and/or bank account information. BoatingCT.com had not sent these
e-mail messages to their customers. The company contacted the FBI New
Haven field office for investigative assistance, and at the FBI’s request, it
provided a copy of several e-mails received by its customers, along with
its Web server logs. Figure 6-1 shows the text of an e-mail message
received by a customer. Figure 6-2 shows the e-mail header information.
The e-mail header information shown in Figure 6-2 provided some impor-
tant information (see Appendix A). Although the message appeared to be
sent from email@example.com—the victim company’s legitimate e-mail
FBI Analysis ■ 167
Dear Mr. or Mrs. D,
We apologize for any inconvenience this may cause you, but our system has
flagged your order most likely due to an unauthorized credit card transaction.
In order for your items to be shipped we first need some verification. For our
safety and security, BoatingCT requires that you respond back with your card’s
verification number, if one is available. The verification number is a 3-digit
number printed on the back of your card. It appears after and to the right of
your card number.
The second method is bank account verification in case fraudulent credit card
information was provided. We require the routing number, which is located at
the bottom of your check in between the |: and |: symbols, as well as the
account number which comes before the ||’ symbols. Exact location and
number of digits varies between banks.
All information is private and confidential. Again, we apologize for any
inconvenience and hope you continue to shop with us in the future.
Text of e-mail message sent to BoatingCT.com customer.
Source: Special Agent/CART field examiner, FBI New Haven Field Office, January
38190_CH06_FINAL_.qxd 3/25/06 8:42 AM Page 167