Criminal Justice News

Monday, February 27, 2006

Al-Qaeda's Clandestine Courier Service

From Terrorism Focus - Jamestown Foundation

Sohail Abdul Nasir

The recent release of audio and videotapes from Osama bin Laden and Ayman al-Zawahiri call attention to al-Qaeda's couriers and how they transport tapes to major media outlets (al-Jazeera, January 21). Audiotapes, videotapes and the internet are the major mass media tools of al-Qaeda and are used to tilt and blur the realities of the locations of al-Qaeda leaders. They are an effective means to threaten the U.S. and the West. Al-Qaeda's videos are produced by the organization's in-house production team, al-Sahab, identified by the al-Sahab logo that appears in the videos. It appears that al-Sahab consists of multiple individuals and is not centrally located. While the videos have improved in quality, at its most basic level the videographers require computer images, e-mail transmission, and a production expert who uses a computer to compile it together in broadcast quality.

Read On

Monday, February 13, 2006

Blast Injuries - A New Resource for First Responders

A group of academic, university-based emergency physicians with an interest in blast injuries has launched a comprehensive web-based resources for first responders. Because first responders (in particular emergency medical technicians and emergency room physicians) have only limited experience in the evaluation and treatement of blast related injuries, Blast has created the website as a one-stop educational and training resource.

As an example, one of their webpages includes information on Blast Injury Basics:

  • Bombs and explosions can cause unique patterns of injury seldom seen outside combat.
  • The predominant post explosion injuries among survivors involve standard penetrating and blunt trauma. Blast lung is the most common fatal injury among initial survivors.
  • Explosions in confined spaces (mines, buildings, or large vehicles) and/or structural collapse are associated with greater morbidity and mortality.
  • Half of all initial casualties will seek medical care over a one-hour period. This can be useful to predict demand for care and resource needs.
  • Expect an “upside-down” triage - the most severely injured arrive after the less injured, who bypass EMS triage and go directly to the closest hospitals

Other resources on the site include historical perspectives, blast physics, selected injuries and a literature database. You can visit their website at

About the Author

Lieutenant Raymond E. Foster retired from the Los Angeles Police Department after 24 years of service. He is the author of “Police Technology” (Prentice Hall, July 2004) and number articles on technology, leadership, terrorism and policing. Raymond is a part-time lecture at California State University, Fullerton and a part-time faculty advisor at the Union Institute and University. He has three current book projects. They are on terrorism, policing and leadership. Raymond’s complete CV can be viewed at Criminal Justice Profile and he can be reached by email at or through the Criminal Justice Online Forum.

Monday, February 06, 2006

Triggering Muscle Memory

On Sunday, January 29th, a short high-speed pursuit ended when the suspect’s vehicle collided with a fence. By now, must of us have seen portions of a video tape depicting a Sheriff’s Deputy shooting the passenger. It is much too early and there is not public information to draw definitive, informed conclusions. However, even without full information we can use the incident to open discussions on our policies, tactics and training.

What is muscle memory?

Essentially, muscle memory is training yourself do to something without consciously thinking about it. Think about dialing an often used telephone number. Or, for those of us who learned to type, we tap at the keyboard, not consciously thinking about the keys. Trigger press is another learned muscle memory. How many countless times have you pressed the trigger, with live ammunition and dry-firing, just to get the perfect press? It is likely you have taught you index finger exactly what to do without thinking about it.

Early research into muscle memory presumed that what you were doing was creating permanent pathways between your brain and the muscles you would use for the repetitive activity. You were creating express lanes between the muscles and your brain. However, there is some research to suggest that muscle memory is much more complex. It may be that the memory for certain repetitive activities actually resides within the muscles you are using.

One suggested explanation is that when you decide to key in that often used telephone number your mind decides it is time to initiate the number sequence, sends the first digits and your fingers take over. How many times have you dialed a number that you knew had been changed? Have you every dialed the wrong number even though you reminded yourself that there was a new number? All sorts of trainers recognize the value of muscle memory. But are there hidden dangers?

