81964444, Badbilltucker, Bgwhite, Bkell, BlongerBros, BookDoc, BozoTheScary, BrownHairedGirl, Bssc, Bunco man, Calliopejen1, Carolmooredc, Cbraga, Centrepull, Charliecalico, Chicheley, Connormah, D6, DNewhall, DarthCalvert, Dbgb, De728631, Digidak, Dimadick, Dr. Dan, Dryman, Dspserpico, Egnam, Epbr123, Esprqii, Flopsy Mopsy and Cottonmouth, Geeoharee, GlassCobra, God fat wiki, Good Olfactory, Grandmasterka, Gurch, Harryboyles, Heyzeuss, Hmains, Howcheng, Hugo999, IanManka, Indefatigable, JIP, Jaysbro, Jevansen, Jmlk17, Jonathan.s.kt, Joseph Solis in Australia, Kd5npf, Keegan, Keilana, Khatru2, KillerChihuahua, Kjtobo, Koavf, Kthejoker, L0b0t, LeadSongDog, Lou.weird, Luigizanasi, MadMax, Maengpong, Mark11111111, Mfrisk, Michael Essmeyer, Michaelcarraher, Mike Rosoft, Momo san, Morton Christopher, MsDivagin, Neutrality, NickDanger001, Notyourbroom, Nwbeeson, Nyttend,

