Showing posts with label scams. Show all posts
Showing posts with label scams. Show all posts

10 October 2020

Kyle in Payables Has Been Binge-Watching, and Now You Need to Care About Zettabytes


Please welcome the newest inmate to our cozy little asylum.  Robert Mangeot  has been around the short mystery fiction scene for a few years now. His stuff is in a few anthologies and appears frequently in Alfred Hitchcock Mystery Magazine (and has made my best-of-the-week selection four times.) He’ll have a piece in AHMM's November/December issue due out later this month. Bob is a healthcare industry long-timer when not writing, as his first piece makes clear.
— Robert Lopresti


KYLE IN PAYABLES HAS BEEN BINGE-WATCHING, AND NOW YOU NEED TO CARE ABOUT ZETTABYTES

by Robert Mangeot

Here’s Kyle again, five minutes late for the 8:00AM St. Healthcare Payables team Zoom huddle. He’s bleary-eyed--again--and slurping coffee (“Kyle, can you mute, please?”) after all-nighter binge watching the just-dropped Wicked Streaming Show That Has People Talking, season two. WSS.2, in Kyle-ese. He’ll gush baggy-eyed over each and every spoiler if anyone hangs on the Zoom too long. Usually, we can’t stay mad at him. Kyle is bedrock here in Payables, first with the virtual high fives and the loudest voice singing “Happy Birthday.” This morning, though, the coffee isn’t kicking in yet, and he’s digging this new email promising a GIFT CARD!!! if he clicks there and takes this important HR survey. Gift cards? Hello, WSS merch.

Don’t do it, Kyle. Don’t.

Kyle does it. Clickety clickety click. He’s heard about email scams and stolen files and that stuff. They do training in Payables, thank you very much. But this email seems legit. The logos and fonts are right for HR (they are), the linked website looks like HR (it kinda does, those smiling nurses), and the password log-in seems fine (it’s so not). Anyway, his melatonin is off this morning.

Let’s call the malware BigBummerExpress. Kyle’s computer doesn’t slow to a crawl processor-wise. It doesn’t flash the Blue Screen of Death. It doesn’t laugh a super-evil laugh like that cray hacker episode from WSS.1. BigBummerExpress is loaded and running, sure. And yeah, there’s patient information on his computer for the grabbing.  

Kyle isn’t who BigBummerExpress is after.

                                                                                  #

Meet the United States healthcare system. We Americans spend $3.6 trillion annually on all things medical and surgical, much more per capita than most other industrialized nations. Three trillion isn’t the largest number involved in this caper, but it’s the motivating number.

However we got here and whatever your opinion about it, U.S. healthcare is a huge market. Most money is spent well enough or at least well-intendedly. As for the rest, there’s a reason that entire professions--including mine--have spun up to chase bad actors. And lately, there’s the bad actor golden ticket: ransomware. 

To be clear, I am not a technology expert. I’m not involved in cybersecurity. I’m a humble regulatory nerd who barely understands how my laptop crunches its ones and zeroes. But with cybersecurity being crucial to those regs, I try to stay hip on the trends.  

In September, Universal Health Services--a giant at 400 facilities--announced a major cyberattack had taken down clinical systems. Universal is not releasing details, but if it sounds like ransomware, it probably is. Patient appointments were rescheduled, test results were delayed, and patients inbound to their ERs were diverted elsewhere. 

Universal is hardly alone in the cyber battles. In 2019, hospitals and clinical practices reported nearly 1,000 successful ransomware attacks. What makes healthcare an outsized target over other sectors? Large health organizations can find the pay-off money somehow. Paying up may be a care imperative. Also, medical software products are often older and assembled as a patchwork. Lastly, a patient record contains a more comprehensive set of personal data than your average retail outlet. Such records are so valuable that the Dark Web apparently coined its own term: Fullz.

Health data has grown to mind-boggling size and mushrooms further each year. Experts predict that cumulative health data about you and me will reach 35 zettabytes this year. A zettabyte is tech-speak for one sextillion. That’s roughly one byte for all the grains of sand on all the Earth’s beaches--multiplied by 35. Or to see all the commas, we’re talking 35,000,000,000,000,000,000,000 bytes of health data out there.

And the problems usually start with phishing

                                                                                #

A month has passed since Kyle did that vendor survey thing. He’s forgotten about that gift card or reporting a concern because, bless him, rumors go WSS.3 will be the full throttle, slam-bang finale. In that month, BigBummerExpress has used his system credentials to cruise the company IT platforms and learn where that sweet data is, how it’s structured, what protects it. To the Security people, if they spot any oddness in Kyle’s activity, it looks like him accessing places he’s authorized to access. 

It’s encryption time. 

8:15AM, the Zoom huddle and Kyle slurping coffee. His boss is asking Kyle to mute when everyone’s Payables screens flicker off. Text messages start flying. His boss manages to say, “I gotta go.”

                                                                             #

It’s no wonder that crime fiction often involves a cyber angle. The technology and its human implications can be fascinating, and it brings plenty of cat-and-mouse games. If anyone is mulling a healthcare cyber tale, here’s a general lay of the land for 2020 realism. 

To read the industry studies, hospital ransoms used to be small, way cheaper than fighting the protracted fight. A volume business. Fast forward to 2020: Those studies put asking prices in the millions. Today’s ransomware isn’t just encrypting data natively but stealing it on threat of release, so that companies can’t plug in the back-ups and refuse to bargain. Big game hunting, in the lingo.

Healthcare providers have layers of serious defenses in place. Be assured the good guys are damn good—and have to be. Federal regs (anyone remember the Health Insurance Portability and Accountability Act?) require detailed IT security plans and regular self-assessments, at the pain of major fines and enforcement should personal health information be jeopardized. Europe’s laws are even tougher.

Cybercriminals are such an everyday threat that it’s an insurable risk. Of course, no underwriter goes on the hook for potential millions only to stay out of the response and prevention discussions. Like I said, serious defenses.

That can have a weak link.