Accidental discharges

Many people who have accidental discharges will tell you that the firearm “just went off.” It must have malfunctioned. Unfortunately, when the firearm is inspected by the department armor they tell you that the only way the firearm discharged was the shooter pressed the trigger. And, the shooter will insist they did not press the trigger. Is it possible to press the trigger without consciously thinking about it? Clearly, muscle memory makes that possible. Moreover, if the deeper research about muscle memory is true it may be possible for your index finger to press the trigger without a message from your brain. Perhaps the act of placing your finger on the trigger initiates a sequence within the cells of the muscles controlling your index finger and the finger follows through.

Even if your index finger doesn’t develop a memory of its own, once you place your finger on the trigger you have clearly initiated the first part of a repetitive sequence that ends with trigger press. Furthermore, it is plausible that since you have initiated this sequence if you don’t shoot, you must be consciously sending a “no shoot” message to your index finger. In a high-stress situation you are going to default to the level your training.

Tactical handling of firearms

Most, if not all, official ranges and good tactical shooters teach to you to place your finger along the frame. The only time your index finger moves to the trigger is when you are going to follow through and shoot. In the field, any time you draw your weapon you should only place your finger along the frame. Not until you decide to shoot should your finger move to the trigger.

While it is too early to know if muscle memory was in anyway contributory to the San Bernardino incident, it is a good time to revisit our basic firearm and tactical skills. We can use the incident to open a dialogue amongst ourselves about our policies, tactics and training without being early, ill-informed critics.

About the Author
Lieutenant Raymond E. Foster retired from the Los Angeles Police Department after 24 years of service. He is the author of “Police Technology” (Prentice Hall, July 2004) and number articles on technology, leadership, terrorism and policing. Raymond is a part-time lecture at California State University, Fullerton and a part-time faculty advisor at the Union Institute and University. He has three current book projects. They are on terrorism, policing and leadership. Raymond’s complete CV can be viewed at Criminal Justice Profile and he can be reached by email at or through the Criminal Justice Online Forum.

Saturday, February 04, 2006

Terror Kills Over 1000 Police Officers in 2004

(Note: Tables and some endnotes removed to accomodate blog. They are available here)

While the United States has not experienced a major terrorist attack since September 11, 2001, there have been continual terrorist attacks around the globe. According to the National Counter Terrorism Centers (NCTC) Worldwide Incident Tracking System (WITS)[i], during 2004 there were only five terrorist incidents in the US (accounting for one injury). Conversely, during the same time period there were 3,192 terrorist incidents worldwide, resulting in 6,060 deaths and 16,091 wounded victims.

During 2004, 1,080 police officers were killed by terrorists and another 1,370 police officers were wounded by terrorists outside the US. Table one represents the number of officers killed and wounded versus the total number of people killed and wounded. The data seems to suggest that police officers who are victims of a terrorist act are much more likely to be killed (as opposed to wounded) than civilians who are victims of a terrorist act.
Police officers becoming victims of terrorist attacks appear to be a world-wide phenomenon. Table two represents a breakdown of those attacks by region. The information indicates, as we know, the Middle East and Southeast Asia are particularly dangerous areas. The third column of table two shows the percentage of police officers who are victims of terrorism. It is interesting to note that while police officers on average are targets of terrorism roughly 18.5 percent of the time world-wide, they are slightly more than 11 percent of the total number of victims.

Perhaps, though police officers may be targeted by terrorists, their training and/or equipment may prevent them from becoming casualties.

Are Police Officers Targeted?

The data from outside the US seems to indicate that police officers are specifically targeted by terrorists. Like the US, many countries rely on internal police organizations to pursue criminal investigations against terrorists. Simply put, the data indicates that police officers worldwide are on the front line in the War Against Terror. They are the ones making arrests, guarding critical facilities and responding to the scenes of terrorist acts. Indeed, a closer look at terrorist acts reveals that among the incidents involving police officers, fatalities occur during attempts to arrest terrorists[iii], guard duty of critical facilities,[iv] response to situations[v], the conducting of routine operations, such as traffic control[vi], and off-duty ambushes[vii].
It also appears that police officers may be targeted because of their occupation. First, they are one of the most visible forms of civilian government. Terrorists seeking to strike at a government may view police officers as symbols of that government. Perhaps more importantly, the public views police officers as symbols of order and peace. Recall that the definition of a terrorist act involves striking at non-combatants in order to generate fear. It may be that police officers are specifically targeted because citizens become even more fearful when they see the people who are armed and charged with the responsibility of protecting the community fall victim.

