CASE 1 - David L. Miller: Portrait of a White-Collar Criminal

There is an old saying: Crime doesn't pay. However, for David Miller crime paid for two Mercedes-Benz sedans; a lavish suburban home; a condominium at Myrtle Beach; expensive suits; tailored and monogrammed shirts; diamond, sapphire, ruby, and emerald rings for his wife; and a new car for his father-in-law. Though Miller confessed to embezzling funds from six different employers over a 20-year period, he has never been prosecuted or incarcerated-in large part because his employers never turned him in.

Miller was fired from his first employer for stealing $200. After an assortment of odd jobs, he worked as an accountant for a local baker. Miller was caught embezzling funds and paid back the $1,000 he stole. Again, law enforcement was not notified, and he was quietly dismissed.

Several months after Miller started work at Wheeling Bronze, his third victim, the president discovered a $30,000 cash shortfall and several missing returned checks. An extensive search found the canceled checks, with forged signatures, in an outdoor sand pile. Miller confessed to the scheme and was given the choice of repaying the stolen funds or being prosecuted. When Miller's parents mortgaged their home and repaid the stolen money, he escaped prosecution.

Miller's fourth victim was Robinson Pipe Cleaning. When Miller was caught embezzling funds, he again avoided prosecution by promising to repay the $20,000 he stole.

Miller's fifth victim was Crest Industries, where he worked as accountant. He was an ideal employee-dedicated and hard working, doing outstanding work. He was quickly promoted to office manager and soon purchased a new home, car, and wardrobe. Two years later, Crest auditors discovered that $31,000 was missing. Miller had written several checks to himself, recorded them as payments to suppliers, and intercepted and altered the monthly bank statements. With the stolen money, he financed his lifestyle and repaid Wheeling Bronze and Robinson Pipe Cleaning. Once again, Miller tearfully confessed, claiming he had never embezzled funds previously. Miller showed so much remorse that Crest hired a lawyer for him. He promised to repay the stolen money, gave Crest a lien on his house, and was quietly dismissed. Because Crest management did not want to harm Miller's wife and three children, Crest never pressed charges.

Miller's sixth victim was Rustcraft Broadcasting Company. When Rustcraft was acquired by Associated Communications, Miller moved to Pittsburgh to become Associated's new controller. Miller immediately began dipping into Associated's accounts. Over a six-year period, Millerembezzled $1.36 million, $450,000 of that after he was promoted to CFO. Miller circumvented the need for two signatures on checks by asking executives leaving on vacation to sign several checks "just in case" the company needed to disburse funds while he was gone. Miller used the checks to siphon funds to his personal account. To cover the theft, Miller removed the canceled check from the bank reconciliation and destroyed it. The stolen amount was charged to a unit's expense account to balance the company's books.

While working at Associated, Miller bought a new house, new cars, a vacation home, and an extravagant wardrobe. He was generous with tips and gifts. His $130,000 salary could not have supported this lifestyle, yet no one at Associated questioned the source of his conspicuous consumption. Miller's lifestyle came crashing down while he was on vacation and the bank called to inquire about a check written to Miller. Miller confessed and, as part of his out-of-court settlement, Associated received most of Miller's personal property.

Miller cannot explain why he was never prosecuted. His insistence that he was going to pay his victims back usually satisfied his employers and got him off the hook. He believes these agreements actually contributed to his subsequent thefts; one rationalization for stealing from a new employer was to pay back the former one. Miller believes his theft problem is an illness, like alcoholism or compulsive gambling, that is driven by a subconscious need to be admired and liked by others. He thought that by spending money, others would like him. Ironically, he was universally well liked and admired at each job, for reasons that had nothing to do with money. In fact, one Associated coworker was so surprised by the thefts that he said it was like finding out that your brother was an ax murderer. Miller claims he is not a bad person; he never intended to hurt anyone, but once he got started, he could not stop.

After leaving Associated, Miller was hired by a former colleague, underwent therapy, and now believes he has resolved his problem with compulsive embezzlement.

1. How does Miller fit the profile of the average fraud perpetrator? How does he differ? How did these characteristics make him difficult to detect?

2. Explain the three elements of the Opportunity Triangle (commit, conceal, convert), and discuss how Miller accomplished each when embezzling funds from Associated Communications. What specific concealment techniques did Miller use?

