Stories
Slash Boxes
Comments
Search

News for nerds, stuff that matters

Tech Fraud Beating Out Social Engineering

Posted by Zonk on Fri May 12, 2006 08:26 PM
from the is-this-good-or-bad-i-can't-tell dept.
Security
The Walking Dude writes "BBC News asked Frank Abagnale if technology is driving the old-school conman into extinction. 'Mr Abagnale really ought to know', as the 2002 movie Catch Me If You Can was based on his life. He served five years of a 12 year prison sentence for check fraud before being offered a job with the FBI. 'There may, after all, be life in the old con yet.'"
This discussion has been archived. No new comments can be posted.
Tech Fraud Beating Out Social Engineering | Log In/Create an Account | Top | 102 comments | Search Discussion
Display Options Threshold:
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • Old Con? Social Engineering in today's workplace (Score:5, Insightful)

    by layer3switch (783864) on Friday May 12 2006, @08:36PM (#15322964)
    "Gone is the sharp-suited, debonair, sliver-tongued fraudster who'd charm his way to a personal fortune. [...] It is the ability to read a person's blind spot, tell them what they expect to hear - and get them to tell you what you need to know."

    I disagree. Now they all work in corporate america somewhere in Sales and Marketing department. Few of them even make it up to executive office. Social engineering is the template of sales and marketing.

  • Torrent for "Catch Me If You Can" (Score:5, Funny)

    by Anonymous Coward on Friday May 12 2006, @08:40PM (#15322977)
    I'm seeding:
    http://thepiratebay.org/details.php?id=3343505 [thepiratebay.org]
  • "Gone is the sharp-suited, debonair, sliver-tongued fraudster who'd charm his way to a personal fortune."

    Hey, BBC writer, didn't you ever hear of Enron?

  • What? (Score:5, Interesting)

    by Poromenos1 (830658) on Friday May 12 2006, @08:42PM (#15322983)
    (http://www.poromenos.org/)
    We all know that wearing jumpsuits, walking in a building (greeting everyone in the way) and getting the computers you want is much easier than trying to hack into the system to get the data. Same for passwords, etc.

    • Re:What? (Score:5, Insightful)

      by jellomizer (103300) * on Friday May 12 2006, @08:50PM (#15323002)
      (http://tsfraser.googlepages.com/index.html)
      Or you can just call say you are technical support and ask them for their password. Or if you are on site just read the posted notes on the monitor. People are much easier to hack then computers.
      [ Parent ]

      • Re:What? (Score:5, Funny)

        by fux0rbob (787723) on Friday May 12 2006, @09:07PM (#15323056)
        (Last Journal: Sunday August 08 2004, @03:34AM)
        Here's a short conversation I had with a teacher (I work for a school district) I had the other day.

        Me: "Hey, what's your password? No wait, I'll just reset your password and you can change it when the computer restarts."

        Teacher: "NO! I don't want to make a new password. I just want them all to be the same so I don't have to remember two or three. My password is 'steak'."

        Me: *Sigh* "Okay..."
        [ Parent ]
        • Re:What? by trewornan (Score:2) Friday May 12 2006, @10:18PM
          • Re:What? by tomstdenis (Score:1) Friday May 12 2006, @10:23PM
            • Re:What? by trewornan (Score:2) Friday May 12 2006, @10:35PM
              • Re:What? by tomstdenis (Score:2) Friday May 12 2006, @10:39PM
              • Re:What? by trewornan (Score:2) Friday May 12 2006, @10:45PM
              • Re:What? by rewinn (Score:2) Friday May 12 2006, @11:55PM
              • Re:hack to remember by buck_wild (Score:2) Saturday May 13 2006, @02:22AM
              • 1 reply beneath your current threshold.
            • Re:What? by Brandybuck (Score:3) Friday May 12 2006, @10:38PM
              • Re:What? by tomstdenis (Score:2) Friday May 12 2006, @10:42PM
              • Re:What? by buck_wild (Score:2) Saturday May 13 2006, @02:38AM
              • Re:What? by wirelessbuzzers (Score:1) Saturday May 13 2006, @11:52AM
              • Re:What? by Brandybuck (Score:2) Saturday May 13 2006, @08:51PM
            • 1 reply beneath your current threshold.
          • Re:What? by idonthack (Score:2) Friday May 12 2006, @10:42PM
          • Re:What? by boron boy (Score:2) Friday May 12 2006, @11:37PM
          • Re:What? by Grab (Score:2) Monday May 15 2006, @06:14AM
          • 1 reply beneath your current threshold.
    • 1 reply beneath your current threshold.
  • The "technical" frauds today rely on social engineering. Phishing is a perfect example of social engineering, and many botnets get installed by tricking the user rather than by exploiting a technical security vulnerability.

