Forgot your password?
typodupeerror
Crime Security The Almighty Buck IT

FBI Publishes Top Email Terms Used By Corporate Fraudsters 105

Posted by Unknown Lamer
from the security-unclassified-uscode-smuggle-espionage dept.
Qedward writes "Software developed by the FBI and Ernst & Young has revealed the most common words used in email conversations among employees engaged in corporate fraud. The software, which was developed using the knowledge gained from real life corporate fraud investigations, pinpoints and tracks common fraud phrases like 'cover up,' write off,' 'failed investment,' 'off the books,' 'nobody will find out' and 'grey area'. Expressions such as 'special fees' and 'friendly payments' are most common in bribery cases, while fears of getting caught are shown in phrases such as 'no inspection' and 'do not volunteer information.'"
This discussion has been archived. No new comments can be posted.

FBI Publishes Top Email Terms Used By Corporate Fraudsters

Comments Filter:
  • by BeerCat (685972) on Tuesday January 08, 2013 @04:07AM (#42515803) Homepage

    "So, this new range of paints is a grey area - neither black nor white. But if you spill any, while painting the library, make sure you keep it off the books. Hang on, there's someone knocking at the door..."

    • My encryption was a failed investment...
    • by AK Marc (707885) on Tuesday January 08, 2013 @04:35AM (#42515951)
      If you are going to paint in the library, make sure to cover up the books. If there is an accident, make sure there is no inspection, and try to avoid special fees for cleanup.
      • by Zouden (232738) on Tuesday January 08, 2013 @04:45AM (#42515997)

        This paint is terrible! It's a totally failed investment. I better get some new paint and cover up these splotches quickly so no one finds out.

      • by wierd_w (1375923) on Tuesday January 08, 2013 @05:59AM (#42516243)

        Sadly, several important documents were irreparably damaged by improper regulatory activities which resulted in many important books being cooked, quite literally, by being placed too near to the old radiator style heating systems in the library.

        When asked why no-one was notified about important documents being improperly handled like this, many library employees said it was standard operating proceedure to not reveal additional information to internal management, and that it was simply a case of inspectors not doing their jobs that the damage occured.

        The library management has begun an internal investigation into the matter, but due to a recent computer mishap coupled with the removal of the obsolete paper copy card cataloge, a considerable amount of vital data was lost or deleted concerning which books the library actually owns, which ones are from inter-library exchange programs, and which ones are missing and unaccounted for.

        At the current rate, it is likely that no one will ever find out the true extent of the damages, so disciplinary measures are unlikely to manifest any time soon. Most employees interviewed simply expect a standard "slap on the wrist", followed by business as usual.

    • More seriously, "cover up" and "grey area" can also happen in conversations about an event by a third party (which is in the news, or speculation about what the higher ups in the company might be doing, etc.). They do not necessarily imply involvment of the 2 parties talking. Other terms, such as "failed investment" might happen innocently among project manager, even if the failure was not fraudulent. Expect lots of false positives.

      Some other terms ("special fees", "friendly payments", are more telling. Or

      • by aldousd666 (640240) on Tuesday January 08, 2013 @07:57AM (#42516667) Journal
        They're not auto-matic indictments, they're just keywords to narrow things down when say... you have a tarball of a bazillion emails from wikileaks uploaded to some bitttorrent site. (Yes, I mean for you, not the government to use, it was an example.) Still, one wonders what the FBI, who produced the list, has on their keyword list "warrantless" "we dont need a judge" "wiretap" "domestic spying" "naw, dont' bother getting a warrant" "security letter."
        • They're not auto-matic indictments, they're just keywords to narrow things down when say...

          That's a given. This will flag the e-mails for manual review. But even though false positives will cause no (obvious) trouble for the sender and receiver, they will waste time of those people who are supposed to look for suspicious activity, and if there are too many of them, the system becomes useless...

          • by Anonymous Coward

            Of course it could also be the first tier of a multi-tier analysis system: The first step does a simple keyword filtering to get the number of mails down for the next, more elaborate (and more expensive) automated analysis step, and only the mails surviving the second step are passed to human reviewers. Note that the less mails you have to analyse, the more effort you can put into each mail, so it makes sense to first eliminate the majority of mails with a very fast method.

