Sales Scam

Sales scams are a type of crime associated with online retailing, where money is accepted from customers without the seller delivering them products or sending a different cheap product instead. There are many different types of e-commerce fraud methods which can be utilized by scammers to commit crimes and fool customers.


SCA (Strong Customer Authentication)

SCA is defined as “an authentication based on the use of two or more elements categorized as knowledge (something only the user knows), possession (something only the user possesses) and inherence (something the user is).The process considers national identity of the customer, tracking of the position, analysis of interest and information of the services. Strong customer authentication is required before any type of business transaction in order to have full access to customer accounts in case of fraud.


Scammer

The term scam refers to fraudulent schemes in which goods and money are taken from unsuspecting persons, generally through the deceit of the victim.


Scams

A fraudulent scheme performed by a dishonest individual, group, or company in an attempt to obtain money or something else of value. Scams traditionally resided in confidence tricks, where an individual would misrepresent themselves as someone with skill or authority, i.e. a doctor, lawyer, investor.


Scareware

Malicious software, messages or threats designed to scare people into installing malware and software. A website popup that claims your “computer may be infected with harmful spyware” will send you to a download link for a real malware program.


Scholarship Scam

Scholarship scam is described as a situation where fraudsters offer a fraudulent scholarship to attract the victims. Sometimes the seminars do provide some useful information, but actually they are disguised sales pitches for financial aid consulting services (e.g., maximize your eligibility for financial aid), investment products, scholarship matching services and overpriced student loans.


Scraper

A site scraper can be defined as a kind of software that duplicates content from a website. Site scrapers work similarly to web crawlers, which essentially perform the same function for the purposes of indexing websites. Web crawlers cover the whole Web, however, unlike site scrapers, which target user-specified websites.


Script Kiddie

A script kiddie is an offensive term used to refer to non-serious hackers who use existing computer scripts or code to hack into computers, rather than them creating their own due to them lacking the skills or expertise to write their own.


Second Party Fraud

Second party fraud, or money mules, is where a person allows another to use their identity or personal information to perform fraud. Businesses may find second party fraud difficult to detect and challenge since the identity of the person that is used to carry out fraud has largely allowed it to take place.


Secure Element

A Secure Element (SE) is a microprocessor chip which can store sensitive data and run secure apps such as payment. It acts as a vault, protecting what's inside the SE (applications and data) from malware attacks that are typical in the host (i.e. the device operating system).


Security Protocol

Security protocol, also called cryptographic protocol, could be described as a sequence of operations that ensure the protection of data. Used with a communications protocol, it provides secure delivery of data between two parties.


Security Threat and Risk Assessment

Security Threat and Risk Assessment can be defined as a technique that classifies the overall business and security risks with the aim of defining the competence of security controls, together with the service, in order to reduce the set of risks that appear for the business.


Security token

A security token is a physical device used to gain access to an electronically restricted resource. The token is used in addition to or in place of a password. It acts like an electronic key to access something. Some tokens may store cryptographic keys that may be used to generate a digital signature, or biometric data, such as fingerprint details.


Sensitive data

Sensitive data is defined as information that is protected against unwarranted disclosure. Access to sensitive data must be safeguarded. Protection of sensitive data may be required for legal or ethical reasons, for issues pertaining to personal privacy, or for proprietary considerations.


SEO

SEO is an abbreviation for Search Engine Optimization, which is the art of having your website optimized, or attractive, to the major search engines for optimal indexing. It refers to the process of increasing the quality and quantity of the traffic of the website and this process is used to increase the visibility of web pages for search engine users.


Serious Fraud Office (SFO)

The Serious Fraud Office (SFO) is a non-ministerial government department of the Government of the United Kingdom that investigates and prosecutes serious or complex fraud and corruption in England, Wales and Northern Ireland.


SERP

Search Engine Results Pages (SERP) are the pages displayed by search engines in response to a query by a searcher. The main component of the SERP is the listing of results that are returned by the search engine in response to a keyword query, although the pages may also contain other results such as advertisements.


Shopping Cart

A shopping cart is a feature in online shopping that works as a temporary record of items selected for eventual purchase from the online vendor's website.