177

Article Sources and Contributors
OllieFury, Parkwells, PatrickFisher, Paul A, Penbat, Piledhigheranddeeper, Plazak, Poeloq, Postdlf, Pseudo-Richard, Remember, RepublicanJacobite, RexNL, Rich Farmbrough, Richard Arthur Norton (1958- ), Roswell native, Roundhouse0, Ryan946, Samtheboy, Scwlong, SigPig, SirFozzie, Skookum1, Skrapion, Skysmith, SlamDiego, Slinga, SmartGuy, Steampowered, Struway, StudierMalMarburg, Sunderland06, Svetovid, Tedder, Teethmonkey, The Rambling Man, Thermaland, UnitedStatesian, Varlaam, Watchingthevitalsigns, Will Beback, Wizardman, Woohookitty, Ye Olde Luke, Yksin, Zero Gravitas, Zé da Silva, 240 anonymous edits Franchise fraud  Source: http://en.wikipedia.org/w/index.php?oldid=413771774  Contributors: Bearcat, CliffC, DozenAttempts, Gene93k, John of Reading, Materialscientist, Nothingofwater, Rjwilmsi, Ron Ritzman, Uncle G, Wuhwuzdat, 8 anonymous edits White-collar crime  Source: http://en.wikipedia.org/w/index.php?oldid=414270508  Contributors: .Absolution., Abc518, Aburafay, AdRock, AgainErick, Aitias, Alansohn, Arthur Rubin, Aude, Barbov, Benjaminlobato, Beno1000, Bloodshedder, Bluemoose, Bluszczokrzew, Bob A, Bobmack89x, Boing! said Zebedee, Boneheadmx, Capricorn42, Carlsotr, Charles Matthews, Cokoli, Courcelles, Cronnie, Cryptonymius, Curuinor, Cybersquire, DarkFalls, David Shay, David91, Dickdevries, DozenAttempts, DutchDevil, Eden2004, Edgarde, Edward, El C, Eleckyt, Elvenscout742, EneMsty12, Esotericnomenclature, Fat&Happy, Fcimiami, Feco, Finchsnows, Fsguitarist, Gadfium, Ginsengbomb, Grebenkov, Gryffon, Gunter.Schmidt, Gurch, Hede2000, Ihcoyc, Insommia, Iridescent, J heisenberg, J.delanoy, JaGa, Jack Phoenix, JodieWhistle, JohnCD, Jossy chessy, Julyfun08, Knowledge Seeker, Knuckles, Kollision, Kukini, Kuru, LAX, LGagnon, Lectonar, Lotje, MER-C, Mark5677, Materialscientist, Michael Essmeyer, Michael Frind, Mouse is back, MrFish, N419BH, Nardus1, Natalie Erin, NewEnglandYankee, Nimakha, Olegwiki, Pagw, Pascal666, Patrick-br, PhatJew, Pularoid, Pyrotec, Qwyrxian, Rdavout, Reedy, Rememberway, Rjensen, RossF18, SDY, Sabine McNeill, Sanmartin, SimonP, Sionus, Sisyphustkd, Stemonitis, Stuartpgreen, Taragui, Tempodivalse, Tetracube, Tfine80, Thingg, Tunapul, Van helsing, Vsiddharth, West.andrew.g, Where, Whistleblowerlawsge, Whitepaw, Woohookitty, Xe7al, Yelyos, 254 anonymous edits List of real-life con artists  Source: http://en.wikipedia.org/w/index.php?oldid=415262164  Contributors: Active Banana, Akerans, DARTH SIDIOUS 2, Ghostbuster1984, HerrHoff, JBsupreme, Jonkerz, KimChee, Michael Essmeyer, Quebec99, Roudigerpitt, Sburke, TruthLocating, WeatherFug, WikHead, 16 anonymous edits Scam baiting  Source: http://en.wikipedia.org/w/index.php?oldid=415299883  Contributors: .V., 419baiter, A8UDI, Aaron Brenneman, Agamemnon2, Akimbomidget, Alucard (Dr.), Amcaja, Auntof6, Baseball Bugs, Bob Hu, Bonap, Brentonboy, Brother Francis, Bubo virginianus, Calamity Lotta, Can't sleep, clown will eat me, Capsela, CatherineMunro, CheMechanical, Christina Preston, ChuckEye, CliffC, Cloudysky2003, Clovis Sangrail, Correctionpatrol4, Cuchullain, Cvitullo, DMCer, Dale Arnett, Damian Yerrick, Danrilor, Darklilac, Davesf, Dbachmann, Deltabeignet, Denelson83, DocWatson42, DrMel, Drat, Dreftymac, Dziewa, Entheta, Fair Deal, Fantusta, Fubar Obfusco, Gargaj, Geniac, Gmaxwell, Godfrey Daniel, Graham87, Haakon, Hairy Dude, Helmandsare, Hullubulloo, I already forgot, Ich, JRM, JayHenry, Jbhood, JoeBrennan, Johngalt592, JoshuaZ, Kestenbaum, KiloByte, KirbyMeister, Krietns, Latinata, Ligulem, Liko81, Linkspamremover, MBisanz, Mann jess, Mark87, Metropolitan90, Mike Young, Mkwan79, Modemac, Motanu02, Nekrorider, Nishantp, Omicronpersei8, Onebyone, Pabobfin, Paul Stansifer, Penelope D, Perfecto, Pfluffy, Phatpat88, PizzaMargherita, Pontificake, RBowden, RedSpruce, Revolutionary, Riki, Rjanag, Rjwilmsi, Ronabop, Sander Marechal, Savidan, Scambaiting, Schmiddy, Secant1, Shred, SmthManly, SooperJoo, Stevey7788, Stifle, Sturmovik, Tbhotch, Texture, That Guy, From That Show!, The Hokkaido Crow, The Rhymesmith, TheMacAttack, TheRedPenOfDoom, Thefifthdoctor, Thingg, Thmgroup, Tide rolls, Twas Now, Tyciol, Ukt-zero, Vanished user 03, VeryVerily, WegianWarrior, Wenli, WhisperToMe, WhiteDragon, Whitepaw, William Ortiz, WilyD, Woohookitty, Xorkl000, Yoghurt, Yoink23, Zhadov, Zragon, Zzuuzz, 276 anonymous edits Scad (scam ad)  Source: http://en.wikipedia.org/w/index.php?oldid=390759486  Contributors: Alpha Quadrant, Azumanga1, Crashoffer12345, Katharineamy, Postcard Cathy, RHaworth, Vmaivu, YUL89YYZ Social engineering (security)  Source: http://en.wikipedia.org/w/index.php?oldid=415709958  Contributors: (jarbarf), 28bytes, Aaa111, Abaddon314159, Academic Challenger, Adamdaley, Aldaron, Alerante, AlistairMcMillan, Ann F, Anon126, Anton Khorev, Apotheon, Arkelweis, ArnoldReinhold, Arsenikk, Bbarmada, Beagle2, Beland, Bjornar, Bmicomp, Brockert, Brutulf, Buster7, CWenger, Chahax, ChangChienFu, Chinasaur, Chipuni, ChiuMan, Chmod007, Chovain, Chrisdab, Chuayw2000, CliffC, Coemgenus, ColinGreenlees, Courcelles, Cryptic C62, Cumulus Clouds, Cutter, Cybercobra, Cynical, D6, Da nuke, DaedalusInfinity, Dancter, Daniel Quinlan, DanielPharos, DavidDW, Dcoetzee, Ddddan, Dddenton, DevastatorIIC, Dionyziz, Discospinster, Dp76764, Dragon 280, Dravir, DuFF, EDGE, ESkog, EVula, Ehheh, Einsteininmyownmind, Elonka, Emergentchaos, Equendil, Eric1608, Evilandi, Evlekis, Faradayplank, Fenice, Frankfusco, Frecklefoot, Frehley, Fskrc1, Gdo01, Gettingtoit, Gizzakk, Gogo Dodo, Greswik, Ground Zero, Gscshoyru, Guy Harris, H I T L E R37, Haseo9999, Heqwm, Hmwith, Hydrargyrum, I already forgot, IGEL, InfoSecPro, Intgr, J Cricket, JMMING, Javawizard, Jeff Muscato, Jerzy, Jfire, Jkl, Jlmorgan, Joelr31, John Broughton, Johnbourscheid, Johnisnotafreak, Jumpropekids, Kaihsu, Katanada, Katheder, Khym Chanur, Kimchi.sg, Kleinheero, KnightRider, Knowledge Seeker, Kpjas, Ksharkawi, KuroiShiroi, Lamename3000, Leonard G., Lexlex, Lightmouse, Lioux, Lobro, Lord Matt, Lukeonia1, MER-C, Mac Davis, Majorly, Matt Crypto, McGeddon, Mckaysalisbury, Mdebets, MeekMark, MeltBanana, Midnightcomm, Mild Bill Hiccup, Mns556, Moitio, MrOllie, Myredroom, NTK, Nafango2, Namzie11, Netsnipe, Nirvana888, NoticeBored, Nuno Tavares, Nuwewsco, Oddity-, OlEnglish, Olrick, Omicronpersei8, Omphaloscope, Othtim, Overloggingon, Paquitotrek, Pastore Italy, Penbat, Pgillman, Ph.eyes, Philip Trueman, Phoenixrod, Pmsyyz, Pol098, Pradameinhoff, Primarscources, Princess Tiswas, RJBurkhart3, RainbowOfLight, Rebroad, RenniePet, RevolverOcelotX, Rich Farmbrough, Rjwilmsi, RobertG, Rohasnagpal, Rosenny, Rossami, SGBailey, Sephiroth storm, Sesquiped, Shabda, Shirulashem, Skakkle, Socrates2008, Srikeit, Starschreck, Studiosonic, Sue Rangell, Svick, TXiKi, Taylor Karras, Teemu Maki, The Anome, The Firewall, TheMandarin, Thepatriots, Thesloth, Thingg, Thipburg, Tmchk, Tomisti, TonyW, Tsnapp, Tunheim, Unyoyega, Uriber, Usg.usss, Vary, Ventura, Versus22, Virgil Vaduva, Waldir, WhisperToMe, Wikipelli, Wilku997, WolFStaR, Woohookitty, Wshepp, XL2D, Xezbeth, Xiong Chiamiov, Zarkthehackeralliance, Zomgoogle, 416 anonymous edits