FBI Care Cyber Law Knowledge Base https://fbicare.com Cyber Law Knowledge Base Mon, 29 Jan 2018 09:48:00 +0000 en-US hourly 1 https://wordpress.org/?v=6.6.1 Protect yourself against cyber attacks https://fbicare.com/protect-cyber-attacks/ Tue, 30 Jan 2018 09:30:23 +0000 https://fbicare.com/?p=1430

A cyber-attack is an attempt by an individual or group to obtain unauthorized access to a computer network or system. It may be executed for financial gain, to obtain data, or to damage the reputation of an individual or entity. Cyber-attacks are a growing concern in the financial services sector. In 2015, 8.5 million Canadian consumers were affected by cybercrime (Norton Cyber Security Insights Report 2016)

 

The financial services industry is shifting toward online products that make it easier for people to do business. But portals, online applications and mobile apps increase the ways in which cyber-attacks can occur against consumers.
FSCO’s regulated sectors, such as insurance providers, mortgage brokerages and pension plans, have a responsibility to protect information and provide a safe online environment for consumers. This includes implementing policies and processes that help prevent cybercrime and lay out the steps to take if a cyber-attack takes place.
However, criminals are finding new ways to steal confidential information even from those who are diligent in protecting their online profile. If you deal with any financial service organization online, it is important to be aware of the risks involved and the steps you can take to protect yourself.

What do cyber-attacks look like?

Some cyber-attacks may seem obvious to you, such as suspicious emails, but others can be hard to detect. Some of the most common ways criminals try to steal your information include:

Hacking: cyber criminals gain access to your device or an organization’s information technology systems to steal your information
Malware: viruses, spyware or adware are placed on your device to steal your information
Pharming: cyber criminals redirect an organization’s legitimate website to a similar-looking website that captures the information you enter
Phishing: fake emails, text messages and websites asking for your information, such as your social insurance number (SIN)
Spam: mass distribution of unwanted messages to you or from you to your contact list
Wi-Fi Eavesdropping: captures your online activity over an unsecure Wi-Fi network

How can you reduce the risks of a cyber-attack?

Practicing regular reviews of your online profile can reduce your exposure to cyber-attacks. Simple steps you can take – such as using strong passwords, changing passwords regularly for each of your devices and services, and updating software to the latest version – may address up to 80 per cent of the risk of compromises due to cyber-attacks (Insurance Institute, 2015). Other things you can do include:

 

  • Start a discussion with your financial service providers so you understand how your information is kept safe.
  • Avoid using public Wi-Fi when dealing with financial service providers and opt for an encrypted or secure connection. Turn off Wi-Fi and Bluetooth settings when you are not using them.
  • If you receive an email from a financial service provider asking for information, give them a call (on a number not given in the email) to confirm it is legitimate. When in doubt, delete it.
  • Use safe payment options, such as credit cards, when making purchases online. Avoid using money transfers – this is not a common practice in the financial services industry.
  • Find other tips and resources on Public Safety Canada’s website – Get Cyber Safe
]]>
Tactics used in Advance fee fraud https://fbicare.com/tactics-used-advance-fee-fraud/ Mon, 29 Jan 2018 09:26:14 +0000 https://fbicare.com/?p=1426
Perpetrators of an Advance Fee Fraud (AFF) can be very creative and innovative. These schemes can use the following tactics:
  • An individual or company receives a letter or fax from an alleged “official” representing a foreign government or agency;
  • An offer is made to transfer a sum of money, possibly millions of dollars in “over invoiced contract” funds, into the individual or company’s bank account;
  • There may be an encouragement to travel overseas to complete the transaction;
  • Blank company letterhead, forms, bank account information, telephone/fax numbers and other personal information may be requested;
  • Perpetrators provide numerous documents with official looking stamps, seals and logos testifying to the authenticity of the proposal;
  • Up-front or advance fees for various taxes, attorney fees, transaction fees or bribes are requested;
  • In some cases, perpetrators may send nominal amounts of money to the intended victim, in order to establish his/her confidence;
  • Once the perpetrators have received an initial up-front fee, requests to invest additional funds to complete the transaction follow;
  • Other forms of schemes include: c.o.d. of goods or services, real estate ventures, purchases of crude oil at reduced prices, beneficiary of a will, beneficiary of a life insurance policy, recipient of an award and paper currency conversion.
Consumers who are contacted by an off-shore perpetrator of an AFF scam are recommended to not respond to the inquiry.
]]>
Identity information https://fbicare.com/1408-2/ Sun, 28 Jan 2018 05:59:31 +0000 https://fbicare.com/?p=1408