                                                                             #

Kyle is messaging his buddy. He had another emergency Zoom interview, this time an IT consultant dude with an open collar shirt and razor stare. The consultant dude kept showing Kyle that HR email and asking about BigBummerExpress and even about his browser history. His affiliations. This FBI lady joined the call, too. She didn’t utter a word. Just made notes. 

It was awesome.

It’s been weird at St. Healthcare. HR sent an actual email with an actual performance warning. It took forever to get the Payables and medical record interface back running, and while it’s not been on the news, Kyle figures somebody must’ve coughed up for the hackers to go away. 

Hackers. Big money. Affiliations. What Kyle’s thinking, this would make full throttle WSS fan fiction.

28 September 2020

Bam, Scam, Thank you, Ma'am


Every six weeks, or so, my wife Barbara says to me, "Isn't your big break about due again?"

It's a standing joke, going on for so long we no longer remember when it began.

The phone rings and when one of us answers, we hear a young female with an Asian accent asking for "Step-on Leez-cow." This young woman, whose name is always "Mumble" and who works for "Mumble Mumble" promotion group (both of those change from call to call, by the way), is very ex-site-ted about my new book, Post Cards of the Haing-Ging. They would like to promote it and hope I will send (usually 50 or 100) copies to some book event that also changes with each call and which I've never been able to find through an Internet search.

I haven't stayed on the line long enough to learn how much money I'm supposed to invest in their enterprise, but I know it will be enough to make their phone call worthwhile… for them.

My "new" novel Postcards of the Hanging, appeared in February 2014. I have received this phone call at least a dozen times in the last three years and I look forward to it along with offers to update the warranty on my 2004 Honda Accord.

If you're new to writing, you'd probably be thrilled to receive a call like this. Don't be. Ask  how the "Company" heard about your book. Ask what they noticed about your website. Ask where else they have looked to find information about you. It's fun to listen to the dead air before they guess. Sorry, Ms., no lifeline here.

A month ago, I heard from a new caller and was in a bad mood (Surgery does that to me), so I played with him more than usual.

"Kevin" called from some mumbled promotion group, and they were palpitating about Words of Love, which I published "recently." It was late 2019, so props to them for being more up-to-date than Ms Bangkok (Who is due to call again next week). Kevin wanted to promote my book so we could boost the sales enough to bring it to the attention of major publishers and renegotiate a deal. We would split the profits. He didn't say whether it would be an even split.

I interrupted to ask how much he expected me to invest, and he answered, "10 or 15 thousand dollars" (Cue hysterical laughter). After that, like a basketball player who turns the ball over and compounds the error by committing a foul, he asked if I was familiar with traditional publishing.

My first novel was with a small traditional publisher. They peeled me like an apple, partly because I signed a bad contract and partly because they were blood-sucking vermin. Other writers had similar experiences and the company has long since disappeared because word got around, as it always does. Remember, we're writers. We tell stories. That company is one of the reasons I self-publish my novels now.

Then Kevin went for the Trifecta, asking me what I've done to promote my book. This is my answer, pretty much verbatim:

I'm a member of Mystery Writers of America, Sisters in Crime, International Thriller Writers and the Short Mystery Fiction Society. I have served on panels for both MWA and SinC, usually at libraries, but at both the New England Crime Bake and Crime Conn, too. I conduct fiction workshops in libraries and other venues, and have a video workshop available online. I have done radio and TV interviews,  podcasts and print newspaper feature stories. I have won several awards, which are listed on my Website and Facebook Author page. My daughter updates my website frequently. I have also published about thirty short stories (traditionally) and have several others currently under consideration.

Kevin was amazed. I told him he hadn't done his homework or he would have, at the very least, Googled me and found all that stuff--along with reviews of various books and stories.

I didn't bother to point out what would happen on the one in a trillion chance that a traditional publisher decided to take on my book. I simply told Kevin I don't give large sums of money to amateurs.

These are scams. 

Because of the Covid-19 lockdown, many people who have threatened to write "That Book" have actually used the time to do just that. The scammers smell fresh meat and are coming out of the dunghills to take advantage of it.

huckster

The Short Mystery Fiction Society posted a scam letter a few weeks ago, and when I first started out, I might have fallen for it. Now, I got about one sentence beyond the salutation before I knew it was fake. Less than two weeks ago, SMFS published a warning about a questionable literary agency that wanted to put writers in touch with Hollywood to sell their novel as a screenplay. I get email offers like that about once a month. They never name the novel they're looking at.

The problem is, if you're starting out, you're learning to write and query and create a synopsis and do an elevator pitch and revise your novel and create a website, a Twitter feed and a dozen other things. You're already swamped without having to learn to spot the grifters out there. There are a few websites to warn people, but they need to know a scam is active before they can pass the word. That means someone has to spot it and alert them.

Writer's organizations are important because they protect their members.

That's another thing mystery writers do besides tell stories. We try to look out for each other.

01 February 2018

Just Another January in South Dakota


I don't know if this made the national news, but the South Dakota media was all over the story of a 72 year old SD man, Daniel Lucas, who snow-birded in winter to Arizona, and who never came back last spring and was missing.  Well, they found him.  He killed himself in his car, they say.  His head was in a box, and his body down in a canyon in Maricopa County.  So how did he get dismembered?  Well, apparently a homeless man, Mattew David Hall. found him in his car, dead, and rather than call the police, he moved the body but kept the head to prove that he hadn't killed him… And kept it for a long, long, long time… They say that Mr. Hall has mental issues.  Yah think?  I think the guy kind of looks like Nick Nolte, so there's casting if they ever make a movie of it.

Mattew David Hall

Moving on, we South Dakotans have our own Kremlin connection!  We're so proud.  Paul Erickson, of Vermillion, SD, is a long time Republican campaign operative.  He worked in SD for Trump, and in 2016 Erickson claimed he was on the Trump presidential transition team.  Which is why he sent an email during the 2016 NRA convention to then-presidential candidate Donald Trump with the subtle subject:  "Kremlin Connection":
Image result for paul erickson south dakota
Fun Fact:  Back in 1994 Erickson was an entertainment lawyer
who booked John Wayne Bobbitt
on a “Love Hurts," worldwide media tour.
Subtle, he's not.
"Putin is deadly serious about building a good relationship with Mr. Trump. He wants to extend an invitation to Mr. Trump to visit him in the Kremlin before the election. Let's talk through what has transpired and Senator Sessions' advice on how to proceed."
No one knows if that meeting took place:  Sessions told the House Intelligence Committee he didn't remember the request.

