Page 22 of 39
Okay, this is weird:
Police in Italy have issued footage of a man who is suspected of hypnotising supermarket checkout staff to hand over money from their cash registers.
In every case, the last thing staff reportedly remember is the thief leaning over and saying: “Look into my eyes”, before finding the till empty.
This is a weird story: someone posts a hoax Craigslist ad saying that the owner of a home had to leave suddenly, and this his belongings were free for the taking. People believed the ad and starting coming by and taking his stuff.
But Robert Salisbury had no plans to leave. The independent contractor was at Emigrant Lake when he got a call from a woman who had stopped by his house to claim his horse.
On his way home he stopped a truck loaded down with his work ladders, lawn mower and weed eater.
“I informed them I was the owner, but they refused to give the stuff back,” Salisbury said. “They showed me the Craigslist printout and told me they had the right to do what they did.”
The driver sped away after rebuking Salisbury. On his way home he spotted other cars filled with his belongings.
Once home he was greeted by close to 30 people rummaging through his barn and front porch.
The trespassers, armed with printouts of the ad, tried to brush him off. “They honestly thought that because it appeared on the Internet it was true,” Salisbury said. “It boggles the mind.”
This doesn’t surprise me at all. People just don’t think of authenticating this sort of thing. And what if they did call a phone number listed on a hoax ad? How do they know the phone number is real? On the other hand, a phone number on the hoax ad would give the police something to find the hoaxer with.
At least this guy is getting some of his stuff back.
EDITED TO ADD (3/26): In comments, Karl pointed out a previous example of this hoax.
EDITED TO ADD (4/1): A couple have been charged with posting the ad; they allegedly used it to cover up their own thefts.
This sort of story is nothing new:
Hannaford said credit and debit card numbers were stolen during the card authorization process and about 4.2 million unique account numbers were exposed.
But it’s rare that we see statistics about the actual risk of fraud:
The company is aware of about 1,800 cases of fraud reported so far relating to the breach.
And this is interesting:
“Visa and MasterCard have stipulated in their contracts with retailers that they will not divulge who the source is when a data breach occurs,” Spitzer said. “We’ve been engaged in a dialogue for a couple years now about changing this rule…. Without knowing who the retailer is that caused the breach, it’s hard for banks to conduct a good investigation on behalf of their consumers. And it’s a problem for consumers as well, because if they know which retailer is responsible, they can rule themselves out for being at risk if they don’t shop at that retailer.”
A suggestion from the UK of putting primary-school children in a DNA database if they “exhibit behaviour indicating they may become criminals in later life.”
Pugh’s call for the government to consider options such as placing primary school children who have not been arrested on the database is supported by elements of criminological theory. A well-established pattern of offending involves relatively trivial offences escalating to more serious crimes. Senior Scotland Yard criminologists are understood to be confident that techniques are able to identify future offenders.
A recent report from the think-tank Institute for Public Policy Research (IPPR) called for children to be targeted between the ages of five and 12 with cognitive behavioural therapy, parenting programmes and intensive support. Prevention should start young, it said, because prolific offenders typically began offending between the ages of 10 and 13. Julia Margo, author of the report, entitled ‘Make me a Criminal’, said: ‘You can carry out a risk factor analysis where you look at the characteristics of an individual child aged five to seven and identify risk factors that make it more likely that they would become an offender.’ However, she said that placing young children on a database risked stigmatising them by identifying them in a ‘negative’ way.
Thankfully, the article contains some reasonable reactions:
Shami Chakrabarti, director of the civil rights group Liberty, denounced any plan to target youngsters. ‘Whichever bright spark at Acpo thought this one up should go back to the business of policing or the pastime of science fiction novels,’ she said. ‘The British public is highly respectful of the police and open even to eccentric debate, but playing politics with our innocent kids is a step too far.’
Chris Davis, of the National Primary Headteachers’ Association, said most teachers and parents would find the suggestion an ‘anathema’ and potentially very dangerous. ‘It could be seen as a step towards a police state,’ he said. ‘It is condemning them at a very young age to something they have not yet done. They may have the potential to do something, but we all have the potential to do things. To label children at that stage and put them on a register is going too far.’
There’s an underground economy of boosted books. These values are commonly understood and roundly agreed upon through word of mouth, and the values always seem to be true. Once, a scruffy, large man approached me, holding a folded-up piece of paper. “Do you have any Buck?” He paused and looked at the piece of paper. “Any books by Buckorsick?” I suspected that he meant Bukowski, but I played dumb, and asked to see the piece of paper he was holding. It was written in crisp handwriting that clearly didn’t belong to him, and it read:
- Charles Bukowski
- Jim Thompson
- Philip K. Dick
- William S. Burroughs
- Any Graphic Novel
This is pretty much the authoritative top five, the New York Times best-seller list of stolen books. Its origins still mystify me. It might have belonged to an unscrupulous used bookseller who sent the homeless out, Fagin-like, to do his bidding, or it might have been another book thief helping a semi-illiterate friend identify the valuable merchandise.
