The C6 intelligence Fraud Glossary Whitepaper is a list of terms used within the fraud industry. The glossary has 5 categories: Definition Crime Law Organization Slang Example: Account Detection Rate Definition - The percentage of fraud cases or accounts that are detected. Since a fraud case may have more than one fraudulent transaction this number is generally higher than the transaction detection rate. This current updated version has 315 entries

1. Fraud Glossary
FOR PUBLIC DISTRIBUTION Date: 30 October 2012
© C6 Intelligence Information Systems Limited, 2012
NO PART OF THIS PUBLICATION MAY BE REPRODUCED, OR TRANSMITTED WITHOUT
THE PRIOR PERMISSION OF C6 INTELLIGENCE INFORMATION SYSTEMS LTD

2. This page is intentionally left blank.

3. Fraud Glossary
CATEGORY:
(Definition, Crime, DESCRIPTION
NO. TERM
Law, Organization, (Various Sources)
Slang)
1 Account Detection Definition The percentage of fraud cases or accounts that are
Rate detected. Since a fraud case may have more than
one fraudulent transaction this number is generally
higher than the transaction detection rate.
2 Account Takeover Crime Involves fraud on existing financial accounts. When
(1) a criminal uses a stolen credit card number to make
fraudulent purchases on an existing credit line.
Account takeovers are the more common type of
identity theft, in contrast to a second type of
identity theft referred to as “new account creation”
Form of Identity Theft.
3 Account Takeover Definition A fraudster impersonates the victim and falsely
(2) claims a change of address so that he or she can
‘take over’ the victim’s bank account or other
financial products.
4 Advance Fee Fraud Crime A type of advance-fee fraud in which individuals or
(419 Fraud) companies receive unsolicited emails or letters,
originating from West Africa, promising a
percentage of a huge sum of money in return for
allowing funds to pass through the victim’s bank
account. There is an administration fee to pay as a
pre-condition of releasing the funds.
5 419 Fraud (Nigerian Crime Email asking to funnel money through user's bank
Advance Fee Fraud) account. '419' is the Nigerian penal code under
which this offence would be prosecuted.
6 420 Fraud (Nigerian Definition Partner to the fraud scheme.
Advance Fee Fraud)
7 Advances Fraud (UK) Definition Premeditated credit abuse. This fraud can be
carried out by the consumer or as a result of
identity fraud.

4. 8 Advance Fee Fraud Crime The victim is required to pay significant fees in
Scheme advance of receiving a substantial amount of money
or merchandise. The fees are usually passed off as
taxes, or processing fees, or charges for notarized
documents. The victim pays these fees and receives
nothing in return. Perhaps the most common
example of this type of fraud occurs when a victim
is expecting a large payoff for helping to move
millions of dollars out of a foreign country.
9 Advance-Fee fraud Crime This involves the criminal tricking a victim into
paying an up-front fee with the promise of a large
reward later.
10 Adware Definition Software that carries advertising. The software is
usually free provided that the user agrees to accept
the receipt of advertisements (either in the form of
a banner within the application, or as separate pop-
up Windows). There is nothing wrong with this
arrangement provided everything is openly and
clearly agreed between all parties concerned.
Adware becomes a concern when it starts to
incorporate elements of spyware.
11 Affidavit Definition A sworn statement.
12 Affiliate Bidding Definition A condition in purchasing when multiple bids are
tendered for a contract from a single company
under various names to give the appearance of
competition.
13 Agent Fraud Crime Occurs when a third party involved in a financial
transaction perpetrates fraud. See broker/dealer
fraud.
14 Alias/Handle Definition An alternative name used by people (or bestowed
upon objects) to hide their true identity.
15 Application fraud Crime A fraudster makes an application using a victim's
details or false supporting documentation.
16 At Will Definition An employment situation where the employee is
not protected from arbitrary firing. Contrast: For
Cause.
17 ATM attachments Definition These can be fixed to cash machines (ATMs) to
extract PIN numbers and personal details from
cards. The attachments can include skimming
devices or false fronts with built-in card readers, as
well as pinhole cameras.
18 ATM Fraud Definition Encompassing term to describe fraud related to
ATM card accounts where a card is used to
immediately withdraw funds from a consumer's
account using a PIN based transaction at an ATM.

5. 19 Back Door Definition Unauthorized entry point or weakness discovered
by a hacker.
20 Back Door/ Trap Definition A way into a software system that the programmer
Door or administrator of that system (or a cracker who
has gained access) has deliberately left for himself.
A typical back door will allow its designer access to
the system without checking the file of authorized
users.
21 Backdate Definition To post a date on a document earlier than the
actual creation for deception.
22 Bait and Switch Definition In consumer fraud, advertising a low cost item and
then steering the customer to a higher priced item
when they come to buy, claiming the "low priced
item was "sold out".
23 Ban on Spam Law/Slang Nickname given to the EU's anti-spam directive. It
sets out specific conditions for installing so-called
cookies on users' personal computers and for using
location data generated by mobile phones. Notably,
the Directive also introduces a 'ban on spam'
throughout the EU.
24 Bank Examiner Crime The crook poses as a bank examiner who is trying to
Scheme catch a dishonest teller. The crook needs the victim
to withdraw a substantial sum of money to test the
teller. The crook then asks the victim to turn over
the cash for a receipt while they use the cash as
evidence but runs with it.
25 Bank Identification Definition Unique number consists of two part code that is
Number (BIN) assigned to banks and savings associations for
identification. The first part shows the location and
the second part identifies the bank.
26 Bankruptcy Fund Crime The crook files a notice of bankruptcy, then
approaches each of his creditors and tells each one
that he wants them to get paid something, maybe
10 %. After all have been approached and settled
the crook withdraws his filing and most of the debt
has been settled for a faction of what he owes.