Although US policing has not experienced anything close to the carnage of our brothers and sisters worldwide, it may be instructive to use the information from those attacks to attempt to determine likely circumstances and weapons that would be used in an attack on police officers in other regions, then review tactics designed to increase officer safety. Table three classifies the attacks on police officers[viii]. Table four outlines the weapons used by the terrorists.

According to the NCTC, on September 3, 2004, in Khaki Forest, Giridih District, Jharkhand, India, militants detonated a bomb under a police vehicle, killing five police officers and wounding three others[ix]. In the early 1970s certain domestic terrorist groups (or militant groups as they were called at the time) detonated bombs that were either placed on the ground underneath or attached to the undercarriage of the police vehicle. One attack involved members of a terrorist group taping a hand grenade to the gas tank of a patrol vehicle while the officers were at lunch. An improvised device designed to pull the pin would have been activated by the officers driving forward from their parking spot. The officers lives were saved because they drove backward out of the parking spot, unaware of the device[x]. That incident led to the spread of the simple tactic of officers looking under their vehicle before they entered it any time they were away from the vehicle. This tactic led to the discovery of other devices and is a simple way to foil this type of attack.

Station Defense

According to the NCTC, on August 20, 2004, in Semdinli, Hakkari Province, Turkey, gunmen opened fire on a Turkish police station, injuring two police officers[xi]. Police stations have also been bombed[xii] and attacked with military style weapons[xiii]; however, the most prevalent type of weapon identified in all attacks was firearms (35%), followed by explosive devices (34%).

All agencies should consider implementing station defense plans and reviewing their station routines and structure for weaknesses. On how many summer nights have you found the back door to the station propped open? Can your desk officers be seen through a plate glass door from the street? How many police officers view desk duty as vacation from the street and do not wear their Sam Browne or other duty equipment? During the 1960s and 1970s, police stations in the US were attacked by terrorist groups. Revisiting the tactics and procedures implemented during those times may be a good starting point for improving station defense.

As we noted in previous articles, it is important to view our preparation and planning for terrorist incidents as all-hazards planning. The construction and remodeling of police stations should be conducted under the umbrella of all-hazards planning that includes potential terrorist attacks. A good starting point may be to conduct a Needs Analysis of your station. Recall that a Needs Analysis involves the determination of likely events, the state of current preparation and a determination of needs to completely prepare. What could happen and what could you do now to improve your response?


According to the NCTC, on August 4, 2004, in Patnos, Agri Province, Turkey, unidentified gunmen fired at a police vehicle, killing one police officer and injuring one other[xiv]. It is clear from the data that ambush and station attack are the two primary terrorist incidents aimed at police officers. According to the NCTC data, ambushes against police officers overseas generally take on two forms: An explosive device is detonated as the police officers drive by, or gunmen assault the vehicle from positions of concealment. In the US, we should consider two additional variations on the ambush. The first variation is a false radio call that draws police officers into an ambush zone. The second variation is a terrorists committing a minor traffic violation in order to attack the officer during the stop.

Countering ambushes involves a re-examination of basic field tactics. During radio calls, officers should avoid parking in front of the location, be mindful of people who may be acting as lookouts, etc. For traffic stops, officers should attempt to select the location of the stop, position their vehicle tactically and be mindful of furtive movements by the traffic violator. Countering all ambushes means officers should know the difference between cover and concealment, practice moving into the cone of fire and move quickly away from the police vehicle because it is likely to draw fire. During Enforcement

According to the NCTC, On February 17, 2004, in the morning, in the Zavodskoy District, Groznyy, Chechnya, Russia, a bomb exploded during a search operation by OMON (Special Forces Police Detachment) officers, injuring the deputy commander[xv]. It is interesting to note that during enforcement operations like serving warrants and making arrests, police officers overseas seem to receive fewer injuries[xvi]. A likely reason is that they are in a heightened state of awareness and have pre-planned the operation. Both are extraordinarily valuable officer-survival tips. Training, awareness and preplanning are probably the best prevention. Indeed, when coupled with solid field tactics and well-maintained equipment, a police officers survivability surely increases.