Okay, so Erickson is also connected to Russian gun rights advocate Maria Butina, who's worked for the deputy governor of Russia's central bank, Alexander Torshin, and who ran a pro-gun group in Russia supported by Torshin.  Erickson and Butina formed a limited liability company called "Bridges" in South Dakota in 2016 (I don't know if it was before or after the Kremlin Connection e-mail), which has an address in a Sioux Falls apartment building and no known actual purpose.  (Can't even find it on the web, dag nabbit.)  So - according to McClatchy news outlet, the FBI is investigating whether Torshin funneled money (thru Butina, thru Erickson?) through the NRA to help fund the Trump presidential campaign. The NRA spent $55 million on the 2016 election with $30 million of that going to the Trump campaign.
Gentle reminder:  The reason this matters is that it's illegal to use foreign money to influence federal elections.  (Thank you, Angela Kennecke for your investigation!)
BTW:  Check out this post from South Dakota's own Cory Heidelberger, with photos of Ms. Butina speaking all over South Dakota, including the Teenage Republicans Camp in the Black Hills, where a number of past and current South Dakota legislatures were counselors, or just there for the party.  Including Mr. Erickson...

Our South Dakota Legislature is back in session, and the legislation is coming out thick and fast, and piling deeper and higher.  Some of my personal favorites so far:

HB 1144, which makes it easier for city councils, county commissions, school boards, and other governmental bodies to do their business behind closed doors, especially if they're "Consulting with legal counsel or reviewing on communications from legal counsel about proposed or pending litigation or contractual matters.”  (Someone's trying to do something they don't want anyone to see...)

SB 107, which would repeal all regulations and licensing requirements for barbers.  Can't figure that one out to save my soul...
SB 109, which would repeal the licensing requirements for sign language interpreters.  Can't figure that one out, either...  

SouthDakota-StateSeal.svg
THE Official State Seal
HB 1102 started as a bill to require as much as a year in jail and a $2,000 fine for creating any replica of the Great Seal of South Dakota that did not include every detail specified by state law, including the state motto, “Under God the People Rule.” (See image to the right)

Well, the ACLU and most of us South Dakota smart-alecks had a lot of fun with that (google freely), and it's since been amended to ban renditions of the seal that are “greater than one-half inch in diameter and used for an official purpose or a for-profit commercial use” while at the same time making it clear that HB 1102 does not apply to “or limit any artistic or satirical use of the seal.”  More fun is still being had, because how can you resist shooting ducks?  (This is funnier up here, in Ducks Unlimited territory.)  Google freely.

State Representative Drew Dennert wants to make hunting, fishing, trapping and harvesting wildlife a constitutional right, that "shall be forever preserved for the public good" in HJR 1005, and make "Hunting, fishing, and trapping...  a preferred means of managing and controlling wildlife."  Still trying to figure out the "harvesting" part.  I can just see it now - hunters fighting against farmers in combines in the corn fields over the pheasants:
"I'm hunting!"  "But I'm harvesting!"  And shots ring out...

Meanwhile, a Mr. Levi Breyfogle of Rapid City has proposed a new Constitutional Amendment that would make all "victimless" crimes unchargeable:
"(1) A charge of a violation may only be filed by a victim whose person or property has been physically damaged by the defendant. If the victim is incapable of filing a charge of a violation, a family member may, but only if the victim does not object; and  (2) The damages must be physical, quantifiable, and have already occurred."
(Someone's done something they don't want anyone to know about...)

But enough of that, back to the news:

636523968955778979-DUUlef1W0AEUSO1.jpgLocal News:  On January 24th, in an improbably appropriate move, a woman crashed into the Billion Car Care Center.  Meth, not alcohol, and there were also 2 children under three in the back seat, who were unharmed, and are now "in the care of a family member."  Thank God.  BTW, here in South Dakota, if you get arrested, you get to do the walk of shame in jail stripes., which is then broadcast on the nightly news, and she looked shell-shocked, to put it mildly.  Whether it was the situation she finds herself in, or that she hadn't had any meth in over 24 hours, I don't know.

636004804435050121-aqua.JPG
The photo that launched multi-
million dollar investments...
The latest scam:  Perhaps because they saw the EB-5 and GearUp! rifling of federal dollars, Tobias Ritesman and Tim Burns (long-time Brookings developer) cooked up a new company, Global Aquaponics which was going to be a high-tech fish farm near Brookings, SD.  (check out their website here!)  They were going to grow fish and shrimp in tanks, and use the "nutrient rich" water to grow vegetables.

And apparently there were quite a few people who weren't bothered by the lack of experience in shrimp farming available in the High Plains, because they managed to raise a few million dollars. (P. T. Barnum was so right.) But a year later, while the ground had been (barely) broken, no tanks were being built, and there was no sign of anything but a nice office downtown in which Mr. Ritesman went slightly off his nut one day and wanted to know about Bitcoins while waving a gun in front of a tech consultant. Let's just say that everyone got ripped off, and Mr. Ritesman and Mr. Burns are facing federal charges.

In the "we should have known" department: Mr. Burns was involved in the EB-5 scandal. (Thanks again to Angela Kennecke at Keloland News)   And Mr. Ritesman claimed to have won the same "Entrepreneur of the Year Award" as Steve Jobs and Elon Musk.  He didn't, but apparently no one checked before investing.
(BTW, this proves that there's a reason why Frank L. Baum made the Wizard of Oz a humbug and a conman in his earthly life back in Kansas and other parts of the Midwest.)

