Skip to content
 

How to steal your money. The best Internet hacking I’ve ever seen.

I just saw the best Internet hacking I’ve ever seen.

A crook sent an email to a friend’s banker asking her to send a wire and FedEx a cashier’s check to an address in Beaumont, TX.

The format of the email was perfect. It was the exact format my friend emails his banker.

Fortunately, the banker called her client (my friend) seeking permission for the wire. My friend said “NO.”

And no money was sent. $20,000 plus saved.

How did it happen?

Someone hacked into my friend’s computer or another computer at his company with HisCompany.com email address.

But how? Here are the most common ways. Pay attention:

+ Some moron in his company opened an attachment to an incoming email.

+ Some moron went to a web site that was highlighted in an incoming email.

+ Some moron inserted a flashdrive into a USB port on his computer.

The result of all this idiocy is that a piece of software code got dumped onto the moron’s hard disk, from whence it flew to other computers at the company. The code’s main purpose was to copy emails to and from bankers and then send them secretly out to an address on the Internet — i.e. the hacker’s computer. Once there, the hacker can, at his leisure, study the emails for their format and style. When ready, the hacker can then send a “perfect” email request for a wire and a FedExed cashiers’ check to the banker.

OK. Harry, a crook is really going to go to all this trouble? Yes. Millions of dollars are stolen in precisely this way every year in the United States. Legitimate-looking emails to bankers are easily forged, especially if you have originals to copy from.

Will your company be hit? Yes. Perhaps not today. But definitely at some stage.

What can you do?

Let’s start at the beginning. There are two types of email:

+ Emails downloaded from your sender to your computer, using software on your computer. The most common method uses Microsoft Outlook, which is part of Microsoft Office.

+ Internet browser webmail. The classic is Google’s gmail. You use your browser to get your email. You use Google to open your email and deal with any nasties in it. This is the safest form of email.

What should you and everybody in your firm do?

+ Don’t open attachments to your emails.

+ Don’t go to web sites you get recommended to.

+ Use gmail.

+ Tell your banker NOT not to send your money out — by wire or FedEx — without first calling you on the phone and getting your OK.

If you do all the above, then you don’t need to run Norton or any of the other virus catchers.  They all slow your computer down. Speed is an extra benefit.

While we’re on the subject of theft, you might enjoy reading this, from this week’s New Yorker Magazine.

The Do’s and Don’ts of Kleptocracy

A private investigator and a New School professor have created a game in which players must launder their ill-gotten riches without getting caught.

By Mark Singer of the New Yorker

You’ve been named chairman of a major-party candidate’s Presidential campaign. And it turns out that you can work for free, because, through a series of dubious transactions and nimble maneuvers, you’re able to keep thirty or sixty million dollars peregrinating through various overseas bank accounts. Cool!

Or maybe you’re the leader of one of the hundred and ninety-five countries in the world. Never mind how you landed that gig (free election? rigged election? dynastic inheritance? super-super-high I.Q.?), it comes with a jumbo helping of entitlement. Being human, before long you start to take the perks for granted, until one day up pops this thought: I need more. Conveniently, you’ve discovered a back door to your country’s treasury, or a slick method for friction-less bribery, and . . . moneymoneymoney! There for the taking, which is nice, but also the source of an ancillary urgency: where to hide it. Opulent homes on many continents, each with a private zoo? Patek Philippe watches for every day of the month?

To guide you through the do’s and don’ts, Jim Mintz and Irwin Chen have created Kleptocrat, a new free game available in the Apple App Store. Kleptocrat operates on the premise that the Player is a bad guy trying to launder ill-gotten riches while evading the Investigator, a relentless exemplar of all the anti-corruption killjoys out there. Mintz is the founder of the Mintz Group, an international private-investigation firm (“Clarity in a complex world”), many of whose clients are law firms pursuing civil cases, and Chen is a designer and an adjunct professor in interaction design at the New School. The hide-and-seek scenarios in Kleptocrat are extrapolated from the behaviors of real kleptocrats around the world, including those laid out in Where the Bribes Are, a Mintz Group database. Rendered as a map of the world, the database depicts, to scale and in deepening shades of red, the bribe-susceptibility of industries within a given country, as well as details of successful prosecutions under the Foreign Corrupt Practices Act. “Our expertise boils down to following dirty money,” Mintz said the other day, in a boardroom on lower Fifth Avenue. In 2015, Where the Bribes Are was nominated for an Honesty Oscar from the Accountability Lab, an international organization dedicated to curbing corruption in the developing world.

Mintz got his private investigator’s license in 1980, a segue from investigative journalism. In the late seventies, he was part of a team in Washington, D.C., that somehow avoided blindness while piecing together shredded documents salvaged from a dumpster in the alley behind the office of a corrupt K Street lobbyist. Since 2007, he’s taught investigative reporting at Columbia’s School of Journalism. His habitual aversion to publicity was tested in the nineteen-nineties, when he wound up in the tabloids for suing Ivana Trump in a fee dispute, after she allegedly stiffed him for work he did during her divorce from Donald of the same last name.

