Financial Transactions - Consumer Fraud Flashcards
What is a block hustle?
202
A scheme in which the purveyor sells imitation or stolen goods on the street
purveyor = Händler hustle = Hast, Hektik
What is an advance-fee swindle?
201
A swindle structured to obtain an illegal gain by falsely promising the delivery of a product or a service in exchange for an upfront fee.
Vorauskasse-Schwindel
What is an advertising scheme?
203
A scheme in which a fraudster sells ficticious advertising space, such as in a nonexistent magazine or telephone directory
Anderes Beispiel:
Firmeneinträge aufgrund von HR-Publikationen
What is a scavenger scheme?
204
A scheme in which a previously conned victim is targeted for an advance fee by a bogus company that claims to assist fraud victims in recovering stolen money
bogus = betrügerisch scavenger = Lumpensammler, Aasgeier, Müllsammler etc.
What is Affinity fraud?
205
Fraud that targets people who share social connection (e.g. religiouos groups, racial minorities, professional organisations)
What are factoring companies?
206
Organisations that buy credit card receipts at a discount and use their merchant bank accounts to convert the receipts into cash
factoring = Aufkauf von Forderungen
What is a fronter?
207
An employee involved in a telemarketing scam who calls victims to make the initial sales pitch
What is a closer?
208
A veteran employee involved in a telemarketing scam to whom interested callers are transferred and that convinces the person to buy
What is verifier?
209
An employee involved in a telemarketing scam who reads vague words about the deal and records the victim’s agreement
What is a Ponzi scheme?
210
an illegal business practice in which new investors’ money is used to make payments to earlier investors
What is an illegal pyramid?
211
A scheme in which the bulk of the earnings are dependent on money brought in from new recruits with an emphasis on advancing to ever higher stages
What is shoulder surfing?
212
A method used by identity thieves to optain information by overhearing conversations or covertly observing the input of credit card numbers, account information, or PIN codes into machines or documents
What is turnkey?
213
An individual or entity that provides telemarketing scammers with autodialers, phone lists, credit card receipts, and merchandise they require to operate
turnkey = Türöffner (in diesem Zusammenhang)
Liefert Daten von möglichen Opfern
What is password cracking?
214
An automated process by which an attacker attempts to guess a system user’s password
= Passwort-Knacken
What is social engineering?
215
A method for gaining unauthorised access to a system or to information in which the attacker deceives victims into disclosing personal information or convinces them to committ acts that facilitate the attacker’s intended scheme
to deceive = täuschen irreführen
“direkt im sozialen Kontakt, Informationen und persönliche Informationen herausholen”
What is phishing?
216
A method used for gaining unauthorised access to a computer system in which a perpetrator dupes an individual or business into providing sensitive data, such as passwords or account numbers, by falsely claiming to be from an actual business, bank, ISP, or other entity in which the target does business
perpetrator = Eindringling, Täter
to dupe = einseifen, übertlisten, übertölpeln
What is SMiShing?
217
A type of phishing attack in which the fraudster uses text messages or other short message services to dupe an individual or business into providing sensitive data by falsely claiming to be from an actual business, bank, ISP, or orther entity
What is pharming?
218
An attack in which a user is fooled into entering sensitive data (such as password or credit card number) into a malicious website that impersonates a legitimate website.
to impersonate = sich als jemanden ausgeben
malicious = hinterhältig, bösartig
Abgrenzung zum Phishing? Ist es nur das Medium? Web vs. eMail, SMS etc.?
What is the piggybacking method used to gain access to restricted areas?
219
A method in which the attacker exploits a false association with another person who has legitimate access to the area
piggybacking = huckepack machen
Sich im Huckepack an jemanden dranhängen, um Zutritt zu erhalten
What is malware?
220
An umbrella term used to describe any kind of malicious software, including viruses, worms, trojans, spyware and botnets
What is spyware?
221
A type of software that collects and reports information about a computer user without the user’s knowlwdge or consent
What is a trojan horse?
222
A programme or command procedure that gives the appearance of being useful but in fact contains hidden code that causes malicious damage
malicious = arglistig
What is acomputer worm?
223
A malicious self-replicating computer programme that penetrates operating systems to spread malicious code to other computers
What are keyloggers?
224
Software or hardware tools that monitor and log (or track) the keys pressed on a system’s keyboard
5 information security goals for e-commerce systems
225
confidentiality of data (Vertraulichkeit)
integrity of data (Datenintegrität, Unversehrtheit)
availability of data (Datenverfügbarkeit)
authentication (authentifizierung)
non-repudiation (unleugbarkeit, nachweislich der Wahrheit entsprechend)
What is e-commerce?
226
The process whereby 2 or more parties make business transactions via computer and some type of network
What is authentication (in the context of e-commerce systems)?
227
The validation of a customer’s identity
What is a non-repudiation (in the context of e-commerce systems)?
228
A guarantee that the parties involved in an e-commerce transaction cannot repudiate (deny) participation in the transaction
= Protokoll für Nachweisbarkeit
What are physical access controls?
