Showing posts with label digital detective. Show all posts
Showing posts with label digital detective. Show all posts

18 March 2018

The Digital Detective, Banking part 3


bank vault
This continues a series of articles about computer fraud. Originally I practiced a career of systems software design and computer consulting, but I sometimes came upon a more shadowy world, that of computer crime. I seldom sought out fraud but I sometimes stumbled upon it, picking up undetected clues others missed.

This episode doesn’t deal with crime, per se, but it includes a con, minor as it is. The scheme required a little ‘social engineering’ and, though the word might be Yiddish, no one can schmooze like Southerners.

The story came to my attention while consulting for banks, this one deep in Virginia’s Shenandoah Valley. My landlord for part of the stay was an eccentric but colorful codger. He talked about a neighbor who leased farm land from him but failed to pay his rent. Outsiders might expect he pulled on a jug of rye whiskey as he talked, but all he did was lean back in his recliner, sip beer, and twirl a never-lit cigarette while a cheerful woman less than half his age clattered in the kitchen. I jotted down his story long before I became a writer, so kindly forgive error and stylistic issues as I strove to capture his dialogue.
corn picker
1950s era corn picker
Damn Ernie. I hounded that man all summer long for the rent. Finally last fall, I hooked up my corn picker and started up the corn rows. Now a corn picker ain’t a quiet machine, and lo and behold, neighbor Ernie come dashin’ out of his farmhouse yellin’ and cursin’ that I’m stealing his corn.

I said to him I couldn’t possibly be stealing corn off my own land, unrented land at that. He steamed and stormed and said the seed and planting labor had been his, and anyway he was just a little late with the rent, three or four months, maybe four or five, weren’t nuthin.

I told him that I was just going to keep picking corn for myself until someone showed up with rent money. He dashed off like banshees themselves chased him. Pretty soon he comes back waving his checkbook.

I said, “Ernie, are you sure there’s money in that account?” Oh yes. He told me twice there was, so I said there’d better be, and he said he wanted the corn I’d picked. I told him to consider the already picked corn interest and collection fees. Fact is, I finished the rest of that row, which he just hated.

So the skinflint S.O.B. hustled off to hitch up his combine and wagon, and I find myself a few bushels better off than I was before. I cleaned up and headed in town to the bank, right past Ernie who’s racing his machinery through the fields.

At the bank, I always get in Molly’s line. She’s a sweet, buxom lass, and I’d been thinking about asking her out.

Anyway, I get up to her teller window and she said the account’s a bit short to cover the check. I asked her exactly how short, and she said she wasn’t allowed to tell me that.

So darlin’, I cajoled, is this check completely worthless, or did Ernie at least come close? Looking at her computer, she said he was purty close.

Well, I says to her kind of reflectively, I want to tell my neighbor Ernie how much he needs to cover my check. Like would he have to deposit only $10? No, she said, ten dollars wouldn’t cover it.

Well, says I, would $20 or $30 do? No, she smiled at me, it’s not quite enough.

Hmm, says I, I wonder if $40 or $50 would suffice? Um, she said to me, that first amount ought to cover it.

Thank you, I says, I’ll tell that rascal he needs to put $40 in the bank. By the way, sweet thing, can I have a deposit slip? And you think maybe I can call you up? For, uh, you know, maybe dinner Saturday?

So I walked out of there with a bounce in my step, a deposit slip and her phone number. I was feelin’ purty good. What I did was get in my car and circle around through the bank’s drive-thru. I already had Ernie’s account number on the check, so I just filled out the slip and shot it through the air tube with two $20 bills. Sure enough, the receipt came back showing $1002.39. Good on Molly.

But wait, I say, I almost forgot to cash a check. I send over Ernie’s $1000 check and this time I got back a thousand dollars.

Fair enough. I probably had $40 in shelled corn and a lesson I ain’t gonna rent to Ernie no more.

Ernie got stupid, though, and instead of being grateful I didn’t bounce his worthless ass along with his worthless check and turn both over to the sheriff for collection, he raised holy hell at the bank yelling someone manipulated his account.

I took Molly to the horse show that Saturday. Now I tell you personal like, you want to get a lady in a receptive mood, bein’ around horses will do it. Something about women and horseflesh– just a word to the wise.