403

(1) Everyone commits an offence who fraudulently personates another person, living or dead,

  • (a) with intent to gain advantage for themselves or another person;
  • (b) with intent to obtain any property or an interest in any property;
  • (c) with intent to cause disadvantage to the person being personated or another person; or
  • (d) with intent to avoid arrest or prosecution or to obstruct, pervert or defeat the course of justice.
    Marginal note:Clarification

(2) For the purposes of subsection (1), personating a person includes pretending to be the person or using the person’s identity information — whether by itself or in combination with identity information pertaining to any person — as if it pertains to the person using it.
Marginal note:Punishment

(3) Everyone who commits an offence under subsection (1)

  • (a) is guilty of an indictable offence and liable to imprisonment for a term of not more than 10 years; or
  • (b) is guilty of an offence punishable on summary conviction.
]]>
Section 402- fraudulent misrepresentation https://fbicare.com/fraudulent-misrepresentation/ Sat, 27 Jan 2018 10:06:00 +0000 https://fbicare.com/?p=1402

Identity theft

402.2

(1) Everyone commits an offence who knowingly obtains or possesses another person’s identity information in circumstances giving rise to a reasonable inference that the information is intended to be used to commit an indictable offence that includes fraud, deceit or falsehood as an element of the offence.
Marginal note:Trafficking in identity information

(2) Everyone commits an offence who transmits, makes available, distributes, sells or offers for sale another person’s identity information, or has it in their possession for any of those purposes, knowing that or being reckless as to whether the information will be used to commit an indictable offence that includes fraud, deceit or falsehood as an element of the offence.
Marginal note:Clarification

(3) For the purposes of subsections (1) and (2), an indictable offence referred to in either of those subsections includes an offence under any of the following sections:

  • (a) section 57 (forgery of or uttering forged passport);
  • (b) section 58 (fraudulent use of certificate of citizenship);
  • (c) section 130 (personating peace officer);
  • (d) section 131 (perjury);
  • (e) section 342 (theft, forgery, etc., of credit card);
  • (f) section 362 (false pretence or false statement);
  • (g) section 366 (forgery);
  • (h) section 368 (use, trafficking or possession of forged document);
  • (i) section 380 (fraud); and
  • (j) section 403 (identity fraud).
    Marginal note:Jurisdiction

(4) An accused who is charged with an offence under subsection (1) or (2) may be tried and punished by any court having jurisdiction to try that offence in the place where the offence is alleged to have been committed or in the place where the accused is found, is arrested or is in custody. However, no proceeding in respect of the offence shall be commenced in a province without the consent of the Attorney General of that province if the offence is alleged to have been committed outside that province.
Marginal note:Punishment

(5) Everyone who commits an offence under subsection (1) or (2)

  • (a) is guilty of an indictable offence and liable to imprisonment for a term of not more than five years; or
  • (b) is guilty of an offence punishable on summary conviction.
]]>
Section 184- Wiretapping Laws in Canada https://fbicare.com/section-184-wiretapping-laws-canada/ Fri, 26 Jan 2018 09:55:27 +0000 https://fbicare.com/?p=1397

Interception

184

(1) Every one who, by means of any electro-magnetic, acoustic, mechanical or other device, wilfully intercepts a private communication is guilty of an indictable offence and liable to imprisonment for a term not exceeding five years.
Marginal note:Saving provision

(2) Subsection (1) does not apply to

  • (a) a person who has the consent to intercept, express or implied, of the originator of the private communication or of the person intended by the originator thereof to receive it;
  • (b) a person who intercepts a private communication in accordance with an authorization or pursuant to section 184.4 or any person who in good faith aids in any way another person who the aiding person believes on reasonable grounds is acting with an authorization or pursuant to section 184.4;
  • (c) a person engaged in providing a telephone, telegraph or other communication service to the public who intercepts a private communication,

(i) if the interception is necessary for the purpose of providing the service,

(ii) in the course of service observing or random monitoring necessary for the purpose of mechanical or service quality control checks, or

(iii) if the interception is necessary to protect the person’s rights or property directly related to providing the service;

  • (d) an officer or servant of Her Majesty in right of Canada who engages in radio frequency spectrum management, in respect of a private communication intercepted by that officer or servant for the purpose of identifying, isolating or preventing an unauthorized or interfering use of a frequency or of a transmission; or
  • (e) a person, or any person acting on their behalf, in possession or control of a computer system, as defined in subsection 342.1(2), who intercepts a private communication originating from, directed to or transmitting through that computer system, if the interception is reasonably necessary for

