Did you know there was an Association of Certified Fraud Examiners?
Well, from the ACFE World Headquarters in Austin, TX comes Fraud Magazine, an online journal devoted to some of our favorite topics. Recent article subjects include:
- Use the Proof-of-Cash Method When Casting for a Fraudster
- Anatomy of a Social Engineering Scam
- How CFEs Can Save Firms from Bankruptcy
You have to pay for membership to get full access to their content (students can join free). It's still interesting even if you don't sign up. Check it out.
December 15th, 2010
Phishing quiz from SonicwallThe security vendor Sonicwall has a fun online quiz to test your ability to spot phishing email scams. Think you're good? See if you can get 10 out of 10. Still need to tune up your skills? Read their detailed explanations for any questions you get wrong. It's quick and easy.
October 24th, 2010
Fulltext Purportal phishing archives availableThe Purportal archive contains over 6000 email messages from perpetrators of phishing scams and other related fraud. In addition to the rendered text versions made available here, the full original source of each message is stored. This includes the email headers, which contain information that can reveal the origin of the message. Anyone working in relevant areas of law enforcement or academic research is welcome to have full access to this corpus. For more info, contact me at the email address linked in the footer.
April 28th, 2010
Spam collection updates via TwitterEvery night, the Purportal fairies import new scammy spams into the collection. Now each of these additions is announced via Twitter. Follow us to remain on the cutting edge of sleazy spam!
November 17th, 2009
2300 websites you shouldn't shop atRecently a friend was victimized by one of those sleazy spammer scripts that hijacks your web-based email account (Hotmail, in this case) and uses it to send spam to everyone in your address book.
I took a look at the site that the email promoted. It's a China-based ecommerce site claiming to sell everything from cellphones to electric guitars to motorcycles. I've inquired by email as to how they can sell motorcycles at sub-retail prices with free shipping, but I don't expect an honest reply!
While researching this, I discovered that the scam had been going on for a long while, under a steady stream of different domain names. Then I came across a mind-blowing list of 2300 domain names that are implicated in this type of fraudulent activity. The list includes winners like china-wow-ebay.com.
July 21st, 2009
The good ones never sound like con men
Erin Arvedlund, a reporter for the financial news publication Barron's, talked to the now-notorious Bernard Madoff in 2001. Back then Arvedlund was one of the few who went public with her doubts about him. The doubts were well founded: Madoff reportedly admitted to senior employees that his business was "basically, a giant Ponzi scheme".
In a recent interview with NPR she commented that when she spoke to him directly, he said that he "didn't sound like a con-man".
Understandable. The good ones never do!
December 19th, 2008
Catching a thief via synchronized cellphone contactsA guy who had his iPhone stolen was able to recover it once the thief started adding people to the address book -- because those contacts were showing up on the victim's *new* iPhone via the MobileMe synchronization service. "Rob made quick work of wrangling a name and phone number from the provided contacts, supplying the police with everything they needed to get Rob his phone back. By the end of the night, he had his original iPhone in his possession."
December 18th, 2008
A scammer will appear to trust youThis piece from Psychology Today claims that "the key to a con is not that you trust the conman, but that he shows he trusts you." Anyone who has been conned, or nearly, knows that there are subtle psychological factors at play that go beyond simple greed-meets-deception. Read this to see some of those factors spelled out.
December 15th, 2008
The twelve million dollar colliesI've got a longer post in me about the relationship between phishing scam-mail and the English language. But I had to share this one right away. It was part of a "CONTRACT PROPOSAL" involving an alleged $20 million.
"AGREEMENT: As soon as you are able to secure this money, 40% will be for you, while 60% will be for me and my collies in the office."
Those are some lucky colleagues! I mean, collies!
November 20th, 2008
Considered for inclusion. Ho hum.Recieved today via email: "It is my pleasure to inform you that you are being considered for inclusion into the 2009-2010 Princeton Premier Business Leaders and Professionals Honors Edition section of the registry. The 2009-2010 edition of the registry will include biographies of the world's most accomplished individuals. Recognition of this kind is an honor shared by thousands of executives and professionals throughout the world each year. Inclusion is considered by many as the single highest mark of achievement."
I gather that this high mark of (unspecified) achievement comes at a cost. In other words, the "most accomplished individuals" each pay in order to be included. I think they also get a login to a web-based bulletin board. And maybe a plaque.
The name "Princeton Premier Business Leaders and Professionals Honors Edition" is full of words that are supposed to make the recipient feel vaguely elite -- Princeton, Premier, Leader, Professional, Honor -- with nothing concrete to back that up. Some spam just makes me laugh, but this one makes me sad for the recipients whose vanity and naivete will be played for profit by the owners of this "Premier" operation.
November 11th, 2008