
b7c73ff489ac23e9c171e777c6c4ab58.ppt
- Количество слайдов: 99
Internet Resources & Public Information Presented by: Dennis F. Dycus, CPA, CFE, CGFM [email protected] net www. dennisdycus. com Association of Government Accountants Lincoln, Nebraska Chapter April 22, 2015 1
Internet Resources & Public Information In order to use the internet as a tool or resource to assist us in investigating fraud, we must first understand how it works The internet was originally designed as a method of communication for our military 2
Networks 3
Networks 4
Networks 5
Networks 6
Networks 7
The Internet Is Born The first two nodes of what would become the ARPANET were interconnected between Leonard Kleinrock 's Network Measurement Center at the UCLA's School of Engineering and Applied Science and Douglas Engelbart's NLS system at SRI International (SRI) in Menlo Park, California, on 29 October 1969. By December, 4 more nodes 8
Internet Growth 1991 – 36 web host servers 1999 - Over 9. 5 million web sites As of January, 2014 – 180, 000 Doubling every 9 months In U. S. alone, over 280 million people with access Over 87% of all individuals in the US have access to the internet Worldwide, over three trillion people use the internet on a daily basis 9
Internet Growth As of 2012, over 8. 7 billion devices were connected to the internet As of April 6 th at 2: 00 PM, there were approximately 15, 346, 705, 800 connections to the internet In 2013, there were 80 connections per second It is estimated that by 2020, there will be 250 things connecting to the internet each second Things include mobile devices, parking meters, thermostats, cardiac monitors, tires, roads, cars, supermarket shelves, and even cattle It is estimated that 40 billion devices will be connected by 2020 (Rob Soderbery, Cisco Executive – January 2013) 10
The Internet Large collection of WANs No central authority Greatest asset & weakness ◦ Easy to add to ◦ Management problems ◦ Difficult to find information 11
Protocol Communication requires standard language ◦ ◦ TCP/IP TCP = Transmission Control IP = Internet “Interconnected Networks” 12
Protocol Packets contain address information Physical route unimportant Each computer examines packet & either keeps or forwards 13
ISPs Internet Service Provider Company or organization that provides Internet access Local vs. international 14
World Wide Web Before, only text UNIX 1991 Hypermedia concept 15
World Wide Web 1 st time that media other than text is available Hypermedia vs. Print HTML, DHTML & XML Home page or web site? 16
IP Addresses Unique for each computer User name + IP address = individual address Composed of 4 numbers, all less than 256 17
IP Addresses 199. 182. 120. 203 Decoded from left to right Not assigned geographically Fixed vs. dial-up connection 18
IP Addresses [email protected] 182. 120. 203 19
URLs Uniform Resource Locators 20
URLs Usually no spaces Always uses forward slash / Incorrect entry cannot locate page 21
URLs http: //home. netscape. com /home/welcome. html • 1 st part on left = type of resource • “home” = specific computer 22
URLs http: //home. netscape. com /home/welcome. html • “netscape. com” = domain name • “/home” = directory on server 23
URLs http: //home. netscape. com /home/welcome. html • “welcome. html” = file 24
Domain Names IP addresses are hard to remember Domain Name System (DNS) Equates word or phrase to IP address 25
Domain Names DNS tables Similar to postal address Words separated by “dots” 26
Domain Names White House ◦ http: //198. 137. 240. 91 ◦ http: //www. whitehouse. gov 27
Domain Names [email protected] 182. 120. 203 [email protected] netcom. com 28
Domain Name System 29
Domain Names Top-level ◦. com ◦ ◦ ◦ domain names, primarily U. S. : (commercial) . edu (educational). gov (U. S. govt. ). mil (U. S. military). net (networks & ISPs). org (organizations) 30
Domain Names • Top-level domain names, non-U. S. (244): Ø. ca Ø. fr Ø. de Ø. uk Ø. stat. au Øe. fl. us 31
Domain Names • New Domain Names Ø. aero (air-related) Ø. biz (business) Ø. coop (cooperatives) Ø. info (information) Ø. museum (museums) Ø. name (individuals) Ø. pro (professionals) 32
Domain Names Numerous companies capable of registration Currently $70 for 2 years Internet Corporation for Assigned Names and Numbers (ICANN) 33
Other Terms Link Cookie a word, phrase or graphic in a web page coded to take the user to information located somewhere else a short string of text sent from an Internet server to a user’s computer 34
Internet Pitfalls Internet was not designed as a research tool or library Primary design was to facilitate communications “It must be true…” 35
New Investigative Challenges • E-mail has been used to: Ø Send death threats Ø Send racial hate mail Ø Make libelous statements • Newsgroup postings have contained confidential information or financial corporate data 36
New Investigative Challenges • Anonymous postings have contained information about pending mergers and IPOs, in violation of SEC regulations • Internet stalking is a growing phenomenon -- and there almost no laws against it • Auction-related fraud is also growing 37
New Investigative Challenges • Use of Internet to send millions of email advertisements is growing daily • Many ads involve fraudulent investment scams, chain letters or pyramid schemes • This type of fraud is very cost-effective 38
Investigative Questions • How does a message get from Point A to a specific server (Point B)? • How can the IP address of a site be determined? 39