(i) managing the quality of service of the computer system as it relates to performance factors such as the responsiveness and capacity of the system as well as the integrity and availability of the system and data, or

(ii) protecting the computer system against any act that would be an offence under subsection 342.1(1) or 430(1.1).
Marginal note:Use or retention

(3) A private communication intercepted by a person referred to in paragraph (2)(e) can be used or retained only if

  • (a) it is essential to identify, isolate or prevent harm to the computer system; or
  • (b) it is to be disclosed in circumstances referred to in subsection 193(2).
]]>
Section 342- Criminal Law in Canada https://fbicare.com/criminal-law-in-canada/ Thu, 25 Jan 2018 08:50:26 +0000 https://fbicare.com/?p=1393

Theft, forgery, etc., of credit card

342

(1) Every person who

  • (a) steals a credit card,
  • (b) forges or falsifies a credit card,
  • (c) possesses, uses or traffics in a credit card or a forged or falsified credit card, knowing that it was obtained, made or altered
  • (i) by the commission in Canada of an offence, or
  • (ii) by an act or omission anywhere that, if it had occurred in Canada, would have constituted an offence, or
  • (d) uses a credit card knowing that it has been revoked or cancelled,

is guilty of

  • (e) an indictable offence and is liable to imprisonment for a term not exceeding ten years, or
  • (f) an offence punishable on summary conviction.
    Marginal note:Jurisdiction

(2) An accused who is charged with an offence under subsection (1) may be tried and punished by any court having jurisdiction to try that offence in the place where the offence is alleged to have been committed or in the place where the accused is found, is arrested or is in custody, but where the place where the accused is found, is arrested or is in custody is outside the province in which the offence is alleged to have been committed, no proceedings in respect of that offence shall be commenced in that place without the consent of the Attorney General of that province.
Marginal note:Unauthorized use of credit card data

(3) Every person who, fraudulently and without colour of right, possesses, uses, traffics in or permits another person to use credit card data, including personal authentication information, whether or not the data is authentic, that would enable a person to use a credit card or to obtain the services that are provided by the issuer of a credit card to credit card holders is guilty of

  • (a) an indictable offence and is liable to imprisonment for a term not exceeding ten years; or
  • (b) an offence punishable on summary conviction.
    Marginal note:Definitions

(4) In this section,

personal authentication information means a personal identification number or any other password or information that a credit card holder creates or adopts to be used to authenticate his or her identity in relation to the credit card; (authentifiant personnel)

traffic means, in relation to a credit card or credit card data, to sell, export from or import into Canada, distribute or deal with in any other way. (trafic)

]]>
Wire Fraud https://fbicare.com/wire-fraud/ Wed, 24 Jan 2018 05:52:17 +0000 https://fbicare.com/?p=1380

The federal statute on wire fraud is Title 18, United States Code, Section 1343. Congress passed the wire fraud statute in 1952 as part of the Communications Act Amendment. The law against mail fraud was already on the books at that point, but Congress wanted to extend the mail fraud provisions to cover new technology.

Like the mail fraud statute, the law against wire fraud prohibits any scheme or artifice to defraud that uses wire, radio, or television communication in interstate commerce. Later in 1956, Congress broadened the scope of the wire fraud statute to include transmissions in foreign commerce.

The elements of wire fraud are the same as mail fraud. In order to convict the defendant, federal prosecutions have to prove all of the following beyond a reasonable doubt:

  1. A scheme to defraud or obtain money or property by fraudulent pretenses.
  2. Intent.
  3. The making of materially false representations.
  4. Transmission by wire, radio, or television communication in interstate or foreign commerce.

The United States Attorney is not required to establish that the wire, radio, or television transmission was critical to the scheme. Rather, the transmission element is more like a jurisdictional element. The transmission in interstate commerce is what gives federal court jurisdiction over the scheme. Without the transmission, the scheme would be prosecutable in state court.

The venue for prosecution under 18 USC 1343 is basically any district where either the transmission began or ended. The venue statute, 18 USC 3237, provides that venue is proper in any district in which the offense began, continued, or was completed.

Wire fraud is a felony offense under federal law. The penalty can be 20 years imprisonment. However, where the victim of the wire fraud was a financial institution (eg, bank), the sentence is enhanced. In these cases, the sentence can be 30 years in federal prison.