Anyway, Molly, she confided the bank said it was apparent someone had taken liberties, but they couldn’t blame the girl who took the deposit and they couldn’t blame the teller that cashed the check. They just gave everybody a stern reminder warning.

Ernie wanted to call the authorities, but the branch manager explained Ernie’d be the one in trouble for writing bad checks. He didn’t mention Molly could have gotten in trouble if they’d figured out her role.

Molly said she knew I’d manipulated her and wanted to know if I’d asked her out from obligation or guilt. I said I didn’t want to sully a relationship thinking I used her. She needed a lot of reassurance about that, and so Friday nights and Saturday nights we just get romantic and I give her plenty of reassuring. Been about a year now. Figure we can go on with this for a long, long time.
And he winked at the cheerful lass in the kitchen doorway.



Commonly in Virginia’s Shenandoah Valley, ‘out’ sounds are pronounced like a Scottish ‘oot’. Thus he really said, “I’d been thinking aboot asking her oot.”

23 June 2013

The Digital Detective, Wall Street part 2


continued from last week
The Best of Times…

Systems programmers held a unique niche in the multiple mainframe corporate structure. We didn’t practice ordinary commercial programming but were responsible for keeping the software side running– the operating systems, telecommunications, and utilities. The best of us knew assembly language– the cryptic machine instructions that underpin more or less human-readable languages like C, Cobol, Fortran, and Java. We dealt in bits and bytes, binary and buzzwords, not credits, debits, and balance sheets.
77 Water roof

77 Water plane
Plane atop 77 Water St

Walston was flush. Shortly after I joined, they moved into their fancy new skyscraper at 77 Water Street, a few steps south of Wall. It featured an artificial stream, a padded soda dispenser shaped like a floppy-eared dog, elevators illuminated like the night sky, and a full-size sculpture of a biplane on the roof. You can see it in the opening fly-over sequence of the disappointing movie The Forgotten; there you can spot the airplane still atop 77 Water.

Walston’s cast of characters included my boss Alex, his boss and vice president Paul, and an assistant vice president, Jim. Brokerage firms contain nearly as many vice presidents as they do brokers. The wrinkle in the relationship was Jim had originally hired Paul who passed him on the corporate ladder. Nearing his 25th year with the firm, Jim became marginalized, holding down a desk but no responsibility. Upon retirement, he planned to buy a Land Rover, move to South Africa, cultivate a mustache, and live a life of alternating adventure and leisure. As the weeks ticked away, that’s all he talked about.

Lower Manhatan Financial District
Wall Street and Financial District
Walston’s third floor contained two sections: the computer room and offices occupied by Arthur Anderson overseen by a Walston executive with the musical name Glenn Miller. As systems programmer, I was the rare programmer allowed in the computer room. That drew the attention of Arthur Anderson.

It wasn’t unusual for large corporations to provide offices for their accounting firm, but it wasn’t kosher for one’s auditors to use provided offices to perform work for other companies. The rules for AA were different. As one of the accounting wonks said, saving office space didn't hurt anyone. It may have been true, but violating rules exemplified the looseness of managerial oversight.

Toad in the Hole

Walston brought in two consultants, guys who would tell a company the same common sense advice at five times the price of listening to their employees. That’s one reason I later became a consultant– companies pay to listen to you.

As far as I was concerned, this was more background noise, but one day my boss Alex called me into his office. There sat the consultants and two Arthur Anderson guys amid palpable tension. They wanted me to perform a task: write a program to scan files and ‘correct’ fields, i.e, numbers within the file.

I pointed out I didn’t do that kind of commercial programming and this was far more suitable a task for one of the Cobol programmers. No matter, they assured me, they wanted me. I should be flattered.

Who’s the analyst who designed this? I asked, not feeling the least flattered. I’ll talk with him. No, said the consultant, only you. The Anderson guys nodded while my boss frowned.

Reasonably, I protested that the Cobol programmers possessed the pension suite’s data structure templates. Without them, I had no idea what the data was. It would be like blindly machining a part while they withheld the blueprints, which could damage the data.

