Larry C. Adams, CPA
Certified Public Accountant
Certified Fraud Examiner
Phoenix, Arizona USA
September 2007 Fraud
Botherder, Clawback, Cybersmear, Demurrer,
Fourflusher, IQEX, and Won't Hold Water
One-fourth of the 600 million
computers in the world
are part of unauthorized botnets that can be used for malicious or
Fraud In Other Words
and Uncensored Street Slang
by Larry C. Adams, CFE, CPA, CIA, CISA
A hacker who creates a botnet and
uses that unauthorized network of other people’s computers for malicious
or criminal purposes. The botherder takes advantage of security weaknesses
in those computers and turns them into his zombies or bots.
botherder downloads hidden robot software (also called bots) onto
thousands of computers worldwide and controls them remotely. A botherder
or botmaster can use the zombie computers to perform identity theft,
distributed denial of service (DDOS) attacks,
phishing, click fraud, or the mass distribution of spam and spyware. It
can be time-consuming and expensive to trace a botherder when his identity
and point of origin are masked by redirected transmissions between
multiple layers of zombies.
At the 2007 World Economic Forum in Davos,
Switzerland, Vinton Cerf, one of the founding fathers of the Internet,
warned that up to one-fourth of the 600 million computers in the world are
already part of botnets.
Most owners of compromised computers are unknowing or
unwitting victims who may not realize their equipment or personal
information has been exploited. The U.S. Department of Justice (USDOJ) and
the Federal Bureau of Investigation (FBI) plan to notify a million owners
that the owners’ computers were identified as part of a botnet. Dutch
police also uncovered a network of 1.5 million compromised computers.
A botherder in California earned $107,000 in fraudulent
commissions by installing adware (advertising software) on users’
computers without their consent. He used the money to buy more computer
servers to conduct his illegal activities. A Texas botherder operated a
botnet that infected Chicago area hospitals and tens of thousands of
computers worldwide. A Kentucky botherder sent a high volume of traffic to
intended recipients to cause damage by impairing the availability of their
systems. A Seattle botherder sent tens of millions of unsolicited e-mail
messages to advertise his Web site of services and products.
Fraud examiners can encourage their clients and
employers to avoid becoming victims of a botherder by keeping their
firewalls turned on, by updating their operating system software,
antispyware, and antivirus software so they have recent security fixes,
and by turning off computers when they aren’t in use.
“Botherder Dealt Record Prison Sentence for Selling and Spreading
Malicious Computer Code,” U.S. Department of Justice, May 8, 2006,
voluntary, written agreement between opposing parties of a civil
litigation case to protect the privilege, confidentiality, and privacy of
electronically stored information (ESI) during the “e-discovery” process
in preparation for trial. A clawback agreement allows the requesting party
to have a “quick peek” at large volumes of the opponent’s reasonably
accessible electronic documents.
After the quick peek, the requesting party identifies the specific
documents it wants the opponent to produce. The producing party then
reviews those selected documents for privilege.
The producing party does little or no prior review of
the original large volume of electronic documents. Therefore, the
producing party is permitted to “claw back” or demand the return of
privileged information if the requesting party tries to use it. It’s easy
to miss privileged communications buried in long chains of e-mail, photos,
and documents with invisible metadata, hidden formulas, links, references,
To prevent an unintentional waiver of privilege or loss
of protection of the information, a clawback agreement needs to consider
the differences in privilege laws among jurisdictions.
An estimated 70 percent of an organization’s documents
are stored in electronic form. A clawback or nonwaiver agreement can
reduce the delay and costs caused by discovery. Reasonable precautions
should be taken to avoid inadvertent production of privileged information.
Some companies hire an “e-discovery vendor” to retrieve, inventory,
organize, and index electronic records, and then put them into a
reviewable format for litigation purposes.
Other types of clawback agreements are used for
recovering taxes, pension benefits, insurance benefits, dividends for
project financing, claims for legal judgments, and unfair distributions of
Andrew Rhys Davies, “Clawback Agreements Lose
Their Grip in Court,” The National Law Journal, July 24, 2006,
A practice in which individuals
post malicious messages about businesses in online forums, bulletin
boards, chat rooms, and blogs. Their motives might be personal or for
profit. Disgruntled workers try to hurt businesses by posting their
Short sellers attempt to manipulate stock prices by posting
damaging statements online. Some cyber-perpetrators post their suspicions
about unethical dumping of stock, corrupt management, market manipulation,
or deep financial troubles. Other cybersmear campaigns include phony press
releases about layoffs, mergers, and divestures. Anonymous free speech on
the Internet can be a source of misleading information that harms the
reputations of executives and businesses. The Internet has accelerated the
way the world stock markets react to good and bad information.
From 1999 to 2006, the chief executive officer of a
natural and organic food market chain posted anonymous attacks against a
rival company in online financial forums. The postings claimed the rival’s
management didn’t know what it was doing, the company had no future, and
the stock price would drop. In 2007, the CEO’s chain announced it would
buy the rival.