Phishing  Source: http://en.wikipedia.org/w/index.php?oldid=415577320  Contributors: .::Icy Fire Lord::., 1995hoo, 1RadicalOne, 3210, 42istheanswer, 7Train, A-giau, ABCD, AKismet, Abc518, Abdullah000, Academic Challenger, Adam murgittroyd, AdjustShift, Aesopos, Aftiggerintel, Ahoerstemeier, Aitias, Akamad, AlMac, Alan.ca, Alanraywiki, Alansohn, AlbertR, Alchemist Jack, Alex43223, Alextrevelian 006, Ali K, Alucard (Dr.), Alxndr, Amh library, Anabus, Andrew Levine, AndrewHowse, Andrewlp1991, Andrewtc, AnnaFrance, Anonymous Dissident, Ant honey, Anthony Appleyard, Antonio Lopez, Aquillyne, Archanamiya, Archelon, Art LaPella, Arvindn, Asn, Atropos235, AussieLegend, Avoided, B-Machine, BabuBhatt, Bancrofttech, Barek Ocorah, Bart133, Bassbonerocks, Bemsor, Bento00, Betacommand, Bhxinfected, Bigzig91090, Biscuittin, Bjankuloski06en, Blackrabbit99, Blast73, Bnefriends, Bobblewik, Bobmack89x, Bobo192, Bodybagger, Bongwarrior, Bookwormrwt, Borgx, Bornhj, Boudville, Brian Kendig, Brighterorange, BrockF5, Browolf, Bsroiaadn, Buggss, Butwhatdoiknow, C'est moi, CMW275, CWY2190, Cactus.man, CactusWriter, Cain Mosni, Calvin 1998, CambridgeBayWeather, Can't sleep, clown will eat me, Canadian-Bacon, CanisRufus, Capricorn42, CaptainMike, Captainspalding, Carbonite, CaseyPenk, Castleinthesky, Catdude, Cenarium, Centrx, CesarB, Chaser, Chmod007, Chris 73, Chris Chittleborough, Chrislk02, Chroot, Chuck Adams, Ckatz, ClementSeveillac, CliffC, Cnd, Cocopopz2005, Colin Keigher, ColinHelvensteijn, Colostomyexplosion, Commander, CommonsDelinker, Conscious, CosineKitty, Courcelles, CrazytalesPublic, Credema, Cunningham, CuteHappyBrute, D0762, DOSGuy, Dafphee, Dalf, DanBri, Dancter, Daniel Wright, DanielCD, Danutz, Daven29, David Levy, David Shay, DavidForthoffer, Dawn Bard, Dawnseeker2000, DeadEyeArrow, Deagle AP, Dearsina, Deathphoenix, Debresser, Debroglie, Deor, DerHexer, Dfense, Digiplaya, Digita, Directorblue, Dirkbb, Discospinster, Dnvrfantj, Doc Strange, Dolphin51, Douglas Ryan VanBenthuysen, Dskushwaha, Dtobias, Duplicity, Dylan620, Dysepsion, DÅ‚ugosz, EagleOne, Eamonster, EdBever, Edward, Einsteininmyownmind, El C, Electrosaurus, ElinorD, Elockid, Eloquence, EmeryD, Emurph, Epbr123, Equendil, Ergateesuk, EvilZak, Excirial, Exmachina, Face, Falcon8765, Fattyjwoods, Favonian, Fedkad, Fereve1980, Ferwerto, Finbarr Saunders, Firsfron, Flauto Dolce, Flewis, Frankie1969, Frecklefoot, Freeworld4, Fubar Obfusco, G026r, GCarty, GGreeneVa, Gabr, Gail, Gaius Cornelius, Gboweswhitton, GcSwRhIc, Generic9, George The Dragon, Gerry Ashton, Gilliam, Gimmetrow, Gjd001, Glenfarclas, Gogo Dodo, Gojomo, Gorgonzilla, Govvy, Greensburger, Grick, Griffind3, Grnch, Groyolo, Gtstricky, HamburgerRadio, Hankwang, Happysailor, Harmonk, Harryboyles, Hateless, Herbythyme, HexaChord, Hibernian, Hodja Nasreddin, Homunq, HoodedHound, Hooksbooks, Horologium, Hylaride, I already forgot, I need a name, ITurtle, IamTheWalrus, Iangfc, Iceflame2539, Ikester, ImaginaryFriend, Imgoutham, Inferno, Lord of Penguins, InfoSecPro, Inomyabcs, Insanity Incarnate, Inter, Intersofia, Iolar, Ismail ngr, Isopropyl, Ixfd64, J Cricket, J.delanoy, JIP, JLaTondre, JTBX, JTN, JaGa, Jacobratkiewicz, Jake Wartenberg, Janarius, Jaremfan, Jarry1250, Jbergquist, Jeannealcid, Jed 20012, Jeffq, Jehochman, Jenny Wong, Jerome Charles Potts, Jerryseinfeld, Jersey92, Jesse Viviano, JimVC3, Jliford, Jmlk17, Jnavas, Jobeard, Joelr31, Jogeed, Johann Wolfgang, John254, Johnuniq, JonHarder, Jondel, JonnyJD, Josang, Joseph Solis in Australia, Josh Parris, Joshdaman111, Jotag14, Joyson Konkani, Julian Diamond, Juliancolton, Juux, K1Bond007, Ka-Ping Yee, Kaare, Kai-Hendrik, Katester1100, Kelaos, KelleyCook, Kelson Vibber, Kendrick7, Kevin Forsyth, Keycard, Kiand, Kimse, Kinneyboy90, Kizor, Kkrouni, Klemen Kocjancic, Knucmo2, Kozuch, Kraftlos, KrakatoaKatie, L Kensington, LCE1506, LOL, Lakers3021, Lakshmin, Lamather, LarryMac, Laurusnobilis, Lcawte, Lee Carre, Legoktm, Leon7, Lets Enjoy Life, Lexlex, Lightblade, Lightmouse, Lights, Ligulem, Lilac Soul, Linkspamremover, Lisamh, Lotje, LovesMacs, Lradrama, Luckas Blade, Lwalt, Lycurgus, MBelgrano, MBlume, MC MasterChef, MC10, MER-C, Macintosh User, Magicheader, Man It's So Loud In Here, ManiF, Mark7-2, Mark83, Markus-jakobsson, MarsRover, Marskell, Martarius, Master Thief Garrett, Matt Crypto, MattKeegan, Matthew Platts, Matthew Yeager, Maximaximax, Meelar, Mgway, Mhoulden, Michael Hardy, Michaeldsuarez, Michaelorgan, Michal Nebyla, Mike5906, MikePeterson2008, Mindmatrix, Minghong, Mintleaf, Mithridates, Mkativerata, Mns556, Mommy2mack08, Moncrief, Monkeyman, Morenooso, Mormegil, MrOllie, MrWeeble, Mralokkp, Mrbakerfield, Mrkoww, Ms dos mode, Mspraveen, Mtford, Mugaliens, Muhammadsb1, Muke, Nagle, Nagytibi, Nathanrdotcom, NawlinWiki, Nealmcb, Neelix, Nepenthes, Netsnipe, Neutrality, Nichalp, Nicknackrussian, NigelR, Nikai, Nintendude, Nishkid64, No more anonymous editing, Nonagonal Spider, NotAnotherAliGFan, Novakyu, Nposs, NuclearWarfare, Nv8200p, Nyttend, Ocon, Oda Mari, Oducado, Oktober42, Oliver202, OllieGeorge, Olly150, Olrick, Omphaloscope, One-dimensional Tangent, OnlineSafetyTeam, Optimale, Ori.livneh, Otto4711, OverlordQ, Overseer1113, OwenX, PCHS-NJROTC, PDH, PM800, Pakaran, Palica, Passgo, Past-times, Patrick, Paul August, Paul W, Paul1953h, Pearle, Perfecto, Peskeyplum, Petrichor, Pgk, PhilKnight, Philip Trueman, PhilipO, Phils, Piano non troppo, Pie Fan, Piledhigheranddeeper, Pillwords, Pinethicket, Pinkadelica, Plasticspork, Plastikspork, Poccil, Poli, Pollinator, Pomyo is a man, Ponguru, Postdlf, PotentialDanger, Pradameinhoff, Pratyeka, Profilepitstop, Ps-Dionysius, Pseudomonas, Publicly Visible, Pwitham, Pyroknight28, Qfissler, R.123, Rabasolo, Ragib, Randybandy, Raul654, RazorICE, Redfarmer, Redfoot, Remember the dot, RenniePet, RexNL, Reyk, Rfl, Rhlitonjua, Rhobite, Rich Farmbrough, Richwales, Rick Norwood, Risker, Rjwilmsi, Rmatney, Roastytoast, Robchurch, RobertG, Robertcathles, Rohasnagpal, Rolandg, Ronaldgray, RossPatterson, RoyBoy, RoySmith, Roymstat, RozMW, Rprpr, Rrburke, Rror, Ryan Norton, RyanCross, RyanGerbil10, Ryco01, SEWilco, SJP, SMC, ST47, SWAdair, Safemariner, Salaamhuq, SallyForth123, Sam Korn, Sanjay ach, Sanjeevchris, Saqib, Sbanker, SchfiftyThree, Schneelocke, SchuminWeb, Scjessey, Scootey, Scott Ritchie, Sdhonda, Securus, Seinucep, Senctisn, Sesu Prime, Shattered, Shawnhath, Shii, Shoecream, Shoejar, Sigma 7, Sigrulfr, Simon Shek, SimonD, Sjl, Sladen, Slakr, Slightsmile, Snow storm in Eastern Asia, Snowolf, Socrates2008, Sophus Bie, Southboundon5, SouthernNights, Spamlart, Sparky the Seventh Chaos, Spencer, Splash, SquidSK, StealthFox, SteinbDJ, Stevenrasnick, Storkk, Storm Rider, Stressy, Stronginthepost, Stwalkerster, SunCreator, SunDog, SuperHamster, Surreptitious Evil, Symode09, THEN WHO WAS PHONE?, Ta bu shi da yu, Taejo, Tannin, Tayquan, Telempe, Template namespace initialisation script, TerriersFan, That Guy, From That Show!, The Anome, The Monster, The Nut, The Rambling Man, The Thing That Should Not Be, The snare, TheHerbalGerbil, TheListener, Thenowhereman, Thingg, This lousy T-shirt, Tide rolls, Tim Chambers, Timtrent, Tomasic,