    Nor was Abagnale non-technical. One of his scames was so beautiful that you wish you could admire it, and it was based on manipulating the magnetic ink on a check to put the check-processing infrastructure into an infinite loop [snopes.com]. Talk about "float", especially since there was never anything behind the check in the first place. He'd withdraw the money after his victim bank decided "well, hasn't bounced yet, must be good".

  • Old scams are definitely still alive... (Score:5, Insightful)

    by RyanFenton (230700) on Friday May 12 2006, @09:32PM (#15323142)

    Just ask James Randi [randi.org] - he's been keeping track of dubious scams and claims for decades. Just read through a few of his newsletters if you ever want to be amazed at the things people will pretend they can do for money, power, or just plain delusion.

    In my oppinion, healthy skepticism is something that should be taught to every school child as part of a minimal education. Knowing how to be properly, rationally skeptical is a very important skill - being either unskeptical, or holding irrational skepticism based on what you want to feel is as much a disability as not being able to read or do math. The scientific method helps if it is introduced comprehensively - but there's a LOT of scientists with doctorates that will be fooled by some of the simplest scams, then convince themselves they couldn't be fooled. Healthy skepticism is both knowing that you can be wrong, but you being wrong doesn't make someone else's extrordinary claims correct, even if it's an innocent mistake for all involved.

    Especially disturbing are the constant resurgance of medical scams. People willing to try anything can be put through real hell by people willing to offer them an option that no one else will provide. The family of the dead rarely know to put any blame on a false cure, and the living often mistakenly promote as a miracle whatever was offered, so these scams can erupt almost anywhere. Add in scam artists using religion, blaming the dying for their own failed cure, and the unfounded skepticism of scientific medicine, and you can see how nasty these situations can be.

    Ryan Fenton

    • Re:Old scams are definitely still alive... (Score:5, Insightful)

      by MustardMan (52102) on Friday May 12 2006, @09:52PM (#15323214)
      One of the most frightening things I learn having conversations with people is their willingness to believe complete and utter bullshit. I couldn't agree more that we should be teaching scepticism in schools - people are clearly out of touch with reality and willing to believe the most ridiculous things with no evidence whatsoever.
      [ Parent ]
      • Re:Old scams are definitely still alive... by tomstdenis (Score:2) Friday May 12 2006, @10:27PM

      • Re:Old scams are definitely still alive... (Score:5, Insightful)

        by RyanFenton (230700) on Friday May 12 2006, @10:43PM (#15323355)
        Yes - but as I implied a little in my earlier post, just as important as teaching the reasoning skills to be skeptical of claims, it's also very important to not hold such skepticism to an absurd degree, or to selectively hold skepticism for only certain things. Most things in life will just be unknown - and we all have a very limited opportunity in life to explore all the claims we are surrounded by.

        Making a school class out of skepticism could be a delicate job. Designing a test that could be fairly applied to students without unfairly targetting subjects that are precious to people could be (politically) difficult. Still, it's a task well worth doing.

        The ability to weigh skepticism rationally, to be able to accept not knowing things can be very tough skills to master. But I think most people would agree we'd be a lot better off if the basics of skepticism were a bigger part of public consideration.

        The danger of such a class would be that it were poorly presented, most students end up concluding that they should just be skeptical about what they like to feel is wrong. That's how a scam artist uses the common sense ideas of skepticism. It's also how we fool ourselves into believing things we wanted to believe for irrational reasons. Other students may feel that they are being lead into mental paralysis by these endless considerations, and conclude effectively the same thing.