According to the NCTC, WITS, on June 17, 2004, in the Arghakhanchi District, Nepal, gunmen fired upon a group of out-of-uniform police officers shopping at a local bazaar, killing two officers and wounding two others[xvii]. In another incident reported by the NCTC, WITS, on November 2, 2004, at night, in the village of Litter, Pulwama, Kashmir, India, armed militants shot and killed a police officer in his home[xviii]. Being off-duty should be the perfect undercover assignment. You blend in completely with everyone in your personal community. Avoiding wearing insignias on your clothing, appropriately concealing off-duty weapons and ensuring that your private data is protected are essential steps in avoiding off-duty conflicts. More importantly, before taking action, off-duty police officers should strongly consider that they lack the support and equipment available while on-duty; and that they are likely to bear the additional concern of exposing family and friends to danger.

Secondary Devices

According to the NCTC, On January 15, 2004, at approximately 3:20 PM, in Karachi, Pakistan, two bombs exploded within 15 minutes of each other at the Pakistan Bible Society building. The first blast damaged the building but caused no casualties. Later, a car bomb exploded, injuring three police officers and 12 civilians who had gathered to inspect the damage from the first blast and damaging 18 nearby vehicles[xix]. Secondary devices are intended to kill or wound first responders. A post-blast scene is NOT a safe scene. In addition to evidence collection and preservation and any unsafe conditions (like damaged structures and hazards chemicals), police officers must be mindful of secondary devices. Considerations range from suspicious, undamaged vehicles to the use of the police radio, which might accidentally detonate a device.


By examining and debriefing terrorist events overseas we are able to identify training, education and equipment needs in our own agencies and communities. News from overseas is an opportunity to ask What if that happened here? In our next article, we will journey further into homeland security and terrorism by examining how technology can supplement solid tactical training and increase your counterterrorism skills.

About the Author
bout the AuthorLieutenant Raymond E. Foster retired from the Los Angeles Police Department after 24 years of service. He is the author of “Police Technology” (Prentice Hall, July 2004) and number articles on technology, leadership, terrorism and policing. Raymond is a part-time lecture at California State University, Fullerton and a part-time faculty advisor at the Union Institute and University. He has three current book projects. They are on terrorism, policing and leadership. Raymond’s complete CV can be viewed at Criminal Justice Profile and he can be reached by email at or through the Criminal Justice Online Forum.


[i] A synopsis of all 591 incidents can be viewed at
[ii] All tabular data developed from the National Counterterrorism Center, World Incident Tracking System.
[iii] According to the NCTC, WITS, on April 3, 2004, in Madrid, Spain, suspected terrorists detonated several bombs in an apartment building, killing one police officer and wounding fifteen others. The suspects, who allegedly conducted the 11 March 2004 Madrid bombings, blew themselves up after police had surrounded the building where they were hiding, in order to avoid being captured. NCTC WITS ICN Number 200466399.
[iv] According to the NCTC WITS, on June 7, 2004, in the Kharar District, Logar Province, Afghanistan, militants attacked a government headquarters building, killing one police officer. NCTC WITS ICN Number 200458216.
[v] According to the NCTC WITS, on January 5, 2004, in Pattani, Thailand, an improvised explosive device strapped to a motorcycle in a park exploded as two technicians attempted to defuse it, killing both engineers. NCTC WITS ICN Number 200458454.
[vi] According to the NCTC WITS, on March 23, 2004, in Yala Province, Thailand, assailants shot and killed a police officer while he was directing traffic. NCTC WITS ICN Number 200458509.
[vii]According to the NCTC WITS, on January 6, 2004, in the Tetaria Village, Morang, Nepal, unidentified gunmen shot and killed an off-duty police officer. NCTC, WITS ICN Number 200460008.
[viii] There are a few caveats regarding the constructs of this table. The synopses provided by the NCTC were very brief. An incident was only classified as bombed a police vehicle if the synopsis mentioned the device being attached to the officers vehicle. It is likely that some of the attacks classified as unknown included these attacks. Also, an incident was only classified as an ambush if the synopsis had the word ambush. Many of the synopses were likely to have been ambush type attacks; and, some attacks, like those occurring off-duty, clearly were ambushes.
[ix] NCTC, WITS ICN Number 200459779.
[x] The information concerning this incident was obtained in a confidential interview of one of the involved officers.
[xi] NCTC, WITC ICN Number: 200461069.
[xii] According to the NCTC WITS, on January 14, 2004, in Ba'qubah, Iraq, a suicide car bomber attacked a police station, killing two civilians and injuring 26 local police officers. NCTC, WITS ICN Number 200458141.
[xiii] According to the NCTC WITS, on April 12, 2004, in Kirkuk, Iraq, unknown militants fired two mortar rounds at a police post, killing one Iraqi police officer and injuring four civilians. NCTC WITS Number 200464020.
[xiv] NCTC, WITS ICN Number: 200461045.
[xv] NCTC WITS, ICN Number 200460383.
[xvi] As noted by the data in Table three this accounts for the smallest number of police officers killed in the line of duty and third smallest number wounded.
[xvii] NCTC WITS, ICN Number 200459707.
[xviii] NCTC WITS, ICN Number 200461623.
[xix] NCTC, WITS ICN Number 200460780.