The Arthur Anderson guys exchanged glances. My boss started to fidget. The background noise sounded like a clanging alarm. Practiced deceivers they weren't. Something felt wonky but I didn’t know what. They didn’t quite say I had no need to know, only I needn’t be concerned.

Where did a shift of responsibility end and liability begin? Were they buying blind loyalty or blindness? A light bulb went on. I raised my last objection. What about the lack of an audit trail, I asked. Assembler language would bypass all the record and financial controls.

Of course they knew that. They went into a huddle. Moments later, my boss said coldly, “We’re done here. You’re dismissed.”

I slogged back to my desk feeling dark and dysphoric. With good reason: shortly the VP called me in. He informed me the firm would cut my salary and no longer pay my tuition. Alan, the office political toady, would replace me.

Fire and Ice

Suddenly I didn't feel so brilliant. A thunderstorm had squalled up out of the blue. A kid like me didn’t make or have a lot of money and I desperately needed my classes. It didn’t dawn on me to ask why they didn’t dismiss me. Maybe they feared what they thought I knew or wanted to keep tabs on me, but my ego suggested they kept me because Alan the toady was incompetent and incapable of doing my job. He didn’t know machine language but he knew Cobol… and probably knew where to find the questionable data templates. Meanwhile, they were slamming me for questioning orders.

My boss and his boss cold-shouldered me. They almost fired me when the payroll department screwed up and continued paying my tuition, but as was pointed out, that was their error, not mine. We were at loggerheads, but they needed me as much as I needed the job.

The VP’s secretaries treated me with surprising sympathy and kindness. I don’t know how much they knew, but one took me out to lunch and the other gave me a small gift. In the cold light of Walston, they radiated warmth.

In the outside world, Ross Perot had been tacking his way through Wall Street, taking over data processing services, a forerunner of out-sourcing. When the F.I. DuPont scandal hit, Perot stepped in and bought the firm.

I received a cagey call from EDS, the company Perot founded, asking if I’d come to work for them. EDS had a rigid stiff-necked (most said 'tight ass') reputation with a dated, regimented dress code– white shirts, narrow dark ties, grey suits, pants with cuffs, shoes with laces. They subjected potential employees and their spouses to a battery of interviews. Creative thinking was not encouraged. EDS employees liked the money but not one I knew liked the company. I politely declined.

We picked up a programmer from DuPont. Perot had arrived in NYC and put his DuPont troops through sort of a surprise dress parade. As he marched down the line of employees, he came across a girl who wore the fashion of the day– a miniskirt– and fired her on the spot. At Walston, we didn’t mind miniskirts and hired her.

Word on the Street

One day, employees awoke to a lead article by the Wall Street Journal announcing Ross Perot would take over the computing facility of Walston. Vice President Paul turned shockingly white– he hadn't heard even a whisper– but brokerage houses mint vice presidents like they print stock certificates. The company denied the story and things sort of returned to normal.

Except an odd and unsettling thing happened. One month from his 25th year and retirement, Jim, the marginalized AVP found himself called into the VP’s office. Paul, the vice president, fired him. Full retirement gone, no Land Rover, no African adventure, no life of well-earned leisure.

Another discreet call came in for me. The woman on the other end asked me to identify myself, asked if I could talk privately, then said, “Please hold for Mr. Perot.”

Despite what I've heard before and since, Ross was polite, even gracious, and I was flattered he asked me to work for him. But, as I pointed out, I attended university full-time, I wasn’t as regimented as his usual workers, I enjoyed a bachelor life, and– thinking of Perot’s cozy relationship with Richard Nixon– our politics didn’t mesh. He’d famously said he didn’t like gunslingers and lone wolves– and I was the epitome.

He said, “Son, thank you for being honest,” and wished me well. I wondered why he wanted me.

Take Two

Once again, employees learned the news not from their own company but from the WSJ: For the second time within weeks, employees woke to a Journal article confirming Perot would be taking over Walston’s computing center. Again, our shocked vice president had been left out of the loop.

When Perot dropped in to inspect the troops, he spotted the same girl in her minidress we’d hired from F.I. DuPont and again fired her on the spot. Can’t say Perot wasn't consistent.

