November 2003 Topics
Fright Mail, Anguish Letters,
Grease the Palm, Honeypot,
Shamateur, and Typosquatting
 

This article is in the November/December 2003 issue of
The White Paper, the Journal of the Association of Certified Fraud Examiners.
 

Fright Mail (Anguish Letters)
Letters and other mail pieces that use scare tactics to solicit money and warn about dire consequences. Deceitful direct mail marketing schemes use mailing envelopes and forms designed to appear as if they are important official government documents. Common practices include stampings on the envelopes like “Social Security Protection Bureau” or “Income Tax Notice.” The envelopes mislead the recipients and frighten them into reading the literature inside. Elderly people send money and do not realize the fright mail is advertising.
Sid Lerner and Gary S. Belkin, Trash Cash, Fizzbos and Flatliners: A Dictionary of Today’s Words, Houghton, Mifflin Company, Boston, Massachusetts, 1993, page 74.
 

Grease the Palm
To bribe someone with a gift or money, with the expectation of receiving a favor in return. Kings, knights, and gallants in the Age of Chivalry prided themselves on their appearance as much as their valor. Soap was almost unheard of, so they made lavish use of goose grease that was perfumed, spiced, and packed in animal membranes. Charcoal was added to give the user’s skin a fashionable dark glow. The goose grease was so highly prized it was often used as a gift. A person who wished a concession from an official would offer him a gift of “grease for his palm” or silver or gold. Likewise, an official openly seeking a bribe might gesture by rubbing his thumb several times under the middle and index fingers of the same hand as if they needed grease.
Webb Garrison, 445 Fascinating Word Origins, Galahad Books, New York, 2000, page 143. Image: http://www.littlemag.com/2000/pics/hand.jpg.
 

Honeypot
A honeypot is an intrusion detection tool used to protect a critical computer network from unauthorized access. It is a program, a server, or a whole system intentionally designed to be probed, attacked or compromised. A honeypot has no legitimate users or traffic, so any intruder is exposed and relatively easy to monitor. A honeypot is used to see how many unauthorized people are able to break into a secure network from the inside or outside, to find and capture new worms, to find and document new attacks and exploits, or to record every keystroke and move made by a script kiddie (an unsophisticated teenage cracker) or advanced hacker. It helps trace the location of a hacker, keeps him away from vital production systems, and alerts the computer security staff by e-mail or cellphone. A honeypot can mimic an e-mail program, a Web site, or a Domain Name Service (DNS). The data is interesting enough to lure a hacker, but it is often false, salted, or noncritical information. Honeypots are also known as decoy servers, sacrificial lambs, booby traps, and hacker bait. The term refers to the irresistible clay pots of sweet “hunny” that attract Winnie the Pooh in Alan Milne’s storybooks.
Phil Bandy, Michael Money and Karen Worstell, SRI Consulting, “What is a honeypot? Why do I need one?” http://www.sans.org/resources/idfaq/
honeypot2.php, August 26, 2003. Animation: Walt Disney.
 

Shamateur
An athlete who is officially an amateur, but is paid secretly. This 19^th century term is a combination of sham and amateur. Paying amateurs first sparked controversy in the sports of badminton and cricket in England, then later in golf, tennis, rugby, the Olympics, and collegiate competitions. Product endorsements, fake jobs, or travel expenses are created to disguise the secret pay for play arrangements, which may exceed the pay of sports professionals.
Sir Derek Birley, “The Primrose Path,” The Sports Pages Lecture 1995, http://www2.umist.ac.uk/sport/
Sports%20History/Birley.html, August 26, 2003.
 

Typosquatting
Typosquatting is the intentional use of misspelled domain names and meta tags to misdirect Internet traffic or revenue from one Web site to another. It is based on the probability that a certain number of Internet users will mistype the URL or name of a Web site. Typically, a typosquatter registers several possible input errors for a Web site of a famous company, brand name or celebrity known for its high traffic. The typosquatter monitors the bogus sites to see how many clicks a day each of their "typo" domain names receives, and uses the information to sell advertising for the sites that receive a high volume of accidental traffic. Advertising revenue might come from selling ads to the original site's competitors or by providing redirect pages to gambling and porn sites. John Zuccarini, a notorious typosquatter, made a million dollars annually by operating 3,000 Web sites like OphraWinfrey.com and minorleaugebaseball.com. Radio Shack, Office Depot, Nintendo, Hewlett-Packard, the Dave Matthews Band, The Wall Street Journal, Encyclopedia Britannica, Guinness beers, Spiegel’s catalogue, Britney Spears, and Yahoo brought charges against Zuccarini. Statutory damages of $10,000 for each infringing domain name can be awarded under the Anticybersquatting Consumer Protection Act of 1999. The PROTECT Act of 2003 includes another provision for Truth In Domain Names. Companies should consider registering domain names with typographical errors of their corporate names, brand names, and trademarks for due diligence.
http://searchwebservices.techtarget.com/
sDefinition/0,,sid26_gci342237,00.html, August 26, 2003.
 

ã Copyright 2003 Larry C. Adams.
All rights reserved.

Read more samples - Magazine article archive
Order the book - Fraud In Other Words