To detect cybersmears, some companies assign their own
investor relations department to monitor
stock-chat message boards and the
Internet. Other organizations hire public relations firms or monitoring
services to notify them about positive and negative postings.
The cost of identifying a
person posting negative messages can range from US$15,000 to US$25,000.
Some firms hire less expensive private investigators to track them down.
Some companies have pursued litigation against the cybersmear perpetrators
for libel, defamation, and financial damages.
A. J. Cataldo, Larry N. Killough, “Is Your Firm
Safe from Cybersmear?” Strategic Finance, February 7, 2003,
A pleading filed with the court by a defendant who contests the legal
sufficiency of the plaintiff’s complaint. It requests the court to dismiss
the case without the defendant admitting or denying the truth of the
alleged facts. In many jurisdictions, a demurrer is called a “motion to
dismiss.” Demurrer is derived from the Latin verb “demoror” that means to
block, delay or wait.
A plaintiff’s fraud claim is easily made, but difficult to support.
The specific allegations of fraud must be sufficient to convince the court
that the accuser isn’t merely attempting subterfuge and trying to take
advantage of the defendant.
A witness might file a “demurrer to interrogatories” to carefully
explain his objection or reason for failing to answer a written question
as part of discovery in a lawsuit.
A party to a case might file a “demurrer to evidence” to object
that the evidence is legally insufficient to make the case.
Shared Communication Services v. Albert M.
Greenfield & Company, Inc., November 19, 2001,
Anyone who bluffs or pretends, especially someone who pretends to be more
than he or she is while living on money borrowed from others. A person who
makes false claims and misrepresentations.
In poker, a flush is five cards all of the same suit. A
flush is potentially a winning hand. A four-card flush is worthless. In
open-handed poker, a player is in excellent position to bluff when he has
four cards of the same suit face up on the table. No one knows whether he
has a fifth card of the same suit as his concealed “hole” card.
Gamblers in the American West
bluffed so often with four-card flushes, the term fourflusher spread from
the gaming tables to politer society in the 1890s.
Today, casinos still see players trying to cheat with a
four-card flush. In one scam, the player lays his hand down with black
four spades and partially conceals the fifth card, a black club. Quickly,
his accomplice tosses his cards down on top of his partner’s, moves the
club and replaces it with a spade so a five-card flush is showing. A
little acting and a few vocal curses are used to distract the dealer and
other players from noticing the switch.
Robert Hendrickson, QPB Encyclopedia of Word and
Phrase Origins, Facts on File, Inc., New York, 1997, page 262.
The International Qualification
Examination (IQEX) is taken by qualified accountants in Canada, Australia,
Ireland, and Mexico who want to earn the Certified Public Accountant (CPA)
designation in the United States. The exam assesses their competence in
accounting principles, auditing standards, commercial law, income tax law,
and professional ethics unique to the United States.
The American Institute of Certified Public Accountants
(AICPA) prepares the computer-based test that can be taken outside the
United States, instead of taking the Uniform CPA Exam within the United
States. The International Qualification Examination is administered by the
National Association of State Boards of Accountancy (NASBA). Agreements
for reciprocal licensing of accountants have been established with the
AICPA, NASBA, state accountancy boards, and credentialing organizations in
Public accountants in Mexico with the title of Contador
Publico Certificado (CPC) and CPAs in the United States who want to earn
professional reciprocity in Canada can take the Chartered Accountants
Reciprocity Examination (CARE).
International reciprocity simplifies cross-border
practice and enhances the prestige of professional accountancy. Many
accountants have earned an additional international designation –
Certified Fraud Examiner.
June 23, 2007.
Won’t Hold Water
Anything that can’t pass the test for integrity and soundness. The phrase
“won’t hold water” also is used to describe an argument that is flawed or
an item that has a defect.
The phrase is rooted in Roman
mythology about the prestigious Vestal Virgins. Because of their
incorruptible character, the Vestals were entrusted with safekeeping state
documents, public treaties, testaments, and wills including those of
Julius Caesar and Mark Antony. One of the ceremonial duties of these
priestesses was to draw pure water in handmade clay vases from the sacred
Tiber River and bring it to the Temple of Vesta.
Tuccia (Tutia) was a Vestal who was accused of violating her
oath of celibacy. To prove her innocence, Tuccia was asked to perform a
difficult task by the Pontifex Maximus, the high priest of the Ancient
Roman College of Pontiffs. He required Tuccia to carry water from the
river to the temple using a sieve instead of a vase. If the sieve held the
water, Tuccia would be innocent. If it didn’t hold water, she would be
guilty and punished severely. Miraculously, Tuccia passed the test.
A fraudster tells many lies. As a
fraud examiner discovers the truth, those lies like are like holes in a
sieve. Eventually, the fraudster’s story won’t hold water.
World Mythology Encyclopedia,
world-mythology-encyclopedia/mythology0169.php, July 7, 2007.
Copyright 2007 Larry C. Adams. All rights reserved.
|This article is in the
September/October 2007 issue of Fraud Magazine,
the Journal of the Association of
Certified Fraud Examiners.
Magazine Article Archive