6. 27 Behaviour Blocking / Definition Software monitors the executable actions of
Sand Boxing potentially malicious software and stops dangerous
operations from taking place (such as deleting files,
modifying system settings and so on). Often
considered to be more effective than virus scanners
in blocking malicious code because they monitor
actual functions rather than look for a known
signature. In order for a traditional virus scanner to
detect a virus, it has to have the actual signature, or
fingerprint, of the virus within its database. New
viruses often succeed because they are not
immediately recognised simply because their
signatures are not yet held in the database.
Behaviour blocking doesn't care whether it's a new
virus, an old virus or something completely
different - it simply stops it harming the system.
28 Bid Rigging Definition Any scheme that gives the appearance of
competition but is not because participants
establish the winner before submitting bids for the
contract. See Affiliate Bidding and Bid Rotation.
29 Bin raiding Definition The practice of rifling through household or
commercial bins to find documents, such as bills or
statements, containing personal or confidential
information about individuals, which could be used
to assume their identity.
30 Boiler Room Scam Crime Refers to a busy centre of activity, often selling
questionable goods by telephone. It typically refers
to a room where salesmen work using unfair,
dishonest sales tactics, sometimes selling penny
stock or committing outright stock fraud.
31 BOLO Definition Be on the lookout for….
32 Bot Herding Definition Gathering of compromised computers prior to
becoming a Botnet
33 Botnet Definition Set of compromised computers ("bots" or
"zombies") under the unified command and control
of a "botmaster;" commands are sent to bots via a
command and control channel (bot commands are
often transmitted via IRC, Internet Relay Chat).
34 Bots Definition Software applications that run automated tasks
such data mining of webpages.
35 Broker/Dealer Fraud Crime Occurs when a third party involved in a financial
transaction perpetrates fraud. See broker/dealer
fraud.

7. 36 Browser Hijacker Crime Program or code that changes your browser
settings so that you are redirected to different Web
sites. Most browser hijackers alter the default home
pages and search pages to those of customers who
pay for the traffic generated.
37 Brute Force Attack Crime Attack in which every possible key is attempted
until the correct key is found. Cipher text is
deciphered under different keys until recognizable
plaintext is discovered. On average, this will take
half as many attempts as there are keys in the
keyspace.
38 Buffer Overflow Definition A buffer is an area of memory used to hold data for
processing. It has a predetermined size. If the data
being placed into the buffer is too large, is not
checked and is allowed to overflow the buffer, it
can have unexpected effects. At best, the excess
data is simply lost. At worst, the excess data might
overwrite other legitimate data.
39 Business / Crime Typically incorporate identity theft, freight
Employment forwarding, and counterfeit check schemes. The
Schemes fraudster posts a help-wanted ad on popular
Internet job search sites. Respondents are required
to fill out an application wherein they divulge
sensitive personal information, such as their date of
birth and Social Security number. The fraudster uses
that information to purchase merchandise on
credit. The merchandise is sent to another
respondent who has been hired as a freight
forwarder by the fraudster. The merchandise is
then reshipped out of the country. The fraudster,
who has represented himself as a foreign company,
then pays the freight forwarder with a counterfeit
check containing a significant overage amount. The
overage is wired back to the fraudster, usually in a
foreign country, before the fraud is discovered.
40 Bust Out Fraud (US) Crime When fraud occurs in an account that has only been
opened for a short time. The account appears to be
a good account until the limit is raised, charged up,
and then does not pay. Differs from account
takeover since it is intended and carried out by
original holder.
41 Call Centre Fraud Crime Call centre fraud happens when a call service
representative accesses several accounts during a
call from a customer and steals the data.

8. 42 Capital Controls Definition Measures such as transaction taxes or caps on
volume and other limitations which a country's
government can use to regulate the flows into and
out of the nation's capital account. They include
exchange controls that prevent or limit the buying
and selling of a nation currency at the market rate,
controls on the international sale or purchase of
various financial assets, transaction taxes such as
the proposed Tobin tax and sometimes even limits
on the amount of money a private citizen is allowed
to take out of the country.
43 Captcha Definition A security technique that ensures that a human has
made the transaction online rather than a
computer. It is also known as "Automated Turing
Tests" and was originally developed at Carnegie
Mellon University. Random words or letters are
displayed in a distorted fashion so that they can be
deciphered by people, but not by software. This
usually involves the use of graphic images of
characters and numbers. Users are asked to type in
what they see on screen to verify human
involvement.
44 Card capture device Definition A device inserted into the card slot of a cash
/ card trapping machine (ATM) to capture the data contained on
cards.
45 Card cloning or Crime Cloning involves creating a duplicate of your
‘Skimming' payment card. The data on a card's magnetic stripe
is read electronically by a 'skimming' device and
downloaded onto a computer or copied onto a
duplicate card.
46 Card Issuer loss Definition Three types of losses: “(1) costs associated with
reissuing new payment cards, (2) costs associated
with monitoring open accounts for fraud (with or
without reissue), and (3) fraud losses.
47 Card Not Necessary Definition Without possessing the victim’s credit card, having
(CNN) sufficient personal and financial details to be able to
orders goods online/mail order.
48 Card Not Present Definition A transaction where the card is not present at the
(CNP) time of purchase-internet, mail, telephone.
49 Card Trapping / Card Definition A device inserted into the card slot of a cash
Capture Device machine (ATM) to capture the data contained on
cards

