Chapter 3 – Seminar 3

Chapter 3 – Seminar 3

High-Tech Criminal Offenses and E-Mail-Based Crimes

1/24/11 Seminar 3 – Chapter 3 11/24/11 - Seminar 3 - Chapter 3

Outline• 3.1 Overview of High-Tech Crimes• 3.2 Email Harassment, Threats, and

Cyberstalking• 3.3 Violations of Restraining Orders• 3.4 Identity Theft• 3.5 False Identification Documents• 3.6 4-1-9 Scams (AKA Nigeria Scam or

Advanced Fee Fraud)


3.1 Overview of High-Tech Crimes


3.1 Overview of High-Tech Crimes

• Nature of high-tech crime today• Classification of criminality• Hierarchy of proof• Jurisdictional issues


Nature of High-Tech Crime Today

• On the rise and will continue to be.• Average bank robbery = $5,000• Average I.D. Theft = $10,200• First responders lack training, knowledge,

skills, and abilities to investigate it. • True number of high-tech crimes committed

each year is unknown.


Lack of Serious Sanctions

• Some high-tech crimes are misdemeanors or forfeitures and do not allow for extradition.

• Some more serious ones are felonies, but they are still largely property crimes.

• Understanding the classification of criminality and hierarchy of proof is essential.


Classification of Criminality

• Felony — most serious level of criminal acts, which carry a minimum of a one year prison sentence for anyone convicted, along with substantial fines.

• Misdemeanor — a criminal act of moderate severity that may result in a jail sentence of up to one year, and/or a substantial fine.


Classification of Criminality, Con’t

• Forfeiture — a minor criminal offense that can only result in a fine.

• Ordinance Violation — a law enacted by a city, local, or municipal government, because they do not have the same legal authority as state or federal governments, the maximum penalty for an ordinance violation is a civil forfeiture (fine). It is a civil forfeiture because ordinance violations are not criminal acts.


Hierarchy of Proof• Proof Beyond a Reasonable Doubt — the level of

certainty required for a guilty verdict in a criminal case. A juror voting for a guilty verdict must believe that no reasonable person could doubt the guilt of the accused.

• Clear and Convincing Evidence — somewhere between proof beyond a reasonable doubt and mere preponderance. Evidence that produces a firm belief or conviction that the allegations sought to be proved by the evidence are true. Typically used in municipal ordinance violation cases.


Hierarchy of Proof, Con’t

• Mere Preponderance of Evidence — the level of certainty required for a guilty verdict in a civil court dispute. The standard is met when there is more evidence indicating guilt than indicating innocence. A balancing scales analogy is appropriate in determining preponderance.


Hierarchy of Proof, Con’t

• Reasonable Suspicion — commonly referred to as a “Terry Stop” (Terry v. Ohio, 1968), this is the level of certainty that allows for law enforcement officers to detain and/or frisk a subject, for their own safety, based on their reasonable belief that the subject is armed, or has committed, is committing, or is about to commit a crime.


Lack of Physical Boundaries

• High-tech crimes blur jurisdictional lines.• Vicinage — parallel jurisdiction over the same

offense and is not considered double jeopardy.

• Criminals can commit high-tech crimes from the comfort of their homes and across jurisdictional boundaries.


3.2 Email Harassment, Threats, and Cyberstalking


Definitions

• Harassment — continued communication or interaction with someone with the goal of intimidating, upsetting, or otherwise emotionally impacting the recipient. It is communication or interaction with no other legitimate purpose.


Definitions, Con’t

• Threats — communicated warnings of some imminent negative event, injury, or other harm. Often the person communicating the warning implies that he / she will cause the injury or harm.


Definitions, Con’t• Cyberstalking — the repeated use of the Internet,

email, or related digital electronic communication devices to annoy, alarm, or threaten a specific individual or group of individual.

• Cyberstalking — threatening behavior or unwanted advances directed at another using the Internet and other forms of online and computer communications.


Email Harassment• A common occurrence in the online world that is

often underreported. “I don’t think the police in my community know what a computer is.” This perception must change.

• Any “electronic mail” that frightens, intimidates, threatens, abuses, or harasses another person or threatens to inflict injury, or contains any obscene, lewd, and profane language, or suggests any lewd or lascivious act (WSS 947.0125).


Email Harassment, Con’t

• Federal statute — Title 18, Section 875, U.S. Code criminalizes threatening messages transmitted electronically in interstate or foreign commerce.

• The federal government historically has limited its involvement in prosecuting cases related to electronically transmitted threatening messages to cases involving special circumstances, such as threats made against the president of the United States.


Email Harassment, Con’t

• Most state statutes lack “teeth,” and punishment is typically a misdemeanor and/or forfeiture.

• Municipalities can adopt state statutes and enforce them at the local level.


Cyberstalking

• Stalkers take advantage of Internet communications and online access to personal information to stalk victims.

• Due to Internet anonymity, cyberstalking becomes easier to do than real life stalking.