3. What pressures motivated Miller to embezzle? How did Miller rationalize his actions?

4. Miller had a framed T-shirt in his office that said, "He who dies with the most toys wins." What does this tell you about Miller? What lifestyle red flags could have tipped off the company to the possibility of fraud?

5. Why do companies hesitate to prosecute white-collar criminals? What are the consequences of not prosecuting? How could law enforcement officials encourage more prosecution?

6. What could the victimized companies have done to prevent Miller's embezzlement?

CASE 2 - Shadowcrew

At 9:00 P.M., Andrew Mantovani, cofounder of the group Shadowcrew, received a knock at his door while chatting on his computer. For Mantovani and 27 others, that knock marked the end of Shadowcrew, which provided online marketplaces and discussion forums for identity thieves. Shadowcrew members used the organization's website to traffic in stolen Social Security numbers, names, e-mail addresses, counterfeit driver's licenses, birth certificates, and foreign and domestic passports. It also shared best practices for carrying out fraudulent activity. By the time it was shut down, Shadowcrew had trafficked in at least 1.7 million credit cards and it was responsible for more than $4.3 million in fraud losses.

Considered the online equivalent of the Russian Mafia, Shadowcrew operated as a highly sophisticated and hierarchical organization. All users operated under aliases, never revealing their true names or other personal information. Operations and communications were conducted using proxy servers that hid the location and identity of the users. Shadowcrew users were divided into five different roles: administrators, moderators, reviewers, vendors, and members.

Administrators Shadowcrew administrators were the heads of the organization.

Moderators A dozen moderators, chosen from the general membership based on proven skill in fraudulent activity, controlled the flow of information.

Reviewers Reviewers tested the quality of illicit goods (credit cards, passports, etc.) trafficked on the Shadowcrew site. For example, reviewers would run a test called a "dump check" on credit card numbers by hacking into a retailer's cash register system. The fraudster accessed the system through back doors used by technical support personnel to remotely perform maintenance or repairs. The reviewer would then enter a trivial charge of $1 or $2 to see whether the charge was approved. Reviewers would then write up and post detailed descriptions of the credit cards or other merchandise tested.

Vendors Vendors managed the sale of stolen data. Prices were posted and products were sold using an auction forum much like eBay. Payments were processed via Western Union money transfers or an electronic currency and were made using a fraud victim's stolen data.

Members Thousands of people used the Shadowcrew website to gather and share information on committing identity fraud. Shadowcrew practiced open registration, but more sensitive discussion areas were password protected, and members needed another trusted member to vouch for them in order to join the forum.

Members could be promoted up the organization by providing quality products or by sharing new or unique tips or techniques for committing fraud. Shadowcrew punished acts of disloyalty. For instance, one disloyal group member had his actual name, address, and phone number posted on the website for all to see.

Shadowcrew's demise began when MasterCard informed the United States government that a hundred websites promoted and supported identity fraud. The United States Secret Service covertly infiltrated Shadowcrew. Acting as trusted members, agents set up a Virtual Private Network (VPN) over which Shadowcrew leaders could conduct illicit business. The VPN allowed the Secret Service to track the organization's doings and discover the real identities and locations of Shadowcrew users.

It was vital that all arrests occur simultaneously, because any one of the targets could instantly warn the others via Shadowcrew's discussion forum. With the help of the Justice Department, Homeland Security, the Royal Canadian Mounted Police, Europol, and local police departments, authorities simultaneously knocked on the suspects' doors at precisely 9:00 P.M. The operation led to 28 arrests, 21 in the United States. Rather than immediately deactivating the website, investigators replaced the home page with the following warning: "Activities by Shadowcrewmembers are being investigated by the United States Secret Service." Under a picture of hands clutching bars of a jail cell, agents listed the criminal charges that Shadowcrew members faced and called on visitors to turn themselves in: "Contact your local United States Secret Service field office before we contact you!"

(Source: J. McCormick and D. Gage, Baseline Security, March 7, 2005.)

1. How did Shadowcrew members conceal their identities? How can average citizens protect their identities while interacting online?

2. How has the Internet made detecting and identifying identity fraudsters difficult?

3. What are some of the most common electronic means of stealing personal information?

4. What is the most common way that fraudsters use personal data?

5. What measures can consumers take to protect against the online brokering of their personal data?

6. What are the most effective means of detecting identity theft?

7. What pieces of personal information are most valuable to identity fraudsters?