9. 50 Card Verification Definition Authentication number established by prepaid
Value (CVV) debit card companies to further efforts towards
reducing fraud for internet transactions. A three-
digit number printed in the signature space on the
back of most credit cards, such as Visa, Mastercard,
and Discover cards. On American Express Cards it is
a four digit code.
51 Carderplanet Organization Prior to 2004, Shadow crew and Carderplanet were
only two carding forums. Organized much like the
Mafia.
52 Carders Crime Individuals engaged in criminal carding activities.
53 Cardersmarket Organization Founded in 2005. In 2006 one of its admins,
"Iceman", took over four carding rivals to increase
membership.
54 Cardholder Definition Now called the Payment Card Industry Data Security
Information Security Standard (PCI DSS), is a comprehensive set of
Program (CISP) international security requirements for protecting
cardholder data. Developed by VISA and etc to help
facilitate the broad adoption of consistent data
security measures on a global basis. Twelve
Requirements.
55 Cardholder-Not- Definition Using stolen cards or card details and personal
Present Fraud (CNP) information, a fraudster purchases good or services
remotely - online, by telephone or by mail order.
56 Carding (1) Crime Broad definition. Process by which large volumes of
data are stolen, resold, and ultimately used by
criminals to commit fraud is revealed in an
underground world.
57 Carding (2) Crime Narrow definition. Refers to the unauthorized use
of credit and debit card account information to
fraudulently purchase goods and services.
58 Carding (3) Crime Evolving definition. An assortment of activities
surrounding the theft and fraudulent use of credit
and debit card account numbers including
computer hacking, phishing, cashing-out stolen
account numbers, re-shipping schemes, and
Internet auction fraud.
59 Carding (4) Crime Involves the large scale theft of credit card account
numbers and other financial information versus
other methods with limited ID theft which uses
dumpster diving, skimming, phishing, change of
address, and “old-fashioned stealing.”

10. 60 Carding (5) Crime Process by which large volumes of data are stolen,
resold, and ultimately used by criminals to commit
fraud. Narrow sense- Unauthorized use of credit
and debit card account information to fraudulently
purchase goods and services.
61 Carding Forums Crime Websites for carders who have membership.
62 Case Management Definition System that provides the facility to assign and
prioritize transactions for review on suspect cases.
63 CCpowerForums (1) Organization Carding forum with forums on hacking, trojans,
keylogger, etc.
64 CCpowerForums (2) Organization Offered hacking, etc help on its forum in addition to
cards.
65 Change of address Crime Using a victim’s name and address details, a
fraud criminal contacts banks and businesses to register a
change of address. The fraudster may then ask for
valuable items such as cheque books, debit cards or
account statements to be sent to the new address.
Change of address fraud can also be used to
facilitate an account takeover.
66 Chargeback Definition A credit card transaction that is billed back to the
merchant after the sale has been settled. Results
when a card holder disputes a transaction to the
issuer then initiates on the card holder's behalf.
67 Check Fraud Definition Encompassing term used to describe fraud related
to checks including kiting, counterfeiting, forgery,
and paperhanging.
68 Check Kiting Definition The illegal act of taking advantage of the float to
make use of non-existent funds in a checking or
other bank account. It is commonly defined as
writing a check from one bank knowingly with non-
sufficient funds, then writing a check to another
bank, also with non-sufficient funds, in order to
cover the absence. The purpose of check kiting is to
falsely inflate the balance of a checking account in
order to allow checks that have been written that
would otherwise bounce to clear.
69 Checksum Definition Checksums are generated by a function that is
dependent upon the data in question. For security
purposes, checksums are generated by one-way
hash functions. Once a checksum has been
generated, it is either stored with or transmitted
with the data in question. The integrity of the data
can be checked by generating a new checksum. If
the two checksums are identical, then the file has
not changed. If the two checksums are different,
then the data (or file) in question has been altered.

11. 70 CIFAS Organization UK's Fraud Prevention Service, a third sector
organisation dedicated to preventing fraud.
Originally founded in 1988 as the "Credit Industry
Fraud Avoidance System", its membership today
includes many organisations from outside of the
credit industry. It addresses identity fraud,
application fraud, staff fraud, first and third party
fraud, insurance fraud and fraud against public
sector organisations. . It provides a range of fraud
prevention services to its members.
71 Circular Check / Definition Forms of kiting in which one or more additional
Cheque Kiting banks serve as the location of float, and involve the
use of multiple accounts at different banks. In its
simplest form, the kiter, who has two or more
accounts of his own at different banks, writes a
cheque on day one to himself from Bank A to Bank
B (this cheque is referred to as the kite), so funds
become available that day at Bank B sufficient for
all cheques due to clear. On the following business
day, the kiter writes a cheque on his Bank B account
to himself and deposits it into his account at Bank A
to provide artificial funds allowing the cheque he
wrote a day earlier to clear. This cycle repeats until
the offender is caught, or until the offender
deposits genuine funds, thereby eliminating the
need to kite, and often going unnoticed. May
involve more than one person or groups.
72 Click Fraud Definition/Crime Occurs in pay per click online advertising when a
person, automated script or computer program
imitates a legitimate user of a web browser clicking
on an ad, for the purpose of generating a charge
per click without having actual interest in the target
of the ad's link. Use of a computer to commit this
type of Internet fraud is a felony in many
jurisdictions. There have been arrests relating to
click fraud with regard to malicious clicking in order
to deplete a competitor's advertising budget.
73 Click Jacking/ UI Definition/Crime A malicious technique of tricking Web users into
Redressing revealing confidential information or taking control
of their computer while clicking on seemingly
innocuous Web pages. Vulnerability across a variety
of browsers and platforms, a click jacking takes the
form of embedded code or script that can execute
without the user's knowledge, such as clicking on a
button that appears to perform another function.
74 Collusion Definition/Crime An agreement between two or more people to
participate in an illegal activity.