Cyberstalker v. Stalker • 80% males• 74% White, 13% Asian,

8% Hispanic, 5% African American

• Email used 79% of the time, instant messenger 13%, chat rooms 8%

• 87% male • 57% White, 37% African

American, 6.5% other racial minorities

Disparities can can be partially explained by the access to available computer technology. Those in a lower socio-economic status are less likely to have access to the needed cyberstalking technology.


“Cyberbullying”• Similar to cyberstalking.• Always involves a child, preteen, or teenager

who is involved in using the Internet, interactive and digital technologies, or mobile phones to torment, threaten, harass, humiliate, embarrass, or otherwise target another minor.

• When adults are involved in this behavior, it’s cyberstalking.


Investigating Email Harassment and Threats (Generally)• Tracing the origin via the IP address is very possible.• Expand the email message to view the “full header.”• All IP addresses the email traveled through can be

traced back to the originating server (ISP).• Appropriate legal documents can be served upon the

ISP to disclose account holder information (i.e. basic subscriber information).


Tips For Victims

• Stalker must be made aware that behavior is unwelcome.

• Report the cyberstalker to their ISP.• Save copies of all electronic communications.• Report the matter to law enforcement as soon

as possible.


3.3 Violations of Restraining Orders


Violations of Restraining Orders

• Although not an epidemic, abusers have used to harass their victims.

• Using the Internet to contact domestic violence victims is a violation of applicable restraining (no contact) orders in most jurisdictions.


Violations of Restraining Orders, Con’t

• No contact orders should include language prohibiting contact via, “any electronic means.”

• Nationwide, approx. 60% of all orders are violated.

• It is not known to what extent email or other forms of electronic communications are used when violating these orders.


3.4 Identity Theft


Identity Theft• Identity Theft occurs when someone

appropriates another’s personal information without his or her knowledge to commit fraud or theft.

• The identity is then used to obtain credit cards, phone accounts, or even bank accounts in the victim’s name, thereby damaging his or her credit.

• Best of all, the victim gets the bills.


Identity Theft, Con’t

• It occurs online in several ways.• Thieves utilize online databases to collect

personal information.• Thieves send fictitious email messages in the

hopes that the victim will respond with the requested information (e.g., credit card number, SSN).


Identity Theft — Defined• (The unlawful use of) your name, address,

social security number (SSN), bank or credit card account number, or other identifying information without your knowledge with the intent to commit fraud or other crimes.”

• “A fraud that is committed or attempted using a person’s identifying information without authority.”


Identity Theft — Scope of Problem

• Federal Trade Commission (FTC) statistics– 2002 — 161,896 identity theft complaints

received– 2004 — 246,570 complaints received– 40% increase– $547 million in losses


Identity Theft — Scope of Problem

• These statistics are only from participating agencies that voluntarily report.

• The current Uniform Crime Reports (UCR) do not track identity theft offenses.

• True instances are believed to be much greater.


Identity Theft Statutes

• Exist in all 50 states.• Often not referred to as “Identity Theft” statutes.• Some statutory names include “Taking identity of

another person or entity…” (Arizona State Statute 13-2008) and, in Wyoming, “Unauthorized use of personal identifying information…” (Wyoming State Statute 6-3-901).


Federal Identity Theft Statute• Identity Theft and Assumption Deterrence Act

(18 U.S.C. 1028).• When someone knowingly transfers or uses,

without lawful authority, a means of identification of another person with the intent to commit, or to aid or abet, any unlawful activity that constitutes a violation of federal law, or that constitutes a felony under any applicable state or local law.

• Punished by 15 years prison and/or $250,000 fine.


Statutory Elements

• Personal identifying information or documents taken without consent to obtain money, credit, goods, services, employment, or anything of value.


Personal Identification Document• A document containing personal identifying

information (i.e., driver’s license).• An individuals card (i.e., ATM card) or plate, if it

can be used alone or in conjunction with another device to obtain money, goods, services, or anything of value.

• Any other device that is unique to, assigned to, or belongs to an individual and that is intended to be used to access services, funds, or benefits.


Personal Identifying Information

• An Individual’s name• Phone numbers• SSN• ID number assigned by

employer• ID number of a depository

account• DNA Profile• ESNs

• Address• Driver’s License Number• Employer• Maiden name of

individual’s mother• Taxpayer identification

number• PINs


Mandatory Reporters

• Fair and Accurate Credit Transactions Act (FACT Act) of 2003 (15 U.S.C. 1681) requires victims to provide a police report to credit agencies to prove victimization.

• In response, some states have made reporting identity theft mandatory for police.


Mandatory Reporters, Con’t

• Example: State of Wisconsin Statute 943.201(4) mandates that law enforcement prepare a report of identity theft for victims in their jurisdiction or, if it is believed they do not have jurisdiction, police must inform the individual which law enforcement agency does.


Three Primary Types of I.D. Theft

• True name fraud• Account takeover • Criminal identity theft


True Name Fraud

• Occurs when the thief uses the victim’s information to open up new accounts in his or her name.


Account Takeover

• Occurs when the thief gains access to the victim’s financial accounts and makes unauthorized charges.