National News:  So, no fish, no shrimp, no vegetables in nutrient-rich water.  But we do have radium, at least in Brandon, SD.  Radium, which is (1) radioactive, (2) killed Marie Curie, (3) can occur naturally, and (4) has been in the city's water for decades. It's also not uncommon across the country. An analysis by EWG (go here for an interactive map) found 170 million people exposed to radium from drinking water in 22,000 utilities nationwide.  Brandon's radium level doesn't exceed federal guidelines.  What's amazing to me is how much (and many) poison(s) you can have in your drinking water before it exceeds the guidelines  Look it up some time.  

Well, that's all from South Dakota, where we talk like Mayberry, act like Goodfellas, and the crazy just keeps on coming.

 

My husband just looked this over and suggested, "Sponsored by the South Dakota Tourism Department".





22 January 2017

Yet Another Computer Scam


by Leigh Lundin

 WARNING A scam involving Google and clever programming sleight-of-hand has hit the scene. It’s not entirely new– a prototype showed up in 2014– but it fools many professionals. Apologies in advance for the technical parts below.

A new month, a new scam, this one brought to our attention by a reader. Although widely reported, this scam hasn’t shown up in the ACM Risks Digest yet. Surprise– the scheme starts with your GMail where a note from a friend or colleague contains a link to another page or document. You click and receive a message you must log in again. Happens every so often, annoying but sign in again for security.

false URL

A Google log-in page shows up– the URL field (web page address) contains google.com. Enter your name, enter your password. Click. The document your compatriot sent now appears.

You may not know it, but you just lost exclusive control of your Google account. Your pal didn’t send that email and the link was plucked out of your emails.

Let’s look at the sign-on dialogue boxes again. Which one is counterfeit? Hover your mouse over them for the answer, but the fact is, they’re indistinguishable.

fake sign-in box
real sign-in box

The insidious part is that email web sites– Yahoo and AOL included– train us by periodically forcing us to relog in. Hold on… didn’t the URL box contain google.com?

Yes. Over the years we’ve seen clever fraudsters incorporate target domain names similar to this:

http://w5.to/google.com

The trick here is that the real domain, web address of the bad guys, is w5.to. The google.com is only a web page set up to fool you. Other examples might look like the following:

http://citibank.net.w5.to/index.html

This is a variation of the bad guy’s domain, w5.to, above.

http://citybank.net

Here the bad guys registered a variation of the real name made a little easier by CitiBank using a non-standard spelling. These three examples are reasonably clever and some scammers don’t take that much trouble. However, this new one can catch even professionals by surprise:

data:text/html,https://accounts.google.com/ServiceLogin

The clue something is very wrong lies in the first three words, data:text/html – you shouldn't see that at all. The opening letters of an URL don’t have to be http – they can be file, data, help, about, chrome, gopher or possibly another protocol, but ‘data’ is the only hint the page is abnormal.

Browsers have become more sophisticated over the years, so web pages might include additional capabilities such as setting preferences. The ‘data’ keyword allows HTML to be embedded in the URL field, but more insidiously, it allows JavaScript, and that’s how this particular exploit fools us. Following the ServiceLogin part of the URL are dozens upon dozens of spaces so you can’t see what comes next. Far beyond the right side of that URL field is where the real sorcery begins with <script…>. This malware program throws up a fake Google sign-in page to capture your ID and password.

Expect Google to quickly mount an update, but beware, look ever more critically at URLs when you’re asked to type in your credentials. It might save your on-line life.

20 March 2016

Duping Delight


He lied for pleasure,” Fuselier said— Supervisory Special Agent Dwayne Fuselier, a clinical psychologist and an FBI investigator.
In this case, he was talking about Eric Harris of Columbine notoriety. But millions of people who aren’t mass murderers also lie for pleasure. They tread beyond compulsive, they go beyond obsessive– they lie for enjoyment, gratification, and amusement.

Telling Lies by Paul Ekman
Psychologist Paul Ekman says lying represents a key characteristic of the psychopathic profile. He calls it ‘duping delight’.

It’s rare for the average person to get to know a criminal mind. I’m not talking about the desperate committer of crimes or those who’ve lost their way, but people who deliberately set out to steal or defraud for no other reason than they wish to.

Oddly enough, most fraudsters I’ve personally known have been disbarred lawyers. Truly. Wait, I’m not picking on lawyers as a class nor am I providing fodder for lawyer jokes– we can do that another time if my friend Dale turns a blind eye. But for unexplained reasons that seem beyond coincidence, the major swindlers I’ve encountered have been former attorneys and one a former judge. They all hail from Florida as well, formerly a haven for con artists and scammers selling underwater parcels of land.

My friend Sharon sent me an Orlando Sentinel article titled “Husband of disbarred attorney sues her, alleging fraud, forgery.” Strange as that sounds, it barely hints at the machinations involved… you’ve got to read the article.

It put me in mind of another lawyer whom I’ll call Dr. Bob Black.

Judge Not Lest… an opinion piece

I met ‘Dr. Black’ at a local college campus. We chatted between breaks. He failed to let on he’d been disbarred, although he mentioned numerous times he’d been a judge. He shared he was raised in financial comfort and had been well educated. His relationship with his parents, especially Bob Sr, sounded complex and later left me wondering about the residual effects.

Black had bought a minor mansion in an Orlando historical district. He’d gutted it and was in the process of slicing its interior into small apartments when the Historical Society called a halt, pointing out that ruining a historical building and establishing multi-family residences in a single-family zone was forbidden. Unfazed, Black put it up for sale, advertising it as partially converted to apartments but possibly not mentioning the legal stumbling blocks.

At the time of his real estate ventures, Bob was also hawking a computer he called the Macintosh XLS. I recognized the machine as an Apple Lisa, the forerunner to the Mac, although Black claimed it was not a Lisa but a super-advanced product that outclassed other computers— especially its price of $10 000, about five times the price of a Mac at the time.

A little research showed he was buying refurbished units from a company in Shreveport, bundling them with freeware and shareware, and offering training worth “thousands of dollars.” As it happened, he was paying less than $40 for adult classes at Winter Park Tech where my friend Geri taught. Geri found herself with more than one of his victims in her classes, including one man whose wife was dying of cancer and was barely holding together emotionally.