12. 75 Commercial / Definition/Crime The use of the identity of a company, business or its
Corporate identity directors, without their knowledge, to facilitate
theft fraud.
76 Commercialware Definition Software id either shareware or commercial.
Commercial costs money.
77 Common Point of Definition A designation assigned to a Merchant by a Payment
Compromise (CPC) Brand when a pattern of fraudulent use of credit
cards has been detected after these cards were
used legitimately at this Merchant location. Often
used interchangeably with Point of Compromise
Reports (POC).
78 Common Point of Definition A designation assigned to a Merchant by a Payment
Purchase (CPP) Brand when a pattern of fraudulent use of credit
Common Point of cards has been detected after these cards were
Compromise used legitimately at this Merchant location. Often
used interchangeably with Point of Compromise
Reports (POC).
79 Confirmer Slang Accomplice that validates a fake identity.
80 Consumer Loan Definition Application fraud related to consumer loans.
Fraud
81 Cookie Definition This is a small data file automatically stored on a
user's computer for record-keeping purposes. It
contains information about the user in relation to a
particular website, such as their username and
preferences.
82 Corporate Fraud Definition/Crime The dishonest abuse of their position by (usually)
senior members of staff to misrepresent a
company's true financial position.
83 Corporate Kiting Definition/Crime Involves the use of a large kiting scheme involving
perhaps millions of dollars to secretly borrow
money or earn interest. While limits are often
placed on an individual as to how much money can
be deposited without a temporary hold,
corporations may be granted immediate access to
funds, which can make the scheme go unnoticed
84 Corporate / Definition/Crime The use of the identity of a company, business or its
Commercial Identity directors, without their knowledge, to facilitate
Theft fraud.
85 Counterfeit Card Definition/Crime A fraudulent reproduction of a printed, embossed
and encoded credit or debit card. Or a payment
card that has been validly issued but has been
altered or fabricated.
86 Counterfeit Check Crime A counterfeit or fraudulent cashier’s check or
Schemes corporate check is utilized to pay for merchandise.
Often these checks are made out for a substantially

13. larger amount than the purchase price. The victims
are instructed to deposit the check and return the
overage amount, usually by wire transfer, to a
foreign country. Because banks may release funds
from a cashier's check before the check actually
clears, the victim believes the check has cleared and
wires the money as instructed. One popular
variation of this scam involves the purchase of
automobiles listed for sale in various Internet
classified advertisements. The sellers are contacted
about purchasing the autos and shipping them to a
foreign country. The buyer, or person acting on
behalf of a buyer, then sends the seller a cashier's
check for an amount several thousand dollars over
the price of the vehicle. The seller is directed to
deposit the check and wire the excess back to the
buyer so they can pay the shipping charges. Once
the money is sent, the buyer typically comes up
with an excuse for cancelling the purchase, and
attempts to have the rest of the money returned.
Although the seller does not lose the vehicle, he is
typically held responsible by his bank for depositing
a counterfeit check.
87 Credit Card Definition/Crime Programs used by criminal organizations to
Generators generate valid credit card numbers that will
successfully process for a transaction yet are not
actual issued card numbers. Numbers are
generated based on the institution's BIN and
sequence numbers and also follow MOD-10 rules.
88 Credit Freeze Definition Prevents potential creditors and other third parties
from accessing your credit report unless you lift the
freeze or already have a relationship with the
company.
89 Credit/Debit Card Definition/Crime It is the unauthorized use of a credit/debit card to
Fraud fraudulently obtain money or property. Credit/debit
card numbers can be stolen from unsecured web
sites, or can be obtained in an identity theft
scheme.
90 Current Account Definition Fraud related to demand deposit accounts. This can
Fraud (UK) include application fraud, check fraud, ATM fraud,
or debit card fraud. Also called Demand Deposit
Account Fraud.
91 Current Address Definition Identity fraud perpetrated by a criminal who shares
Fraud the same address as the victim. The fraudster is
likely to have access to or is able to intercept the
victim's post and so can apply for and use existing
products and services in the name of the victim.

14. 92 Cut and Paste Attack Definition/Crime An assault on the integrity of a security system in
which the attacker substitutes a section of
ciphertext (encrypted text) with a different section
that looks like (but is not the same as) the one
removed. The substituted section appears to
decrypt normally, along with the authentic sections,
but results in plaintext (unencrypted text) that
serves a particular purpose for the attacker. A type
of message modification attack: the attacker
removes a message from network traffic, alters it,
and reinserts it. This is called an active attack,
because it involves an attempts to change
information; in comparison, a passive attack, such
as password sniffing, seeks information but does
not itself modify the valid information, although it
may be used in conjunction with an active form of
attack for various purposes.
93 Cyber Fraud Definition Fraud committed using a computer, such as
hacking, denial of service attacks, phishing, etc.
94 Daemon Definition A background process that carries out tasks on
behalf of every user. Daemons spend most of their
time sleeping until something comes along which
requires their help. Unix systems have many
daemons. The term probably originated in its
mythological counterpart and was later rationalized
into Disk And Execution Monitor.
95 Data Theft / Definition Incidents seem to fall into three main categories:
Personal theft (usually of laptops), hacking, and what is often
Information Theft somewhat kindly referred to as “inadvertent
disclosure.” Ironically, it is quite easy to draw a
parallel between these categories and the three
most commonly cited safeguards of security in the
legislative specifications found in the Health
Insurance Portability and Accountability Act (HIPAA)
and the Gramm-Leach-Bliley Act (GLBA) regulations.
Laptop theft is a physical security issue; hacking
prevention falls under technical safeguards; and
various breakdowns in process can be prevented
with administrative security controls.
96 Data Breach (1) Definition Generally and broadly defined to include “an
organization’s unauthorized or unintentional
exposure, disclosure, or loss of sensitive personal
information, which can include personally
identifiable information such as Social Security
numbers, or financial information such as credit
card numbers.

15. 97 Data Breach (2) Definition Generally and broadly defined to include “an
organization’s unauthorized or unintentional
exposure, disclosure, or loss of sensitive personal
information, which can include personally
identifiable information such as Social Security
numbers, or financial information such as credit
card numbers.
98 Data Dump Slang It contains a record of the table structure and/or
the data from a database and is usually in the form
of a list of SQL statements. A database dump is
most often used for backing up a database so that
its contents can be restored in the event of data
loss. Corrupted databases can often be recovered
by analysis of the dump. Database dumps are often
published by free software and free content
projects, to allow reuse or forking of the database.
99 Data Masking Definition A method of creating a structurally similar but
inauthentic version of an organization's data that
can be used for purposes such as software testing
and user training. The purpose is to protect the
actual data while having a functional substitute for
occasions when the real data is not required. The
format of data remains the same; only the values
are changed. The data may be altered in a number
of ways, including encryption, character shuffling
and character or word substitution. Whatever
method is chosen, the values must be changed in
some way that makes detection or reverse
engineering impossible.
100 Data Protection Act Law The Data Protection Act 1998 sets out the legal
(UK) basis for handling and protecting private
information and data in the UK.
101 Data Splitting Definition An approach to protecting sensitive data from
unauthorized access by encrypting the data and
storing different portions of a file on different
servers. When split data is accessed, the parts are
retrieved, combined and decrypted. An
unauthorized person would need to know the
locations of the servers containing the parts, be
able to get access to each server, know what data
to combine, and how to decrypt it.
102 Day of the Jackal Definition/Crime Fraudster assumes the identity of a deceased child,
fraud many years after their death when they would have
been an adult, in order to commit identity fraud.
103 Debit Card Fraud Definition/Crime Fraud with Debit Cards where funds are
immediately withdrawn from account.