Shoulder Surfing

Shoulder surfing is the practice of spying on the user of an ATM, computer, or other electronic device in order to obtain their personal access information. This is generally done by looking over someone's shoulder at the information on screen, hence its name.


SIM Cloning

SIM cloning is the procedure through which a genuine SIM card is reproduced. When the cloning is accomplished, the cloned SIM card’s classifying information is transported onto a separate, secondary SIM card. The secondary card can then be used in a different phone while consuming all the calls and related charges credited to the original SIM card.


Single sign-on

Single sign-on (SSO) is a session and user authentication service that permits a user to use one set of login credentials (e.g., name and password) to access multiple applications. SSO can be used by enterprises, smaller organizations, and individuals to mitigate the management of various usernames and passwords. In a basic web SSO service, an agent module on the application server retrieves the specific authentication credentials for an individual user from a dedicated SSO policy server, while authenticating the user against a user repository such as a lightweight directory access protocol (LDAP). The service authenticates the end user for all the applications the user has been given rights to and eliminates future password prompts for individual applications during the same session.


Skimmer

Skimmers are essentially malicious card readers attached to real payment terminals so that they can harvest data from every person that swipes their cards. The typical ATM skimmer is a small device that fits over an existing card reader.


Skimming

Skimming is considered a type of white-collar crime,and is described as the theft of cash from a business prior to its entry into the accounting system for that company. Although skimming is one of the smallest frauds that can occur, it is also the most difficult to detect.


Skimming cash receipts

Skimming is slang for taking cash "off the top" of the daily receipts of a business (or from any cash transaction involving a third interested party) and officially reporting a lower total. The formal legal term is defalcation. Even though skimming is one of the smallest frauds that could appear, they are considered as the most difficult fraud to detect.


Smart Card

A smart card is a physical card that has an embedded integrated chip that acts as a security token. Smart cards are typically the same size as a driver's license or credit card and can be made out of metal or plastic. They connect to a reader either by direct physical contact (also known as chip and dip) or through a short-range wireless connectivity standard such as radio-frequency identification (RFID) or near-field communication (NFC).


SMishing

SMishing is a security attack in which the user is tricked into downloading a Trojan horse, virus or other malware onto his cellular phone or other mobile device. SMiShing is short for "SMS phishing."


Smurfing/Structuring

The process of laundering money by breaking up large funds into multiple bank accounts to operate under the radar of law enforcement agencies. 

In the gaming industry, the term refers to players who create multiple accounts, so that what they do on an alternate account (cheating, losing) will not affect their main account.


Sniffing

Sniffing is the process of monitoring and capturing all data packets passing through given network, and is illegal to be done by an unauthorized party. This stolen information can be used for fraud and obtaining other significant data from users. Sniffers are used by network/system administrators to monitor and troubleshoot network traffic. Attackers use sniffers to capture data packets containing sensitive information such as password, account information etc.


Social Engineering

Psychological manipulation done through human interaction that gets people to reveal personal information for fraudulent purposes. It can happen in one or multiple steps, and can range from basic to complex methods, like attackers impersonating co-workers or officials to solicit information.


Social Media

Social media is a large platform where people entertain, communicate, and connect with the world. It consists of different social networking sites which can be used by hackers and fraudsters to steal personal information of users. This information includes credit card numbers and other personally identifiable information, which are often solicited through "phishing" attacks done on social media sites.


Social media tracking

Social media tracking or monitoring is a process of using social media channels to track, gather and mine the information and data of certain individuals or groups, usually companies or organizations, to assess their reputation and discern how they are perceived online.


Social Security fraud

Social Security fraud usually occurs when an unauthorized third-party gains access to an individual's Social Security number and exploits it for their own financial benefit.


Social security number (SSN)

A Social Security number (SSN) is a nine-digit number that the U.S. government issues to all U.S. citizens and eligible U.S. residents who apply for one. The government uses this number to keep track of your lifetime earnings and the number of years worked. Using a social security number, personal data can be obtained, and can let a criminal use the information for purposes of defrauding the owner of that social security number. Often this involves stealing money or the identity of that SSN owner.