The Scheme

Black was buying outdated, refurbished computers for a few hundred dollars, adding freeware (free software) and $40 worth of classes, and then selling them as high-end products to the unsuspecting.

Dr. Black was a snappy dresser. Even at casual gatherings he wore suits, and under his suits he wore sweater vests, not a common sight in Florida.

He liked talking to me, even when I’d call him on some of his shenanigans. When I asked barbed questions, he showed a politely bland face, no anger or irritation at all. I wondered if he masked his feelings or felt nothing at all. Did he choose me just to have one person to talk to?

He claimed to have been a judge, and apparently that was true. The ‘Dr’ part he tacked onto his name– He liked the sound of it. Beyond the connotation of ‘juris’, it had no more meaning than the ‘Dr’ in Dr. Pepper.

Judgment-Proof

Black confided he was ‘judgment-proof’ and explained he maintained real property in his wife’s name and kept all his other assets offshore. The topic of disbarment didn’t disturb him… he simply acted as if he didn’t hear those questions, although once he hinted at a political misunderstanding.

One of his controlling peculiarities was to arrange meetings with clients at odd minutes on the clock, say 9:42 or 10:13. Black claimed he was too tightly scheduled to waste appointments on the half or quarter hour.

His attitude toward ripping off people was entirely incomprehensible to most observers. Black exhibited zero contrition but especially no shame whatsoever. He displayed a bullying arrogance toward anyone he could. He may have fancied himself superior to lesser people; others were merely ants that he righteously stepped on if they got in his way. Bob seemed to typify a sociopath in every sense of the word.

The Detective and the Reporter

A pair of related calls came in on my consulting line. Geri had referred one caller, a former New York City homicide detective who’d been defrauded by Black. The other was from our local WCPX star consumer crusader, Ellen MacFarlane. The detective happened to know Ellen’s mother, a NYC judge, and her sister, a force within the New York Department of Consumer Affairs. They asked me if I would provide technical knowledge for an exposé of Dr. Bob Black.

Ellen suffered from multiple sclerosis, but she was a fighter. I sat in on the interviews, sometimes feeding her questions. Black’s strategy was to answer no question directly. If she asked him about reselling obsolete equipment, he would respond with a rambling discourse on Steve Jobs, Reaganomics, and local gardening regulations. He exhausted the lady, but Ellen managed to air the segment.

The detective wasn’t done. He sued Black and called me as a witness.

We sat waiting for Black in the judge’s chambers. At nearly half-past the hour, the phone rang. The judge put it on speaker phone: A whimpering Black claimed he was deathly ill.

The judge said, “Frankly, Mr. Black, you don’t have much credibility around this court. However, I’ll continue this case if you get a doctor’s note to me within three days.”

Upon my return to court, I bumped into Black. He always acted polite to me and he did so this time, impervious to my cool nod. This time, the parties indicated they were considering a settlement. I wasn’t called to court again so I don’t know what, if any, judgment or restitution was involved.

To say Black was a scoundrel or a rascal is to diminish the impact he had on others. The Yiddish word ‘gonif’ comes close, implying a thief and a cheat.

Most of us would like to leave the world a better place. Besides social currency, reputation is a reflection of future self, the part that remains after we’re gone. We can’t all be great authors, musicians, artists, nurses, and teachers, but we can be good people. People who don’t care are alien to the rest of us.

I’ll bracket this article with “in my opinion,” but Black made a living from cheating people. He could argue he gave naïve people what they asked for (“They should have done their homework”) and what he promised (“So what if I sold them free software and who’s to say the $40 course isn’t worth thousands”).

For all that, my greatest astonishment centered around his lack of shame. I used to attend LegalSIG, a special interest group run by a local law firm concerning matters of business and law. Black would attend, showing no chagrin, no humiliation, not the least discomfort. Most people would not put themselves through such mortification, but Black felt no discomposure. He was internally ‘judgement-proof’ emotionally as well as financially.

Friends asked why ‘Black’ singled me out to talk. Partly, people found it easy to chat with me, even confide, but also I could listen without hating him, which I suspect many of his colleagues and victims must have done. From him, of course, I heard only fragments of his exploits. He never mentioned the word ‘victims’, but hinted those who’d fallen for his schemes were weak-minded. He sometimes suggested when his prey rose up, they were unfairly trying to victimize him for being the more clever.

I can’t read a mind like his, but I began to suspect that if he dealt with emotions at all, he might have felt no wrong. He might even have believed himself entitled, that he had the right to exploit lesser humans, those who could not harm others. If so, I feel sorry for him. But I'll never know for sure.

24 May 2015

Scams, part 2


by Leigh Lundin

© BBB
Last week I wrote about my friend Thrush fielding a scam telephone call pretending to be the IRS. This week I turn my attention to friends who were the subjects of web-mail scams. But as I was writing about other people’s email being cracked, my own was used to spoof addresses of email spammers.

Fourteen years ago, I signed up with AOL. I stuck with them during the vicissitudes of their development cycles, but at some point they wanted to charge fees at a time when their mail interface had run amok. I switched to Yahoo and stuck with them through their vicissitudes of (mis)fortune. Mail received by my old AOL account is forwarded to my Yahoo address, one-way only. I still give out my AOL address– it’s simpler to spell over the phone– but any reply I may make will come from Yahoo, not AOL.

As I’m working on today’s article, imagine my surprise when friends Dale Andrews, Thrush, and Sharon tell me my email’s being used to blast unsuspecting souls with ads for weight loss, penis enlargement, and an eatery called “Quick Sushi”. Friends, colleagues, and acquaintances have recently been attacked in a similar way. Typically, programs either mine email headers for addresses or they break into an address book. They then email from their own accounts ‘spoofing’ a fake return address hoping acquaintances will open emails from an apparent friend or family member.

But our SleuthSayers’s friend Cate was the unwitting pawn in a different kind of attack, as you can tell in the following exchange. I caught on early as did our friends Sharon and Darlene Poier. Not trusting her other accounts hadn’t been cracked, I immediately sent emails to friends and family to warn Cate her business address had been compromised.