Thursday, February 02, 2006

Naval Post Graduate School Police Training

Lesson outlines to the NPS basic training course. Interesting reading for anyone contemplating a career in law enforcement, or for any supervisor who is interested in designing roll call training.

Course # 101 - Police Department Duties and Functions
Course # 102 - Standards of Conduct
Course # 103 - Vehicle and Personnel Movement
Course # 104 - Loss Prevention/MSLR Program
Course # 105 - Jurisdiction and Authority
Course # 106 - Rules of Evidence
Course # 107 - Search and Seizure
Course # 108 - Uniform Code of Military Justice
Course # 109 - Self-Incrimination, Admissions and Confessions
Course # 110 - Apprehension and Arrest
Course # 111 - Traffic Control
Course # 112 - Traffic Collision Investigation
Course # 113 - Crime Scene Response and Security
Course # 114 - Crime Prevention Programs
Course # 115 - Crimes in Progress Calls
Course # 116 - Communications
Course # 117 - DUI Detection and Investigation
Course # 118 - Patrol Procedures
Course # 119 - Drugs of Abuse
Course # 120 - "Low Risk" Vehicle Stops
Course # 121 - Crowd Control
Course # 122 - Use Of Force
Course # 123 - Basic Marksmanship
Course # 124 - Emergency Vehicle Operations
Course # 125 - First Aid/CPR Certification
Course # 126 - Chemical Weapons Certification (DOC)

Internet/Cyber Crime Schemes

The following are current and ongoing Internet trends and schemes identified by the Internet Crime Complaint Center along with the description of the fraud or scheme:AUCTION FRAUDAuction fraud involves fraud attributable to the misrepresentation of a product advertised for sale through an Internet auction site or the non-delivery of products purchased through an Internet auction site.

Consumers are strongly cautioned against entering into Internet transactions with subjects exhibiting the following behavior:

The seller posts the auction as if he resides in the United States, then responds to victims
with a congratulatory email stating he is outside the United States for business reasons, family emergency, etc. Similarly, beware of sellers who post the auction under one name, and ask for the funds to be transferred to another individual.

The subject requests funds to be wired directly to him/her via Western Union, MoneyGram, or bank-to-bank wire transfer. By using these services, the money is virtually unrecoverable with no recourse for the victim.

Sellers acting as authorized dealers or factory representatives in countries where there would be no such dealers should be avoided. Buyers who ask for the purchase to be shipped using a certain method to avoid customs or taxes inside another country should be avoided.
Be suspect of any credit card purchases where the address of the card holder does not match the shipping address. Always receive the card holder's authorization before shipping any products. In addition, visit eBay and PayPal for additional security alerts and fraud prevention tips.