The archetypal kleptocrat, Mintz says, “may be good at running a country or a business, but he’s terrible at hiding money.” One recent weekend, a reporter in late middle age spent several hours validating that dictum on his iPhone, playing Kleptocrat over and over without coming close to beating the Investigator.

Each game begins with a bribe (keeping a casino open in exchange for free chips; arranging a government contract “for the mobile phone company that just hired your 16-year-old daughter as a ‘consultant’ ”; a kickback on a contract to deliver defibrillators to Army hospitals). Hiding and laundering the money often requires a network of devious offshore lawyers (“expert in exotic island banks, sleazy accountants, pirate tax-havens, fake charities, backdated registrations”), corrupt military officers, well-connected mistresses, oblivious front men, or the occasional Liechtenstein foundation. Eventually, the money is meant to be enjoyed—a private fleet of jets and helicopters; a Hong Kong shopping spree with sequentially numbered credit cards for each of your in-laws; a rare-game safari; Elvis Presley’s starburst jumpsuit. The fun lasts as long as you can evade the Investigator—that is, until your buddy’s coked-up girlfriend flips on you, or your wife’s gym-rat cousins get clipped moving suitcases of cash through customs. You win if you accumulate a certain amount of swag before getting busted. In the event of the latter, it’s game over and you, a prisoner of your ravenous avarice, tap Play and try again.

“Some people are sending us their badges showing that they’ve won eighteen times in a row, but I knew my demographic would be a bit challenged by it,” Mintz, who is sixty-three, said. “The game developers we worked with told us that we had to strike a balance. We think it’s real. Sometimes you get away with shit and sometimes you don’t.” ♦

The best book on kleptocracy and the need for money-laundering

CommanderInChief

Listen to it in your car. It’s engrossing. Click here.

Useful Stuff

+ You’ll run faster if you plug directly into your Internet router, rather than rely on WiFi, which can be very slow. If you’re short of cables from your router to your desk, buy another router, e.g. this one.

+ A friend belongs to a car club. He doesn’t own a car. When he wants  a car, he orders it up from his car club, which delivers it gassed and fully serviced to his driveway. Saves on all the aggravation of owning a car, like parking, service, depreciation, etc.

+ Friends are flawlessly running Windows 7 on their Mac. They use software called Parallels. Click here. Use Mac software you like. use Windows software you like. Best of both worlds.

+ I’ve given up trying to coax Windows 10 to ape the better parts of Windows 7 — the parts I like. I could write a book on what’s awful about Windows 10. Suffice, it’s awful. Windows 7 runs handsomely on a Mac using Parallels.

Outdoorsy man

During his physical, the doctor asked the patient about his daily activity level.

He described a typical day this way: “Well, yesterday afternoon, I waded along the edge of a lake, drank eight beers, escaped from wild dogs in the heavy brush, jumped away from an aggressive rattlesnake, marched up and down several rocky hills, stood in a patch of poison ivy, crawled out of quicksand and took four leaks behind big trees.”

Inspired by the story, the doctor said, “You must be one hell of an outdoorsman!”

“NAH,” he replied, “I’m just a terrible golfer.”

HarryNewton
Harry Newton, whose friend is loving Facebook even more. His email to me this morning:

FB is more profitable and growing faster than anyone realized.  I’m raising my estimates for FB.

2018: from $7.00 to $7.60.  Consensus was $6.55

2019: from $9.00 to $9.75.

Raising my 2018 target from $225 to $243, i.e. 33% upside from $182.

The stock already passed my 2017 target of $175.  I think $243 will be too conservative.

Facebook is weak today. Good time to pick up some more.

 

10 Comments

  1. Lucky says:

    An ill informed reader recently claimed that because I froze all my credit reporting accounts due to the Equifax debacle that my credit score would take a big fall…it sure did…my credit score dropped from 830 all the way down to 828!!! Had something to do with my having recently opened a new account.

  2. Nick U says:

    Facebook is dead money. Don’t you follow the news? Zuckerberg to emphasize security at the expense of profits. TRy to read something before you post.

    • Greg says:

      Exactly why it’s a good time to pick some up. I would just wait a few more days for it to fall around 172.

      • harrynewton says:

        Put a bid in at $172 and see what happens. You might get lucky.

        • Nick says:

          I already bought the Facebook IPO of $38 which you said to avoid. So I’m doing all right.

          • harrynewton says:

            so, why are you asking?

          • Nick says:

            I’m not asking. I pointed out that today at current prices FAcebook is not a screaming buy. The time to buy was at the IPO price of $38 but back then you were trying to warn ppl to stay away from Facebook because you thought it wasn’t a good deal – at $38.

          • harrynewton says:

            OK. So what is a good, screaming buy today?

  3. Tom from CA says:

    gmail is ok as long as you realize and consent to the fact that Google reads and analyses everything stored on their platform. Why? Mainly targeted ads, but also, thought control:
    https://www.washingtonpost.com/news/the-switch/wp/2017/10/31/a-mysterious-message-is-locking-google-docs-users-out-of-their-files/

    Take a look at their TOS (terms of service) sometime. Anything they deem “violates” their TOS they have the right to remove, including speech they deem “offensive”, regardless of form or context.