Days later, Walston fired Vice President Paul two weeks from his 25th year– and full retirement. The firm dismissed the consultants and Arthur Anderson's office underwent a shake-up. Programmers found themselves not only locked out of the computer room, but locked out of the computers.

Except for me. A good systems programmer could run the shop without operators, without analysts, without programmers. Perot didn't trust Walston's people, which explained the recruitment calls to me.

A panicked EDS crew asked where certain files could be found. They asked if I could find backups of older versions. They asked if I knew anything about original programs and data alterations. Unsurprisingly, those hotly desired files were the same my bosses asked me to ‘correct.’ The unasked question finally arose: were they corrections or were they coverups?

I dug into the files only to learn what Arthur Anderson already knew. It appeared Walston’s proprietors had embezzled the company’s retirement fund. Now it made sense why they fired the AVP days from his 25th year. That’s why they fired the VP days from his 25th year. The money was gone, reflected in the records my bosses and Arthur Anderson (or certain employees within Anderson) desperately wanted 'corrected'. The scheme was so compartmentalized, I doubted how much any one party in my department knew, remembering my boss, Alex, claimed the instructions came from on high. "Just follow orders," he said.

I'd been lucky: What might have happened to the joker who tampered with the data? Alan had been lucky: Unable to find his assets with both hands, he'd botched the changes although he left an audit trail.

Trinity Church from Wall Street
Trinity Church framed
by Wall Street

How The Mighty Had Fallen

Perot took over Walston, folding it in with DuPont and again saving Wall Street considerable embarrassment. Two and a half years later, he lost his financial shirt and dismantled a hemorrhaging DuPont Walston. Perot arranged for Congress to give him a special late night $15-million tax break, causing an outcry of socialism for the wealthy when the bill became public knowledge.

Dark forces on Wall Street gleefully watched Perot depart, some accusing him of trickery, some suing him on the way. Whatever the truth of that matter, Walston had been rotting internally before Perot arrived.

Arthur Anderson survived with their reputation barely sullied. Indeed, Anderson and Walston’s Glenn Miller caught more flack for the Four Seasons Nursing Centers scandal than the internal decay within their own firms. It would take the Enron affair to bring down Arthur Anderson.

My services remained in demand and I moved on, still on Wall Street, starting my masters degree before joining forces with two of the earliest software entrepreneurs.

Imagination Noir

In imaginative moments, it’s easy to envision the kernel of a mystery intrigue plot. I picture a John Grisham novel, a storyteller's movie in my mind like The Firm. Had Walston’s board reacted viciously and violently, I might have found myself in a dire plot, on the run for my life with a miniskirted damsel as VPs, AVPs, and Anderson drones dropped dead around me. Excited movie audiences would gasp between mouthfuls of popcorn, women would cry, and children would whisper, “He’s so bwave.”

Maybe a dastardly plot isn't so far-fetched considering the mysterious suicide (or assassination?) of Enron executive Clifford Baxter, about to testify before Congress. But in the world of finance, what’s crooked isn’t always an actionable crime. Commit a fraud of sufficient size and business will hush it up rather than prosecute– not unless something can be gained in the guise of ‘investor confidence’.

Footnote

The case ended with a gentler tone: I commuted to Wall Street on the Staten Island Ferry. One surprisingly sunny afternoon, I spotted Paul, the ex-vice president. He said hello and sat down across from me. Once again open and pleasant, he appeared the man I’d once liked– and could come to like again.

We didn’t talk about Walston. He explained he moved with his aging mother to Keene Valley in upstate New York. Turning his back on Wall Street, this former executive now worked as a carpenter. He spoke of small town pleasures where old men sat in front of the local hardware store whittling and discoursing upon merits of lawnmowers. For the first time in decades, he felt relaxed and at peace.

That pleased me. Paul wasn’t a bad man, merely a figure caught up in the machinating machinery of Wall Street. He offered his hand and we shook warmly.

Looking back, I think his chat was sort of penance, kind of an apology without the words. That was decent, more than many people would have done. And it was enough.

Besides, I’d eventually consult for banks, institutions where further fruits of fraud lay concealed beneath a public veneer.