Here’s my exchange keeping the scammers busy. Note the grammar, spelling, and punctuation, and keep in mind that Cate, a former teacher, writes and edits textbooks and tutorials.

From: ☒☒☒☒☒☒☒☒ Consulting <☒☒☒☒☒☒☒☒.consult1@gmail.com>
To:
Interesting. Cathrine is notorious among family and friends for refusing to carry a cell phone.
Sent: Wednesday, 06 May 2015 4:59 AM
Subject: Good Morning

How's is your day going,  I'll like to discuss something with you. i should have called, my phone fell in the tub this morning are you online ?  let me know

Cathrine ☒☒☒☒☒☒☒☒

Sent from my iPad



On 06 May 2015 at 16:11, Leigh Lundin <leigh_lundin@☒☒☒☒☒☒☒☒.com> wrote:

Is this you?

Leigh Lundin



From: ☒☒☒☒☒☒☒☒ Consulting <☒☒☒☒☒☒☒☒.consult1@gmail.com>
To: Leigh Lundin <leigh_lundin@☒☒☒☒☒☒☒☒.com>
A professional editor would rather die than write horrible grammar, punctuation, and spelling.
Sent: Wednesday, 06 May 2015 10:37 AM
Subject: Re: Good Morning

How are you ? hope all is well with you sorry to bother you I'm actually in need of a loan, i have decided to request this from you. its just a token and i intend to refund back by  next week.  please are you able to loan me this funds.

Sent from my iPad



On 06 May 2015 at 17:12, Leigh Lundin <leigh_lundin@☒☒☒☒☒☒☒☒.com> wrote:

Now I'm playing with them. But I'm also probing to see what they know: The real Nelly is missing a leg.
I'm sorry to hear that. What happened? Are you okay? Are you in Düsseldorf or München? Isn't Nelly doing the leg work for you? You've got to keep her on her toes.

Of course, I'll help. How many euros do you need? If you send me your street address, Chadwick is leaving Bruxelles in an hour or two. We'll send a courier; just sign for it.

It's a hectic morning, but I'll do what I can.

Leigh Lundin



From: ☒☒☒☒☒☒☒☒ Consulting <☒☒☒☒☒☒☒☒.consult1@gmail.com>
To: Leigh Lundin <leigh_lundin@☒☒☒☒☒☒☒☒.com>
More of the same plus 9000 what? Dollars? Euros? Rand? Notice the stuttering "the the".
Sent: Wednesday, 06 May 2015 11:15 AM
Subject: Re: Good Morning

Thank you so much the  the funds (9000) its needed for some outstanding payments I'll be more than glad to get it today,  i'll have it refunded before the end of next week i  promise you . can you help me send it through now ? can you help me send money via western union

Sent from my iPad



On 06 May 2015 at 17:26, Leigh Lundin <leigh_lundin@☒☒☒☒☒☒☒☒.com> wrote:

I'm confused. 9000 in which currency? I've got Mickey Chadwick standing by. Are you okay? Elle says you're not in Düsseldorf. Where are you?

Leigh Lundin



From: ☒☒☒☒☒☒☒☒ Consulting <☒☒☒☒☒☒☒☒.consult1@gmail.com>
To: Leigh Lundin <leigh_lundin@☒☒☒☒☒☒☒☒.com>
Imagine Bill Cosby saying "R-i-g-h-t…"
Sent: Wednesday, 06 May 2015 12:49 PM
Subject: Re: Good Morning

No i am in south africa now , can you help me send the money now yes i am very okay, reply now



On 06 May 2015 at 19:36, Leigh Lundin <leigh_lundin@☒☒☒☒☒☒☒☒.com> wrote:

What the hell are you doing in South Africa? You're supposed to be in Düsseldorf. What the hell's going on?

Leigh Lundin



From: ☒☒☒☒☒☒☒☒ Consulting <☒☒☒☒☒☒☒☒.consult1@gmail.com>
To: Leigh Lundin <leigh_lundin@☒☒☒☒☒☒☒☒.com>
Tap-tap-tap dancing. Notice how "Sent from my iPad" comes and goes.
Sent: Wednesday, 06 May 2015 1:42 PM
Subject: Re: Good Morning

Yes i went on a quick trip and should be back Düsseldorf on Friday but now i am owing some outstanding payment and i am in good health will you be able to assist me on this money



On 06 May 2015 at 19:54, Leigh Lundin <leigh_lundin@☒☒☒☒☒☒☒☒.com> wrote:

Where is Nelly? She can't go running around with you.

Look, I'll send the money if you tell me what currency and your address. Get your arse on a plane and get back to Düsseldorf immediately. We're going to have a long talk.

Leigh Lundin



From: ☒☒☒☒☒☒☒☒ Consulting <☒☒☒☒☒☒☒☒.consult1@gmail.com>
To: Leigh Lundin <leigh_lundin@☒☒☒☒☒☒☒☒.com>
Here we go! Notice Cathrine's name– the supposed author of the email– and Johannesburg are spelled wrong as well as all uses of 'its'.
Sent: Wednesday, 06 May 2015 1:57 PM
Subject: Re: Good Morning

Please send the funds to the below information "Western Union Money In Minutes"

NAME :
    Catherine ☒☒☒☒☒☒☒☒
    Johanesburg
    South Africa

once its sent please send me the #10 digit confirmation number that will be used to pick up the funds  how long will it take to be sent ?

Sent from my iPad



On 06 May 2015 at 20:18, Leigh Lundin <leigh_lundin@☒☒☒☒☒☒☒☒.com> wrote:

Except for Nelly, Chadwick and all other names I use are from stories I've written.
It’s 20h15 here and I imagine the same in SA. Smuts, Sergeant Ngenzolwampi, and Magondo Svitsi are in Harare headed to Pretoria. What’s your addy in Joburg? And where’s Nelly? I’ve given Svitsi orders to clean up your mess and put you on a plane. Smith’s involved in that op in Sana’a and he’ll not like this at all.