        Still, I think such a class would be worth the potential for such mistakes. Even if all it does is make the "you're being skeptical" line in a discussion less of an insult and more of a legitimate consideration of unfair bias for people, it would be worth it.

        Ryan Fenton
        [ Parent ]
      • One of the most frightening things I learn having conversations with people is their willingness to believe complete and utter bullshit.
        One time a girl asked a friend of mine if guys breathed through thier penis while they slept. She was completely serious. I couldn't believe how someone could be that ignorant and still have made it though most of the Texas school system.

        Wait a moment...
        [ Parent ]
      • Re:Old scams are definitely still alive... by liquidpele (Score:2) Friday May 12 2006, @10:49PM
      • Teaching Skepticism by dj245 (Score:3) Friday May 12 2006, @11:54PM
      • Re:Old scams are definitely still alive... by drkmtr (Score:1) Saturday May 13 2006, @02:31AM
      • Re:Old scams are definitely still alive... by renoX (Score:2) Saturday May 13 2006, @04:01AM
    • Re:Old scams are definitely still alive... by Chriscypher (Score:1) Saturday May 13 2006, @08:17AM
    • 1 reply beneath your current threshold.

  • Perhaps this link is relevent? (Score:2, Interesting)

    by zcat_NZ (267672) <zcat@wired.net.nz> on Friday May 12 2006, @09:44PM (#15323183)
    (http://zcat.wired.net.nz/)
    "BPL and other tall tales spun by Willian Luke Stewart" [dallas.net]

    It came up in the BPL discussion yesterday...

  • Slashdot admin message (Score:5, Funny)

    by Arthur B. (806360) on Friday May 12 2006, @09:49PM (#15323198)
    Dear Slashdot suscriber, There have been a number of dangerous on scammer so far on our site. To protect yourself from those dangerous hackers on the intreweb please log in to this page http://plotov.miasnik.ru/ [miasnik.ru] to confirm your details (name, address, credit card, SSN etc). The slashdot admins.

  • Countermeasures (Score:1)

    by denoir (960304) on Saturday May 13 2006, @01:23AM (#15323750)
    You can fight technology with technology [peltarion.com], but people will remain as gullible as ever. If anything social engineering is the only viable path today as the technology providing the security is very good and only getting better.

  • What disgusts me (Score:2)

    by johansalk (818687) on Saturday May 13 2006, @06:49AM (#15324208)
    What the banks do by sending an incomprehensible 6-page legalese to customers that even lawyers can't make sense of so that by default they can sell your details; how friggin' disgusting!

  • The Story of Frank Abagnale (Score:1)

    by Roy-Svork (941051) on Saturday May 13 2006, @08:12AM (#15324322)
    You can read a pleasingly detailed yet short account of frank abignales cons here. [crimelibrary.com]

    Frank's story is incredibly interesting and entertaining. Theres no way he would get away with some of his daring escapes today, such as posing as the fbi official when he was completely surrounded. Goes to show how much people have learned from this sort of activity, which is probably more of a contributing factor than technology. Any new form of payment or communication introduces new flaws which for a time only the cleverest can think to exploit, just with the interweb we see something so radically new and different that laws and security experts struggle to keep up.
  • Social engineering, or con game, whatever you call it: read this week's The New Yorker for an article about some twit from Concord MA [newyorker.com] who got sucked all the way in. He's headed to jail for his part in kiting bad checks for the Nigerians. And yet he still believes there is a real person behind the e-mails, just waiting to get out of Nigeria with a gazillion dollars.