178

Article Sources and Contributors
Tomheinan, Tommy2010, Tony1, TonyW, Tpbradbury, Travelbird, Tregoweth, Treisijs, Tuntable, Twat1234567890, TwilligToves, Tylerwillis, Unixslug, Vald, Veinor, Versus22, Vikreykja, Vindi293, Vineetcoolguy, Vsmith, Vuo, Wavelength, Wayward, Webrunner69, WhisperToMe, Whittlepedia, Who, WikHead, Wiki alf, WikiLaurent, Wikibob, Wildwik, William Avery, Wiseguy2tri, Wocky, WolfmanSF, Wpedzich, Wrs1864, X!, Xp54321, YetAnotherAuthor, Yngvarr, YourEyesOnly, Yuhaian, Z10x, ZEUHUD, Zap Rowsdower, ZeWrestler, Zgadot, Zhen-Xjell, Zigamorph, Ziva 89, Zoicon5, ZonedoutWeb, Zragon, Zyschqual, Zzuuzz, Ævar Arnfjörð Bjarmason, ‫ ,.א רמות‬에멜무지로, 1824 anonymous edits Penetration test  Source: http://en.wikipedia.org/w/index.php?oldid=414623378  Contributors: 2mcm, Aapo Laitinen, Adfectio, Ajcblyth, Alejos, AlistairMcMillan, AllanBz, Amalas, Ankit bond2005, Atlant, Beland, Bobrayner, Bulzeeb, C. Foultz, Caesura, CanadianLinuxUser, Cantasta, Chris Chittleborough, Ckatz, Daemonaka, Davbradbury, Derekcslater, Doug Bell, Dubbon, Edward, Ehheh, Ermanon, Everyking, Fieldday-sunday, Frank Kai Fat Chow, Frap, Giraffedata, Godcast, GoneAwayNowAndRetired, Haidut, HamburgerRadio, Heqs, IReceivedDeathThreats, Ian13, Infosec23, Irishguy, Ivhtbr, JCarlos, Janet13, Jasburger, Jedi 001, Jinxpuppy, Johnuniq, JonHarder, Jpubal, KPH2293, Kaldosh, Killiondude, Kukini, Lsamaras11, M3tainfo, Manuelt15, Martinmr79, Martinship, Mild Bill Hiccup, Mile2, Mindmatrix, Ml-crest, MrOllie, Nameless23, NeonMerlin, Newman12a, Nezzalisio, Njan, OmidPLuS, P Carn, Page vanda1iser, Patricioreyes, Pearle, Philip Trueman, Piesechki, Pinecar, Poeticos, PolarYukon, Pradameinhoff, Pxma, Qu3a, Radagast83, Ragib, Raistolo, Random name, Randy Johnston, Ransak, Riya.agarwal, Ronz, Rossheth, Rzelnik, S charette, SF007, Securitytester, Sephiroth storm, Shamanchill, Shifat2sadi, Softtest123, SonOfBuzz, Special, SusanneOberhauser, Systemf, TechnoGuyRob, The Anome, The Thing That Should Not Be, Timc, ToddSweeney, Ultra1ne, Unicityd, VernoWhitney, Walter Görlitz, Whitehatnetizen, Xample, Zabanio, 326 anonymous edits Physical information security  Source: http://en.wikipedia.org/w/index.php?oldid=409760014  Contributors: DragonHawk, Erik9, Frap, GcSwRhIc, Grim23, Intgr, Public Menace, Rebroad, Rockfang, Starschreck, Thiseye, Woohookitty, 7 anonymous edits SMiShing  Source: http://en.wikipedia.org/w/index.php?oldid=411825428  Contributors: Amalas, CliffC, Dave6, Dominic7848, Dough007, Fedkad, InfoSecPro, Jmundo, McGeddon, Navneetkg, Nibblus, Ohnoitsjamie, Princesskatpower, Stardust8212, Zollerriia, 18 anonymous edits Vishing  Source: http://en.wikipedia.org/w/index.php?oldid=406058734  Contributors: Amicaveritas, Caiaffa, Chris Newport, Ehheh, Elvey, Erik9, Frap, FrenchB, Ggilka, Gogo Dodo, Gpvos, Hu12, I already forgot, InfoSecPro, John Millikin, JonHarder, Julesd, Leitz31337, MMuzammils, Marcok, Mattcaplan, Matthew Yeager, Michael Hardy, Moonriddengirl, Mrzaius, Mscwriter, Newyorkbob, Orayzio, Pharaoh of the Wizards, RadioActive, SWAdair, Shabda, Sheitan, Sir Dagon, Snori, Soyweiser, The Anome, Treed23, Verdlanco, 38 anonymous edits Moving scam  Source: http://en.wikipedia.org/w/index.php?oldid=414698945  Contributors: 2k rammerizkool, Alexzehn, AliceJMarkham, Alpha Ralpha Boulevard, Bhudson, Bwalker82, Crd721, DancingMan, Eastlaw, Euchiasmus, Gaius Cornelius, Gene.n.cave, George100, JaGa, Jim hanson, Mrzaius, Mstroeck, Neurokid76, Paul Silverman, Psycler, RadioBroadcast, ScottyWZ, Superbootneck, THB, TheRingess, Time3000, Vignatchenko, 17 anonymous edits List of confidence tricks  Source: http://en.wikipedia.org/w/index.php?oldid=413928529  Contributors: APL, Afalbrig, Alan Liefting, Alansohn, Anna Frodesiak, Arloz, Autopilot, Beland, BigHaz, Blackmatthew, Bogey97, Ctherese, Czolgolz, D6, Denkealsobin, Destynova, Doc9871, Dr.croft, Drbreznjev, Dyanega, Ehaugo, Epiar, Fintelia, Fred Bradstadt, Freelance Physicist, Funkendub, Garkbit, GoingBatty, GorillaWarfare, Groyolo, Gulmammad, HairyWombat, Hans Adler, Harguy, Huw Powell, Ihcoyc, Jerz211, JohnskynKantilever, JoshuaZ, Jpgordon, Kansan, Killy mcgee, Kittybrewster, Larry V, Latez69, Lockesdonkey, McGeddon, Mdukas, Moonriddengirl, Penbat, Powerzilla, Psythik, Quebec99, RARoth, Rich Farmbrough, Skunkelheimer, Slashme, Sperril, Stimpy, Tempshill, The Anome, The Mink Ermine Fox, Theusernameiwantedisalreadyinuse, Thundt, Tide rolls, Tonyfaull, Transity, UberMan5000, Unterweltbcn, Valenciano, Valkyryn, Vinithehat, Wasagabeans, Waxpancake, Woohookitty, YUL89YYZ, Zhang2010.yu, 190 anonymous edits Advance-fee fraud  Source: http://en.wikipedia.org/w/index.php?oldid=414261128  Contributors: .V., 293.xx.xxx.xx, 2D, 419baiter, A bit iffy, A. B., ACJJ, AVand, Aaron Brenneman, AaronSw, Abeg92, Abut, Abw1987, Acabtp, Active Banana, Ageo020, Ahoerstemeier, Ajisekanla, Ajk91, Akradecki, Alex756, AlexP, AlexR, Alucard (Dr.), Ams80, Amy lee is my god, AndrewWTaylor, Andrewlp1991, Andrewmonks, Andrewpmk, AniMate, Aquillion, Arancaytar, Artoftransformation, Arwel Parry, Ary29, Astragale, Aude, Auntof6, Aviara, AxelBoldt, Azate, Babajobu, Babytweety10982, Barek, Beatrice002, Bedawyn, Behemothing, Bennie Noakes, Bgrainger, Bigbluefish, BillFlis, Billgdiaz, Binksternet, BirgitteSB, Blackwasp01, Blakegripling ph, Blechnic, Bloodshedder, BlueAzure, Bluebiru, Blueboy96, Bob McDob, Bobblewik, Bobjuch, Bobo192, Bodnotbod, Bonap, Booyabazooka, BorgQueen, Brettdykes, Brian Kendig, Brighterorange, Brion VIBBER, Brizzygrl, Browolf, Btilm, Bubbha, Buck Mulligan, BurnDownBabylon, Burstinghead, Butnotthehippo, CLW, Cadby Waydell Bainbrydge, Calicore, Calmer Waters, Calvados, CambridgeBayWeather, Camembert, Can't sleep, clown will eat me, CapnPrep, Capstan capstan, Causa sui, Chadjj, Cherylwaller, Chris 73, ChrisCork, Chrisandvicky, Christina Preston, Christopher denman, CliffC, Clngre, Closedmouth, CoBritis, ColinJF, Colonies Chris, Commander, Coolcaesar, Coppertwig, Cornince, Corvi, Costyn, Courcelles, Cqmgeorgian, Credmond, Creidieki, Cromwellt, Czj, D-Notice, DMCer, DOHC Holiday, Damelch, Damicatz, Damouns, DanielCristofani, Danthemankhan, Darkaxel, Davis21Wylie, Dbo789, Dcoetzee, Deathphoenix, Denelson83, Derek Ross, Desplesda, Dhbarr, Dillard421, Discospinster, Dispenser, Dloseke, Dmgmem, Doctorbob, Doctorfluffy, Dom Kaos, Donmike10, Donreed, Dontdoit, Doodle77, Download, Downtown dan seattle, Downwards, Dpv, DragonflySixtyseven, Drat, DraxusD, Dreamsmith, Drewice, Drleftover, Drmies, Dubkiller, Dugdale, Duncharris, Duplicity, Durova, E. Ripley, E. Sn0 =31337=, EBC2000, ESLachance, Eclecticology, Ed629, Edeans, Edward, Eivind, El C, ElPeste, ElTyrant, Eleland, Elgreggo11, Emmanuel2012, Emurphy42, Enigmaman, Entheta, Enviroboy, Etafly, Euryalus, Evil Monkey, Evildeathmath, Evolutionofmankind, Exp man, FT2, FWatcher, Falcon Kirtaran, Falcon8765, Farry, Fences and windows, Ferkelparade, FiReSTaRT, Filius