            Also, the keyword search might be

            • I see your point, but your example is perhaps a little unfortunate: most of the financial fraud would probably be committed by the accounting department (sorry, couldn't resist.)
        • by Shoten (260439)

          They're not auto-matic indictments, they're just keywords to narrow things down when say... you have a tarball of a bazillion emails from wikileaks uploaded to some bitttorrent site. (Yes, I mean for you, not the government to use, it was an example.)

          Oh, right...because when the FBI starts looking at your conversations in particular out of those bazillion emails in the middle of an investigation, there's no way they would ever, *ever* just get carried away and look for a problem where there isn't one...

          • er... they have to start somewhere? it's not meant to be fool proof. just better than reading all of them. do you, when you browse the web, look at every single document, following every link, until you get one that is relevant? no, you go to google, put in some keywords, and look at those results. Do you get wrong pages? Same thing. I don't think the government should be reading our emails without a warrant or anything, I'm just saying, logistically speaking, there is nothing wrong with producing false
      • by Luckyo (1726890)

        You misunderstand. This isn't about getting high amount of accuracy. It's about getting a starting point for such investigation.

  • Irony (Score:5, Funny)

    by boundary (1226600) on Tuesday January 08, 2013 @04:08AM (#42515809)
    I wonder if E&Y used this when they were auditing Lehman Brothers...
    • by Anonymous Coward
      As a CPA, former auditor, and forensic consultant, I can tell you 3 things:

      (1) Audits are not designed to detect fraud, further, i.e, they are only designed to provide only reasonable assurance that the statements are free from material error. Typically this is interpreted to mean that if members of a company were conspiring to commit fraud as opposed to some lone individual stealing money, it is less likely to be caught.

      (2) Most auditors are dumb, especially in the US, in my view largely because t
      • Re:Irony (Score:4, Funny)

        by dkleinsc (563838) on Tuesday January 08, 2013 @09:31AM (#42517229) Homepage

        (3) You won't find many accountants on slashdot since they tend not to be among the intellectually/technologically curious types in my experience.

        Ah yes, this old problem again:
        Counsellor: Well I now have the results here of the interviews and the aptitude tests that you took last week, and from them we've built up a pretty clear picture of the sort of person that you are. And I think I can say, without fear of contradiction, that the ideal job for you is chartered accountancy.
        Anchovy: But I am a chartered accountant.
        Counsellor: Jolly good. Well back to the office with you then.
        Anchovy: No! No! No! You don't understand. I've been a chartered accountant for the last twenty years. I want a new job. Something exciting that will let me live.
        Counsellor: Well chartered accountancy is rather exciting isn't it?
        Anchovy: Exciting? No it's not. It's dull. Dull. Dull. My God it's dull, it's so desperately dull and tedious and stuffy and boring and des-per-ate-ly DULL.
        Counsellor: Well, er, yes Mr Anchovy, but you see your report here says that you are an extremely dull person. You see, our experts describe you as an appallingly dull fellow, unimaginative, timid, lacking in initiative, spineless, easily dominated, no sense of humour, tedious company and irrepressibly drab and awful. And whereas in most professions these would be considerable drawbacks, in chartered accountancy they are a positive boon.

      • (3) You won't find many accountants on slashdot since they tend not to be among the intellectually/technologically curious types in my experience.

        HEY! I exist, darn it! :D

        But never mind me, I once found a Chartered Accountant (British Variety, ICAEW I reckon) who actually gave me some very insightful pointers on the working of the british tax system, and he was masquerading as an AC! So we do prowl on Slashdot ;p

        ----

        I won't comment on the relative merits of various accountancy qualifications, partly because that's a pissing match on the level of vi vs emacs (nano rules, bitches!) and partly because I have already done so in the past, it's back there

      • As a CPA, former auditor, and forensic consultant,

        Well, I'm not a CPA - but my wife is (now) and of course in her studies I picked up a thing or two...

        I can tell you 3 things: (1) Audits are not designed to detect fraud, further, i.e, they are only designed to provide only reasonable assurance that the statements are free from material error. Typically this is interpreted to mean that if members of a company were conspiring to commit fraud as opposed to some lone individual stealing money, it is less likely to be caught.

