[prev in list] [next in list] [prev in thread] [next in thread]
List: isn
Subject: [ISN] Frank Abagnale Jr. Exposes Security Enigmas at Chicago Confab
From: InfoSec News <isn () c4i ! org>
Date: 2003-06-23 7:58:07
[Download RAW message or body]
Forwarded from: William Knowles <wk@c4i.org>
http://www.eprairie.com/news/viewnews.asp?newsletterid=4690
By ADAM FENDELMAN
Editor-in-Chief
adam@eprairie.com
6/20/2003
CHICAGO - Chicago caught "Catch Me If You Can" muse Frank Abagnale Jr.
on Thursday night at the Four Seasons.
A criminal-turned-celebrity, Abagnale now hails as one of the world's
foremost connoisseurs of embezzlement, forgery and glut of other
things no one - he says in retrospect - should ever do.
Formerly an avid flier of the fraudulently "free" skies, the recovered
con man flew to Chicago to expose to local security executives his
real story, how today's high-tech crooks are winning and how they can
be trounced.
So reasoned the FBI some 25 years ago, who better could nab elusive
thieves than one who cashed $2.5 million in fraudulent checks over a
five-year period?
Abagnale also posed as a PanAm airline pilot (he remembers thinking
"equipment" meant a plane's engine rather than the plane itself), an
attorney (he actually passed the bar exam in 10 weeks rather than two
as depicted in the movie) and a pediatrician (initially answering just
as a "medical" doctor and making certain to give cute girls thorough
"exams").
So questioned this reporter, should convicted masterminds be released
from penitentiaries and put to work for secret services like the FBI
or CIA? Abagnale told ePrairie: "I can't think of many cases like
mine. I am a bit of an exception."
Whether or not Abagnale actually advocates releasing felons for the
purposes of high-end anti-fraud work, Abagnale modestly asserted that
the ways he duped our nation's systems were relatively simple and
weren't necessarily rocket science. He has devoted the last 25 years
to erect walls so like-minded swindlers can't pull off similar stunts.
Known especially for his propensity to create fake checks that would
fund his travels before they had a chance to bounce (some 1 million
illegal air miles to 26 countries between the ages of 16 and 18 on
every airline but now-defunct PanAm), one of Abagnale's tricks
exploited a "big green calculator" at a bank.
He moseyed into this bank and asked questions like he always would to
detect the institution's loopholes. He began by opening a new checking
account under a phony PanAm identity. He then asked for deposit slips.
He was told to help himself to a community table with blank deposit
slips. Most people would write their checking account numbers on them
and turn them in.
Always the inquisitive kid who likes a challenge, Abagnale used the
calculator-like device to magnetically encode his account number on
the bottom of lots of deposit slips. He then put them back on the
lobby table. Everyone who made deposits that day ended up depositing
money to his account. Abagnale withdrew some $40,000 shortly
thereafter and disappeared.
Catching Who He Can
Now a turn-to man for some 14,000 financial institutions, corporations
and law enforcement agencies (Abagnale says he has worked with 65
percent of the Fortune 500 and all 50 of the world's largest banks),
he asserts that punishment for fraud and recovery of stolen funds are
so rare that prevention is the only viable course of action.
"I always knew I'd get caught," Abagnale said. "Though the law
sometimes sleeps, it never dies."
Most crimes today are committed internally, he says, adding that
today's criminals have realized that it's more effective to hack
people rather than computers. Sure, one could spend the time and
resources to develop high-tech hacking systems to swipe cash from a
bank, but why not befriend some bank workers through a few smokes and
buy information rather than try to steal it?
Abagnale says Novell, which produced Thursday's gathering of 166
registrants, is transitioning to managing the identities at large
organizations to intelligently control who has access to what. As an
example of a pain Novell is solving, it'd often take a company that
just laid off thousands of workers months to revoke an employee's
special privileges.
Businesses lose an estimated $400 billion each year to fraud. While
security is advancing, the massive and rapid flow of information is
making the felon's job easier by the day, he says.