AUCTION FRAUD - RomaniaAuction fraud is the most prevalent of Internet crimes associated with Romania. The subjects have saturated the Internet auctions and offer almost every in-demand product. The subjects have also become more flexible, allowing victims to send half the funds now, and the other half when the item arrives.The auctions are often posted as if the seller is a United States citizen, then the subject advises the victim to send the money to a business partner, associate, sick relative, a family member, etc., usually in a European country. The money is usually transferred via MoneyGram or Western Union wire transfer. The Internet Crime Complaint Center has verified in order to receive funds via Western Union, the receiver must provide the complete information of the sender and the receiver's full name and address. The funds can be picked up anywhere in the world using this information. There is no need to provide the money transfer control number (MTCN) or the answer to any secret question, as many subjects have purported to the victims. Money sent via wire transfer leaves little recourse for the victim.The most recent trend is a large increase in bank-to-bank wire transfers. Most significantly, these wire transfers go through large United States banks and are then routed to Bucharest, Romania or Riga, Latvia.Similarly, the sellers also occasionally direct the victims to pay using phony escrow services. Sometimes actual escrow websites are compromised and other sites resembling them are created by the subjects. Once the funds are wire transferred to the escrow website, the seller discontinues contact..In addition, visit eBay and PayPal for additional security alerts and fraud prevention tips.

The counterfeit cashier's check scheme targets individuals that use Internet classified advertisements to sell merchandise. Typically, an interested party located outside the United States contacts a seller. The seller is told that the buyer has an associate in the United States that owes him money. As such, he will have the associate send the seller a cashier's check for the amount owed to the buyer.The amount of the cashier's check will be thousands of dollars more than the price of the merchandise and the seller is told the excess amount will be used to pay the shipping costs associated with getting the merchandise to his location. The seller is instructed to deposit the check, and as soon as it clears, to wire the excess funds back to the buyer or to another associate identified as a shipping agent. In most instances, the money is sent to locations in West Africa (Nigeria).Because a cashier's check is used, a bank will typically release the funds immediately, or after a one or two day hold. Falsely believing the check has cleared, the seller wires the money as instructed.In some cases, the buyer is able to convince the seller that some circumstance has arisen that necessitates the cancellation of the sale, and is successful in conning the victim into sending the remainder of the money. Shortly thereafter, the victim's bank notifies him that the check was fraudulent, and the bank is holding the victim responsible for the full amount of the check.

The Internet Crime Complaint Center has received multiple reports alleging foreign subjects are using fraudulent credit cards. The unauthorized use of a credit/debit card, or card number, to fraudulently obtain money or property is considered credit card fraud. Credit/debit card numbers can be stolen from unsecured websites, or can be obtained in an identity theft scheme.Visit any of the three credit bureaus, Equifax, Experian, or TransUnion, for more information or to place a fraud alert on your credit report.Visit the Federal Trade Commission for additional information on security andDEBT ELIMINATIONDebt elimination schemes generally involve websites advertising a legal way to dispose of mortgage loans and credit card debts. Most often, all that is required of the participant is to send $1,500 to $2,000 to the subject, along with all the particulars of the participant's loan information and a special power of attorney authorizing the subject to enter into transactions regarding the title of the participant's homes on their behalf. The subject then issues bonds and promissory notes to the lenders that purport to legally satisfy the debts of the participant. In exchange, the participant is then required to pay a certain percentage of the value of the satisfied debts to the subject. The potential risk of identity theft related crimes associated with the debt elimination scheme is extremely high because the participants provide all of their personal information to the subject.

The Parcel Courier Email Scheme involves the supposed use of various National and International level parcel providers such as DHL, UPS, FedEx and the USPS. Often, the victim is directly emailed by the subject(s) following online bidding on auction sites. Most of the scams follow a general pattern which includes the following elements:
The subject instructs the buyer to provide shipping information such as name and address.
The subject informs the buyer that the item will be available at the selected parcel provider in the buyer's name and address, thereby, identifying the intended receiver.
The selected parcel provider checks the item and purchase documents to guarantee everything is in order.

The selected parcel provider sends the buyer delivery notification verifying their receipt of the item. The buyer is instructed by the subject to go to an electronic funds transfer medium, such as Western Union, and make a funds transfer in the subject's name and in the amount of the purchase price.

After the funds transfer, the buyer is instructed by the subject to forward the selected parcel provider the funds transfer identification number, as well as their name and address associated with the transaction. The subject informs the buyer the parcel provider will verify payment information and complete the delivery process. Upon completion of delivery and inspection of the item(s) by the receiver, the buyer provides the parcel provider funds transfer information, thus, allowing the seller to receive his funds.