16. 104 Debit Cards Definition Three ways that can be processed-online debit (also
known as PIN debit), offline debit (also known as
signature debit) and the Electronic Purse Card
System.
105 Demand Deposit Definition/Crime Fraud related to demand deposit accounts. This can
Account Fraud include application fraud, check fraud, ATM fraud,
or debit card fraud. Also called Current Account
Fraud.
106 Denial of Service Definition An attack that is specifically designed to prevent the
normal functioning of a system and thereby to
prevent lawful access to that system and its data by
its authorized users. DoS can be caused by the
destruction or modification of data, by bringing
down the system, or by overloading the system's
servers (flooding) to the extent that service to
authorized users is delayed or prevented.
107 Detection Rate Definition/Crime Amount of fraud detected by a fraud prevention
system at a given level of account reviews.
108 Diploma Scam Definition/Crime The buying of degrees without studying. Fake
degrees can help terrorist get around immigration
issues and visa laws.
109 DMZ/Perimeter Definition Sometimes called a DMZ (de-militarized zone); a
Network perimeter network is an additional network
between the protected network and the
unprotected network, providing an additional layer
of security. Servers that are necessarily exposed to
the Internet (such as web servers, mail servers) are
best placed in the DMZ and protected by a firewall
or firewalls. Further firewalls separate the DMZ
from the trusted network, or corporate LAN.
110 DNS Poisoning Definition A way of forcing users to a malicious site by
injecting bad data into a domain name server's
cache in order to change (for users of that server)
the destination a domain resolves to. The effect of
DNS poisoning is that the conversion from a URL to
an IP address fails. For example, instead of
translating the address www.americanexpress.com
to the IP address corresponding to the actual site of
American Express, a server that has been a victim of
DNS poisoning will supply the incorrect IP address.
The URL that the user types will still be printed in
the address bar, and if the content of the fraudulent
website to which the translation is done looks the
same as that of the legitimate site, then the user
will not notice that the attack took place. Moreover,
the fraudulent website will be able to harvest all the
cookies intended for the legitimate website, which
will allow it to impersonate the user's machine to

17. the real site as well.
111 DNS Server Definition A server that translates DNS names (such as
malwarecity.com) into an IP address that is actually
used for communication on the Internet.
112 Dobber Slang The member of the criminal gang responsible for
finding the Dates of Birth of intended victims of
Identity Theft. The Dobber frequently also conducts
credit searches as well as well as other personal
data used as security questions by financial
institutions.
113 Dump Slang Information electronically copied from magnetic
stripe on back of cards. See full track data.
114 Dumpster Diving Crime Known as skipping in the UK is the practice of sifting
through commercial or residential trash to find
items that have been discarded by their owners, but
which may be useful to the dumpster diver.
115 Email Spoofing Definition When an e-mail appears to have been originated
from one source, yet it has actually been generated
from another is known as e-mail spoofing. The act
of forging an e-mail header (the .....@email.com
portion of an e-mail) allows individuals who are
sending "junk mail", or "SPAM" to author e-mails
that cannot (or can be difficult) be traced back to
the originator.
116 Embezzling Definition/Crime Cash taken directly from an organization by an
insider.
117 Encryption Definition The process of converting data into cipher text to
prevent it from being understood by an
unauthorised party.
118 Exploit Definition The methodology for enacting an attack against a
particular vulnerability.
119 Extortion Definition/Crime A crime in which someone gets money or
information from someone else by using force or
threats
120 Fail Safe Definition The design principle that requires that the failure of
part of a system will not result in the failure of the
rest of the system - particularly in terms of access to
the rest of the system.
121 False Identity Fraud Definition The creation of a fictitious or false identity to
facilitate fraudulent activity.
122 False Negative Definition A false negative is the term applied to a failure in an
alerting system - most commonly in an anti-virus
product or intrusion detection system. It occurs
when a virus or intrusion condition exists, but is
'allowed' (or ignored or missed) by the alerting

18. system.
123 False Positive (1) Definition The amount of good or true accounts flagged by the
fraud prevention system as fraudulent at a given
level of account reviews.
124 False Positive (2) Definition A false positive is a term applied to a failure in an
alerting system - most commonly in an anti-virus
product or intrusion detection system. It occurs
when a virus or intrusion condition is incorrectly
reported; that is, the alerting systems report a virus
or intrusion condition that does not exist. Too many
false positives can be very intrusive.
125 Fictitious Identity Definition/Crime Fraudster creates false personal information or
Fraud manipulates an existing identity to avoid detection.
Also known as Identity Fraud.
126 Financial Action Task Organization Also known by its French name Groupe d'action
Force (FATF) financière (GAFI) is an intergovernmental
organization founded in 1989 by the G7. The
purpose of the FATF is to develop policies to
combat money laundering and terrorist financing.
The FATF Secretariat is housed at the headquarters
of the OECD in Paris.
127 Financial Institution Definition The economic loss for both the financial institutions
Loss issuing payment cards and the corporate entities
from which cardholder account information is
stolen is significant. Issuing financial institutions
may experience three types of losses, including “(1)
costs associated with reissuing new payment cards,
(2) costs associated with monitoring open accounts
for fraud (with or without reissue), and (3) fraud
losses.
128 Financial Services Law Imposed four statutory objectives upon the FSA:
Act * market confidence: maintaining confidence in the
financial system
* public awareness: promoting public
understanding of the financial system;
* consumer protection: securing the appropriate
degree of protection for consumers; and
* reduction of financial crime: reducing the extent
to which it is possible for a business carried on by a
regulated person to be used for a purpose
connected with financial crime
Regulatory principles:
* efficiency and economy: the need to use its
resources in the most efficient and economic way.
* role of management: a firm’s senior management
is responsible for its activities and for ensuring that