]]>
CAN-SPAM Act https://fbicare.com/can-spam-act/ Tue, 23 Jan 2018 08:49:16 +0000 https://fbicare.com/?p=1374

Do you use email in your business? The CAN-SPAM Act, a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have you stop emailing them, and spells out tough penalties for violations.

Despite its name, the CAN-SPAM Act doesn’t apply just to bulk email. It covers all commercial messages, which the law defines as “any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service,” including email that promotes content on commercial websites. The law makes no exception for business-to-business email. That means all email – for example, a message to former customers announcing a new product line – must comply with the law.

Each separate email in violation of the CAN-SPAM Act is subject to penalties of up to $40,654, so non-compliance can be costly. But following the law isn’t complicated. Here’s a rundown of CAN-SPAM’s main requirements:

  1. Don’t use false or misleading header information. Your “From,” “To,” “Reply-To,” and routing information – including the originating domain name and email address – must be accurate and identify the person or business who initiated the message.
  2. Don’t use deceptive subject lines. The subject line must accurately reflect the content of the message.
  3. Identify the message as an ad. The law gives you a lot of leeway in how to do this, but you must disclose clearly and conspicuously that your message is an advertisement.
  4. Tell recipients where you’re located. Your message must include your valid physical postal address. This can be your current street address, a post office box you’ve registered with the U.S. Postal Service, or a private mailbox you’ve registered with a commercial mail receiving agency established under Postal Service regulations.
  5. Tell recipients how to opt out of receiving future email from you. Your message must include a clear and conspicuous explanation of how the recipient can opt out of getting email from you in the future. Craft the notice in a way that’s easy for an ordinary person to recognize, read, and understand. Creative use of type size, color, and location can improve clarity. Give a return email address or another easy Internet-based way to allow people to communicate their choice to you. You may create a menu to allow a recipient to opt out of certain types of messages, but you must include the option to stop all commercial messages from you. Make sure your spam filter doesn’t block these opt-out requests.
  6. Honor opt-out requests promptly. Any opt-out mechanism you offer must be able to process opt-out requests for at least 30 days after you send your message. You must honor a recipient’s opt-out request within 10 business days. You can’t charge a fee, require the recipient to give you any personally identifying information beyond an email address, or make the recipient take any step other than sending a reply email or visiting a single page on an Internet website as a condition for honoring an opt-out request. Once people have told you they don’t want to receive more messages from you, you can’t sell or transfer their email addresses, even in the form of a mailing list. The only exception is that you may transfer the addresses to a company you’ve hired to help you comply with the CAN-SPAM Act.
  7. Monitor what others are doing on your behalf. The law makes clear that even if you hire another company to handle your email marketing, you can’t contract away your legal responsibility to comply with the law. Both the company whose product is promoted in the message and the company that actually sends the message may be held legally responsible.
]]>
Access Denied Fraud https://fbicare.com/access-denied-fraud/ Tue, 23 Jan 2018 07:33:54 +0000 https://fbicare.com/?p=1365

(a) Whoever—

  • (1) knowingly and with intent to defraud produces, uses, or traffics in one or more counterfeit access devices;
  • (2) knowingly and with intent to defraud traffics in or uses one or more unauthorized access devices during any one-year period, and by such conduct obtains anything of value aggregating $1,000 or more during that period;
  • (3) knowingly and with intent to defraud possesses fifteen or more devices which are counterfeit or unauthorized access devices;
  • (4) knowingly, and with intent to defraud, produces, traffics in, has control or custody of, or possesses device-making equipment;
  • (5) knowingly and with intent to defraud effects transactions, with 1 or more access devices issued to another person or persons, to receive payment or any other thing of value during any 1-year period the aggregate value of which is equal to or greater than $1,000;
  • (6) without the authorization of the issuer of the access device, knowingly and with intent to defraud solicits a person for the purpose of—

(A) offering an access device; or
(B) selling information regarding or an application to obtain an access device;

  • (7) knowingly and with intent to defraud uses, produces, traffics in, has control or custody of, or possesses a telecommunications instrument that has been modified or altered to obtain unauthorized use of telecommunications services;
  • (8) knowingly and with intent to defraud uses, produces, traffics in, has control or custody of, or possesses a scanning receiver;
  • (9) knowingly uses, produces, traffics in, has control or custody of, or possesses hardware or software, knowing it has been configured to insert or modify telecommunication identifying information associated with or contained in a telecommunications instrument so that such instrument may be used to obtain telecommunications service without authorization; or
  • (10) without the authorization of the credit card system member or its agent, knowingly and with intent to defraud causes or arranges for another person to present to the member or its agent, for payment, 1 or more evidences or records of transactions made by an access device;
    shall, if the offense affects interstate or foreign commerce, be punished as provided in subsection (c) of this section.