Though Abagnale used $2 million machines that filled a room to print
checks during his fraudulent heyday, today he says he could flip open
a slim laptop, power up a small printer and have access to your
personal and financial information within five or 10 minutes - all
thanks to the Internet.
But how?
Though there are thousands of free and paid resources on the Web that
can unsuspectingly be used especially for identity theft, Abagnale
singled out FamilySearch.org, which he says operates one of the
world's largest databases and includes death records from 10 days ago
to 200 years ago.
A free service of the Mormon church, simple searches reveal public
information such as social security numbers, birthplaces and death
dates.
Sites such as NetDetectiveSoftware.com and DocuSearch.com also offer
personal but public information - even what the FBI knows about you -
for fees that range between $49 and $150. Many such sites are used
malicilously to impersonate identities and steal money.
"Identity theft is a huge problem today and is the crime of the
future," Abagnale said. "It absolutely is the simplest crime. Anyone
can find out at least 22 pieces of information about you instantly
including your social security number, you mother's maiden name,
someone who lives in your house who isn't related to you and who lives
around you in your neighborhood."
To protect himself, one tool Abagnale uses personally is called
Privacy Guard. With 4.5 million paid members at $110 per year,
Abignale says the software sends him instant e-mails or pages any time
anyone requests his credit report. Best of all, he says, the company's
own employees can't see the data.
Lessons Learned
Abagnale regrets his past as a cheat. He says what he did was immoral,
illegal and unethical. Though he receives some 200 e-mails per day
from "fans" surfing by Abagnale.com who rave about his brilliance,
Abagnale says he was just a kid. He added: "If I really was brilliant,
I wouldn't have broken the law."
In retrospect, Abagnale says he learned at least four critical
lessons, which are played out in Spielberg's movie starring Tom Hanks
and Leonardo DiCaprio:
* The 1960s were far more innocent. People believed you were who you
say you were.
* You must pay for your mistakes.
* More amazing than what he pulled off as a liar and a thief, the
movie was about redemption and the family man he transformed into.
* A divorce can be devastating for a child.
Why'd he do it all? Because he could. Would he do it all again? He
vehemently says no. Abagnale says his life hasn't been glamorous. A
lonely child on the run, he said he'd constantly cry himself to sleep
through the age of 20. He never had a senior prom or went to a high
school football game. He added: "I lost much more than I ever gained."
In addition to the 1980 book "Catch Me If You Can" with reporter Stan
Redding and Abagnale's 2002 book entitled "The Art of the Steal"
(Abagnale sold the rights to his earlier book to Spielberg two decades
ago and didn't profit from the 2003 movie), a "Catch Me If You Can"
television series will debut in 2004 from the creators of ER along
with a Broadway musical of the FBI hunt.
Though many people think Abagnale's redemption draws from religion,
immaturity or prison, he attributes it entirely to the family he
created in Tulsa. Amazingly terrified, executives on Thursday were
caught tearing as Abagnale spoke to his life's true legacy.
"God gave me a wife. She gave me children," Abagnale said, noting that
his oldest son is a third-year law student at Loyola University in
Chicago. "She changed my life. Everything I am is in them. People
don't truly understand love until they bring a child into the world. A
real man loves his wife and is faithful. I've done nothing greater
than being a good husband and great daddy."
Finally nabbed in France at the age of 21 after an unidentifiable
"John Doe warrant" was issued when he was 18, Abagnale ran out on his
parents when he was 16 as they divorced. He didn't see his mother
again for seven years. He didn't see his father ever again.
*==============================================================*
"Communications without intelligence is noise; Intelligence
without communications is irrelevant." Gen Alfred. M. Gray, USMC
================================================================
C4I.org - Computer Security, & Intelligence - http://www.c4i.org
*==============================================================*
-
ISN is currently hosted by Attrition.org
To unsubscribe email majordomo@attrition.org with 'unsubscribe isn'
in the BODY of the mail.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic