Experts warn of online trickery
Such cons can be ruinous, they say
Online fraud can devastate a business or a consumer, three experts on fighting fraud said Tuesday.
Jon Pascoe, director of information security and privacy at Arvest Bank, and John Burgess, president and co-founder of Mainstream Technologies in Little Rock, spoke Tuesday morning to almost 50 business employees at a seminar at Pulaski Tech in Little Rock.
Pascoe told the story of how sophisticated some hackers can be.
A manufacturing company that was also an Arvest customer had $500,000 stolen by Chinese criminals years ago and didn’t realize how it happened.
After the fraud, as it was being investigated by the U.S. Treasury Department, the Arvest customer was asked if any of the transactions looked suspicious.
The Arvest customer looked at the $500,000 wire transfer to China and thought nothing of it.
“It turns out that the manufacturer sent a half million dollars to China every week,” Pascoe said. “The perpetrators had entered a transaction down to the penny that the manufacturer had also sent to China the week before. The customer was staring at a
half-million dollars of fraud and didn’t recognize it. That’s chilling to me. It is an awful prospect.”
The money eventually was returned to the manufacturer. But if it hadn’t been, the loss would have put the company out of business, Pascoe said.
Burgess, the president of Mainstream Technologies, said businesses need to treat emails and financial accounts as a critical piece of information. Don’t use free Webbased email accounts, such as Yahoo.com or hotmail.com, especially for business purposes, Burgess said.
“Those types of business accounts serve no value in a business environment,” Burgess said.
Instead, it is better for a business to pay the money to buy an Internet domain and configure the domain to host the business’s email and transact business with that domain’s email account.
Arvest has business customers of every size that have been targeted by these threats, Pascoe said.
To reduce the risk of these frauds happening, a business needs to understand that it is a target, Burgess said.
“The better job you can
do to understand why you’re a target helps you do a better job of protecting yourself from those attacks,” Burgess said.
A lot of the things that can be done are low-tech and very simple to do, Pascoe said.
“But there will never be a single preventive measure that can be thought of as a silver bullet,” Pascoe said. “Antivirus software, firewalls and these things [lead] people to say nothing bad can happen to me now. And yet, something bad still can happen.”
It isn’t only private businesses that are affected by cybercrime, Pascoe said.
“If you are a school, a public sector entity, a municipality or a hospital, you’ve got client, customer and patient data that you don’t want to get out the door,” Pascoe said. “While [most of these crimes] are financial threats, reducing the risk of these occurring also serves to reduce the risk of other really bad things happening in your organization.”
Across town in west Little Rock, more than 300 people registered to hear Frank Abagnale, author of Catch Me If You Can, speak Tuesday night at the Embassy Suites. His appearance was sponsored by AARP.
Between ages 16 and 21, Abagnale successfully posed
as an airline pilot, an attorney and a doctor and cashed millions of dollars in fraudulent checks.
His exploits were depicted in the movie version of his book, with the same title, starring Leonardo DiCaprio and Tom Hanks.
For more than 40 years, Abagnale has advised the FBI on how to outsmart the con artists. He’s one of the world’s most respected authorities on forgery, embezzlement and secure documents.
The most common fraud today is called the grandparents scam, Abagnale said.
“[The grandparents] get a call at night and the caller ID says Little Rock Police Department,” Abagnale said. “So they assume it’s the Little Rock Police Department. They pick up the phone and the guy says, ‘Hi, this is Sgt. O’Reilly,' We arrested your grandson' and they give his name. 'He was driving this vehicle’ — and it’s his car. ‘The license plate number is this' and that’s his license number. 'He had a passenger and her name is this.’ That’s his girlfriend’s name. ‘We have him in custody. He asked us to call his grandparents and not his parents.’”
The “policeman” says the grandparents must post bail of $1,500 within two hours or the boy will have to spend
the weekend in jail, Abagnale said.
“’You can give me a credit card over the phone,’ the policeman says,” Abagnale said, so the grandparents send the money.
What the con artist did was get all the information about the grandson off Facebook, Abagnale said.
The way to detect such a scam or any scam, Abagnale said, is to watch for two red flags.
The first red flag is that you have to send money and the second is you have to send it now, Abagnale said.
“If that grandparent had said that he lived close to the police station and could come down to pay the money, they would have said, ‘No you have to do it on your credit card and you have to do it right now,’” Abagnale said. “Those are your two red flags. I live by two simple words, stop and verify.”
If someone says they are with the fraud department of your bank and they need to verify your Social Security number, that’s the red flag, Abagnale said. Because a bank would never ask that, Abagnale said.
Call the customer service or fraud department of the bank or credit-card company and tell them about it, he said.