16 June 2013

The Digital Detective, Wall Street part 1


High Finance and Low Crimes
I learned a couple of curious things when I worked at IBM’s Wall Street Data Center. One was that my friend, Curtis Gadsen liked mayo sandwiches and fleecy-legged girls. The other was my friend Ray Parchen could be fooled because he was too good at his job as a mainframe computer operator.

IBM 360 mainframe
IBM 360 computer room
Like an old-time stoker fed the fires of furnaces and steam engines, an IBM operator stuffed the huge machines with programs and data. Very good operators could act and react instantly without thought, confident in their experience and skills, mounting discs and responding to messages as they'd done ten thousand times before, giving them no more thought than donning their underwear in the morning. The keyword was efficiency.

Unintimidated by hulking computers the public suspected were semi-sentient, Ray worked quickly and accurately, and for that reason, he held down the first shift position. For him, I wrote a silly little psychological program that worked only with the best.

Amidst weighty programs queued for the giants of Wall Street, I slipped in the prank while a dozen employees gathered outside the computer room’s glass wall, waiting for the small program to do its thing: It made discs chatter, tapes whirr, lights blink, and the data center rumble as if Colossus was taking over the world.

We watched Ray bend over the console, reading the first mundane message:
05483A Press ENTER.
Ray pressed the ENTER key. The machine responded with another message:
05483A Press ENTER hard.
A few of us watched from outside the computer room as Ray hit ENTER again. The machine came back with:
05483A Press ENTER harder.
Ray punched the ENTER key, and a couple of the girls giggled. The computer responded with:
05483A Press ENTER even harder.
Ray smacked the key hard, very hard. The machine responded with one last message;
05483I Did it occur to you I can’t tell how hard you press ENTER?
Ray looked up with a red-faced grin and spotted us chuckling. Afterwards, he joined us for a drink where we argued why the program fooled some and not others.

Of course he knew pressure couldn't be detected, but he hadn't engaged his knowledge hidden behind the wall of his expertise. I would discover this common quirk could be exploited, as Simon Templar might say, “by the ungodly.” As noted in the article about kiting, confidence men take advantage of confidence.

Over the next few days, we tried our little joke on other operators and observed this interesting fact: Only the best fell for the stupid little prank. Novice operators stopped, studied the messages, and tried to look them up.

Ray and the other top operators reacted immediately and without thinking. Self-assured of their abilities, they acted instinctively by rote.

Less experienced operators questioned everything, including themselves. We caught more than one systems engineer trying to look up the bogus message number in the reference manuals and they sometimes called for help. That spoiled the little program.

Lesson: Sometimes it’s easiest to fool the most experienced.

There’s a reason I tell this story. It leads to how I became sort of a detective, a digital Dashiel of a Continental Op.

Over the next few weeks, I'll talk about an accidental career as a investigator in a field yet to be invented, that of computer forensics. I reveled in the chase, but my career often hung in the balance under threat of firing, even blackballing. Often the only reward was termination but hey, that happens to all the best private eyes.

Background Noise

An early case exploded with little of my own involvement, or, perhaps because of my lack of involvement. The players: Walston & Co, the nations third largest brokerage house, and Arthur Anderson, the biggest of the Big Eight accounting firms until participation in the Enron scandal brought about its demise. Anderson had dirtied its manicured fingers long before Enron arrived on the scene.
Lower Manhatan Financial District
Wall Street and Financial District

Search the internet for Walston & Co and its Wikipedia entry merely reads "(Walston) was acquired by Ross Perot following pension account fraud and then merged it with Dupont, which had found itself in financial difficulties." Here's the story behind the story.

Despite the Wikipedia gloss-over, the wheels of merger with F.I. DuPont began turning before revelation of Walston’s fraud. Fifteen million in securities had vanished from DuPont’s accounts. The White House grew nervous. Wall Street threw up its collective hands, Oh woe, what to do, what to do?

A Texan rode into town, Ross Perot. He’d bulldozed through the insurance industry (an intriguing inside tale of its own) and encouraged by Felix G. Rohatyn, he made his move on Wall Street. For an initial $30 million, the impossibly old, impossibly young forty-year-old Napoleonic Perot acquired control of one of the Street’s most prestigious houses. (N.B: Regrettably, Time Magazine articles referenced herein require a subscription.)