Leigh Lundin



From: ☒☒☒☒☒☒☒☒ Consulting <☒☒☒☒☒☒☒☒.consult1@gmail.com>
To: Leigh Lundin <leigh_lundin@☒☒☒☒☒☒☒☒.com>
Did I say that?
Sent: Wednesday, 06 May 2015 2:19 PM
Subject: Re: Good Morning

Are you saying your no longer sending the money



On 06 May 2015 at 20:30, Leigh Lundin <leigh_lundin@☒☒☒☒☒☒☒☒.com> wrote:

Svitsi's got instructions to take care of any trouble you're in including paying off whatever crap you've got into or other measures– I'm sure you know what I mean. Stop being coy about your address; I can't deal with evasiveness. And where's Nelly? Smith's definitely going to be pissed off. Either answer my damn questions or deal with him yourself.

Leigh Lundin



On 07 May 2015 at 06:29, Leigh Lundin <leigh_lundin@☒☒☒☒☒☒☒☒.com> wrote:

Smith called in on the sat-phone and he's pissed. Call him ASAP.

Leigh Lundin



From: ☒☒☒☒☒☒☒☒ Consulting <☒☒☒☒☒☒☒☒.consult1@gmail.com>
To: Leigh Lundin <leigh_lundin@☒☒☒☒☒☒☒☒.com>
Testy, testy! And look how the spelling deteriorates.
Sent: Wednesday, 07 May 2015 07:15
Subject: Re: Good Morning

I dont need to call anyone as i need your assistance to leave here but you dont want to send the oney



On 07 May 2015 at 07:43, Leigh Lundin <leigh_lundin@☒☒☒☒☒☒☒☒.com> wrote:

Abu Bakr? Never mess with a crime writer. Oh, and never call Cathrine 'Cathy'.
Cathy, I'm asking you to cooperate. Svitsi is standing by with whatever funds you need, but we can't wait forever for you and Nelly. We're trying to run an op and Smith is furious. Abu Bakr is selling out and yet we've got to deal with you. Either make contact or deal with your own problems and don't expect us to bail you out. If you've been captured, you know what to do.

Leigh Lundin



From: ☒☒☒☒☒☒☒☒ Consulting <☒☒☒☒☒☒☒☒.consult1@gmail.com>
To: Leigh Lundin <leigh_lundin@☒☒☒☒☒☒☒☒.com>
Likely dreaming but I like to imagine a small sense of panic.
Sent: Wednesday, 07 May 2015 07:46
Subject: Re: Good Morning

w?



On 07 May 2015 at 07:49, Leigh Lundin <leigh_lundin@☒☒☒☒☒☒☒☒.com> wrote:

Message from Smith: Ipso lorem de Finibus Bonorum et Malorum. Si?

Leigh Lundin



From: ☒☒☒☒☒☒☒☒ Consulting <☒☒☒☒☒☒☒☒.consult1@gmail.com>
To: Leigh Lundin <leigh_lundin@☒☒☒☒☒☒☒☒.com>
Unsure what they intended.
Sent: Wednesday, 07 May 2015 08:26
Subject: Re: Good Morning

(empty email)



From: Maj. Ngenzolwampi <undisclosed@berlin.com>
To: undisclosed list
Always work historical and current events into your fiction.
Sent: Thursday, 08 May 2015 09:50
Subject: OP 2371

Congratulations, team, for another successful operation. One of the best protected men in the world, Nasser al-Ansi, is no more. Special thanks to Colonel Smith and his squad. Job well done! See you in Ankara.



© BBB
I’m happy to report Cate has re-seized control of her business account. She was touched that friends called her land-line to offer help and one of her best clients even deposited money into her business account, money that has to be returned. (Today I received word that the client reacted by awarding her another project rather than have her return the deposit, a very positive outcome.) To the best of her knowledge, no one wired money to the isigebengus, an isiZulu word meaning bad guys.

But I can envision a terrible outcome where a friend reacts and sends money to the swindlers and of course expects to be paid back. Imagine the strain in the relationship of two good-hearted people.

There’s an even more evil ploy in which the isigebengus claim one’s daughter was in a campus accident or someone’s grandson was kidnapped and to send money immediately… all through the anonymity of the internet.

Be cautious out there!



Images © the Better Business Bureau

17 May 2015

Scams, part 1


by Leigh Lundin

You may remember my friend Thrush who spared no expense helping us uncover an insidious scam for Criminal Brief. Last week, he found himself targeted in a rather more serious voice-mail scam:


Before you say “Seriously, people fall for this?” yes, they do. All the usual warning signs are present: It’s non-specific and lacks considerable detail. It carries an implied threat, in this case of a lawsuit, which a government agency would never leave on voice-mail. It sounds like the word ‘information’ is misspelled without the R and a legitimate caller would likely omit the ‘point’ in ‘seven-three-eight-point-one-nine-one-nine’. (I say ‘misspelled’ rather than ‘mispronounced’ because I believe the digitizer is reading from text.)

Why a digitized voice? It’s probably used to disguise the perpetrators’ heavy accents from the Indian subcontinent. That assumption is based upon calling their number after first prefixing my call with *67 to hide my own number from their caller-ID. I politely enquired if this was the IRS and a man replied in a rough accent. I asked for his agent number which seemed to disconcert him. He replied, “Just a minute,” and I heard the receiver covered followed by a muffled conversation. I hung up.

Imitating the IRS takes guts– or foolhardiness. It turns out this number, 202-738-1919, has appeared in other scams including a variation of the Nigerian scam in which recipients are told they’ve been awarded a $7000 grant. All they have to do is pay a 5% award fee ($350) via Western Union.
© BBB

Many will recognize 202 as a Washington DC area code, but this might have easily been a different kind of scam, one in which the con artists trick the target into unwittingly dialing a ‘premium rate’ number and keeping him on the line as long as possible. The original flimflam began with area code 900 and its descendants– any area code beginning with 9– but people caught on. They flooded AT&T and government agencies with complaints, and these hustles gradually faded away.