19. its business complies with regulatory requirements.
This principle is designed to guard against
unnecessary intrusion by the FSA into firms’
business and requires it to hold senior management
responsible for risk management and controls
within firms. Accordingly, firms must take
reasonable care to make it clear who has what
responsibility and to ensure that the affairs of the
firm can be adequately monitored and controlled.
* proportionality: The restrictions the FSA imposes
on the industry must be proportionate to the
benefits that are expected to result from those
restrictions. In making judgements in this area, the
FSA takes into account the costs to firms and
consumers. One of the main techniques they use is
cost benefit analysis of proposed regulatory
requirements. This approach is shown, in particular,
in the different regulatory requirements applied to
wholesale and retail markets.
* innovation: The desirability of facilitating
innovation in connection with regulated activities.
For example, allowing scope for different means of
compliance so as not to unduly restrict market
participants from launching new financial products
and services.
* international character: Including the desirability
of maintaining the competitive position of the UK.
The FSA takes into account the international
aspects of much financial business and the
competitive position of the UK. This involves co-
operating with overseas regulators, both to agree
international standards and to monitor global firms
and markets effectively.
* competition: The need to minimise the adverse
effects on competition that may arise from the
FSA's activities and the desirability of facilitating
competition between the firms it regulates. This
covers avoiding unnecessary regulatory barriers to
entry or business expansion. Competition and
innovation considerations play a key role in the
FSA's cost-benefit analysis work. Under the
Financial Services and Markets Act, the Treasury,
the Office of Fair Trading and the Competition
Commission all have a role to play in reviewing the
impact of the FSA's rules and practices on
competition.
129 Financial Services Organization An independent, non-governmental board
Authority (FSA) appointed by UK Treasury.

20. 130 Firewall Definition Computer hardware or software designed to
prevent unauthorised access to the system via the
internet.
131 First Party Fraud Definition/Crime Fraud committed against a financial institution by
one of its own customers.
132 Float Definition Duplicate money present in the banking system
during the time between a deposit being made in
the recipient's account and the money being
deducted from the sender's account.
133 Forgery Definition/Crime Process of making or adapting documents such as a
check with the intent to deceive.
134 Fraud Definition/Crime The use of deception to make a gain by unlawful or
unfair means.
135 Fraud Alert Definition When placed on credit report, potential creditors
must either contact you or have “reasonable
policies and procedures in place to verify your
identity before issuing credit in your name.
136 Fraud Alert Website Organization The Fraud section of the Metropolitan Police
www.met.police.uk/ website originally designed and written by
fraudalert Detective Sergeant Colin Holder in 2001.
137 Fraud Prevention Organization UK's Fraud Prevention Service, a third sector
Service (UK) organisation dedicated to preventing fraud.
Originally founded in 1988 as the "Credit Industry
Fraud Avoidance System", its membership today
includes many organisations from outside of the
credit industry. It addresses identity fraud,
application fraud, staff fraud, first and third party
fraud, insurance fraud and fraud against public
sector organisations.
138 Fraud Gang Definition A group of organised criminals / fraudsters working
together to defraud financial organisations,
retailers, companies or individuals.
139 Fraud Ring Definition/Crime A group of organised criminals / fraudsters working
together to defraud financial organisations,
retailers, companies or individuals. In general, a
group of individuals who collude together to
commit fraud.
140 Fraudster Definition/crime A person who commits fraud.
141 Free product and Definition Drive traffic to its website, often registering
Service Offers personal information, or some variable of rip-off.
142 Freight Forwarding / Crime The receiving and subsequent reshipping of on-line
Reshipping ordered merchandise to locations usually abroad.
Individuals are often solicited to participate in this
activity in chat rooms, or through Internet job

21. postings. Unbeknownst to the reshipper, the
merchandise has been paid for with fraudulent
credit cards.
143 Front Companies Definition/Crime Businesses set up by criminals to facilitate fraud.
The company may be used to process transactions
on fraudulently acquired products.
144 Full Track Data Definition In the Dump, it is the two tracks of data that is on
the back of cards. Track 1 is alpha numeric and
contains customer's name and account number.
Track 2 is numeric and contains the account
number, expiration date, and secure code (CVV)
and other institution data. Dumps for sale on
forums usually contain Track 2. Carders refer to
BINs and PINs.
145 Fulls Slang A full set of personal information including maiden
name of mother.
146 Ghost Terminal Definition Skimming device where a fake ATM touch pad and
reader are placed over a legitimate ATM. Reader
obtain card information and PIN but will not
process the transaction since the legitimate ATM
does not function.
147 Google Hacking Definition The use of a search engine, such as Google, to
locate a security vulnerability on the Internet. There
are generally two types of vulnerabilities to be
found on the Web: software vulnerabilities and
misconfigurations. The use of a search engine, such
as Google, to locate a security vulnerability on the
Internet. There are generally two types of
vulnerabilities to be found on the Web: software
vulnerabilities and misconfigurations.
148 Grayware Definition Grayware (or greyware) is a general term
sometimes used as a classification for applications
that behave in a manner that is annoying or
undesirable, and yet less serious or troublesome
than malware. Grayware encompasses spyware,
adware, dialers, joke programs, remote access
tools, and any other unwelcome files and programs
apart from viruses that are designed to harm the
performance of computers on your network. The
term has been in use since at least as early as
September 2004. Refers to applications or files that
are not classified as viruses or trojan horse
programs, but can still negatively affect the
performance of the computers on your network
and introduce significant security risks to your
organization.

