Whether you are wanting to try and get your own back at scammers or just find out how they do it, this 2008 book may prove interesting.
With around 740 pages and 20 chapters, it describes various web application technologies, bypassing and attacking controls, finding vulnerabilities and much, much more.
Edit: also included is 'network intrusion detection - an analysts handbook'
It you are interested in this, it's free for collection from Matlock.
The web application hacker's handbook (Matlock DE4)
This offer has been gifted to someone and is no longer available.