At the time, that seemed background noise for me, a full-time employee and a full-time student, living paycheck to paycheck and barely sleeping. I couldn't guess how it would alter my career.

Trinity Church from Wall Street
Trinity Church framed
by Wall Street

Crime on the Street

In the Financial District, denizens simply call Wall Street 'the Street'. Philosophical sorts read a moral into its long, narrow confines, noting it begins at a church and ends at a river: When times get tough, in depression or desperation, one may choose salvation or suicide.

The Street fosters its own culture. On the one hand, a man’s word is his bond– multimillion dollar transactions hinge on verbal promises. On the other hand, huge regulatory holes allow brokerage houses to commit the sleight-of-hand that brought the economy to its knees ten years ago. We can’t say we weren’t forewarned, but in the heady days of deregulation, greed and giddiness carried the day. We never seem to learn industries cannot police themselves.

One of the first observations of the Street is that the market's moody– it reacts, even overreacts to political news of the day. But I stumbled upon other emotions, which included surprisingly little hanky-panky. A few notes from the era:
Francine Gottfried
Miss Francine Gottfried

  • Wall Street can be a mad marketplace when the economy's in a lull. Late one summer, a sweet keypuncher named Francine Gottfried caused a sensation with the mostly male lunch crowd as her 43-23-37 figure bounced down the steps of Chemical Bank & Trust. For a few days, a sort of silly mating season reigned and then, as so often happens, her 15(0) minutes of fame were up.

  • Once, as I strolled with my boss down the street, we encountered a beggerman squatting on his flattened cardboard. My boss stopped and chatted with this derelict before moving on. I didn't say anything but he confessed: The homeless man once worked as a broker, what Wall Street called an account executive or AE. When my boss and the man’s wife carried on an affair (and subsequently married), this man– the husband– collapsed in despair. He now lived– literally– on the Street.

  • During the 'Hard Hat Riots' (then called the Wall Street Riots), I picked my way through roving construction workers from the rising World Trade Center left by police to run wild, bashing kids protesting the war in Vietnam. On my way to school as police idled, I helped a girl and her boyfriend bloodied by a musclebound thug. It was no contest: the canyon-like Street corralled the teens, leaving them easy pickings by hardhats with pipes and wrenches. That wasn’t one of Wall Street’s prouder moments. Hard-hats went on to attack the city's mayor's office, smashing the face of one of his aides.
The Young and Restless

A precocious if unaware teen, I worked as an IBM shift supervisor in their Wall Street Data Center, Number 11 Broadway. I had the greatest boss, a pretty blonde named Judy Kane. We boys loved her; the girls– not so much.

And I loved software, the machine-level bits and bytes and Boolean stuff. A teenage mad scientist, I found computers a giant puzzle, one I learned to solve and control. It was a battle of wills, me versus machine, immersive therapy for a broken heart (but that's another story). I'd come to know these Daedalus creatures like a mother knows her own children; better even, I'd learned their DNA.

A sales rep, Herb Whiteman, discovered I spent weekends camped in the computer room, teaching myself to program the huge monsters, then catnapping on the couch as the computers blinked and toiled, compiling my routines. Herb asked if I’d be interested in joining a three-man team that would change Wall Street and put video terminals on broker’s desks. Argus Research, the parent company, would double my IBM salary.

The company gave us secretaries and an entire floor of offices, no expense spared. Unfortunately Argus, in the business of prognostication, shortly deduced the economy teetered on the brink of recession and pulled the plug. Not long after Walston & Company hired me as their fancy-pants systems programmer offering tuition reimbursement as part of my hiring package. Me! I was just a kid from nowhere.

Thus began my introduction to low crimes and high finance.

Stay tuned for more next week, Wall Street's big boys and big crimes.

09 June 2013

The Digital Detective, Banking part 2


Continued from last week, where we explained the basics of kiting and how banks work

The Crumpled Kite

As mentioned earlier, kiting isn’t as common as it used to be, partly because of stiff penalties, but also because the time it takes to clear a check with another bank has shrunk from many days– sometimes a couple of weeks– to just a day or two. But when I consulted, I witnessed a kiting scheme that could have fooled financial institutions and their computers almost indefinitely.

