Glossary

• A
• B
• C
• D
• E
• F
• G
• H
• I
• J
• K
• L
• M
• N
• O
• P
• Q
• R
• S
• T
• U
• V
• W
• X
• Y
• Z

A

Account takeover
A fraudster impersonates the victim and falsely claims a change of address so that he or she can ‘take over’ the victim’s bank account or other financial products.

Advance-fee fraud
This involves the criminal tricking a victim into paying an up-front fee with the promise of a large reward later.

Application fraud
A fraudster makes an application using a victim's details or false supporting documentation.

ATM attachments
These can be fixed to cash machines (ATMs) to extract PIN numbers and personal details from cards. The attachments can include skimming devices or false fronts with built-in card readers, as well as pinhole cameras.

Back to top

B

Bin raiding
The practice of rifling through household or commercial bins to find documents, such as bills or statements, containing personal or confidential information about individuals, which could be used to assume their identity.

Back to top

C

Card capture device / card trapping
A device inserted into the card slot of a cash machine (ATM) to capture the data contained on cards.

Card cloning or 'skimming'
Cloning involves creating a duplicate of your payment card. The data on a card's magnetic stripe is read electronically by a 'skimming' device and downloaded onto a computer or copied onto a duplicate card.

Change of address fraud
Using a victim’s name and address details, a criminal contacts banks and businesses to register a change of address. The fraudster may then ask for valuable items such as cheque books, debit cards or account statements to be sent to the new address. Change of address fraud can also be used to facilitate an account takeover.

CIFAS - the UK's Fraud Prevention Service
CIFAS is a not-for-profit membership association dedicated to the prevention of financial crime. It provides a range of fraud prevention services to its members.

CNP - cardholder-not-present fraud
Using stolen cards or card details and personal information, a fraudster purchases good or services remotely - online, by telephone or by mail order.

Commercial / Corporate identity theft
The use of the identity of a company, business or its directors, without their knowledge, to facilitate fraud.

Cookie
This is a small data file automatically stored on a user's computer for record-keeping purposes. It contains information about the user in relation to a particular website, such as their username and preferences.

Corporate fraud
The dishonest abuse of their position by (usually) senior members of staff to misrepresent a company's true financial position.

Counterfeit card
A fraudulent reproduction of a printed, embossed and encoded credit or debit card. Or a payment card that has been validly issued but has been altered or fabricated.

Current address fraud
Identity fraud perpetrated by a criminal who shares the same address as the victim. The fraudster is likely to have access to or is able to intercept the victim's post and so can apply for and use existing products and services in the name of the victim.

Cyber fraud
Fraud committed using a computer, such as hacking, denial of service attacks, phishing, etc.

Back to top

D

Data Protection Act
The Data Protection Act 1998 sets out the legal basis for handling and protecting private information and data in the UK.

Day of the Jackal fraud
A fraudster assumes the identity of a deceased child, many years after their death when they would have been an adult, in order to commit identity fraud.

Back to top

E

Encryption
The process of converting data into cipher text to prevent it from being understood by an unauthorised party.

Back to top

F

False identity fraud
The creation of a fictitious or false identity to facilitate fraudulent activity.

Firewall
Computer hardware or software designed to prevent unauthorised access to the system via the internet.

First party fraud
Fraud committed against a financial institution by one of its own customers.

Fraud
The use of deception to make a gain by unlawful or unfair means.

Fraud ring
A group of organised criminals / fraudsters working together to defraud financial organisations, retailers, companies or individuals.

Front companies
Businesses set up by criminals to facilitate fraud. The company may be used to process transactions on fraudulently acquired products.

Back to top

I

Identity fraud / theft
The use of an individual's identifying details (name, date of birth, current or previous address, mother’s maiden name, etc) without their knowledge or consent to assume their identity. The criminal uses these details to obtain goods or services, loans, passports, credit cards or bank accounts in the victim's name.

IOD - Impersonation of the Deceased fraud
A criminal takes on the identity of a deceased person to facilitate fraudulent activity.

Back to top

K

Key stroke logger
Hardware or software installed onto a computer to record keystrokes and mouse movements. Fraudsters can use this device to obtain the passwords, user names and other confidential details of the computer user.

Back to top

L

Lost card fraud
The fraudulent use of payment cards that have been reported as lost.

Back to top

M

Mail / telephone order fraud
A criminal uses a genuine account number obtained fraudulently to obtain goods or services from mail order companies.

Mail re-direct
Post is fraudulently re-directed to another address without the intended recipient's knowledge. The fraudster then receives important documents, such as bank statements and bills, intended for the victim and uses them to facilitate identity fraud.

Malware
Software designed specifically to damage or disrupt a system, such as a virus or a Trojan horse.

Back to top

P

Phishing and pharming
These are scams in which criminals send bogus emails to thousands of people. The emails look like they have come from trusted organisations, such as banks, credit card companies and online stores. They usually contain compelling messages, urging the recipient to click on a link to visit a supposedly trusted website. If the victim clicks on the link they are taken to a website that looks like the real thing, where they are prompted to enter their personal details. The criminals can then use this information to impersonate the victim and commit identity fraud. Fraudsters may also call you on the phone, pretending to be from your bank or credit card company, asking you for personal details.

Back to top

S

Second party fraud
Fraud committed by someone close to or known by the victim, usually a relative or employee.

Shoulder surfing
The act of looking over the shoulder of an individual using a cash machine, making payments or filling out an application form in order to capture personal details and PIN numbers to facilitate identity fraud. 

Skimmer
A device that reads and records details held on the magnetic stripe of payment cards.

Skimming
Using a skimmer to copy the details held on the magnetic stripe of a payment card.

Spoofs
Various scams in which fraudsters attempt to gather personal information directly from unwitting individuals. The methods could include letters, telephone calls, canvassing, websites, emails, street surveys, etc.

Spyware
Computer software that steals information from a user's computer without the user's knowledge or consent.

Back to top

T

Third party fraud
Fraud committed against an individual by an unrelated or unknown third party. Most cases of identity fraud are committed by individuals unknown to the victim.

Back to top

W

West African 419 fraud
A type of advance-fee fraud in which individuals or companies receive unsolicited emails or letters, originating from West Africa, promising a percentage of a huge sum of money in return for allowing funds to pass through the victim’s bank account. There is an administration fee to pay as a pre-condition of releasing the funds. '419' is the Nigerian penal code under which this offence would be prosecuted.

Back to top