About the Author

Joseph T. Wells, CFE, CPA, is the founder and Chairman of the Association of Certified Fraud Examiners (ACFE). Mr. Wells writes, researches, andlectures to business and professional groups on fraud-related issues and is frequently quoted in the media. He was the 2002 winner of the Innovation in Accounting Education Award presented by the American Accounting Association (AAA), and he was named to Accounting Today magazine's annual list of the "Top 100 Most Influential People" in accounting for nine years in a row.

From the Back Cover

Praise for COMPUTER FRAUD Casebook

The Bytes that Bite

"This is an excellent resource for practitioners and academics alike who wantto learn from an inside look at real-world computer fraud investigations."

- James Bierstaker, Villanova School of Business

"Well's collection of case studies is an easy read and appropriate for both anti-fraud professionals and business executives charged with the responsibility of fraud prevention within their organizations." Bruce A. Dean, JD, CFE, CPP, Regent Emeritus and former chairman, Board of Regents, ACFE

"Mr. Wells has done it again! Like a computer program, he consistently uses his inherent abilities to filter complex fraud schemes, as written by those who found them, into simple truths complete with prevention and detection techniques. As the world becomes more digital by the day, anyone seriously interested in fighting fraud will need to equip themselves with the appropriate tools, and the Computer Fraud Casebook provides a perfect road map for this journey."
Richard B. Lanza, CFE, CPA, PMP, President, Cash Recovery Partners, LLC

"Mr. Wells' latest is a must for anyone who wants to learn how to fight crime in the digital age. Fraud examiners and investigators who don't develop their skills in this field will soon be left behind!"
Walt W. Manning, Director, AlixPartners, LLP

42 real-life case studies reveal the underbelly of computer fraud

Today's businesses are completely reliant on technology.The bad part about computers is that they enhance fraudsters' abilities to carry out their costly and nefarious schemes. The good part is the very computers used to carry out these crimes can also help solve them. Spanning e-mail fraud, online auction fraud, security breaches, counterfeiting, and much more, Joseph Wells' Computer Fraud Casebook is packed with forty-two real case studies, written by the ACFE members who investigated them. Outlining how each fraud was engineered, how it was investigated, and how the perpetrators were brought to justice, Computer Fraud Casebook empowers readers with the knowledge and skills to detect and prevent cyber fraud.

From the Inside Flap

Computer Fraud Casebook

In 1995, computer fraud took down England's oldest bank. In 1996, Omega Engineering Company lost over $10 million to one disgruntled employee's computer fraud. In 2001, two Cisco Systems employees stole $8 million in computer stock option refunds through computer fraud. And technology experts and professional crime fighters predict that computer crime will continue to explode in the coming years. Brimming with these and other astonishing real-life case studies written by the ACFE members who investigated them, Computer Fraud Casebook reveals how vulnerable all businesses are to fraud and offers investigation and prevention guidance to stop cyber-thieves in their virtual tracks.

Gone are the days when a small business might lose only a few thousand dollars to fraud. Today, computer fraud costs companies and consumers billions of dollars. In cyberspace, the fraudster has morphed from a hapless rip-off artist into a clever, diabolical techno-thief with the ability to steal and destroy on a grand scale around the world. High-tech criminals can obliterate records, bankrupt companies, steal money, cheat consumers, rob identities, and cause unprecedented havoc, often with a single click of the mouse.

Author Joseph Wells, founder and Chairman of the Association of Certified Fraud Examiners the world's leading anti-fraud organization provides readers with an understanding of the scope and complexity of computer crime. Focusing on cases committed in the workplace, Wells introduces the scam methods and techniques that were unheard of just a few years ago. His comprehensive compilation forms a clear picture of the many types of computer fraud out there including e-mail fraud, online auction fraud, security breaches, and counterfeiting and how they were investigated across industries and throughout the world. Once fraud occurs, recovering the victim's money is difficult, if not impossible. The forty-two case studies in Computer Fraud Casebook reveal how and why prevention is the number-one goal of theanti-fraud specialist.

From their rise to success through their cunning and diabolical schemes to their eventual capture and downfall, Computer Fraud Casebook is full of amazing stories of the investigators' dedication, skill, and intelligence to uncover fraudsters and put an end to corruption. From these stories, auditors, controllers, IT managers, investigators, law enforcement professionals, fraud examiners, clients, employers, managers, consumers, students virtually anyone with a computer will discover a wealth of resources available to snare criminals and, even more importantly, prevent fraud from happening in the first place.

Excerpt. © Reprinted by permission. All rights reserved.