A bank in Virginia’s Shenandoah Valley decided to invest its excess computer resources in software development and I contracted as their consultant. It was an odd relationship because they feared me as if they’d hired a gunslinger to guard the vault.

One evening I idled, waiting for computer time; in fact, I was waiting for a new guy to finish the night’s reconciliation run. As I sat tapping my fingers, he called the lead operator over and pointed out a worn, battered check. The lead glanced and dismissed it, saying “Just stick it in an envelope, imprint it, and run it through again.”

“But…” said the new guy hesitantly, aware the lead seemed annoyed he didn’t jump to it. “But, we can’t. I mean, it arrived in a carrier envelope and look, it’s not our routing number. And it's really old.”

cheque
Curious, I wandered over and the operations supervisor stepped in, obviously impatient at the delay. He read the check, stared at it, lips moving as he re-read the numbers. He ran his thumb under the date, several months old. Puzzled, he picked up the phone and beeped the operations manager.

It was still early evening when the manager strolled in. He looked at the check and made a phone call. When he hung up, he shrugged and turned to the supervisor, “No matter, we’ll find out in the morning what’s going on.”

But by now, the worn check had captured my curiosity and that of my colleagues. Three of us sat down to figure it out. We discovered a scam, and this is how it worked.

The Endless Kite

cheque numbers

From a common check supply company, our schemer bought checks printed with Frugal Savings & Loan’s name, address, and logo, but with Penury Bank’s routing number. He waltzed into a bank other than Frugal Savings & Loan, cashed his check, and departed without a care in the world.

That evening during the check run, the machine sorted his check into a tray to be delivered to the clearing house. From there on out, the following cycle endlessly repeated:
  1. The check arrives at the clearing house. Its routing number routes the check to Penury Bank & Trust.
  2. During the check run at Penury, the computer accepts the routing number but doesn’t recognize the check’s bogus account number and kicks it into the rejects pocket.
  3. A Penury operator plucks it out of the rejects pocket, notices it bears a Frugal Savings & Loan logo and address on it, and either manually packages it to send directly to Frugal S&L or bundles it to send back to the central clearing house for forwarding to Frugal. Either way, the check winds up at Frugal Savings & Loan.
  4. At Frugal, the MICR reader sees another bank’s routing number, knows that’s wrong, and kicks the check into the rejects pocket. It goes back to the clearing house to repeat the cycle again.
Meanwhile, the bank that cashed the check hasn’t received their money, but neither has the check been denied.

The Kite that Crashed

The cycle eventually broke because constant transit nearly wore out the check and an inexperienced operator questioned why a draft on his bank contained an unfamiliar routing number.

We don’t know how many experienced operators routinely handled the check, seeing the bank name and logo and not the routing number, just as their computers saw the routing number and not the bank name.

Banks (at least at that time) did not have a standardized way of handling a check that forever floated but never cleared. In many cases, the bank software simply left the deposit unresolved with neither the funds transferred nor reserved– it simply stayed on the books, so to speak. In banks that impose holds, their programs might be written to release the hold after a number of days if the check isn’t returned, even if the funds aren’t actually received.

I speculate the scheme might have been harder to detect if non-magnetic digits had been printed over ‘invisible’ MICR ink. In other words, the pigment in MICR ink is for the convenience of people. The computer itself doesn’t use optical recognition (OCR) but senses the microscopic particles in the numbers.

No one’s immune to bunco, not even banks.

02 June 2013

The Digital Detective, Banking part 1


Banking on Naïveté

Readers and writers may be aware of many internet ploys attributed to Nigerians and occasionally Russians. One of the first I saw came in an eMail and read something like:
Hello, my name is Renaldo. I’m a Ukraine artist and I sell my works all over the world. Some customers want to pay by cheque or money order, which is expensive and difficult to cash here. I will pay you 10% if you can cash cheques and wire me 90%. Please?
Consider three possibilities:
  1. It’s barely possible although unlikely the request is legitimate.
  2. It’s a money laundering scheme.
  3. It’s an outright scam to grab your money.
In the third outcome, the schemers arrange to have a number of checks sent, which you cash and forward the proceeds. Eventually you receive a large money order or draft drawn on a major bank. Your bank likes it, cashes it, and gives you the money, whereupon you forward 90%.