Criminal Identity Theft

• Happens when the thief gets arrested by law enforcement and provides police with the victim’s identity, thereby creating a false criminal record.


Common Ways Thieves Steal Identity

• Stealing information from employers

• Hacking into computer systems

• Dumpster diving• Stealing mail• Stealing wallets or purses

• Burglarizing a home• Social engineering• Email and Web site

scams.• Open source Web sites• Shoulder surfing• Skimming


Combating Identity Theft• NCIC identity theft file• Victim reports an identity theft complaint to

police.• Police provide the victim with an NCIC

password.• If suspect gets stopped and does not know

password, he or she is discovered and arrested.


A Gateway Crime• It is often facilitated to commit other

crimes:– Credit card fraud– Forgery and check fraud– Theft by fraud– Mortgage fraud and takeover– Theft of phone service– Satellite and cable theft– Committed for financial gain– Committed to conceal or hide


Immigrant Identity Theft

• Stolen identities used by illegal immigrants to work.

• Average victims see their social security numbers shared about 30 times.

• Often discovered by victim when the IRS notifies them of undocumented income.


Immigrant Identity Theft, Con’t

• Side effects include:– False criminal records– Ruined victim credit ratings– Illegal social security benefits– Income tax sanctions


Mortgage Fraud

• Popular among identity thieves and organized crime.

• The scheme involves a “customer,” real estate broker, straw sellers, and straw buyers who funnel the money into accounts that have been established with false or stolen identities.


Phone Fraud

• Second most common type of identity theft.• Thieves open up phone accounts with the

stolen identity. • Can often be carried out in “boiler room”

operations.


Victim Discovery

• Most victims discover they have been victimized when unauthorized charges appear on their credit cards.

• Victims should be directed to obtain credit reports from all three bureaus.

• An extensive questionnaire provided to victims (and outlined in text) can provide valuable leads.


Identity Theft Prevention

• Education is the key.• Proper and timely reporting.• Provide victims with resources — Identity

Theft Handbook.• FTC Handbook — “Take Charge, Fighting Back

Against Identity Theft.”• Also provide an “Identity Theft Affidavit.”


3.5 False Identification Documents


Fake Identification Cards

• All criminals have one thing in common — the need to conceal their identity from law enforcement to evade apprehension.

• Some carry no I.D.• Others carry fake I.D.


Fake Identification Cards, Con’t

• Fingerprint technology (e.g., AFIS or Fast I.D.) can uncover false identification, but this is hampered by lack of:– Time– Effort– Resources



• Obtaining fake I.D. cards:– Purchase — Ohio high school students sold fake

I.D.s for $20 to $50 each.– Manufacture — templates sold as “novelty” are

available all over the Internet.– Alter — erase one number to insert another (i.e.,

change a DOB).



• The illegal immigrant market:– Fake birth certificate.– Fake social security card.– $250 to $500– These documents are used to get a legitimate

state I.D. card


Real I.D. Act 2005• Sponsored by Rep. Sensenbrenner (Wisconsin)• Purpose: to establish uniform state I.D.

standard, to prevent terrorists from abusing asylum laws of the U.S., to unify terrorism related grounds for denying admission, to ensure expeditious construction of the San Diego border fence


Real I.D. Act 2005, Con’t

• Will require the following minimum document requirements for states:– Full legal name– Date of birth– Gender– D.L. or I.D. number– Digital photograph– Signature


Real I.D. Act 2005, Con’t

• Physical security features to prevent tampering, counterfeiting, or duplication.

• Common machine-readable technology (i.e., magnetic strip found on new WI D.L.

• Fake I.D.s can be identified through careful visual inspection, as discussed in text.


3.6 4-1-9 Scam (AKA Nigeria Scam or Advanced Fee Fraud)


4-1-9 Advanced Fee Fraud

• Nigeria is considered the 4-1-9 capital of the world.

• Fraud named after the Nigerian law that outlaws these scams.

• Scammers typically target businessmen or even church clergy with temptations of big easy money.


Advanced Fee Fraud, Con’t

• Correspondence is on “official looking” letterhead.

• Contains text about moving considerable sums of money with an offer to share a percentage of the proceeds.

• Most victims are lured by the potential windfall of “easy” money.



• Now takes place via email.• Allows scammers to reach hundreds of

potential victims at once.• Once hooked, the victims are asked to pay

“transaction” fees, and their money is never seen again.



• Takes on several forms– Disbursement from wills:– Contract fraud– Purchase of real estate– Transfer of funds (most common)– The clearing house– Sale of crude oil below market values


Fund Transfer Scam• Victim will receive unsolicited mail from a

“civil servant.”• Offer to move millions in funds that the

Nigerian government overpaid on a contract.• Once fees are paid, the transfer will take

place.• The transfer never happens, and the victim is

out the “fees” paid.


Lottery Scam

• A relatively new Advanced Fee Fraud scam.• A winning lottery check is mailed to the victim,

who is directed to cash it, return a portion, and keep the rest.

• After cashing, it’s later discovered to be a fraudulent check, and the victim is responsible for all the funds.