Computer Fraud Casebook

John Wiley & Sons

Chapter One

GEORGE KYRILIS

By his mid-twenties, Cory Steele was already well-known on the Internet as one of the top ten spammers in the world. The golden-haired entrepreneur from Minnesota started writing software programs for distributing spam when he was just 15. He circulated his product throughout the globe in exchange for half the spammers' profits. This business venture earned him so much money that he dropped out of high school. When his father objected, Cory replied, "Dad, I made $69,000 online by 11 a.m. today."

The rebellious teenager spent his time sharpening his computer and online expertise. Once he paid five thousand dollars for a Russian computer programmer to fly to Minnesota and give him a one-day lesson. Cory began pedaling human growth hormones, penis enlargement pills, and other fake supplements online. He used the anonymity of the Internet to conceal his true identity and take advantage of gullible customers willing to buy his "pixie dust." Anyone was fair game as long as there was money to be made.

Shortly after his 24th birthday, Cory ventured into his most lucrative Internet scam-selling prescription drugs. With the help of Betsy Hartman, a computer programmer known as the "spam queen," he set up an illegal online pharmacy. The scheme made him a wealthy man. Before he turned 25, Cory was a multimillionaire. He bought a $1.1 million home in cash and added a Ferrari Spyder, Mercedes Benz C55AMG, and Lamborghini Murcielago to his collection of foreign cars.

Cory was obsessed with affluence, but his most prized possession was his artificially enhanced trophy wife, Amber. He often spied on her. Even though Cory frequented strip joints and had a dancer named Christie Kelly as a mistress, he expected Amber to remain faithful. He was insecure with their relationship and controlled her to the point of abuse. She was the one possession he couldn't stand to lose.

Fear and suspicion consumed Cory's life. Once when an officer came to serve court documents, he hid in a closet with his four-year old son, telling him that the police were bad and would hurt him. He protected his money and fleet of vehicles by constantly transferring safes full of cash and his luxury vehicles from one storage facility to another. Cory used disposable cell phones to avoid electronic eavesdropping. He had 24 cameras at the office watching his employees every hour of the day. They were required to walk through metal detectors where security guards, led by Cory's heavyset enforcer and confidant, Randy Mesher, confiscated their cell phones.

In spite of all his wealth, Cory failed to overcome his own weakness. He was addicted to Xanax, a prescription drug for anxiety. His addictive nature made him extremely erratic. He often had emotional outbursts. People were frightened by his unpredictable behavior, which was compounded by the fact that he brought a 9 mm pistol to work every day.

Cory originally established Advanced Express Systems as a billing company to facilitate online sales for his spammed products. But after realizing that it could be used as a marketing tool for his primary pharmacy operation, SwiftRX.com, he developed it into a call center employing more than 100 telemarketers working around the clock to sell prescription drugs. Next, he established another Web site, www.directdiscountdrugs.com, which served as the core for his online pharmacy operation by processing orders for customers of SwifteRX and connecting with a doctor to approve orders.

Pills and Abuse

I was a special agent with the FBI and assigned to the Minnesota Cyber Crimes Task Force in Minneapolis, a squad of highly trained agents from the FBI and U.S. Secret Service dedicated to investigating a multitude of computer-related crimes. After working white-collar crime investigations for most of my 28 years of duty, I decided that cybercrime would make a challenging finale to my career. This case, my last FBI investigation, proved to be my most fascinating and rewarding.

One frosty day in late November, I got a phone call from a colleague who had received a complaint regarding Cory. A tenant in the same building as Advanced Express Systems had grown suspicious of the operation. He had noticed several limousines in the parking lot that the employees used as break rooms. Many of Cory's workers were disorderly and disturbed others in the building. We later found out that quite a few had been recruited from a halfway house and were former felons. The curious tenant had seen the baby-faced entrepreneur arrive at work in a $300,000 Mercedes Maybach, driven by a chauffeur. Puzzled, he searched the Internet and discovered that Cory was named on several antispam Web sites as one of the world's most prolific spammers. He learned that several people who bought prescription drugs from his Web site, SwifteRX, complained about being overcharged and never receiving their orders.