Two or three weeks later, your now angry banker calls you, demanding restitution for a bad money order. The forgery was so good, it not only fooled you, it fooled them, but by now the money’s in Asia or Africa and you’re stuck, having to repay your bank several thousand dollars.

ebay
This works in a similar way to an eBay / Craig’s List scam. You advertise an item for sale and the bid closes at $150. To your surprise, you receive a money order for $1500 followed by a panicky eMail, wherein the buyer claims their bank or post office made a typo and added an extra zero. Instead of returning the check, they say they trust your honesty and since they need the item you’re selling, they suggest you cash the money order and return the excess along with the item you sold.

All goes well until your bank belatedly discovers the money order is fraudulent. Not only is your precious item long gone, but you must repay your bank.

During the next few weeks, I’m going to write about bank and brokerage fraud.

How to Fly a Kite

Kiting was once a commonplace fraud where the perpetrator opens accounts in at least two separate banks, neither of which places a hold on checks. Indeed, kiting exploits the hold greedy banks place on checks, holds where they use your money for free. High-speed electronic banking and stiff penalties have made the crime less common now because many checks can be instantaneously verified.

Here is how traditional kiting works: Our perpetrator, whom we'll call James Whitcomb Wiley III of Beaver Meadows, Indiana (no relation to the real James Whitcomb Wiley III of Beaver Meadows, Indiana) establishes accounts at Frugal Savings & Loan and Penury Bank & Trust, with no money to speak of in either account. Still, our man Wiley wants $1000.

He goes to Frugal S&L and withdraws $1000, covering it with a simultaneous deposit of a check for $1000 drawn upon his Penury Bank account. He’s just kited his first check. An honest person would scurry over to Penury and deposit funds there before the flaky check arrives, but not Wiley.

Wiley intends to live in Beaver Meadows for a while, but his prospects of earning $1000 to reimburse Penury Bank remain elusive. So he writes a check drawn on Frugal S&L to deposit in Penury Bank– whereupon he kites his second check, and now Penury is waiting for Frugal's check to clear. Before the empty account can be discovered, he deposits a fresh but worthless Penury check into Frugal, and continues the cycle.

Theoretically, a diligent fraudster could continue this a long time. In times past, people have pulled it off for weeks, even months. However, such schemes are subject to human error and unforeseen events that eventually expose the kite and bring the party to a halt. Meanwhile, Mr. Wiley has probably moved on to another state, possibly opening an account with a check drawn upon Penury Bank & Trust.

bank vault
A Bank's Back Office

At the bottom of your checks is a row of numbers and hyphens printed in a distinctive 'MICR' type style using special magnetic ink.

You’ll notice at least two groups of numbers. One group you’ll recognize as your account number. The group before it contains nine digits, which represents the bank’s routing number, unique to each institution. You may also find the check number and, after it’s returned from the bank, possibly the amount of the check, which it’s wise to verify.

cheque

Banks don’t require customers to use checks they provide, indeed, as the story ‘Swamped’ pointed out, you can write out a check on anything, even a paper napkin. Many people buy checks from a paper supplier, like those that advertise in the local ad sheets.

At the end of a business day, banks gather checks and deposits made during the day and checks received from federal clearing houses, which they feed through a MICR device. MICR (pronounced my’cur) stands for magnetic ink character recognition and the machine, a magnetic ink character reader, reads those numbers from checks and deposits slips into the computer.

Occasionally checks jam or the machine fails to read the numbers. An operator may glue a strip at the bottom or place the check in a glassine envelope and manually key the numbers with a MICR imprinter. If the clearing house sends a check to the wrong bank, it will be kicked out and sent back to be routed to the correct one. Experienced operators are used to this and handle flaws and flubs as a matter of course.

Here I've built background for next week, where I'll reveal the Endless Kite.

19 May 2013

The Digital Detective


by Leigh Lundin
bank vault


Due to the possibility of a publishing contract, I pulled the original story within hours of posting it. My apologies to one and all.

Look for Louis Willis next Sunday. Next month I return with a series on computer crimes.