Rosadis, FireWeed, Fishhead, Flopsy Mopsy and Cottonmouth, Florentino floro, Flowanda, Flyingmonkeyairlines, Foxmajik, Fraudwatchers org, Frazzydee, Frenchman113, Freshmeat, Frob, Fubar Obfusco, GMcGath, GRuban, Gail, Gaius Cornelius, Gamma2delta, Gannett, Garet300, Gary King, GeeJo, Geniac, GeorgeLouis, Ghoseb, Gidonb, Gimmetoo, Godcast, Gogo Dodo, Goinggreat, Gonzo fan2007, Gorgonzilla, Graham87, Grahamdubya, Grandia01, Greggganders, Grunt, Gryffon, Gthb, Gu1dry, Gwernol, H.b., Haikupoet, Hairy Dude, Hankwang, Hapsiainen, Harrywiganboy, Heapchk, Heff01, Hellno2, Hillsbro, Hne123, Holme053, Homergreg, Hu12, Huybau, I do not exist, I8189720, Ian Pitchford, Ida Shaw, Igordebraga, Ihcoyc, Immblueversion, Inky, Interiot, Inzy, Iph, Iridescent, Isaacvsgottfried, Isibingo, Isnow, Isomorphic, Izalithium, J.delanoy, JTN, Jack1956, Jackass91418, JamesJBloom, Jayunderscorezero, Jdng, Jeekc, Jehochman, Jenalex, Jeremy Visser, Jerryseinfeld, Jkeene, Jmundo, JoeSmack, John, John of Reading, JohnCD, JohnI, Johnkirkby, Johnny Au, Joseph Solis in Australia, JosephBarillari, Joshuagross, Jossi, Jredmond, Juanpedromartinezdecastilloruiz, Julesd, Julia Rossi, Julierogier, Jusdafax, JzG, KTDykes, Kalmia, Kaszeta, Kateshortforbob, Katyism, Kay Dekker, Kayau, Kbh3rd, Keraunos, Khym Chanur, Kingturtle, KirstnF, Kitty's little helper, Kittybye, Kjkolb, KnightStrider, Knowledgeum, Kozuch, Krietns, Kristen Eriksen, Kristindorsett, Kungfuadam, Kwiki, Kyle Maxwell, LFaraone, LMB, Lacrimosus, Lampman, Larsroe, Latroba, Leamanc, Leerutherford, Lemchesvej, Lenaforsgren, Lerichard, Libraryg, Liftarn, Lightmouse, Liko81, LilHelpa, Lilaspastia, Linkspamremover, Little Mountain 5, Loadmaster, Localh77, Logan, Loggie, Lonn.daniel, LoopZilla, LordHedgie, Lowellian, Luzaire, MStraw, Macca7174, Mackensen, Madmardigan53, Magnus Manske, Mahhag, Maima, Malcolm Farmer, Manderr, MannyJane, Mark Richards, Mark Zinthefer, MarkSweep, Marknagel, Marsh Tracy, Marysunshine, Mathias419, McGeddon, Mcaldwell42, Merqurial, Metageek, Metaphysicalangst, Metron4, Michael Hardy, Michaelkirschner, Michendo, Mike Rosoft, Mike Sorensen, Mikehcg, Mindmatrix, MinnesotanConfederacy, Mjec, Mkb218, Mlk, Modemac, Morcheeba, Motanu02, Mr. Laser Beam, Mr.Grave, MrKIA11, Mtnphotoman, Mul1979, Mushrom, MuzikJunky, Muzzle, Mysteryquest, Naniwako, Naohiro19, Natalie Erin, Nativebreed, NawlinWiki, Nerd65536, Netglobalbooks, Netsnipe, Nicknackrussian, Nigerianspam, Nil Einne, Nixeagle, Nlapierre, Nowshining, Omicronpersei8, Operatorhere, Orbit.love, Orzetto, Ostap R, PBP, Pakaran, Pascal666, Paul Stansifer, Penbat, Pengo, Perfecto, Petri Krohn, Philip Trueman, Phoenixrod, Piano non troppo, Picaroon, PierreAbbat, PigFlu Oink, Pillwords, Piroteknix, PizzaMargherita, Pogue, Pol098, Pontificake, Poor Poor Pitiful Me, Preost, PrimeHunter, Quarl, Quietust, RHaworth, RJASE1, RJO, RadioTheodric, Radiojon, Ragemanchoo, RandomBlackDude, Rdkr, ReadQT, RedWolf, Reinyday, ResidentAnthropologist, RetiredWikipedian789, Rexparry sydney, Rfgrgrg, Rgrg, Rich Farmbrough, Richard Weil, Ricky81682, RiseAbove, Rjwilmsi, Rmhermen, Rnickel, Robert, Robert A West, Robert Mercer, Robocoder, Rohaandg, RoyBatty42, Rpresser, Rrburke, S.Tarikh, SFGiants, SJP, STPgroup, Sade, Saga City, Salgueiro, Sam Hocevar, Sander Marechal, Sango123, Savidan, Scamdex, Scamorama, Schneelocke, Scientus, Secant1, Serein (renamed because of SUL), Shadeyon, Shai-kun, Shantavira, ShelfSkewed, Shirt58, ShootinPutin109, Shultz IV, Siboniwe, Signalhead, SimonFr, SkyWalker, Smoothpyrogen, SmthManly, Soiazabel, Somearemoreequal, Sonett72, SooperJoo, Spallen, Spellmaster, Spliffy, Spoonkymonkey, Squilax, StephanCom, Stephen Compall, Steverapaport, Stevey7788, Stifle, Stoph, Stupid47, Summortus, Superherongpogi, Supertouch, Suppart, Svelyka, Swiss Banker, THEN WHO WAS PHONE?, Tad Lincoln, Takatam, Tarmulane, Tarquin, Tassedethe, Tech2blog, TedE, Teresag, Texture, Th1rt3en, The Anome, The Last Melon, TheCleanUpCrew, TheFeds, TheMacAttack, TheMandarin, Thefifthdoctor, Thehelpfulone, Thomaskibu, Thorn, Thumperward, ThwartedEfforts, Timwi, Tommy2010, Tomroes, Tony Sidaway, Tornados28, Towel401, Tracer9999, Tramlanluan, Transity, Tregoweth, Trivialist, Tryptamine dreamer, Tunapul, Twisto, Ukt-zero, Ummit, User27091, Valenciano, Vanished user 03, Veinor, Vert, ViperSnake151, Vlad, Vranak, Vzbs34, WCFrancis, WLU, Wackymax, WadeSimMiser, Waldir, Walter Görlitz, Wanted, WayneRay, WegianWarrior, Welsh, Wfaulk, WhisperToMe, Wiki alf, William Ortiz, Willking1979, WilyD, Wimt, Wmahan, Woohookitty, Workaphobia, Wws.info, Wwwwolf, Xed, Xqrt923, Yamamoto Ichiro, Yaturi3, Yelyos, Yoghurt, Zamte, Zappa san, Zephyrad, Zragon, 1128 anonymous edits Pig in a poke  Source: http://en.wikipedia.org/w/index.php?oldid=408111821  Contributors: 6birc, Aldaron, Altenmann, Alygator, Arohemq, Ataru, Badger Drink, BiT, BigHaz, Blahaccountblah, Bongomatic, Carnildo, ClaesWallin, Colin Kimbrell, Dan.Armstrong, Dismas, Eixo, Eleassar, Emberstrife, Emcmanus, Espoo, Everyking, George6996, GregorB, IByte, Invertzoo, John M Baker, Joriki, Jpetrov, Kansoku, Kanuk2001, Kivima1, Krun, LilHelpa, Lohengrin1991, Male1979, Matthew Platts, McGeddon, Michae2109, Mnemo, Nikola Smolenski, OwenBlacker, Pboy2k5, Pedant, Penbat, Petri Krohn, Phydeaux, Piledhigheranddeeper, PillowCaseLaw, RagingR2, Rantamm, Rjwilmsi, Rubensni, Rugops, Toon81, Vrenator, Waltloc, Woohookitty, Wwitb, 77 anonymous edits Thai gem scam  Source: http://en.wikipedia.org/w/index.php?oldid=392463160  Contributors: (aeropagitica), Acentam, Ahoerstemeier, Alucard (Dr.), Blaxthos, Born2x, Bubbha, Bz2, Calliopejen1, Chl, CorbinSimpson, Dasani, Dominus, Doseiai2, Drewshaker, Fourohfour, Galaxiaad, Jaeryn, Kjkolb, Longhair, Malaysiacapitalist, Matthew Platts, Modster, Paul 012, Penbat, Rhrad, Vegaswikian, Vuo, WhisperToMe, Woohookitty, Zragon, 26 anonymous edits White van speaker scam  Source: http://en.wikipedia.org/w/index.php?oldid=415627640  Contributors: 12b3, Adamsyd83, AdjustShift, Advanced Information, Aef123, Aitias, AjSC1976, Alanhenning, Alexdi, Alvis, Amalthea, Amritesh Kala, Animum, Anna Lincoln, Armenia1915, Ataru, Audiopimp, Awiseman, AznBurger, Badger Drink, Belg4mit, Bingobangobongoboo, Binksternet, Bjdehut, Blabag, Blah28948, Bloodshedder, Bongwarrior, Brick Thrower, Bsadowski1, Calgary, Catgut, Causa sui, Chaparyan, Chris radcliff, Chrisnel, Clemcheng, Closedmouth, CobraBK, ContiAWB, Cormacmccoy, Ctjf83, DJ Clayworth, DanMS, Davewho2, Deconstructhis, Denmarkaudio, Dffgd, Dismas, Dominus, Download, Drmchsr, Dudeyowuzup, E-Kartoffel, Echuck215, Emoxley, Falcon8765, Faradayplank, Fjsjfgsfgsgsg, Foetusized, Gaelen S., Galaxiaad, Genius101, Gigs, Grim23, Groyolo, Herbythyme, Hsc0589, Infiniteknowledge69, Infinitysnake, Insanity Incarnate, Ja 62, Jac16888, James Pappas, Jason1976, Jcbarr, Jhbuk, Jitse Niesen, Jj10 contribs, Jj137, Joesmithf1, Jonabbey, Jorgesca, Jstone13, Justanother, Kalel10288,