229
Controls that allow or restrict users’ access to physical objects or areas
What is vishing?
230
The act of leveraging Voice over Internet Protocol (VoIP) to falsely claim to be a legitimate enterprise in an attempt to scam users into disclosing personal information
What is spear phishing?
231
Phishing attacks that target a specific organisation in which messages that falsely appear to originate from within the organisation (e.g., from the IT or HR department) are sent to the entity’s employees in order to obtain the employees’ usernames and passwords to access the corporate network.
spear = Speer
What is rock phishing?
232
Phishing attacks that employ botnets to send massive amounts of phishing emails to huge volumes of internet users
What is a firewall?
233
A device that blocks unauthorised or unverified access to network assets by surveying incoming and outgoing transmissions.
What are logical access controls?
234
Controls that allow or restrict users’ access to computer systems and networks
What is encryption?
235
The deliberate scrambling of a message so that it is unreadable except to those who hold the key for unscrambling the message
What is an intrusion detection system?
236
A device or software application that monitors an organisation’s inbound and outbound network activity and identifies any suspicious patterns of activity that might indicate a network or system attack or security policy violations
What are sniffers?
237
Computer programmes that monitor traffic on areas of a network and search for packets of data a they pass through the network.
What is a trapdoor (in the context of information security)?
238
A secret entry point into a programme that allows someone who is aware of the trapdoor to gain access without going through the usual security access proceures
trapdoor = falltür
What is spoofing?
239
The process whereby a person or programme masquerades as another to obtain unauthorised access to a targeted system
What is input manipulation (or data diddling)?
240
Entering false or misleading information into a system to achieve a specific fraudulent purpose
diddling = schwindeln
What is data leakage?
241
The unauthorised transmission of data from within an organisation to an outside destination
what is privilege escalation?
242
The act of exploiting a bug, design flaw, configuration oversight, or other vulnerability in an operating system or software application to gain access that is beyond the user’s authorised access level
What is a logic bomb?
243
Code embedded in alegitimate programme that is set to activate (or explode) and set off a malicious function when certain conditions are met
What is a botnet?
244
A group of Internet-connected computers that interact to accomplish a distributed task
What is logging or journaling (in the context of computer security)?
245
The process of making a record of system-related events or logs for analysis
What is a penetration test?
246
An examination in which a group of trusted individuals tests an entity’s network security by attempting to breach it
What is crimeware?
247
Malware used to simplify or automate online criminal activities in order to obtain financial gain from the affected user or other third parties
4 phases of the contracting phase
248
the presolicitation phase
the solicitation phase
the bid evaluation and award phase
the post-award and administration phase
solicitation = Angebotseinholung
What happens in the presolicitation phase of the contracting process?
249
The procuring entity:
- identifies its needs
- develops the bid specifications
- determines the method to use for acquiring the goods or services
- develops teh criteria used to award the contract
What happens in the solicitation phase of the contracting phase?
250
- the procurement entity prepares the solicitation document
- the procurement entity provides notices of solicitation
- the procurement entity issues the solicitation document
- the bidders prepare and submit their bids or proposals
What happens in the bid evaluation and award phase of the contracting process?
251
the procuring entity:
- evaluates the bids or proposals
- selects the winning bid or proposal
What happens in the post-award and administration phase of the contracting process?
252
The contracting parties fulfil their respective duties through the performance of their contractual obligations
What are need recognition schemes?
253
Schemes in which a procurement employee convinces his employer, the purchasing entity, that it needs excessive or unnecessary products or services
What are bid-tailoring schemes?
254
Schemes in which an employee with procurement responsiblities, often in collusion with a contractor, drafts bid specifications in a way that gives an unfair advantage to a certain contractor
collusion = betrügerische Absprache
What are bid manipulation schemes?
255
Schemes in which a procuring employee restricts the pool of competitors from whom bids are sought in order to benefit a favoured contractor or supplier
What is complementary bidding?
(also known as protective, shadow or cover bidding)
256
A scheme in which competitors submit token bids that are not serious attempts to win the contract
Verstehe ich dies richtig?: Es handelt sich um fake-Angebote, welche die Spezifikationen nicht erfüllen, damit das passende eigene Angebot genommen wird?
What are bid rotation (or bid pooling) schemes?
257
Schemes in which 2 or more contractors conspire to alternate the business between them on a rotating basis
What is bid suppression?
258
A scheme in which 2 or more contractors enter an illegal agreement whereby at least 1 of the conspirators refrains from bidding or withdraws a previously submitted bid.
suppression = unterdrückung
to refrain = unterlassen, von etwas Abstand halten
What are market division schems?
259
Schemes in which competitors agree to divide and allocate markets among themselves and to refrain from competing in each other’s designated portion of the market.
What is defective pricing *in the procurement context)?
260
A fraud scheme in which contractors intentionally use inaccurate cost or pricing data to inflate costs related to negotiated contracts.
What is non-conforming goods or services fraud?