NSLOOKUP Enter host name & tool returns IP address Reverse name lookup – enter IP address to find host name 40
NSLOOKUP 41
NSLOOKUP 42
NSLOOKUP 43
WHOIS? • Database of domain name records • Query will return registered owner of domain and contact information for host 44
WHOIS? 45
WHOIS? 46
Net. News Formerly known as “Use. Net” Designated servers that exchange e-mail tagged with predetermined subject headers 47
Net. News Currently over 30, 000 newsgroups Similar to public bulletin board Users control what is discussed & what information is allowed 48
Mailing List Group of people who subscribe to email publication about specific topic ACFE fraud information letter 49
Chat Rooms Also called “channels” Real-time discussions May be public or private Used in a wide variety of crime 50
Web Sites Totally unorganized Free floating, loosely strung, gold mine of information Available to those who know how to find it 51
Search Engines • Sites that provide searchable indexes of Internet resources • Also “directories” • True search engines use software agents to automatically index 52
Search Engines • Directories rely on people to categorize listings • Human editors or web site owners provide description & category 53
Search Engines • Directories -- better for general information • General categories • Sub-categories • Increasingly specific 54
Search Engines • Search engines -- better for specific information • Many services index every word of web sites • May locate sites not even listed in directories 55
Search Engines • Search engines may return too much information • Choice of service can be important 56
Additional Sources News organizations Newspapers University libraries State government listings Telephone Numbers and Addresses 57
Additional Sources • Mapping sites • Legal resources • Federal government sites • Criminal justice resources • International web sites 58
Search Strategies • Consider type of information desired • Be as specific as possible! • Use Math! • Look for advanced search capabilities 59
Search Math • Addition • Clinton Gore • +Clinton +Gore • +Windows+98+file+utilities 60
Search Math • Subtraction • Clinton -Lewinsky 61
Search Math • Multiplication • +Windows +98 +file +utilities • “Windows 98 file utilities” • Not “Windows 98 file utility” • “Windows 98 file utilit*” 62
Search Strategies • Read instructions • Use more than one service • Experiment • Pay attention to spelling • Pay attention to case 63
How Complete? • Recent Study • Even the most comprehensive search engine is aware of no more than 18% of the estimated 4. 63 billion pages on the Internet • As of April 2, 2015 64
How Complete? • Gap between new pages posted & pages indexed is widening • Increasingly difficult for search services to keep up 65
How Complete? • Most major search engines index less than 10% • Even after combining all major search engines, only 42% of the Web has been indexed! 66
Internet = Efficiency? Many public records now available on-line Some sources are free Other sources available for a fee Public Access to Court Electronic Records § Records from U. S. District and Bankruptcy courts 67
Right To Privacy? “Privacy” is not found in either the U. S. Constitution or the Bill of Rights Referenced in many court rulings, but only to address specific circumstances and/or types of records 68
Freedom of Information Act Designed to facilitate access by citizens to records from Executive Branch Most states have similar legislation Exceptions: § Law enforcement investigations § Intelligence § Personnel and/or medical records § Where release would violate privacy 69
Freedom of Information Act Depending on where & how records are maintained, it could take a while to obtain them… Agencies can generally charge requestor for costs associated with production Costs could be significant § Example -- clerk searching non-computerized records 70
Freedom of Information Act • Public records include: • • • Tax rolls Voter registration Assumed names Real property records Divorce/probate suits 71
Freedom of Information Act • Public records do not usually include: • • • Banking records Trust records Telephone records Passenger lists Stock ownership 72
Fair Credit Reporting Act • Formerly applied only to consumer credit reports • Now also interpreted to include any information collected about a person • Could include criminal records and DMV searches 73
Fair Credit Reporting Act Consumer Report: Any written, oral, or other communication by a consumer reporting agency bearing on a customer’s credit worthiness, credit standing, character, general reputation, personal characteristics, or mode of living. 74
Fair Credit Reporting Act Consumer Reporting Agency: Anyone who sells information about people. It could be an online service such as IRSC or CDB-Infotek, or it could be a private investigator. Also included are three main credit bureaus: Experian, Equifax, and Trans Union. 75
Fair Credit Reporting Act FCRA does not apply when gathering information directly from the source Use of a third party to gather the information triggers notice and consent provisions of the FCRA 76
Fair Credit Reporting Act Sale of individual credit reports restricted to someone with “permissible purpose” Several states are even more restrictive, requiring requestor to tell where report is going and for what purpose 77
Fair Credit Reporting Act Permissible Purpose: ◦ In response to court order ◦ With written waiver of release 78