Employment/business opportunity schemes have surfaced wherein bogus foreign-based companies are recruiting citizens in the United States on several employment-search websites for work-at-home employment opportunities. These positions often inv
olve reselling or reshipping merchandise to destinations outside the United States.Prospective employees are required to provide personal information, as well as copies of their identification, such as a driver's license, birth certificate, or social security card. Those employees that are "hired" by these companies are then told that their salary will be paid by check from a United States company reported to be a creditor of the employer. This is done under the pretense that the employer does not have any banking set up in the United States.The amount of the check is significantly more than the employee is owed for salary and expenses, and the employee is instructed to deposit the check into their own account, and then wire the overpayment back to the employer's bank, usually located in Eastern Europe. The checks are later found to be fraudulent, often after the wire transfer has taken place.

In a similar scam, some web-based international companies are advertising for affiliate opportunities, offering individuals the chance to sell high-end electronic items, such as Plasma television sets and home theater systems, at significantly reduced prices. The affiliates are instructed to offer the merchandise on well-known Internet auction sites. The affiliates will accept the payments, and pay the company, typically by means of wire transfer. The company is then supposed to drop-ship the merchandise directly to the buyer, thus eliminating the need for the affiliate to stock or warehouse merchandise. The merchandise never ships, which often prompts the buyers to take legal action against the affiliates, who in essence are victims themselves.

In an effort to persuade a wary Internet auction participant, the perpetrator will propose the use of a third-party escrow service to facilitate the exchange of money and merchandise. The victim is unaware the perpetrator has actually compromised a true escrow site and, in actuality, created one that closely resembles a legitimate escrow service. The victim sends payment to the phony escrow and receives nothing in return. Or, the victim sends merchandise to the subject and waits for his/her payment through the escrow site which is never received because it is not a legitimate service.

In addition, visit for security alerts and fraud prevention tips.

Identity theft occurs when someone appropriates another's personal information without their knowledge to commit theft or fraud. Identity theft is a vehicle for perpetrating other types of fraud schemes. Typically, the victim is led to believe they are divulging sensitive personal information to a legitimate business, sometimes as a response to an email solicitation to update billing or membership information, or as an application to a fraudulent Internet job posting.
In addition, visit the Federal Trade Commission for additional information on security and fraud prevention tips.

Internet extortion involves hacking into and controlling various industry databases, promising to release control back to the company if funds are received, or the subjects are given web administrator jobs. Similarly, the subject will threaten to compromise information about consumers in the industry database unless funds are received.

Investment fraud is an offer using false or fraudulent claims to solicit investments or loans, or providing for the purchase, use, or trade of forged or counterfeit securities.

The lottery scheme deals with persons randomly contacting email addresses advising them they have been selected as the winner of an International lottery. The Internet Crime Complaint Center has identified numerous lottery names being used in this scheme.
The email message usually reads similar to the following:

"This is to inform you of the release of money winnings to you. Your email was randomly
selected as the winner and therefore you have been approved for a lump sum payout of
$500,000.00. To begin your lottery claim, please contact the processing company
selected to process your winnings."

An agency name follows this body of text with a point of contact, phone number, fax number, and an email address. An initial fee ranging from $1,000 to $5,000 is often requested to initiate the process and additional fee requests follow after the process has begun. These emails may also list a United States point of contact and address while also indicating the point of contact at a foreign address.

Named for the violation of Section 419 of the Nigerian Criminal Code, the 419 scam combines the threat of impersonation fraud with a variation of an advance fee scheme in which a letter, email, or fax is received by the potential victim. The communication from individuals representing themselves as Nigerian or foreign government officials offers the recipient the "opportunity" to share in a percentage of millions of dollars, soliciting for help in placing large sums of money in overseas bank accounts. Payment of taxes, bribes to government officials, and legal fees are often described in great detail with the promise that all expenses will be reimbursed as soon as the funds are out of the country.

The recipient is encouraged to send information to the author, such as blank letterhead stationary, bank name and account numbers, and other identifying information using a facsimile number provided in the letter. The scheme relies on convincing a willing victim to send money to the author of the letter in several installments of increasing amounts for a variety of reasons.