22. 149 Hacker Definition The origin of the term is not clear. Some trace it
back to the Model Railroad Club at the
Massachusetts Institute of Technology in the '50s -
others to early radio enthusiasts. The genuine
hacker is more likely to use his or her own
computer, or someone else's computer with
permission and approval. The genuine hacker will
look for weaknesses in the system, but will publish
his or her discoveries. The cracker is more likely to
keep discoveries secret or disclosed only to other
crackers.
150 Hactivism Definition Politically-motivated hacking. The term
demonstrates how the two terms 'hacker' and
'cracker' are becoming confused - since there is
malicious intent involved, it would be best
described as 'cracktivism'.
151 Handle/Alias Definition An alternative name used by people (or bestowed
upon objects) to hide their true identity.
152 Hard Fraud Definition/Crime Type of fraud committed where the intent is to
defraud an organization.
153 Heist Definition/Crime An organized attempt by thieves to steal something
154 Heuristic Analysis Definition The ability of a virus scanner to identify a potential
virus by analysing the behaviour of the program,
rather than looking for a known virus signature. In
general, heuristic analysis is not as reliable as
signature-based virus scanning as it is not possible
to predict precisely what a program will do when
executed. However, heuristic scanning is a useful
addition to any anti-virus policy.
155 Hype and Dump Definition Involve the touting of a company's stock (typically
Manipulation (Pump microcap companies) through false and misleading
and Dump) statements to the marketplace. After pumping the
stock, fraudsters make huge profits by selling their
cheap stock into the market. Pump and dump
schemes often occur on the Internet where it is
common to see messages posted that urge readers
to buy a stock quickly or to sell before the price
goes down.
156 "I Go Chop Your Slang Song related to 419 Frauds. Made famous by
Dollar" Nigerian singer who was arrested for fraud.
("Oyinbo man I go chop your dollar, I go take your
money and disappear 419 is just a game, you are
the loser I am the winner" *…+), which was banned
in Nigeria after many complaints.
157 Iceman Organization Cardersmarket admin took control of 4 competitors
carding forums

23. 158 Identity Fraud (1) Crime The use of a misappropriated identity in criminal
activity, to obtain goods or services by deception.
This usually involves the use of stolen or forged
identity documents such as a passport or driving
licence.
159 Identity Fraud (2) Crime Fraudster creates false personal information or
manipulates an existing identity to avoid detection.
Also known as Fictitious Identity Fraud.
160 Identity Fraud (cifas) Definition The use of a misappropriated identity in criminal
activity, to obtain goods or services by deception.
This usually involves the use of stolen or forged
identity documents such as a passport or driving
licence.
161 Identity Fraud / Definition/Crime The use of an individual's identifying details (name,
Identity Theft date of birth, current or previous address, mother’s
maiden name, etc) without their knowledge or
consent to assume their identity. The criminal uses
these details to obtain goods or services, loans,
passports, credit cards or bank accounts in the
victim's name.
162 Identity Theft (1) Crime Used without victim’s knowledge to commit theft or
fraud. Identity theft is a vehicle for perpetrating
other types of fraud schemes. Typically, the victim is
led to believe they are divulging sensitive personal
information to a legitimate business, sometimes as
a response to an email solicitation to update billing
or membership information, or as an application to
a fraudulent Internet job posting.
163 Identity Theft (2) Crime Includes Account Takeover and New Account
Creation
164 Identity Theft (3) Crime When someone steals personal information that is
then used to either obtain credit in the victim's
name, employment, health care, or housing. Also
known as True Name Identity Theft.
165 Identity Theft (4) Crime Identity Theft (also known as impersonation fraud)
is the misappropriation of the identity (such as the
name, date of birth, current address or previous
addresses) of another person, without their
knowledge or consent. These identity details are
then used to obtain goods and services in that
person's name.
166 Identity Theft Definition Identity Theft (also known as impersonation fraud)
(CIFAS) Definition (also known asmisappropriation of the identity (such as the of the iden
is the impersonation fraud) is the misappropriation
name, date of birth, current address or previous
addresses) of another person, without their
knowledge or consent. These identity details are

24. then used to obtain goods and services in that
person's name.
167 Identity Theft/Fraud Definition The use of an individual's identifying details (name,
date of birth, current or previous address, mother’s
maiden name, etc) without their knowledge or
consent to assume their identity. The criminal uses
these details to obtain goods or services, loans,
passports, credit cards or bank accounts in the
victim's name.
168 IDs/novs Slang Identity fraud perpetrated by a criminal who shares
the same address as the victim. The fraudster is
likely to have access to or is able to intercept the
victim's post and so can apply for and use existing
products and services in the name of the victim.
169 Impersonation of Definition/Crime A criminal takes on the identity of a deceased
the Deceased Fraud person to facilitate fraudulent activity.
(IOD)
170 Integration (1) Definition/Crime The third of the Money Laundering stages. If the
Layering process succeeds, then the integration
places the laundered proceeds back into the
legitimate economy so that it seems like normal
business funds. See Money Laundering Stages.
171 Integration (2) Definition/Crime The money re-enters the mainstream economy in
legitimate-looking form — it appears to come from
a legal transaction. At this point, the criminal can
use the money without getting caught.
172 Internal Fraud Definition Fraud by someone within the organization. See
Embezzling and Identity Theft.
173 International Organization Criminal organization which later became Theft
Association for the Services, CardersMarket, and CCpowersForum.
Advancement of
Criminal Activity
(IAACA)
174 Internet Crime Organization A multi-agency task force made up by the Federal
Complaint Center Bureau of Investigation (FBI), the National White
(IC3) Collar Crime Centre (NW3C), and the Bureau of
Justice Assistance (BJA). Purpose is to serve as a
central hub to receive, develop, and refer criminal
complaints regarding the rapidly expanding
occurrences of cyber-crime.
175 Investment Fraud Definition/Crime An offering that uses false or fraudulent claims to
solicit investments or loans, or that provides for the
purchase, use, or trade of forged or counterfeit
securities.
176 IP Spoofing Definition IP spoofing involves imitating a trusted IP address in
order to gain access to protected information