I ran a Google search on Cory and discovered more information about his nefarious online activity. He had been linked with a group of individuals who hijacked IP (Internet protocol) net blocks to commit billing and credit card fraud, send spam, and launch attacks against spam opponents and Internet service providers (ISPs). A Whois (a domain search engine) check on www.swifterx.com revealed that it was registered with an ISP in Switzerland and had a United Kingdom business address-a dead end. Using a covert computer, which cannot be traced back to law enforcement, I visited the Web site. It offered a multitude of generic drugs available for sale without a prescription. SwifteRX claimed it had a network of doctors and pharmacies throughout the United States. The customer's patient history and an FDA-approved online questionnaire were said to be reviewed by these supposed physicians to approve prescriptions. SwifteRX would not accept any health insurance. Only major credit cards and COD payments were accepted and FedEx delivered the medication. I immediately opened an investigation on Cory's credit card fraud and spamming activity.

A few weeks into the case, Special Agent David Flynn of the IRS Criminal Investigation Division called regarding allegations that Cory was potentially involved with a money laundering scheme. We began working together. David was a meticulous investigator, one who accounted for every single dollar. He and I identified several former and current employees who were fed up with Cory's continual sexual harassment and appalling conduct at the office. They claimed he belittled them and would fire anyone without reason. He was even said to have used a taser gun on them to test their threshold for pain, laughing until they succumbed.

We learned from his employees that Cory was making millions of dollars through his online pharmacy business. The top sellers were painkillers, usually hydrocodone-based drugs such as Vicodin and Norco. Customers were provided with an online questionnaire to describe medical symptoms, self-prescribe their own drugs, and place an order. For painkillers, clientele rated their level of discomfort on a scale of 1 to 10. If their threshold did not link with their desired dosage, telemarketers coached customers to increase their pain level. It was confirmed that the call center used the Web site for Direct Discount Drugs to place orders. A Whois check on www.directdiscountdrugs.com revealed that it was registered in Seattle, Washington, to someone using the name RegisterFly. The registrant's real name was concealed by a security feature called Whois Privacy Protect, but after obtaining a subpoena, we reviewed the records, which proved that Cory used an alias and Visa business credit card to buy the domain name.

The former call center employees told us that all of their customer orders were electronically sent to one doctor, Paul Martel in New Jersey, for approval. Telemarketers were ordered not to call him for any reason. Dr. Martel had no face-to-face, telephone, or any other contact with the clients. And not one employee could recall the doctor ever rejecting a prescription.

Cory required his employees to work around the clock, demanding that they "Sell, sell, sell!" Those with the highest performance were placed on an elite team called the "Platinum Group." Staff contacted repeat customers, usually drug abusers, and pressured them into refilling their prescriptions. Advanced Express Systems was essentially an online drug dealer preying on addicts.

David and I interviewed more employees and learned that Cory had several other Web sites with servers located in different locations in the United States and the Bahamas. I looked at the SwifteRX Web site again and noticed a 1-800 number for placing orders and customer service. Google revealed several other online pharmacies with the same number. After performing a Whois search on each Web site, I discovered that the domain names were registered with different names and addresses, but some of them shared the same IP address. I then searched Netcraft, which provides Web server analysis, and found the locations of their servers, four ISPs in Texas, Ohio, and Minnesota. When David reviewed the bank records for Advanced Express Systems, he confirmed that Cory made payments to all four ISPs. David and I continued to build our case for credit card fraud and money laundering.

Shut Him Down

Our findings were reported to Assistant U.S. Attorney Sarah Rich. She immediately recognized that Cory's operations were illegal. Without a legitimate doctor consultation, each and every prescription was invalid under federal law. She noted that by using the Internet and FedEx, Cory also violated federal wire and mail fraud statutes. She invited Special Agent Rob Kinsey of the U.S. Food and Drug Administration to join our investigation and look at the illegal distribution of controlled substances. Rob was a tenacious investigator and quickly reviewed Cory's Web sites to gather evidence on the drug charges. He pointed out that the sites touted an FDA-approved online questionnaire, which was a lie. After Rob joined the team, there was never a dull moment. And his gift for gab meant there was no such thing as a short conversation.

Our team was almost set, anchored by Sarah, whom Rob accurately described as our "scary smart" prosecutor. There were no single federal statutes regulating the legality of prescribing pharmaceuticals over the Internet. Sarah brilliantly deciphered the combination of federal regulations, state laws, pharmacy board rules, and medical association pronouncements applicable to our case. What initially appeared to be a grey area of the law became as clear as day. An online pharmacy selling pharmaceuticals without a valid prescription was illegal. She set the precedence for our investigative team, refocusing our efforts on drug charges. Rob was our resident drug expert and became our undercover agent to buy prescription drugs from Cory's online pharmacies.