(b)

  • (1) Whoever attempts to commit an offense under subsection (a) of this section shall be subject to the same penalties as those prescribed for the offense attempted.
  • (2) Whoever is a party to a conspiracy of two or more persons to commit an offense under subsection (a) of this section, if any of the parties engages in any conduct in furtherance of such offense, shall be fined an amount not greater than the amount provided as the maximum fine for such offense under subsection (c) of this section or imprisoned not longer than one-half the period provided as the maximum imprisonment for such offense under subsection (c) of this section, or both.

(c) Penalties.—

  • (1)Generally.—The punishment for an offense under subsection (a) of this section is—
  • (A) in the case of an offense that does not occur after a conviction for another offense under this section—
    (i) if the offense is under paragraph (1), (2), (3), (6), (7), or (10) of subsection (a), a fine under this title or imprisonment for not more than 10 years, or both; and
    (ii)if the offense is under paragraph (4), (5), (8), or (9) of subsection (a), a fine under this title or imprisonment for not more than 15 years, or both;
  • (B) in the case of an offense that occurs after a conviction for another offense under this section, a fine under this title or imprisonment for not more than 20 years, or both; and
  • (C) in either case, forfeiture to the United States of any personal property used or intended to be used to commit the offense.
  • (2)Forfeiture procedure.—
    The forfeiture of property under this section, including any seizure and disposition of the property and any related administrative and judicial proceeding, shall be governed by section 413 of the Controlled Substances Act, except for subsection (d) of that section.

(d) The United States Secret Service shall, in addition to any other agency having such authority, have the authority to investigate offenses under this section. Such authority of the United States Secret Service shall be exercised in accordance with an agreement which shall be entered into by the Secretary of the Treasury and the Attorney General.

(e) As used in this section—

  • (1) the term “access device” means any card, plate, code, account number, electronic serial number, mobile identification number, personal identification number, or other telecommunications service, equipment, or instrument identifier, or other means of account access that can be used, alone or in conjunction with another access device, to obtain money, goods, services, or any other thing of value, or that can be used to initiate a transfer of funds (other than a transfer originated solely by paper instrument);
  • (2) the term “counterfeit access device” means any access device that is counterfeit, fictitious, altered, or forged, or an identifiable component of an access device or a counterfeit access device;
  • (3) the term “unauthorized access device” means any access device that is lost, stolen, expired, revoked, canceled, or obtained with intent to defraud;
  • (4) the term “produce” includes design, alter, authenticate, duplicate, or assemble;
  • (5) the term “traffic” means transfer, or otherwise dispose of, to another, or obtain control of with intent to transfer or dispose of;
  • (6) the term “device-making equipment” means any equipment, mechanism, or impression designed or primarily used for making an access device or a counterfeit access device;
  • (7) the term “credit card system member” means a financial institution or other entity that is a member of a credit card system, including an entity, whether affiliated with or identical to the credit card issuer, that is the sole member of a credit card system;
  • (8) the term “scanning receiver” means a device or apparatus that can be used to intercept a wire or electronic communication in violation of chapter 119 or to intercept an electronic serial number, mobile identification number, or other identifier of any telecommunications service, equipment, or instrument;
  • (9) the term “telecommunications service” has the meaning given such term in section 3 of title I of the Communications Act of 1934 (47 U.S.C. 153);
  • (10) the term “facilities-based carrier” means an entity that owns communications transmission facilities, is responsible for the operation and maintenance of those facilities, and holds an operating license issued by the Federal Communications Commission under the authority of title III of the Communications Act of 1934; and
  • (11) the term “telecommunication identifying information” means electronic serial number or any other number or signal that identifies a specific telecommunications instrument or account, or a specific communication transmitted from a telecommunications instrument.

(f) This section does not prohibit any lawfully authorized investigative, protective, or intelligence activity of a law enforcement agency of the United States, a State, or a political subdivision of a State, or of an intelligence agency of the United States, or any activity authorized under chapter 224 of this title. For purposes of this subsection, the term “State” includes a State of the United States, the District of Columbia, and any commonwealth, territory, or possession of the United States.