261
A fraud scheme in which aa contractor delivers goods or services to the procuring entity that do not conform to the underlying contract specifications
What are cost mischarging schemes?
262
Schemes in which a contractor charges the procuring entity for costs that are not allowable, not reasonable, or cannot be allocated to the contract directly or indirectly
3 types of mischarges in cost mischarging schemes
263
- accounting mischarges
- material mischarges
- labour mischarges
Elements of a legal contract between 2 entities
264
- lawful subject matter or objective
- competent parties
- intent to be legally bound
- agreement
- form permitted by law
(Eine wirklich gute und interessante definition)
What is a contract?
265
A mutual oral or written agreement between 2 or more parties
What is a breach of contract?
266
When a party to a contract fails to perform, or announces that it does not intend to perform, without just cause.
What are bid-splitting schemes?
267
Schemes in which an employee of a procuring entity breaks a large project up in several smaller projects that fall below the mandatory bidding level, allowing the entity to avoid competitive methods of procurement
What is competitive bidding using sealed bids?
268
A method of procurement in which prospective contractors submit competitive, sealed bids containing price and term to a procurement entity who awareds the contract to the bidder with the best price.
What is contracting by negotiation?
269
A method of procurement that permits bargaining between the procuring entity and prospective contractors before the contract is awarded
What is sole-source contracting?
270
A noncompetitive procurement process in which the procuring entity solicits only 1 prospective contractor
What is purchasing card (or p-card)?
271
A company charge card that allows goods and services to be purchsed without using a traditional procurement process
What are bid specifications?
272
A list of elements, measurements, materials, characteristics, required functions, and other specific information detailing the goods and services that a procuring entity needs from a contractor
What is a change order?
273
A written agreement between the procuring entity and the contractor to make changes in a signed contract
What is change order abuse?
274
A performance scheme in which a corrupt contractor submits a low bid to ensure that it wins the contract award and then increases its price with subsequent change orders after the procuring entity awards in the contract
What is a third-party payer health care system?
200
A health care system in which a third party (e.g., an insurance company or health care programme) pays the health care provider (i.e., the second party) for the care or services provided to the patient (i.e., the first party)
What is a direct-payment healtch care system?
199
A health care system in which patients pay directly from their own funds for health care services
What occurs during a phantom service health care fraud scheme?
179
Providers bill for services that were not rendered at all
What occurs during a clinical lab health care fraud scheme?
180
A provider advises a patient that additional medical testing is needed to diagnose the problem when it is not required or advisable
What occurs during a fictitious provider health care fraud scheme?
181
Criminals or corrupt providers fraudulently use another provider’s identification information and patient identifying infromation to bill health care programmes for services that were not performed
What parties are considered medical “providers”
182
- medical practitioners
- medical suppliers
- medical institutions
What is reusable medical equipment?
183
Reusable equipment for a medical purpose, such as crutches, wheelchairs, and specialised patient beds
Who is responsible for paying medical insurance co-payments and deductibles (in programmes that require them)?
184
Patients
Common kickbacks in the healtch care industry
185
- payments for referrals of patients
- waivers of deductible and co-payments
- payments for insurance contracts on health care programmes
- payments for vendor contracts
deductibles = Selbstbehalt wwaiver = Verzichtserklärung/Aufhebung
What is unbundling?
186
Separating a comrehensive medical procedure code into separate components to increase charges
What is upcoding?
187
Billing for a higher level of medical service than the actual service rendered
What is diagnostic-related grouping (DRG)?
188
A reimbursement methodology for the payment of institutional claims that categorises patients who are medically related with respect to various types of information, such as primary and secondary diagnosis, age, gender, weight, length of stay, and complications
What is DRG creep?
189
When medical staff members manipulate diagnostic and precedural codes in a pattern to increase reimbursement amounts
Most common methods providers use to inflate health care billings
190
- alterations
- added services
- code manipulation
What are medical ICD codes?
191
International Classification of Diseases (ICD) codes that are used to classify diseases and related health problems.
What group commits the most incidents of health fraud?
192
Providers
Common health care fraud schemes in which hospitals are primarily involved
193
- filing of false cost reports
- DRG creep
- billing for experimental procedures
- improper contractual and other relationships with physicians
- revenue recovery firms to (knowingly or unknowingly) bill extra charges
What happens in a “rent-a-patient” health care fraud scheme?
194
A provider or other party PAYS individuals to undergo unnecessary medical procedures that are then billed to the patient’s health care programme
What is episode-of-care reimbursement in health care?
195
A health care payment method in which providers receive one lump sum for all the services they provide related to a condition or desease.
= Fallpauschale
What is capitation reimbursement in health care?
196
A health care payment method in which providers receive one lump sum for every patient they see, regardless of how many services the provider renders.
What is a fee-for-service reimbursement in health care?
197
A health care payment method in which providers receive payments for each individual service rendered
What is a single-payer health care system?
198
A health care system in which the government pays providers on behalf of the patients who receive health care services