Within a short period of time, we developed several confidential sources that provided critical information regarding the illegal operation. Unfortunately, one source gave Cory the heads-up about our investigation and kept him up-to-date on our progress. Despite his warnings and inside information, Cory continued to brazenly build his enterprise. Greed had swallowed him. After he opened the Minnesota call center in September, his prescription drug sales grew from $500,000 to $5 million per month. The marketing whiz kid deftly used the Internet, call centers, spamming, postcards, and facsimiles to produce more revenue. A few weeks after the winter holidays, David noticed a huge spike in deposits in the Advanced Express Systems' bank account. We later discovered that Cory had Betsy Hartman, the spam queen, hack into a competitor's online pharmacy operation and steal all of their customer information.

Cory had begun withdrawing huge amounts of cash each week. Coincidentally, we learned from a source that in February, a Brink's armored truck started making deliveries to Advanced Express Systems. It was unloading $125,000 in cash to their office two or three times each week. It didn't take long for Cory to accumulate more than $2.9 million in cash. David established that Cory's online pharmacy operation had generated more than $18 million in prescription drug sales. The number would soon round out at $28 million.

During this same time frame, between late February and April, we discovered that Cory and Sean Pitts, a manager at Advanced Express Systems, were traveling on a chartered jet to Montreal, Canada, each week. Cory enjoyed the private jet so much that he made a $385,000 deposit to buy a $1.16 Million British Aerospace Aircraft. He brought cash, luxury vehicles, and equipment to Montreal in preparation to set up a new call center. I ran a Google search on Sean and found that he had been charged with spamming online college diplomas-caught selling a master's degree to an investigator's cat. When I ran a Whois on Sean's diploma sales domain name, I recognized one of Cory's aliases as the registrant.

While we continued our interviews, Rob diligently arranged his undercover buys from several of Cory's Web sites and his call center. Each time he placed an order, he self-prescribed the quantity, dosage, and type of medication. All of his undercover buys were approved by Dr. Martel without any consultation and delivered by FedEx. He discovered that when he submitted false or incomplete information, even using a female name, his orders were filled. He also received up to five calls a day from telemarketers asking the same question: "Are you ready for a refill?"

With the help of the Drug Enforcement Agency (DEA), we identified several U.S. pharmacies providing prescription drugs to Cory's customers. The DEA received grievances from doctors and pharmacists recruited to approve prescriptions and supply painkillers and controlled substances. Addicts complained that they had tried to stop abusing drugs but continued to succumb to the pressure of relentless telemarketers.

After Rob made a few undercover purchases, we learned that Cory was planning to move his Minnesota call center. A source informed us that he was transferring his luxury vehicles to different storage facilities. I rechecked his Web sites on Netcraft and found that he had also moved his servers to different ISPs. Cory was one step ahead of us, trying to hide his assets and destroy evidence. At the time, we had no idea what prompted his evasive measures.

Only five months into the investigation, Sarah decided that we had to shut down Cory's operation in the interest of public safety. A newspaper article linked a Minnesota man's suicide with his addiction to painkiller prescription drugs bought from several online pharmacies, including Cory's. Shortly thereafter, our FBI office received a phone call from one of the employees indicating that Cory knew we were planning a raid. Acting quickly, David obtained search and seizure warrants and I obtained a temporary restraining order to freeze Cory's assets and stop his online pharmacy operation. We gathered about 30 agents to help us execute the warrants.

This Is Not a Game

On May 10, we executed 13 search warrants on Cory's operations in five states. We found him at his million-dollar home sitting in the backseat of his limousine. He was wearing an empty holster with a 9mm pistol under the floor mat. As I approached Cory, he said, "This must be George Kyrilis." I was surprised he knew my name. I then served him with the temporary restraining order and explained that we were shutting him down and freezing all of his assets. Cory remained defiant and cocky. "Oh, I see. This is just a game," he replied.

"No, Cory, this isn't a game; your drugs are killing people."

The searches took all day and carried on until late into the evening. We seized boxes and boxes of documentary evidence, computers, and other items. We confiscated more than $4 million in assets, including $1.8 million in vehicles and $1.3 million in cash. On May 13, search warrants were executed at four pharmacies supplying the prescription drugs. The following week a federal judge froze the accused's assets by preliminary injunction and appointed a receiver to take control of and dissolve the pharmacy operation. Cory was ordered to stop his illegal online activity.

(Continues...)

Excerpted from Computer Fraud Casebookby Joseph T. Wells Copyright © 2009 by Joseph T. Wells. Excerpted by permission.
All rights reserved. No part of this excerpt may be reproduced or reprinted without permission in writing from the publisher.
Excerpts are provided by Dial-A-Book Inc. solely for the personal use of visitors to this web site.