(g)

  • (1) It is not a violation of subsection (a)(9) for an officer, employee, or agent of, or a person engaged in business with, a facilities-based carrier, to engage in conduct (other than trafficking) otherwise prohibited by that subsection for the purpose of protecting the property or legal rights of that carrier, unless such conduct is for the purpose of obtaining telecommunications service provided by another facilities-based carrier without the authorization of such carrier.
  • (2) In a prosecution for a violation of subsection (a)(9), (other than a violation consisting of producing or trafficking) it is an affirmative defense (which the defendant must establish by a preponderance of the evidence) that the conduct charged was engaged in for research or development in connection with a lawful purpose.

(h) Any person who, outside the jurisdiction of the United States, engages in any act that, if committed within the jurisdiction of the United States, would constitute an offense under subsection (a) or (b) of this section, shall be subject to the fines, penalties, imprisonment, and forfeiture provided in this title if the offense involves an access device issued, owned, managed, or controlled by a financial institution, account issuer, credit card system member, or other entity organized under the laws of the United States, or any State, the District of Columbia, or other territory of the United States.

]]>
Aggravated Identity Theft https://fbicare.com/aggravated-identity-theft/ Fri, 19 Jan 2018 06:32:44 +0000 https://fbicare.com/?p=1278

(a) Offenses.—

  • (1)In general.—

Whoever, during and in relation to any felony violation enumerated in subsection (c), knowingly transfers, possesses, or uses, without lawful authority, a means of identification of another person shall, in addition to the punishment provided for such felony, be sentenced to a term of imprisonment of 2 years.

  • (2)Terrorism offense.—
    Whoever, during and in relation to any felony violation enumerated in section 2332b(g)
  • (5)(B),knowingly transfers, possesses, or uses, without lawful authority, a means of identification of another person or a false identification document shall, in addition to the punishment provided for such felony, be sentenced to a term of imprisonment of 5 years.

(b)Consecutive Sentence.—Notwithstanding any other provision of law—

  • (1) a court shall not place on probation any person convicted of a violation of this section;
  • (2) except as provided in paragraph (4), no term of imprisonment imposed on a person under this section shall run concurrently with any other term of imprisonment imposed on the person under any other provision of law, including any term of imprisonment imposed for the felony during which the means of identification was transferred, possessed, or used;
  • (3) in determining any term of imprisonment to be imposed for the felony during which the means of identification was transferred, possessed, or used, a court shall not in any way reduce the term to be imposed for such crime so as to compensate for, or otherwise take into account, any separate term of imprisonment imposed or to be imposed for a violation of this section; and
  • (4) a term of imprisonment imposed on a person for a violation of this section may, in the discretion of the court, run concurrently, in whole or in part, only with another term of imprisonment that is imposed by the court at the same time on that person for an additional violation of this section, provided that such discretion shall be exercised in accordance with any applicable guidelines and policy statements issued by the Sentencing Commission pursuant to section 994 of title 28.

(c)Definition.—For purposes of this section, the term “felony violation enumerated in subsection (c)” means any offense that is a felony violation of —

  • (1) section 641 (relating to theft of public money, property, or rewards [1]), section 656 (relating to theft, embezzlement, or misapplication by bank officer or employee), or section 664 (relating to theft from employee benefit plans);
  • (2) section 911 (relating to false personation of citizenship);
  • (3) section 922(a)(6) (relating to false statements in connection with the acquisition of a firearm);
  • (4) any provision contained in this chapter (relating to fraud and false statements), other than this section or section 1028(a)(7);
  • (5) any provision contained in chapter 63 (relating to mail, bank, and wire fraud);
  • (6) any provision contained in chapter 69 (relating to nationality and citizenship);
  • (7) any provision contained in chapter 75 (relating to passports and visas);
  • (8) section 523 of the Gramm-Leach-Bliley Act (15 U.S.C. 6823) (relating to obtaining customer information by false pretenses);
  • (9) section 243 or 266 of the Immigration and Nationality Act (8 U.S.C. 1253 and 1306) (relating to willfully failing to leave the United States after deportation and creating a counterfeit alien registration card);
  • (10) any provision contained in chapter 8 of title II of the Immigration and Nationality Act (8 U.S.C. 1321 et seq.) (relating to various immigration offenses); or
  • (11) section 208, 811, 1107(b), 1128B(a), or 1632 of the Social Security Act (42 U.S.C. 408, 1011, 1307(b), 1320a–7b(a), and 1383a) (relating to false statements relating to programs under the Act).
]]>