        Exactly, but it's also with respect to the Auditing Plan submitted by the firm being audited, which does have standards (GAAS, IIRC) that it must comply with. Though as a forensic consultant you probably are looking for any traces regardless. But it's a pretty big loophole that firms could use to hide fraud, simply by leaving it out of the Auditing Plan.

        (2) Most auditors are dumb, especially in the US, in my view largely because the CPA exam is far too easy and largely memorization based.

        Can't speak to that. Though I do know they've been maki

    • Well...

      1-An audit firm is the sum of it's constituent audit partners...blaming the whole firm is effectively meaningless.

      2-An audit is as effective as the engaging audit partner is willing it to be.

      3-Although ICAS will have us believe that audit rotations have no *benefit*, even it's President (Sir David Tweedie) can't ignore the fact that auditors are getting...*too cosy* with the clients.

  • by ArcadeNut (85398) on Tuesday January 08, 2013 @04:23AM (#42515883) Homepage

    I know this is a grey area, and this may sound like a cover up, but we need to keep this failed investment off the books or do a write off. Nobody will find out.

  • British Fraudsters.
  • Duh (Score:4, Funny)

    by 1u3hr (530656) on Tuesday January 08, 2013 @04:52AM (#42516023)
    Any idiot that SENDS AN EMAIL from his corporate account discussing a fraud, using whatever phrases, deserves to get caught. What the fuck does "Off the books" mean if not "DON'T WRITE ANYTHING DOWN".
    • by phagstrom (451510)

      but...but....it was an email, not a book.

    • Yeah, that's why "call my mobile" is also one of the flag phrases...
    • Any idiot that SENDS AN EMAIL from his corporate account discussing a fraud, using whatever phrases, deserves to get caught. What the fuck does "Off the books" mean if not "DON'T WRITE ANYTHING DOWN".

      And, if you are going to send an email telling everyone to delete the incriminating emails, make sure you delete that email.

      Furthermore, Mike Brighty, another Hasbro Sales Director, was clearly aware not only of the pricing initiative itself but also of its illegality when he suggested to Ian Thomson to ask Lesley Paisley of Littlewoods to delete an incriminating e-mail ('its highly illegal and it could bite you right in the arse!!!! suggest you phone Lesley and tell her to trash?')

      Source: http://webcache.g [googleusercontent.com]

    • by Anonymous Coward
      We have a better phrase for this where I come from: "Let's take this offline".
      • by Gr8Apes (679165)
        Oh no, so all those concalls (a couple a day at least) where I uttered that phrase wound up being manually inspected? There's a few FBI guys sleeping somewhere.
    • by Hentes (2461350)

      Once corporate people discover encryption, we will be doomed.

    • by zazzel (98233)

      I wonder why the above comment has been moderated "funny". I think he was dead serious. But it's good to know that at least SOME criminals are such utter morons that they would leave a digital "paper trail".

  • A lot of these phrases also apply when you are having an affair with the secretary and/or wife of the boss...

    • What? Does the secretary charge "special fees" and "friendly payments" for her "services"? She isn't moonlighting near the train station is she?
    • by tibit (1762298)

      A colleague runs a hedge fund in New York, and he's paying his secretary $200k yearly. He's stupid if he doesn't have a professional prostitue, preferably with a Ph.D., working for him :)

  • by Anonymous Coward on Tuesday January 08, 2013 @05:11AM (#42516091)

    Isn't that how investment bankers talk all the time?

    • Isn't that how investment bankers talk all the time?

      Yeah, I thought "write off" was standard operating procedure.

      Though I don't suppose that means it can't be fraud too...

    • Re: (Score:2, Funny)

      by Anonymous Coward
      Investment bankers committing fraud are like kids pissing in the public swimming pool. As long as they're being discrete about it, the general public happily ignores the inevitability that its going on all around us all the time.
      • by alci63 (1856480)
        Why fraud when it is so simple to be perfectly legal in all these tax havens ?
  • "My friend, I'm a Nigerian princess in need of a way to transfer 25 million dollars into a US account." The point is fraud generally plays off an element of greed. You help me and you get something for nothing. It's the basis of 90% of all confidence schemes. The "off the books" scams are along those lines. Break the rules and I'll make you rich.
    • This article isn't about scammers casting a wide net to find victims for confidence tricks; these are business partners and colleagues actually conspiring to commit corporate fraud or tax evasion.
      The confidence trick is a meta-scam: It pretends to invite you to become a partner in crime, while you are in reality the intended victim. They're two different things.