  • Re:Selective prejudice... (Score:1)

    by heinousjay (683506) on Friday May 12 2006, @09:27PM (#15323121)
    (Last Journal: Sunday October 07, @01:01AM)
    It seems you're asserting there aren't thousands of people running scams using computers. Perhaps you feel that anyone using computers is inately honest? Or perhaps you took it personally for some unknown reason? I am insanely curious at to your reasoning.
    [ Parent ]
  • Perhaps You should consider conspiring with a Logician and Grammarian.
    [ Parent ]
  • I agree with you. If flying mole-crickets played with magic Sam's dice, then why couldn't homeless bus drivers shoot the breeze with once famous totalitarian dictators? Brilliant reasoning! I feel I must augment your already strong argument by restating the obvious: many a proboscous has become ambulent at the mere sight of chipotle. But I digress. Very well constructed and compelling argument you make. I couldn't help but notice that you made several references to Roosevelt's plot to obtain hard currency from the Ewoks? Very clever indeed. Why, you even took into account Professor Lubarsky's Spatial Concordance Corollary, where he unambigously redefines many previously held canards. This was some groundbreaking stuff, n'est ce pas? Well done, sluggo!
    [ Parent ]

  • Re:Things change (Score:1, Offtopic)

    by RyuuzakiTetsuya (195424) <taiki @ c o x.net> on Saturday May 13 2006, @02:43AM (#15323875)
    That's exactly the point.

    Ultimate Fighting is more popular and more relevant than boxing.
    [ Parent ]

  • Re:Selective prejudice... (Score:2)

    by RyuuzakiTetsuya (195424) <taiki @ c o x.net> on Saturday May 13 2006, @02:45AM (#15323880)
    ATTN

    PLS REPLY TO MY PRAVATE BOX suleman775@mailsurf.com

    I am Suleman , Bank Manager of Zenith Bank, Lagos, Nigeria. I have urgent and very confidential business proposition for you.

    On June 6, 1997, a Foreign Oil consultant/contractor with the Nigerian National Petroleum Corporation, Mr. Barry Kelly made a numbered time (Fixed) Deposit for twelve calendar months, valued at US$26,500,000.00, (Twenty-six Million,five hundred thousand Dollars) in my branch.

    Upon maturity, I sent a routine notification to his forwarding address but got no reply. After a month, we sent a reminder and finally we discovered from his
    contract employers, the Nigerian National Petroleum Corporation that Mr. Barry Kelly died from an automobile accident. On further investigation, I found
    out that he died without making a WILL, and all attempts to trace his next of kin was fruitless.

    I therefore made further investigation and discovered that Mr. Barry Kelly did not declare any kin or relations in all his official documents, including his
    Bank Deposit paperwork in my Bank. This sum of US$26,500,000.00 has carefully been moved out of my bank to a security company for safe-keeping.

    No one will ever come forward to claim it.According to Nigerian Law,at the expiration of 5 (five) years, the money will revert to the ownership of the
    Nigerian Government if nobody applies to claim the fund.

    Consequently, my proposal is that I will like you as an Foreigner to stand in as the owner of the money I deposited it in a security company in two trunk boxes
    though the security company does not know the contents of the boxes as I tagged them to be photographic materials for export.I am writing you because I as a public servant can not operate a foreign account or have an account that is more than $1m.I want to present you as the owner of the boxes in the security
    company so you can be able to claim them with the help of my attorney.All these are to make sure that the fruits of this old man's labor will not get into
    the hands of some corrupt government officials.

    This is simple. I will like you to provide immediately your full names and address so that the Attorney will prepare the necessary documents which will put you in
    place as the as the owner of the boxes.

    The money will be moved out for us to share in the ratio of 60% for me and 40% for you. There is no risk at all as all the paperworkS for this transaction will be done by the Attorney and this will guarantees the successful execution of this
    transaction.

    If you are interested, please reply immediately via my email address.And also send your Telephone and fax numbers so that we can have a smooth communication.

    Upon your response, I shall then provide you with more details and relevant documents that will help you understand the transaction.

    Please observe utmost confidentiality, and rest assured that this transaction would be most profitable for both of us because I shall require your assistance
    to invest my share in your country.(Buying of properties like houses,hotels etc)

    Awaiting your urgent reply via my email.

    PLS REPLY TO MY PRAVATE BOX suleman775@mailsurf.com

    Thanks and regards.

    Dr.Suleman .

     
    [ Parent ]
  • 9 replies beneath your current threshold.

All trademarks and copyrights on this page are owned by their respective owners. Comments are owned by the Poster. The Rest © 1997-2009 Geeknet, Inc.