But fraudsters in the Caribbean discovered they can turn any old number into a $20 to $60 a minute premium call and your phone company won’t do a damn thing about it. In fact, they’ll cut off your service if you refuse to pay a bill that may extend into several hundred dollars. Some of the worst offenders use area codes 809, 284, 473, 649, 876 (and the original 9xx numbers).

Thanks to Forbes, here’s a list of area codes to be wary of if you don’t know the party you’re calling:

use caution when dialing these area codes
242 284 649 784 868
246 345 664 809 869
264 441 758 829 876
268 473 767 849 9xx

Next week: Friends find themselves the subject of a current scam and, as I was writing about it, my own address was used to spoof others. Be cautious out there!


Images © the Better Business Bureau

03 October 2014

Hold on a Minute


They say you always remember the first one. That would be a girl named Rachel. She was followed by Carmen and then a few more after her, but I don't remember all the names now. Wasn't really my fault they kept coming back for more. I tried to stop it all with a simple push of a button, but evidently that part of my phone no longer worked because they just kept right on calling, even when I asked to be taken off their phone lists.
Finally, after the last time Rachel called, I hit the phone button labeled with the number 1 and I immediately got put on HOLD. A pleasant female voice, obviously pre-recorded but not by Rachel, informed me I was Caller #22 and thanked me for holding. There was no background music while I waited, but I wasn't worried because I quickly moved up in priority to Caller #17, got thanked again for holding, then jumped to #12, always very polite, and before I knew it I was in single digits and a real person came on the line. Never did figure out what happened to all the numbers I got to skip over. Maybe this was a big business outfit with lots of operators to handle all these important phone calls. My girl Rachel must really be something special to work at this place.

Just as I was ready to actually connect with Rachel on a personal one-to-one basis, some guy who must've been her boyfriend came on the line. I knew it wasn't her brother because this guy had an accent from India. Oh sure, he was pleasant enough and spoke good English, but still, he had that very distinctive accent. I quickly learned he was from Card Member Services and was offering to help me get a lower rate on my credit card. Hey, who wouldn't appreciate paying less money every month to those greedy credit card companies?

Unfortunately, I probably won't be getting that lower rate he offered. Seems I failed to meet his expectations. Not sure where I went wrong. Had to be something I said since he soon asked to speak to my wife so he could explain everything to her.

I will admit things went downhill after I broke out in a laugh, accused him of being a scam artist and informed him (thank you Rob Lopresti) that as long as he was talking with me, this was time he wasn't able to con someone else. He emphatically denied being such a person and then asked for my mother so he could talk to her. Sadly, I explained that he would have to travel to Texas where she was buried. It must have been a bad day at the office or maybe he was merely feeling frustrated with his job, because he moved on to the more colorful aspects of the English language. By now, my wife who was listening from the other room started laughing herself.

He and I continued, with me laughing and having a great time, while he became more colorful with his adjectives. I wonder if the FCC is aware of this type of conduct on our telephone airways? I fear such rough language could offend the ears of some of our more sensitive citizens. As he started to repeat his apparently limited vocabulary, I asked for a phone number so I could call him back. He promptly found some new words he hadn't yet used in our conversation. As the ten minute mark approached, I changed tack and politely inquired if he could hold on to the line for a few more minutes while I got someone to trace the call. The line went quiet. Then it died. Guess that means I may not hear from Rachel again.

But hey, Carmen called again as I was busy writing this, so those girls are still out there. I was sorry I didn't have time to speak with Carmen right then when she called. Wonder if she too has a boyfriend with one of them foreign accents?

The very next day, to my surprise, I got a call from another gentleman with an accent from India. This time, it was direct, without any pre-recorded voice and without being put on HOLD for a Caller Countdown. I quickly determined this caller was not Rachel's boyfriend from the previous day. Nope, this fellow sounded more like the same guy I always get when I call for support on my hail-damaged computer or wandering software. I will say this gentleman was very polite and had great patience with me, even though we had a bad connection (probably not his fault) and a slight problem understanding each other (this could have been my fault). I chalked the latter up to the fact that I was conversing in American English which I understood perfectly, whereas he was speaking some form of India English, no doubt derived from the King's English some decades after India dropped out of the bottom of the British Empire. In any case, there appeared to be a slight language barrier as he had to constantly repeat his directions. I do commend his patience in this trying endeavor. Of course, there is always the possibility that I could be a slow learner and therefore none of the blame should be laid at his doorstep. He was merely attempting to help me out.

He quickly explained that he was from Windows and that hackers may have gotten into my computer. I thanked him profusely for his awareness. He instructed me to go to my computer (several times) where he would then show me if I had a problem. He then inquired (several times) if I were in front of my computer. Next, (several times) I was instructed to sit at my computer. Then, stupid me, I had trouble understanding if I were supposed to be on the internet during this process, or not. We finally determined it was not. Hey, what did I know? I'd never been through this harrowing process before.

Now, I was supposed to hit the Windows key and the "R" key. In case you don't know, this brings up the RUN screen. Next is to type in "event log" at which time he would ask if I saw any error messages. Naturally, the screen will show some errors because sooner or later every computer gets an error message, but this was supposed to prove that my computer had been hacked and infected with a Trojan virus. At which point, the helpful "guy from Windows" would have me type in a certain website to clean out the virus. He was doing such a good job that I hated to disappoint him, so in the interests of congeniality, I said "good one," laughed to show we'd had a good time together and hung up.

Obviously, these two gentlemen from India have not read Rob Lopresti's 950 word short story, "Shanks Holds the Line." Rob mentioned this story in one of his previous blogs, plus editor Linda Landrigan posted the story on AHMM's blog site a few months back.

For more on this scam subject, feel free to Google "Card Member Services" and/or "Windows key and R."

Oh, and if Rachel calls be sure to say hi for me.

Postscript~ I just got a call from Emma. Evidently she is busier than Rachel because I started out at Caller #33 while on Hold. When a live voice, a nice black girl named Ashley with an American accent, came on I inquired why I never got to talk with Rachel or Carmen. She said, "Who?" I explained they were the names on the pre-recorded tapes that called me. I must have confused her because she went into a long rambling explanation before finally hanging up on me.

Oh Rachel, where art thou?