  • by Meneth (872868) on Tuesday January 08, 2013 @05:55AM (#42516229)
    Obligatory [youtube.com].
  • by drolli (522659) on Tuesday January 08, 2013 @06:29AM (#42516353) Journal

    Iff you ever do something within the grey area, then do so without witnesses. Leaving an email trail that somthing is done in "the gray area" to "keep things of the books" is pretty much the opposite. It is very likley that reacting to such emails takes a misbooking or a thing for which you can at worst get fired straight to a criminal level.

    I for my part always walk away in business if somebody suggest me things in "the gray area". If i am somehow related to that person i would point it out during in a few words during the coffee break.

    If colleagues/boss engage in such things i also walk away. Gives me the option later to deny knowing about it in detail.

  • by Lumpy (12016)

    Those are the same words that investment bankers and banks in general use all the time!

    I knew the whole banking industry was just a ball of fraud.

  • GNAA leverages core skillsets and world-class synergy through teamwork to provide clients worldwide with robust, scalable, modern turnkey implementations of flexible, personalized, cutting-edge Internet-enabled ebusiness application product suite esolution architectures that accelerate response to customer and real-world market demands and reliably adapt to evolving technology needs, seamlessly and efficiently integrating and synchronizing with their existing legacy infrastructure, enhancing the sodomy-read

  • by smpoole7 (1467717) on Tuesday January 08, 2013 @09:06AM (#42517015) Homepage

    Folks, this is the future. Computers can cross-reference and correlate things at lightning speeds and, once something approaching true artificial intelligence comes along, they'll be able to tell (with 99% accuracy) when someone is lying or telling the truth.

    Recommended reading: the "Troy Rising" series by John Ringo. Even if you're not into the "oo-rah" and military stuff, Ringo's one of the best when it comes to realistic artificial intelligences. By the third book ("The Hot Gate") one of the protagonists has struck up a friendship with one of the fabber AIs. The AI admits as much to her, that it can not only tell when a human is lying, it can tell when that person is engaged in illegal activity, just by observing behavior.

    In the Troy series, the privacy issues are handled with strict "protocols" (i.e., laws hard-coded into the programming) that govern AI behavior, but this is something that we're going to be facing in the future. What the FBI is doing here is going to look like the first crude steam locomotives compared to what AIs will be capable of in not too many years from now.

  • Sounds like emacs' spook [gnu.org] will be getting an update with more keywords and phrases!

  • One obvious issue is how often these phrases show up in legitimate contexts. For example, "grey area" might be used frequently if one has a legal department. Not to volunteer information could easily be an instruction to an overly talkative employee or executive or the like to not blab about what the company is currently trying to do but hasn't gotten to work quite yet, or even has gotten to work and are industrial secrets. The last is a surprisingly common problem- a relative of my at one point was the COO of a baking company that was owned by someone who knew little to nothing about the industry (having inherited it) and on at least two occasions blabbed to people outside the company secrets about their manufacturing processes in apparent attempts to impress people. And that was in baking. In the circumstance my relative couldn't get the owner to stop (it is a bit hard to tell your boss to shut up) , but similar issues probably show up in a lot of industries.

    So while some of these phrases seem obviously problematic (off the books is the most obvious one) I suspect that others could by themselves be often very innocent.

  • by Quila (201335) on Tuesday January 08, 2013 @10:59AM (#42518407)

    "I accept this position as CEO."

  • I would of expected the most common words to be "I", "we", "the", "a", and so on and so forth.

  • "Never write when you can talk. Never talk when you can nod. And never put anything in an e-mail." -- from 2005 by Eliot Spitzer, former Attorney General, New York State.

Take care of the luxuries and the necessities will take care of themselves. -- Lazarus Long

Working...