Fair Credit Reporting Act • Permissible Purpose: – To anyone the CRA believes will use the information in conjunction with: § a credit transaction § employment § the issuance of an insurance policy § eligibility for public license or other benefit where financial responsibility is required by law § a “legitimate business purpose” 79
Fair Credit Reporting Act Types of information that cannot be included in credit report: Ø Debts over 7 years old Ø Negative information (including bankruptcy) over 10 years old Ø Medical information Ø Unless for employment, information related to age, marital status, or race. 80
Fair Credit Reporting Act Information about criminal convictions has no time limitation Information reported in response to application for job with salary more than $75, 000 has no time limit 81
Fair Credit Reporting Act • Information reported due to application for over $150, 000 of credit or life insurance has no time limit • Information about lawsuits or unpaid judgments can be kept for 7 years or until the statute of limitations expires whichever is longer 82
Fair Credit Reporting Act Citizens have right to know about all credit history inquiries for previous 6 months (unless for employment, when time is previous 2 years) Any person requesting information from credit report must then be listed on that report 83
Fair Credit Reporting Act Before an employer can obtain a consumer report for employment reasons, employee or prospect must be notified and give permission EEOC -- rejection of job applicants due to poor credit rating = adverse impact on minority groups, and therefore illegal 84
Fair Credit Reporting Act Investigative Consumer Report ØCan include information about character, reputation, personal characteristics, or mode of living ØObtained through personal interviews ØMay require additional notice 85
Fair Credit Reporting Act • Investigative Consumer Report Ø Must disclose nature and scope of investigation (if requested) Ø If requested, subject must be given a copy of the complete report Ø Subject must be given opportunity to dispute findings of the report 86
On-line Records What can they be used for? UCC filings Civil court federal records Locating people Voter registration records DMV records Locating assets Finding legal records Credit header information Criminal court federal records Marriage/divorce indexes Corporate filings Financial or credit information Professional licenses Telephone listings Tax assessor rolls State civil court records Background checks Property records OSHA records State criminal court records 87
Limitations… Types of records vary widely from state-tostate Searches are limited by geography On-line records may be brief abstract of original record 88
Limitations… • Source of information must be reliable • Accuracy and currency of data must be verified • On-line records may not go back very far 89
Commercial On-line Services Most information available on-line Some information may need to be retrieved in hard copy and delivered Annual, monthly or “pay as you go” 90
Commercial On-line Services • Choice. Point Ø CDB Infotek Ø IRSC Ø DBT Online Ø Know. X 91
Commercial On-line Services • Lexis-Nexis • USDatalink • info. USA. com • Security Software Solutions • Diligenz • Dialog Information Retrieval Service 92
Commercial On-line Services • Dun & Bradstreet • Experian • DCS Information Systems • Merlin Information Services 93
Other Sites of Interest • Court web sites • CPA/Professional Directories • SEC filings • Death records 94
Database Technologies • • Charles Kallestad DOB 8/36 Age 61 SSN: 470 -38 -4689 Phone Number: 512 327 -2282 Address 1: 5/1/1993 PO Box 162890 Austin Address 2: 2/8/1992 305 Rowland Dr. Austin Address 3: 3/8/1992 1351 The High Road Austin 95
Database Technologies • • • 12/1/1992 8012 Greenslope Austin 11/1/1992 9602 Ann Ln Minnetonka MN 11/1986 1934 Deer Dr Wayzata, MN 11/90 2132 Caminto Del Barco Del Mar, CA PO 470301 San Francisco, CA 1592 Union San Francisco, CA 4806 Midland TX 1900 Simler Dr, Big Spring TX - Federal Prison 55 Minneapolis MN 1120 S Capital of Texas Highway, Austin, TX 96
Database Technologies • • 4353 Marina Santa Barbara, CA SSN 470 -38 4689 issued in Minnesota between 1953 and 1954 Additional SSN 096 -91 -2360 unknown issue year or is invalid Telephone numbers listed for each address For each address additional names and telephone numbers listed Indicated: No pilot license, aircraft or vessels Listed address profile for each address: where located, streets close by, how mail is delivered • Driver’s licenses and description • Listed liens, judgments, and bankruptcies including: Austin, St. Paul, Rochester 97
Database Technologies • Listed possible property ownership: Holly Lane, Minneapolis under Helen Kallestad • Under Holly Lane listed Kimblerly Kallestad and addresses associated with her — nationwide and driver’s license • Bruno Kallestad — PO Boxes Austin • Listed Helen’s SSN and death claim filed and Helen’s other addresses • Lists James Kallestad and possible aliases including all addresses associated with James and driver’s license • Same with Donald and Michael • For every address listed, researched all people who have lived there and their personal information • Also lists people at surrounding addresses and information 98
Internet Resources & Public Information Presented by: Dennis F. Dycus, CPA, CFE, CGFM [email protected] net www. dennisdycus. com Association of Government Accountants Lincoln, Nebraska Chapter April 22, 2015 99