179

Article Sources and Contributors
Kaszeta, Kesac, Kittybrewster, Kubigula, Lexistaylor, Macktheknight, Marcwiki75, Martin451, Matthewhardy86, McGeddon, MeltBanana, Mrand, Neelix, Netsnipe, Nhra428, Nil Einne, Nobull1, NotAnonymous0, Nroper17, Obesa, Oceanrider2003, Olinross, Oneiros, OverlordQ, Paulie420, Pbwiki101, Penbat, Pfredd, Piercejenn, PrestonH, QueenCake, RJaguar3, Ramaramarama1112, RaymondHeng, Recognizance, Remarkable53, Rhrad, Rich Farmbrough, RobertMfromLI, Rrburke, Sanbeg, Scrawlspacer, Seaphoto, Seba5618, Seth slackware, Smith Jones, Snigbrook, Springnuts, StaticGull, Stinkyloot138, Suprwhtboy, Swedhombre, Sylvene, Tabletop, Tacoekkel, Tanthalas39, Thumperward, Tktktk, Toptechn007, Tsani WPB, Tubeyes, Tumeke1234, VMS Mosaic, Valhallasw, Versageek, Versus22, Vossman, WikiDropper, Wikimelbourne2006, Wjhonson, Woohookitty, Wvs479, Xiong Chiamiov, 509 anonymous edits Badger game  Source: http://en.wikipedia.org/w/index.php?oldid=390960352  Contributors: A dingo2000, ACSE, Alvis, Ataru, Brian Kendig, Bushwacka1973, Classicrockfan42, Cosiosco, DagErlingSmørgrav, Dale Arnett, David Gerard, Dethme0w, Dismas, DocWatson42, ElectricSkrill, Graham1973, Great Scott, Hellno2, Hu, Karada, Longhair, NuclearWarfare, Penbat, Psiphiorg, Rjwilmsi, Sambc, Septemberfourth476, Sjc, Smart guy39, SohanDsouza, Struway, Tamfang, The Anome, The Epopt, TheIncredibleEdibleOompaLoompa, Tyciol, UltimatePyro, Whouk, 39 anonymous edits Clip joint  Source: http://en.wikipedia.org/w/index.php?oldid=381229379  Contributors: 28bytes, Able Clerk, Ataru, Beyondbelief11, Bigbucksyo, Bradeos Graphon, David Justin, Downtown sound, EdX20, Enzo Aquarius, Fivemack, Galaxiaad, Gtrmp, Hayaclayton, Hertz1888, IRP, Jujubean55, Karada, Ladii artiste, MCB, Master of Pies, Neelix, Nunquam Dormio, OrangePeel, Penbat, Pointer1, Queenmomcat, Roswell Crash Survivor, SchuminWeb, Sgt. Muffles, SilkTork, ThaddeusB, The Anome, Thumperward, Tyciol, Yamla, Yonskii, Zane McFate, 45 anonymous edits Insurance fraud  Source: http://en.wikipedia.org/w/index.php?oldid=413983878  Contributors: Andymadigan, BartlebyScrivener, Brunton, Captain panda, Chabaka, CliffC, Discospinster, Dkboone, Dmol, Eisolson, Flowanda, Geoinline, Gwguffey, Hu12, Insfraud, Intrigue, Iottiak, Jonsg, Looie496, MER-C, Madines, Nagle, Napkin65, Nicholas Weiner, Nsigniacorp, Oblivious6, Piano non troppo, Pnm, R'n'B, RememberCharlie, Rharun, Rjwilmsi, Sardanaphalus, Seivad, StephenBuxton, Truthincorporated, Vala M, Wavelength, Whartspike, WikiLaurent, Wolftengu, Wrightbus, 60 anonymous edits Fiddle game  Source: http://en.wikipedia.org/w/index.php?oldid=410941613  Contributors: Alan Liefting, Daemon8666, Ettrig, Hq3473, Icarus3, LilHelpa, Lucky 6.9, Penbat, Wasell, Woohookitty, 1 anonymous edits Pigeon drop  Source: http://en.wikipedia.org/w/index.php?oldid=401879229  Contributors: Ashmoo, Asoupster, Ataru, Cvaneg, D.brodale, DS1953, Dino, Earle Martin, Eekerz, Fæ, McGeddon, Mintrick, Nicolasmontoya, NormanEinstein, Penbat, Pilomotor, Robofish, Spetey, Surturz, Tamfang, Tktktk, Travis Wells, Zephyrad, 19 anonymous edits Art student scam  Source: http://en.wikipedia.org/w/index.php?oldid=415236020  Contributors: AMuseo, Arbitrarily0, Arxiloxos, Avraham, Bielle, Binksternet, CasualObserver'48, Cla68, Cmadler, Cptnono, Epbr123, Epeefleche, Esemono, Factomancer, Fences and windows, Future Perfect at Sunrise, Gidonb, Gilabrand, GoingBatty, GregorB, Ground Zero, Hans Adler, Hmbr, Huey45, Kindzmarauli, Marokwitz, Mbz1, Mimo77777, Mohamed Magdy, Mooncow, MoondyneAWB, Mycomp, Noon, Nyttend, Oboler, Owen214, Pablo X, Penbat, Peter cohen, Piledhigheranddeeper, Plot Spoiler, Preciseaccuracy, Robofish, RomaC, Sandstein, Shuki, Silver seren, Slatersteven, Smallman12q, Tiamut, Truthkeeper88, Ucucha, Unomi, WTucker, Wnt, Woohookitty, ZScarpia, Zero0000, ‫ 01 ,ילוקורב‬anonymous edits Psychic surgery  Source: http://en.wikipedia.org/w/index.php?oldid=411925682  Contributors: ***Ria777, 293.xx.xxx.xx, Ahoerstemeier, Alison, Angel2000, Antelan, Arbustoo, Arcsincostan, Avb, Axl, Bobbaxter, CDN99, Calton, Catherineyronwode, ConfuciusOrnis, Cricketgirl, Daoken, Decora, Digwuren, DocJohnny, Dougweller, Dpbsmith, Dreadstar, Dryman, Editor2020, Enric Naval, Farseer, Figma, FirstPrinciples, Flyers13, Foofbun, Gaffa11, Gaius Cornelius, Gary D, Geni, Gillyweed, GirasoleDE, Glloq, Graham87, Hydrargyrum, IPSOS, Ibbn, Icairns, Jeff Silvers, Jeffq, Jennylen, Jkoudys, Jni, John Nevard, Jorge Stolfi, K2709, Kirbytime, Krylonblue83, Librarian2, Lucyintheskywithdada, Mandarax, Martinphi, Mmoyer, Modemac, Moncrief, Morven, Moshe Constantine Hassan Al-Silverburg, Nealparr, Nightscream, Noclevername, Ollj, Pakaran, Perfectblue97, Random user 39849958, Reinis, Rich Farmbrough, Rjwilmsi, RogueNinja, Sapphic, Simpsons 2006, Spiritinwales, Teernstra, Ttonyb1, USN1977, Vogensen, YUL89YYZ, 86 anonymous edits Organized crime  Source: http://en.wikipedia.org/w/index.php?oldid=412750883  Contributors: -Majestic-, 203.109.250.xxx, 4twenty42o, 5 albert square, AB, ACSE, Accurizer, Adam McMaster, Adashiel, Addshore, Aetheling, Agtaz, AjitPD, Alansohn, Alex Destructive, Alphachimp, Angel ivanov angelov, Antandrus, Apfox, Arminius, Ash, Ask123, Atif.t2, Aunit36, Avenged Eightfold, Avilena, BAlliNX3, BD2412, Babbage, Balsa10, Basey555, Bdragon, Begbiepwns, Beland, Belomorkanal, Bencherlite, Benstown, Benvogel, Bggoldie, Big Adamsky, Big Bird, Bjf, BlackLocust, Bletch, Bobmack89x, Bobo192, Bogey97, Bradleylewis, Brthomps, Bsheppard, Caldwell malt, Calimie, Can't sleep, clown will eat me, Canihaveacookie, Canterbury Tail, Cbcohen, Ccacsmss, Cedrus-Libani, Chanyangyond, Charles Luciano, Cheque some, ChiMama, Chico714, ChildCareI, Chovain, Chrylis, ClickRick, CliffC, Colette Green, Contributor168, Conversion script, Coolcaesar, CosineKitty, CrimestoppersUK, Cronian, Cubs Fan, D. Recorder, DNewhall, DO'Neil, Da Vynci, Da monster under your bed, DaL33T, Damotclese, Dan6hell66, DanielArmirolaR, Dark reaper6789, Darkfrog24, David Gerard, David91, DavidLevinson, Dcooper, Dekisugi, Deltabeignet, DerHexer, Discospinster, DocWatson42, DonCalo, Dori, Dough007, Doulos Christos, Dragon 280, E Wing, Ecosciences, Edcolins, Edgar181, Edward, Edward Esposito, Edward321, Ejeder, Emact, Eranb, Erujiu12, Espoo, Euryalus, Evanmcmike, Exiledone, Falcon8765, Fastily, Flex, Fordmadoxfraud, Fotisaros, Freakofnurture, Galoubet, Geniac, Gilliam, Giovanni Giove, Gonzalo84, Gototown, GrAfFiT, Graham Chapman, Grampion76, Granpuff, GregAsche, Ground Zero, Grumpyyoungman01, GryffinDarkBreed, Hafmark, HalfShadow, Harryheaver, Hateless, Hessamnia, Hetar, Hoodie345, Hypergeometric2F1(a,b,c,x), I4c, Ihcoyc, Infrogmation, Insommia, InvictusCaesar100, InvisibleK, Iridescent, IronChris, Italianmobboss, Ivan Bajlo, Iyadmm, J.delanoy, JForget, Jagged 85, Japanese Searobin, Jason M, Jayseye, Jdz, Jeffq, Jezzabr, Jmchuff, Jni, Joffeloff, John254, Jojocool117, JonHarder, July42008, JustinMullins, Justinemery, Jvaf26, KFP, Kasyapa, Kevin Rector, Khanhamzakhan, Kieranefc, Kingpin13, Knicdomi, Knowsetfree, KoshVorlon, Ksyrie, Kubigula, Kungfuadam, Kuru, Kwertii, Kyle Maxwell, L0b0t, LAX, Landisimo, Lapsed Pacifist, Lawrenciana, Levineps, Lexor, Limaverdo, LinoPop, Littledeucecoupe427, Loremaster, Loren.wilton, Loren36, Lowellian, Lucian892, Lucky13pjn, MER-C, MPerel, MadMax, Makemi, Malcolmxl5, Mallanox, Marc Venot, MarkS, Markdoesbark, Marklemagne, Martijn Hoekstra, Martinp23, Matthew Fennell, Mdd4696, MetroStar, Michael Essmeyer, Michael Hardy, Midgrid, Midnite Critic, Mirrormundo, Miss Madeline, Mission9801, Mistikempire, Mmoyer, Monkeycheetah, Morpheuspictures, Mpeisenbr, Mr. Sanchez 13, MrOllie, Mufka, Nae'blis, Naravorgaara, NawlinWiki, Nicknackrussian, Notinasnaid, Ntosar, NuclearWinner, Oath1111sd823, Ohconfucius, Olegwiki, OnBeyondZebrax, Orphan Wiki, Outlanderssc, Overthinkingly, Owen, P812111, PCock, PMDrive1061, Palica, PaperTruths, Pelex, Perfecto, Persian Poet Gal, PersonalJacy, Philippo26, Philwelch, Piano non troppo, Pinethicket, Piotrus, Plantsbrook, Plosschen, Postdlf, Quebec99, QueenofBattle, Quuxplusone, Random user 39849958, Rayyung, Rdinvest, Reaper Eternal, Redthoreau, Reedy, Reflex Reaction, RepublicanJacobite, Retiono Virginian, Retired username, Rettetast, RexNL, Richiekim, Rjwilmsi, Roadrunner, Rollo44, Rondh69, Room429, Rune X2, Russavia, Sam, Schematismus, Scottrothstein, SebastianGS, Serbitar, Sharpvisuals, ShayDC, Shenme, Shino Baku, SimonP, Skitunge52, Snowolf, Snowolfd4, SoHome, Sonicology, Sonicsuns, Sphinx1, Srnec, Stewacide, THEN WHO WAS PHONE?, Tassedethe, Terra2009, The Rationalist, TheProf07, Thebt, TimVickers, Timdesuyo, Tohd8BohaithuGh1, Tothebarricades.tk, TransUtopian, Triwbe, TruthandJustice78, Unschool, VasilievVV, Vastu, Veganmolotov, Verdadero, VeronicaPR, Versus22, Viridian, Vishnava, Vksun, Vuo, WLU, Wavelength, Wayiran, We hope, Whosyourjudas, Wiki libs, WikiCheckFile, Wikieditor1988, Wikiuser100, WilliamMThompson, Wingman358, Wklee, Woohookitty, Xxshaggy9xx, Yipely, Yuranlu, ZS, Zero no Kamen, Zigger, Zink Dawg, 856 anonymous edits Identity theft  Source: http://en.wikipedia.org/w/index.php?oldid=414882569  Contributors: "Primitive Revolutionaries of China, *3Xquizit, 1namsuk, 242Selby, A. B., A8UDI, A930913, Aabrol19, Aapo Laitinen, Acroterion, Adrslhg, Afpre, Agentnj, Alansohn, Alex.muller, Alias Flood, Alternation jrl, Alvin-cs, Andeggs, Andyroo316, AngelOfSadness, Angela26, Animum, Ann Stouter, Anthony, Arcturus, ArglebargleIV, Arichnad, ArnoldReinhold, ArrowQuivershaft, Ascidian, Avala, Avanu, BIL, Baa, Becks48, Beetstra, Beland, Big Mac, Bill37212, Blehfu, Blquest, Bobo192, Bonadea, Bongwarrior, Bradgreer, Brockert, Bryan Derksen, Burlywood, Buster7, COMPFUNK2, Cahk, Calebegg, Calltech, Can't sleep, clown will eat me, Capricorn42, Capt. Helix, Catgut, Ceshiyixiab, Cesue, Cheerfuldave, Cheeseman Muncher, Cherkash, ChiefStrategist, Chopchopwhitey, Chris the speller, Chris8, Chrislk02, Chzz, CinnamonApril, Ciphers, Cirt, Citim, Cjameschang, CliffC, Closedmouth, ColtonMabis, CommodiCast, Common Man, Contusion, Coolcaesar, Corporate fudiciary, Crakkpot, Creidieki, Cricketseven, Crobb305, Curious1i, D, DMTayag, DMacks, DS1953, Da monster under your bed, DancingPenguin, Dancter, Dandv, Daniel 1992, Dansiman, Dariffle, Darth Panda, Das Baz, David91, Decltype, Delldot, Deltateam2, DerHexer, Dhs14, DigitalC, Discospinster, Dmol, Dominic, DuKot, Ducrecon, Dwainberg, E. Ripley, E.G., ESkog, Earlypsychosis, Edward Wakelin, Edward321, El C, Electrolicious, Elitism, Eliyak, Elkman, Elukenich, Elvey, Emersoni, Eric Wester, Ericdn, Erxnmedia, Eugene-elgato, Exodusgen, Favonian, Fcimiami, Felixdakat, Fergusonian, Fiilott, Flagbag, FloNight, Fortisever, FrankRod, Funandtrvl, Furrykef, Galoubet, Gameplaya888, Gareth Owen, Garrick92, Gary D, Garybrimley, Geboy, Generic9, Gilliam, Ginsengbomb, Giraffedata, Gloriamarie, Gobonobo, Gogo Dodo, Goodnightmush, GraemeL, Grim23, Gwernol, HSL1, Hadal, Hananekosan, Harryboyles, Harrychauhan1980, Harryzilber, Healthylaw, Hede2000, Heff01, Henrikbag, Hharness, Hiationi, Hu12, Hutz13, I already forgot, IDTP, IDinfo, ISD, Ida Shaw, Idiotslowdown, Idwatchdog, Ifthecomputersaysno, Ilva, IncognitoErgoSum, Insanity Incarnate, Iridescent, IronGargoyle, J.delanoy, J04n, JIMGGGG, JMSybesma, Jackol, JamesRegan, Jampainter1, JanHart, JanRoijen, Janhart1@planet.nl, Japhremial, Jasondmath, Jayron32, Jboyyoga, JeepdaySock, Jeff G., Jeff Muscato, Jeffq, Jemuwambua, Jennybunns12, Jezramsforth, Jimmybread, Jimmyp3016, Jlygrnmigt, Jmw0000, Jobradovic21, Jogers, John wesley, Jokes Free4Me, Jomtvedt, JorgeS, Joshua, Joystick08, Jrosenfe, JudyJohn, Jujutacular, Jules, Jusjih, JustAGal, JustAddPeter, Justamute, Jvdleftcoaster, Kane5187, Karategodan, Keegan, Keilana, Kengibson2001, Kernelingus, Kevin Forsyth, KiBlaze37, Kingpin13, Kingturtle, Kmverdi, KnowledgeOfSelf, KrakatoaKatie, KrnBrny, Kubigula, Kuru, Kurykh, KySang SctWhite, Kyleflan, L Kensington, LOL, Lear's Fool, LeeHunter, Leuko, Lewiscb, Lexiken, Licon, Lightsup55, Liko81, LilHelpa, Linkspamremover, LinuxAngel, LittleDan, Livajo, Lmblackjack21, Logical Cowboy, Luna Santin, Lungsh0t, M.K.Y1902, MBisanz, MER-C, MIRNZY, Maddie!, Maddiegrace, Malcolmxl5, Malevious, Malo, Manishearth, Maolaoshu, Marchije, Markmack0604, Marshmallow1304, Martarius, Martial Law, MartinRe, Marysunshine, Mattzoo, MeS2135, Mentifisto, Meretruth, Michael Essmeyer, Mifter, Mihairad, Mike A Quinn, Mikebent2007, Millstream3, Mindmatrix, Minna Sora no Shita, Misortie, Misrward, Mjb, Mmernex, Monkeyman, MonoAV, Mordomo, Muchness, Muladhara, Mutinus, My name, Mygerardromance, Mynameisef, NThomas, Nabeth, Nakon, Ndriscoll, Neilf4321, NellieBly, NetRolller 3D, Neverquick, New traffic pattern, Nickj69, Nikidog, Nivix, Njupas, Nlu, Nneonneo, Nnp, Nomorephish, Norm mit, Northern, Notaryone, NoticeBored, Notinasnaid, Nuclearmedzors, Nuwewsco, Nydas, Offoaro1234, Ohnoitsjamie, Ojoc, Oldgrowyoung, Omniviron, Onore Baka Sama, Oore, Orbitalcombustion, OregonD00d, Orzetto, Ottawahitech, Owen, Oxymoron83, Palsmith, Parvazbato59, Pascal.Tesson, Pde, Peoples, Perfecto, Phgao, PhilKnight, Philip Trueman, Phoenixrod, Piano non troppo, Plin, Pnm, Pointlessforest, Prichardson, Pseudomonas, Psrq, Psy guy, Qxz, R Lowry, R'n'B, RL0919, Raaj81, Racepacket, Rachelgkim, RadioActive, Raffaele16, Rambam rashi, RayKiddy, Razorflame, Reconsider the static, Reedy, Reinhardheydt, Rengaw01, Republicoftimucua, Reyk, Rfc1394, Rhodekyll, Rhodesh, Rje, Rjwilmsi, Rklawton, Robb XD, RobertG, RoboAction, Ronz, Rossami, S.Tarikh, Sailsbystars, Salamurai, Sam Korn, Sanders muc, Sango123, Sarc37, Sardanaphalus, Scaifea, Scapler, Scotsworth, Secretcurse, Securus, SgtDrini, Shaddack, Shadowjams, Shahbasharat, Shark96z, Shenme,