Visit the Economic and Financial Crimes Commission to learn more about combating financial and economic crimes in Nigeria.

Phishing and spoofing are somewhat synonymous in that they refer to forged or faked electronic documents. Spoofing generally refers to the dissemination of email which is forged to appear as though it was sent by someone other than the actual sender. Phishing, often utilized in conjunction with spoofed email, is the creation of a website to make that site appear as the legitimate business website. Once the fraudulent email has been launched, the spoofed websites attempt to dupe the unsuspecting victims into divulging sensitive information such as passwords, credit card numbers, and bank account information.

Visit the Anti-Phishing Working Group, for more information on phishing and email spoofing.

Ponzi or pyramid schemes are investment scams in which investors are promised abnormally high profits on their investments. No investment is actually made. Early investors are paid returns with the investment money received from the later investors. The system usually collapses. The later investors do not receive dividends and lose their initial investment.

The "reshipping" scheme requires individuals in the United States, who sometimes are coconspirators and other times are unwitting accomplices, to receive packages at their residence and subsequently repackage the merchandise for shipment, usually abroad."Reshippers" are being recruited in various ways but the most prevalent are through employment offers and conversing, and later befriending, unsuspecting victims through Internet Relay Chat Rooms.
Unknown subjects post help-wanted advertisements at popular Internet job search sites and respondents quickly reply to the online advertisement. As part of the application process, the prospective employee is required to complete an employment application, wherein he/she divulges sensitive personal information, such as their date of birth and social security number which, unbeknownst to the victim employee, will be used to obtain credit in his/her name.

The applicant is informed he/she has been hired and will be responsible for forwarding, or "reshipping", merchandise purchased in the United States to the company's overseas home office. The packages quickly begin to arrive and, as instructed, the employee dutifully forwards the packages to their overseas destination. Unbeknownst to the "reshipper," the recently received merchandise was purchased with fraudulent credit cards.

The second means of recruitment involves the victim conversing with the unknown individual in various Internet Relay Chat Rooms. After establishing this new online "friendship" or "love" relationship, the unknown subject explains for various legal reasons his/her country will not allow direct business shipments into his/her country from the United States. He/she then asks for permission to send recently purchased items to the victim's United States address for subsequent shipment abroad for which the unknown subject explains he/she will cover all shipping expenses.

After the United States citizen agrees, the packages start to arrive at great speed. This fraudulent scheme lasts several weeks until the "reshipper" is contacted. The victimized merchants explain to the "reshipper" the recent shipments were purchased with fraudulent credit cards. Shortly thereafter, the strings of attachment are untangled and the boyfriend/girlfriend realizes their Cyber relationship was nothing more than an Internet scam to help facilitate the transfer of goods purchased online by fraudulent means.

Visit the Economic and Financial Crimes Commission to learn more about combating financial and economic crimes in Nigeria.

With improved technology and world-wide Internet access, spam, or unsolicited bulk email, is now a widely used medium for committing traditional white collar crimes including financial institution fraud, credit card fraud, and identity theft, among others. It is usually considered unsolicited because the recipients have not opted to receive the email. Generally, this bulk email refers to multiple identical messages sent simultaneously. Those sending this spam are violating the Controlling the Assault of Non-Solicited Pornography and Marketing (CAN SPAM) Act, Title 18, U.S.C., Section 1037.

Spam can also act as the vehicle for accessing computers and servers without authorization and transmitting viruses and Botnets. The subjects masterminding this Spam often provide hosting services and sell open proxy information, credit card information, and email lists illegally.

A general trend has been noted by the Internet Crime Complaint Center regarding work-at-home schemes on websites. In several instances, the subjects, usually foreign, post work-at-home job offers on popular Internet employment sites, soliciting for assistance from United States citizens. The subjects allegedly are posting Internet auctions, but cannot receive the proceeds from these auctions directly because his/her location outside the United States makes receiving these funds difficult. The seller asks the United States citizen to act as a third party receiver of funds from victims who have purchased products from the subject via the Internet.
The United States citizen, receiving the funds from the victims, then wires the money to the subject.

You can file a complaint and receive more information about these types of fraud at the Internet Crime Complaint Center.

These crimes and other internet/technology related law enforcement issues are regularly discussed on Criminal Justice Online.