25. resources. One method is by exploiting source
routing in IPv4. This allows the originator of a
datagram to specify certain, or even all
intermediate routers that the datagram must pass
through on its way to the destination address.
Effectively, you make the destination host think
that you are a known and trusted host rather than a
school kid on his father's laptop.
177 Key stroke logger (1) Definition Hardware or software installed onto a computer to
record keystrokes and mouse movements.
Fraudsters can use this device to obtain the
passwords, user names and other confidential
details of the computer user.
178 Key stroke logger (2) Definition A program that operates without a user’s
knowledge and records all of the keystrokes. Once
the keystrokes are logged, they are hidden in the
machine for later retrieval or shipped raw to the
attacker. The attacker then carefully goes through
the data in hopes of either finding a password, or
possibly other useful information. Often used for
identity theft.
179 Kiting Definition Using several bank accounts in different banks,
making deposits and writing checks against the
accounts before the deposit checks clear the
banking system, creating a "float" of money out of
nothing more than the lag in time when checks
clear and post to their respective accounts.
180 Larceny Definition The crime of stealing personal property
181 Layering Definition The second of the three Money Laundering stages.
The process of separating criminal proceeds from
their source using complex layers of financial
transaction designed to hide the audit trail and
provide anonymity.
Involves sending the money through various
financial transactions to change its form and make
it difficult to follow. Layering may consist of several
bank-to-bank transfers, wire transfers between
different accounts in different names in different
countries, making deposits and withdrawals to
continually vary the amount of money in the
accounts, changing the money’s currency, and
purchasing high-value items (boats, houses, cars
etc) to change the form of the money. This is the
most complex step in any laundering scheme, and
it’s all about making the original dirty money as
hard to trace as possible. See Money Laundering
Stages.

26. 182 Leeches Slang Leechers are actively downloading the file via
torrent file. See Seeds.
184 Letter Bomb Definition A piece of email containing live data intended to do
malicious things to the recipient's machine or
terminal. Under UNIX, a letter bomb can also try to
get part of its content interpreted as a shell
command to the mailer. The results of this could
range from amusing to denial of service.
185 Logic Bomb Definition A resident computer program that triggers the
perpetration of an unauthorized act when particular
states of the system are realized. For example, a
logic bomb could remain hidden and dormant until
December 25th, and then delete all or specified
files.
186 London Illegal Organization London group that protects against loan sharks.
Money Lending
Team
187 Lost card fraud Definition The fraudulent use of payment cards that have
been reported as lost.
188 Macro Virus Definition Similar to a standard virus in all but its delivery.
Rather than being code written in a programming
language and attached to an executable, it is code
written in a macro language and attached to a
document.
189 Mail / telephone Definition/Crime A criminal uses a genuine account number obtained
order fraud fraudulently to obtain goods or services from mail
order companies.
190 Mail Bomb Definition Mail bomb' is generally used as a verb rather than a
noun. It is the act of, or even incitement to, send
massive amounts of probably meaningless text to a
particular e-mail address. The purpose is to annoy
the recipient, or even crash his/her system - and it
is usually done in retaliation for some real or
perceived offense.
191 Mail Drop Definition Thieves use a mail drop address different than their
own.
192 Mail re-direct Definition Post is fraudulently re-directed to another address
without the intended recipient's knowledge. The
fraudster then receives important documents, such
as bank statements and bills, intended for the
victim and uses them to facilitate identity fraud.
193 Mailing Lists Definition A mailing list is an automated e-mail distribution
mechanism for a defined subject (the list topic) to a
registered readership (a list of e-mail addresses).
Often just called 'lists', there are innumerable

27. mailing lists on the Internet catering for every
subject under the sun. Lists are controlled by the
list 'owner' - usually the person or organisation that
set it up, and probably the owner of the server on
which it is run. People registered on the list are
known as list 'members'.
194 Malware (1) Definition An inclusive term for all bad software -- "malicious
software"
195 Malware (2) Definition Software designed specifically to damage or disrupt
a system, such as a virus or a Trojan horse.
196 Malware (3) Definition Malware is the generic term for software that is
designed to do harm - a contraction of 'malicious
software'. It is not yet in universal usage, but its
popularity as a general term for viruses, Trojan
Horses, worms, and malicious mobile code is
growing. In general, an inclusive term for all bad
software -- "malicious software"
197 Man in the Browser Definition/Crime Internet threat related to Man-in-the-Middle
Attack (MitB) (MitM), is a trojan that infects a web browser and
has the ability to modify pages, modify transaction
content or insert additional transactions, all in a
completely covert fashion invisible to both the user
and host application. In an example exchange
between user and host, e.g. an Internet banking
transaction such as a funds transfer, the customer
will always be shown, via confirmation screens, the
exact payment information as keyed into the
browser. The bank, however, will receive a
transaction with materially altered instructions, i.e.
a different destination account number and
possibly amount. The use of strong authentication
tools simply creates an increased level of misplaced
confidence on the part of both customer and bank
that the transaction is secure. Authentication, by
definition, is concerned with the validation of
identity credentials. This should not be confused
with transaction verification. Combating a MitB
attack is through an out-of-band (OOB) Transaction
verification process. This overcomes the MitB
Trojan by verifying the transaction details, as
received by the host (bank), to the user (customer)
over a channel other than the browser. Combat by
using transaction verification.
198 Man in the Middle Definition/Crime Man-in-the-middle attack (often abbreviated
Attack MITM) MITM), bucket-brigade attack, or sometimes Janus
attack, is a form of active eavesdropping in which
the attacker makes independent connections with
the victims and relays messages between them,