180

Article Sources and Contributors
Shizzle5, Shlomke, Sietse Snel, Silverjonny, Simetrical, Singularity42, Sjc, Sjö, Skarebo, Skyclown, Smalljim, SmartGuy, Snapperman2, SorryGuy, SouthernNights, Souvikmaitra, SpanishCastleMagic, Spartaz, Spectre9, SpeedyGonsales, Spiffyjeff, SpuriousQ, Steinzo, Stephenb, Stev0, Stevegallery, Sturm55, Stymiee, Swartzturfle, Swiggum, Sylent, TeaDrinker, Tellyaddict, TexasAndroid, The Evil IP address, The Gilly, The Halo, The Nut, The Rambling Man, The Thing That Should Not Be, The Utahraptor, The.Truth, TheFeds, Thingg, Thiseye, Thmgroup, Thompcha, Tiddly Tom, Tnt7973, Toddst1, Tommy2010, Tony1, Trödel, TwistOfCain, TylerKnew, U.S.A.U.S.A.U.S.A., Uknowit, Umich21, Vaheterdu, Veinor, Versus22, Visualize, Vkey0234, Voyagerfan5761, Wavelength, Wdfarmer, Webhat, West.andrew.g, WhatamIdoing, WikHead, Wikiklrsc, Wikipe-tan, Wikipeditor, Willie the Walrein, Willking1979, Wisq, Wknight94, Wohlstand, Woohookitty, Wpbl, Wtlegis, Wtmitchell, Wuzur, Xezbeth, YUL89YYZ, Yachtsman1, Yupik, ZeWrestler, Zeitgeist248, Zigger, Zoicon5, Zondor, Zwiki, Zzuuzz, 1096 anonymous edits Money laundering  Source: http://en.wikipedia.org/w/index.php?oldid=415466183  Contributors: (;D- hymyilevä takapiru, 121a0012, 206209nyc, Aeonx, Agtaz, Alakritz, AlexPlank, Alinor, Alsandro, Altenmann, Andreas Toth, Andrew Reynolds, Andrewpmk, Andy marshall81, Andy120290, Antfern, AnthonyQBachler, Anurag Garg, Apollo1758, Autiger, AutoGeek, AxelBoldt, Baby Jenga, Baldhur, Barney Gumble, Barras, Beagel, Bforsyth, Bmicomp, Bob Weiss, Bobmack89x, Bongwarrior, BorgQueen, Borgx, CLW, CWii, CalvinGraham, Can't sleep, clown will eat me, Cantus, Captain02, Cassowary, Casull, Cburnett, Centrx, Chaldean, Chancemill, ChildofMidnight, Chipuni, Chris Caven, Chrism, Chronulator, Circeus, Conversion script, Copylaw, Crackerbelly, Crimson 05, Cybercobra, Cyfal, DC, DJA05, DMCer, Dantadd, Darklilac, Darrenhusted, Dave420, Daveswagon, David Winch, DavidLevinson, DavidP73, DavidwinchUK, DeadEyeArrow, Deathtopudding, Deconstructhis, Dejan33, Demiurge, Denelson83, Descendall, Discospinster, DocWatson42, Dogface, DonCalo, Donreed, Dori, Dough4872, Drivenapart, DropDeadGorgias, Duncan.france, Duste22, Dysk, ESkog, Eastlaw, Edgar181, Edward, Eelamstylez77, Either way, El Capitaine, Elbarto402003, Epeefleche, Erebus Morgaine, Evan G, Extransit, F15 sanitizing eagle, Famspear, Feezo, Ferkelparade, FisherQueen, Flagman7, Florentino floro, Format, Fram, Frecklefoot, Funandtrvl, Furrykef, GCarty, Gaius Cornelius, George Burgess, Gloriamarie, Good Olfactory, Graf Bobby, Gunter.Schmidt, Haham hanuka, Hairchrm, Hairy Dude, HamTin, Harry Dawes, Haveronjones, Hazir, Hcberkowitz, HedgeFundBob, Hkd2029, Hu12, Hughcharlesparker, Hyperflux, Icarus3, Imageidea, IncognitoErgoSum, Ireyes, JIMGGGG, JQF, Jackfork, JanChodec, JanHart, Jaridlukin, Jay Gatsby, Jecowa, Jeff G., Jefferson61345, Jem147, Jessemerriman, Jim43525223, Jmax-, JohnOwens, Johnbod, Johnskrb2, Johnson8776, Jorge331, Jrtayloriv, Jstorres, JulieADriver, Kaliz, Katiker, Kbk, Keegscee, KeithAllen, Kenyon, Khalid hassani, KiViki, Kingpin13, Kjoonlee, Kmorozov, Koavf, Kransky, Lars Washington, LeeG, Leeidiot008, Legis, Lepps67, Leuko, Linkkennedy, MER-C, Malleus, ManConley, Mandarax, Marek69, MatthewVanitas, Metallurgist, Mhking, Miamihitman, Michael Essmeyer, Michael Hardy, Michael Shields, Middlenamefrank, Millsdavid, Mlouns, Mongoosander, MonsignorMonkeyFeatures, Mrlodotcom, Mrvegas61, Mtd2006, NMChico24, Na7, Nabeth, Natl1, Nbirnbach, Neelix, Nehrams2020, Nevakee11, Nick, Night Gyr, Nike787, Nimpact, Nimur, Nirvana2013, Not a dog, Olegwiki, Orancho pancho, OwenBlacker, PahaOlo, Pakaran, Paradoxsociety, Parishan, Pcampanaro, Penwhale, Peterfierz, Phaedriel, Philip Trueman, Piano non troppo, Pilski, Plosschen, Plymouthpictures, Postdlf, Prakigam, Propeng, Psb777, Psmither, Quaeler, RapidR, Remnar, Rgoodermote, Rividian, Rjwilmsi, Rmatney, Roadrunner, RobinHood70, Ron Barker, Room101, Rttam, RucasHost, Rune X2, Runtime, Ryanrs, ST47, Saga City, Samw, Sargdub, Savantpol, Scwlong, Sean D Martin, Seba5618, Senator Palpatine, Shadowjams, Shentino, Shimgray, Simon123, Simon80, SimonTrew, Skomorokh, Slatersteven, Slawojarek, Slightsmile, SlimVirgin, Smyth, Snafflekid, Snoyes, Softron, SpareHeadOne, Sparky62, Squalk25, SqueakBox, Squids and Chips, Stephenwplatt, Striver, Sunapi386, Ta bu shi da yu, Takeshita kenji, Tamilmani, Tazmaniacs, Tflattery, The Thing That Should Not Be, The Wonderlander, TheTrojanHought, Thebogusman, Thefactman01, Thegline, Theo148, Theresa knott, Tholly, Thumperward, Tivedshambo, Tommy2010, TwistOfCain, Tyleclark, Uvaduck, Verstan, Viajero, Waggers, Wallstreethotrod, Warteen, Wasted Sapience, Wayne Slam, Westsider, Whiner01, Wikipediatrix, Wmahan, WojPob, YUL89YYZ, Yworo, Zanimum, ZimZalaBim, ZooFari, 749 anonymous edits Extortion  Source: http://en.wikipedia.org/w/index.php?oldid=410444613  Contributors: AThing, Aecis, Af648, Allstarecho, Andeggs, Andreadema, Andycjp, Angela, Antandrus, Aruton, AubreyEllenShomo, Audry2, BD2412, Betterusername, Big Adamsky, Binksternet, BinoChrist, Bob A, Bobmack89x, Cadjani, Cailil, Canterbury Tail, Cavenba, Cdcon, Cirt, Conscious, Creatednewaccount, Diddi, DocWatson42, DonCalo, DrDeke, Dtobias, Dukeleto, Emufarmers, Feldspaar, Fieldday-sunday, FrederickFolger, Freerick, Fubar Obfusco, Ghetteaux, Giraffedata, Gizzakk, Goingwithout2001, Goldenglove, Goodraise, HH88, Hairy Dude, Harksaw, Hrdudeness, Hushpuckena, Husond, Inkstersco, IronGargoyle, Jagged 85, Jagreuben, Jcp411, JohnCD, Jpm2112, Karada, Keilana, Kerotan, Kmarinas86, Koven.rm, Kransky, KuroiShiroi, La goutte de pluie, Lanius, Lotje, Lowellian, Lucky13pjn, Marilynniisflyyy, Mastercheif, Mayumashu, Michael Essmeyer, Mindunder36, Moonriddengirl, ONEder Boy, Paradigmbuff, Patrick, Pdcook, Penbat, Pnm, Postdlf, Proboscis monkey, Quercus basaseachicensis, RA0808, RasqualTwilight, Reedy, Rockpocket, Sardanaphalus, Sasquatch, Scott Sanchez, Secretlondon, Shilonite, Shinmawa, Snideology, Spettro9, Stevey7788, Sweetfreek, Thumperward, Tide rolls, Tobogganoggin, Tompagenet, Valentinejoesmith, Variable, Vhsjordan24, Vsb, Wellreadone, Whosyourjudas, Yiyun, Yopure, Ysangkok, Zack, 184 anonymous edits Hacker (computer security)  Source: http://en.wikipedia.org/w/index.php?oldid=414678252  Contributors: 007exterminator, 5 albert square, 7OA, A. Parrot, A1b1c1d1e1, Abb3w, Acatyes, Acidburn24m, Acroterion, Adambro, Adamryanlee, Addshore, AdjustShift, Adrian, Adrianwn, Agent Smith (The Matrix), Aiden Fisher, Aitias, Akasosetutza, Alansohn, Alexmunroe, Allen4names, Allstarecho, Alpha 4615, Ameliorate!, Amirhmoin, Ammubhave, Andponomarev, Angelafirstone, Animum, Anthony62490, Antipode, Apparition11, Armeyno, Army1987, Arthena, Ash, Asphatasawhale, Atsinganoi, Atulsnischal, Aubwie, Aude, Aviator702-njitwill, Axonizer, Bachrach44, Badgernet, BananaFiend, BarretBonden, Bburton, Bdorsett, Bedwanimas214, Ben Ben, Benedictaddis, Beno1000, Bgs022, BigChris044, Blanchardb, BlastOButter42, Bobo192, Bogey97, Boing! said Zebedee, BokicaK, Bongwarrior, Br33z3r, Brianpie, Brothejr, Bucketsofg, CRYSIS UK, CYRAX, CanadianLinuxUser, Capricorn42, Cdf333fad3a, Celebere, ChadWardenz, Charles Matthews, Chris the speller, Chuunen Baka, Click23, Cometstyles, Comperr, Computerhackr, Computerwizkid991, Condra, Coolhawks88, CosineKitty, Courcelles, Crakkpot, Creepymortal, Cybercobra, DARTH SIDIOUS 2, Dan Brown456, Danbrown666, Daniel 1992, Danno uk, Dark-Dragon847, DarkFalcon04, Darkspin, Darkwind, DarthVader, Davewild, David91, Davman1510, Dcb1995, Decepticon1, Dejan33, Delivi, Delmundo.averganzado, DerHexer, Deskana, Deutschgirl, Digital Pyro, Diligent Terrier, Dipu2susant, Discospinster, Doctor who9393, DogPog1, DoubleBlue, Doug, DragonflySixtyseven, Droll, Dspradau, Duk, Egmontaz, Ehheh, Ejdzej, ElKevbo, Elassint, Elvenmuse, Encyclopedia77, Epbr123, Erik9, Error -128, Evaunit666, Evilmindwizard, Excirial, Ezzk, FCSundae, Faradayplank, Farry, Fastily, Fat4lerr0r, FayssalF, Footballfan42892, Fordmadoxfraud, Fran Rogers, Freakofnurture, Frehley, Freqsh0, Frosted14, Fuhghettaboutit, Fæ, Gaius Cornelius, GeneralIroh, Ghepeu, Gigor, Glacier Wolf, Gogo Dodo, Graham87, Grandscribe, Grim Revenant, Grimhim, Gwernol, Gyakusatsu99, H2g2bob, HTS3000, Hackistory, Halod, Hannibal14, HarmonicSphere, Harryboyles, Haseo9999, Haxor000, Headchopperz, Hexatron2006, HistoryStudent113, Hmains, Holyjoely, Horrorlemon, Howlingmadhowie, Howrealisreal, Hroðulf, Hu12, Hudy23, Hydrogen Iodide, IAnalyst, Iamahaxor, Icey, Igoldste, Im anoob68, Imanoob69, ImperatorExercitus, Indexum, Intershark, Intgr, Ipwnz, Iridescent, Irishguy, J.delanoy, JForget, Jackollie, Jameshacksu, Japonca, Jasgrider, JayKeaton, Jaybhanderi, Jclemens, Jebba, Jehochman, Jennavecia, JimVC3, Jmundo, JoeMaster, John of Reading, JohnDoe0007, JonWinge, Joyous!, Juliancolton, Jvhertum, Jwray, K-lhc, KVDP, Kakero, Katalaveno, KayinDawg, KelleyCook, Kelly Martin, Kendelarosa5357, Ketiltrout, Kewp, Khoikhoi, KillerBl8, Kingpin13, KnowledgeBased, Knowzilla, Kokey, KrakatoaKatie, Krazekidder, Kreachure, Kubanczyk, Kungming2, Kurykh, Ladanme, Landon1980, Leuko, Lilnik96, Limideen, Lolhaxxzor, Lolimahaxu, Loren.wilton, Lradrama, Luna Santin, MBisanz, MER-C, MHPSM, MK8, Maelwys, Mahanga, Manticore, Marcika, Mark7-2, Martarius, Martychamberlain, Maziotis, Mccleskeygenius10, Mckaysalisbury, Meeples, Mentisock, Mgiganteus1, Michael Snow, Michael93555, Mike Rosoft, Mindmatrix, Minimac, MisterSheik, Mitch Ames, Ml-crest, Mnbitar, Mos4567, Mounlolol, Mr. Wheely Guy, Mr.honwer, MrFirewall, MrOllie, Mrdifferentadams, Mukesh2006, Mukslove, Mysdaao, Mzinzi, Nakon, Nallen20, Narracan3824, Nauticashades, Ndenison, NeoChaosX, Nfutvol, Nickgonzo23, Nickrj, Nicopresto, Nivekcizia, Njan, Noctibus, Nokeyplc, Nolan130323, Noq, NorwegianBlue, Nuttycoconut, Object404, OlEnglish, Omicronpersei8, Orphan Wiki, Oscarthecat, Othtim, Ottawa4ever, OverlordQ, Oxymoron83, PL290, Pegua, Pengo, Pharaoh of the Wizards, Philip Trueman, Pigmietheclub, Pnm, Pogogunner, Poindexter Propellerhead, PokeYourHeadOff, Porqin, Pradameinhoff, Pre101, Propaniac, Pseudomonas, Publicly Visible, Qlid, Quantumelfmage, Quest for Truth, Qutezuce, Raganaut, RaidX, Randhirreddy, Ranga42, Raptor1135, Ravyr, Rayzoy, Reach Out to the Truth, Reaper Eternal, RebirthThom, Recognizance, Redmarkviolinist, Rekrutacja, RexNL, Rich Farmbrough, Rising*From*Ashes, Rjwilmsi, Rmosler2100, Robertobaroni, Ronz, Roo556, Rory096, Rsrikanth05, Rtc, Ryan, RyanCross, SF007, SJP, ST47, Satanthemodifier, Sayros, Sbbpff, Scarian, Script-wolfey, Seb az86556, SecurInfos, Sephiroth storm, Shadowjams, SheeEttin, Skomorokh, Slumvillage13, Slysplace, SoCalSuperEagle, Someguy1221, SpaceFlight89, SpectrumDT, SpikeToronto, SpuriousQ, SqueakBox, Staka, Stayman Apple, Steaphan Greene, Storm Rider, Strobelight Seduction, Surya.4me, Sv1xv, Sweetpaseo, Swotboy2000, T.Neo, THEN WHO WAS PHONE?, Taimy, Tall Midget, Tckma, Tempodivalse, Tense, Terafox, The Anome, The Thing That Should Not Be, The wub, TheDoober, Thecheesykid, Thedangerouskitchen, Thehelpfulone, Thingg, Thiseye, Tide rolls, TigerShark, Tikiwont, Tommy2010, Toon05, Touch Of Light, Tpjarman, Tqbf, Triwbe, Twas Now, Tytrain, Tyw7, Ulric1313, UncleanSpirit, Unixer, Unmitigated Success, Useight, Ustad24, VanHelsing23, Vatrena ptica, Versus22, Vic93, Voatsap, Vonvin, Vrenator, WEBHTW, WIERDGREENMAN, WadeSimMiser, Waldir, Warrington, Waterjuice, Wavelength, Weregerbil, Whaa?, WikiMASTA, Wikichesswoman, WilliamRoper, Winsock, Wisden17, Work permit, Wrs1864, Xena-mil, XeroJavelin, Xf21, Xiong Chiamiov, Xkeeper, XxtofreashxX, Xython, Yunaffx, Zeeshaanmohd, ZimZalaBim, Zimbardo Cookie Experiment, Zsero, Zvonsully, ‫ 1611 ,א"ירב‬anonymous edits