Software Piracy

Software piracy is the illegal copying, distribution, or use of software. It is such a profitable "business" that it has caught the attention of organized crime groups in a number of countries. According to the Business Software Alliance (BSA), about 36% of all software in current use is stolen.


Spam

Spam refers to an irrelevant or inappropriate message sent on the Internet to a large number of recipients. These messages are often used by scammers to trick people into providing their personal data so that they can be used to blackmail the person. Normally, spam offers an advertisement which is not validated under the actual name of organization.


Spear Phishing

Spear phishing describes when phishing is done with specific targets in mind; this allows messages to these people to appear more legitimate, or as if they are being sent by a legitimate user. For example, a person may get an offer from an organization that he knows. He might click on it and provide confidential information, perhaps to log-in to the website. In reality, the message is not from the actual organization, and he has given his credentials to the actual site to the spear-phisher.


Spider

A spider is a program that visits Web sites and reads their pages and other information in order to create entries for a search engine index. All major search engines on the Web have these kinds of programs, which are also known as "crawlers" or a "bots". Spiders are usually programmed to visit sites that have been marked by their owners as fresh or modernized.


Spoofs

A spoofing attack is when a malicious party impersonates another device or user on a network in order to launch attacks against network hosts, steal data, spread malware or bypass access controls.


Spyware

Spyware is software that can be installed on a computer system or computer device without the device user's knowledge. The software allows the installer to directly obtain or convert information from a computer and to transmit all that data to their own hard drive.


Statute of Limitations

A statute of limitations is a law that sets the maximum time the parties involved have to initiate legal proceedings from the date of an alleged offense, whether civil or criminal. However, cases involving serious crimes, like murder, typically have no maximum period under a statute of limitations.


Stealing

Stealing is the action that occurs when someone takes possession of another person's identity, posessions, or information without any legal rights and without any permission, without any intention of returning it. In computer system the stealing means the unauthorized or illegal copying, sharing or usage of copyright-protected software programs. Software theft may be carried out by individuals, groups or, in some cases, organizations who then distribute the unauthorized software copies to users.


Stealing or providing business secrets

Stealing business secrets is the act of accessing a business's confidential information and revealing it to people who are not properly authorized to see that information. Intellectual property theft is a kind of stealing of business secrets.


STR (Suspicious Transaction Report)

A suspicious transaction report (STR) refers to the information demanded by the Internal Revenue Service (IRS) from banks and other financial institutions regarding suspicious transactions. It provides a report of the financial flows and other information related to the money flows in a regulated private sector.


Supervised Machine Learning

Supervised machine learning is the machine learning task of learning a function that maps an input to an output based on example input-output pairs. It infers a function from labeled training data consisting of a set of training examples.


Sweepstakes Scam

Sweepstakes scams are when a company or fraudster tells someone they have won a sweepstakes prize, but that as the winner they must first pay a fee to insure delivery of their prize. The winner may pay and then never recieve anything.


Sweetheart scam

A sweetheart scam is a situation where a scammer will pretend to be romantically interested in somebody, with the intention of learning their personal information so that they may commit fraud with it.


Swindling

The term 'swindler' refers to a person who takes advantage of others through deceit. Swindling is a crime committed by a person who defrauds another, causing the victim to suffer damage, by means of unfaithfulness or abuse of confidence. Swindling can be committed by a group of people or an individual involved in defrauding actions in order to get financial benefits or property by exploitation or fraud.


Synthetic identity

A synthetic identity is created by using a combination of fabricated credentials, leading to a fake identity that is not associated with an actual, real person. Fraudsters may create synthetic identities using potentially valid social security numbers (SSNs) with accompanying false personally identifiable information (PII).


Synthetic Identity Creation

Synthetic Identity Creation (SIC) represent the process of creating a false identity. Synthetic Identity Creation (SIC) as a generic term shows how fraudsters collect information about real people and manipulate their identities with false and fabricated information to ensure the creation of a new identity, which is assigned to no actual real-life person.


System integrator

A systems integrator (or system integrator) is a person or company that specializes in bringing together component subsystems into a whole and ensuring that those subsystems function together, a practice known as system integration. They also solve problems of automation.