181

Image Sources, Licenses and Contributors

182

Image Sources, Licenses and Contributors
File:Hutchenspiel 2008.jpg  Source: http://en.wikipedia.org/w/index.php?title=File:Hutchenspiel_2008.jpg  License: Creative Commons Attribution-Sharealike 3.0  Contributors: User:Holger.Ellgaard Image:Hieronymus Bosch 051.jpg  Source: http://en.wikipedia.org/w/index.php?title=File:Hieronymus_Bosch_051.jpg  License: Public Domain  Contributors: AndreasPraefcke, EDUCA33E, MU, Mattes, Nobelium, PKM, Vincent Steenberg, 5 anonymous edits File:ChristianFarlaCupsandBalls.JPG  Source: http://en.wikipedia.org/w/index.php?title=File:ChristianFarlaCupsandBalls.JPG  License: Public Domain  Contributors: User:MagicErik File:Shell game.jpg  Source: http://en.wikipedia.org/w/index.php?title=File:Shell_game.jpg  License: GNU Free Documentation License  Contributors: User:Postdlf File:Conjurer Bosch.jpg  Source: http://en.wikipedia.org/w/index.php?title=File:Conjurer_Bosch.jpg  License: Public Domain  Contributors: Original uploader was AxelBoldt at en.wikipedia Later versions were uploaded by AlexOvShaolin at en.wikipedia. Image:Three Card Monte.jpg  Source: http://en.wikipedia.org/w/index.php?title=File:Three_Card_Monte.jpg  License: Creative Commons Attribution-Sharealike 2.0  Contributors: ZioDave File:Warsaw 1944 by Bałuk - 26196.jpg  Source: http://en.wikipedia.org/w/index.php?title=File:Warsaw_1944_by_Bałuk_-_26196.jpg  License: Public Domain  Contributors: Jarekt, Panek File:Auction.jpg  Source: http://en.wikipedia.org/w/index.php?title=File:Auction.jpg  License: GNU Free Documentation License  Contributors: Che, Eldred, 3 anonymous edits File:Expérience de Milgram.png  Source: http://en.wikipedia.org/w/index.php?title=File:Expérience_de_Milgram.png  License: GNU Free Documentation License  Contributors: User:Paulr Image:Ponzi_bw_e.jpg  Source: http://en.wikipedia.org/w/index.php?title=File:Ponzi_bw_e.jpg  License: Public Domain  Contributors: User:Yayoirc File:Pyramid scheme.svg  Source: http://en.wikipedia.org/w/index.php?title=File:Pyramid_scheme.svg  License: Public Domain  Contributors: Security and Exchange commission, U.S. Federal Govt.This vector version by w:User:MysidMysid File:Pyramid8Ball.svg  Source: http://en.wikipedia.org/w/index.php?title=File:Pyramid8Ball.svg  License: Public Domain  Contributors: User:Stannered File:Soapy_Smith_1898.jpg  Source: http://en.wikipedia.org/w/index.php?title=File:Soapy_Smith_1898.jpg  License: Public Domain  Contributors: User:Simplicius File:Soapy Smith parlor Skagway 2009.jpg  Source: http://en.wikipedia.org/w/index.php?title=File:Soapy_Smith_parlor_Skagway_2009.jpg  License: Creative Commons Attribution 3.0  Contributors: User:Notyourbroom Image:Skaguay News July 15 1898.jpg  Source: http://en.wikipedia.org/w/index.php?title=File:Skaguay_News_July_15_1898.jpg  License: Public Domain  Contributors: Bunco man File:Soapy Smith grave Skagway 2009.jpg  Source: http://en.wikipedia.org/w/index.php?title=File:Soapy_Smith_grave_Skagway_2009.jpg  License: Creative Commons Attribution 3.0  Contributors: User:Notyourbroom File:Frank Reid Grave 1 Skagway 2009.jpg  Source: http://en.wikipedia.org/w/index.php?title=File:Frank_Reid_Grave_1_Skagway_2009.jpg  License: Creative Commons Attribution 3.0  Contributors: User:Notyourbroom Image:Scale of justice 2.svg  Source: http://en.wikipedia.org/w/index.php?title=File:Scale_of_justice_2.svg  License: Public Domain  Contributors: User:DTR Image:PhishingTrustedBank.png  Source: http://en.wikipedia.org/w/index.php?title=File:PhishingTrustedBank.png  License: Public Domain  Contributors: User:Andrew Levine Image:Phishing chart.png  Source: http://en.wikipedia.org/w/index.php?title=File:Phishing_chart.png  License: Public Domain  Contributors: Original uploader was ZeWrestler at en.wikipedia File:Presentation Image Grid 1 JPG.jpg  Source: http://en.wikipedia.org/w/index.php?title=File:Presentation_Image_Grid_1_JPG.jpg  License: Creative Commons Attribution 3.0  Contributors: User:Senctisn File:Western Union, Avenue de Choisy, Paris 13.jpg  Source: http://en.wikipedia.org/w/index.php?title=File:Western_Union,_Avenue_de_Choisy,_Paris_13.jpg  License: Creative Commons Attribution-Sharealike 3.0  Contributors: User:Mu File:Firefox 2.0.0.1 Phising Alert.png  Source: http://en.wikipedia.org/w/index.php?title=File:Firefox_2.0.0.1_Phising_Alert.png  License: GNU Free Documentation License  Contributors: AVRS, KErosEnE, PolhoNinja, Remember the dot File:AlCaponemugshotCPD.jpg  Source: http://en.wikipedia.org/w/index.php?title=File:AlCaponemugshotCPD.jpg  License: Public Domain  Contributors: Don-kun, Infrogmation, Movieevery, Túrelio, 3 anonymous edits File:Charles Luciano.jpg  Source: http://en.wikipedia.org/w/index.php?title=File:Charles_Luciano.jpg  License: Public Domain  Contributors: New York Police Department

License

183

License
Creative Commons Attribution-Share Alike 3.0 Unported http:/ / creativecommons. org/ licenses/ by-sa/ 3. 0/

Master your semester with Scribd & The New York Times

Special offer for students: Only $4.99/month.

Master your semester with Scribd & The New York Times

Cancel anytime.