Petty crime and identity theft, but both fascinating and impressive. Social engineering works even in places that take security seriously.
This is both clever and very weird:
Swedish police are quizzing “people of limited stature” with criminal records following a spate of robberies from the cargo holds of coaches – possibly carried out by dwarves smuggled onboard in sports bags.
[…]
National coach operator Swebus confirmed it’d been hit by the audacious crims, who have over the last few months has lifted “thousands of pounds” in cash, jewellery and other valuables.
The company’s sales manager, Ingvar Ryggasjo, said that one short person had been put aboard a coach in a hockey bag. A female passenger said she’d seen some men squeezing the “large, heavy bag” into the cargo hold, and that she later found she’d been relieved of stuff including a camera and purse.
Almost three years ago I blogged about SmartWater: liquid imbued with a uniquely identifiable DNA-style code. In my post I made the snarky comment:
The idea is for me to paint this stuff on my valuables as proof of ownership. I think a better idea would be for me to paint it on your valuables, and then call the police.
That remark aside, a new university study concludes that it works:
The study of over 100 criminals revealed that simply displaying signs that goods and premises were protected by SmartWater was sufficient to put off most of the criminals the team interviewed.
Professor Gill said: “According to our sample, SmartWater provided a strong projected deterrent value in that 74 per cent of the offenders interviewed reported that they would in the future be put off from breaking into a building with a SmartWater poster/sign displayed.
“Overall, the findings indicate that crime reduction strategies using SmartWater products have a strong deterrent effect. In particular, one notable finding of the study was that whilst ‘property marking’ in general acts as a reasonable deterrent, the combination of forensic products which SmartWater uses in its holistic approach increases the deterrent factor substantially.”
When scored out of ten by respondents in regard to deterrent value, SmartWater was awarded the highest average score (8.3 out of a score of 10) compared to a range of other crime deterrents. CCTV scored 6.2, Burglar Alarms scored 6.0 and security guards scored 4.9.
Of course, we don’t know if the study was sponsored by SmartWater the company, and we don’t know the methodology—interviewing criminals about what deters them is fraught with potential biases—but it’s still interesting.
Also note that SmartWater is not only sprayed on valuables, but also sprayed on burglars and criminals—tying them to the crime scene.
On Wednesday, a man dressed as an armored truck employee with the company AT Systems walked into a BB&T bank in Wheaton about 11 a.m., was handed more than $500,000 in cash and walked out, a source familiar with the case said.
It wasn’t until the actual AT Systems employees arrived at the bank, at 11501 Georgia Ave., the next day that bank officials realized they’d been had.
[…]
And on Thursday, about 9:30 a.m., a man dressed as an employee of the security company Brink’s walked into a Wachovia branch in downtown Washington and walked out with more than $350,000.
The man had a badge and a gun holster on his belt, said Debbie Weierman, a spokeswoman for the FBI’s Washington field office. He told officials at the bank, at 801 Pennsylvania Ave. NW, that he was filling in for the regular courier.
About 4 p.m., when the real guard showed up, a bank official told him that someone had picked up the cash, D.C. police said. The guard returned to his office and told a supervisor that he did not make the pickup at the bank. The supervisor called a Wachovia manager, who in turn notified authorities. Police were called nearly 11 hours after the heist.
Social engineering at its finest.
EDITED TO ADD (1/16): Seems to be an inside job.
Join “My SHC Community” on Sears.com, and the company will install some pretty impressive spyware on your computer:
Sears.com is distributing spyware that tracks all your Internet usage – including banking logins, email, and all other forms of Internet usage – all in the name of “community participation.” Every website visitor that joins the Sears community installs software that acts as a proxy to every web transaction made on the compromised computer. In other words, if you have installed Sears software (“the proxy”) on your system, all data transmitted to and from your system will be intercepted. This extreme level of user tracking is done with little and inconspicuous notice about the true nature of the software. In fact, while registering to join the “community,” very little mention is made of software or tracking. Furthermore, after the software is installed, there is no indication on the desktop that the proxy exists on the system, so users are tracked silently.
Here is a summary of what the software does and how it is used. The proxy:
- Monitors and transmits a copy of all Internet traffic going from and coming to the compromised system.
- Monitors secure sessions (websites beginning with ‘https’), which may include shopping or banking sites.
- Records and transmits “the pace and style with which you enter information online…”
- Parses the header section of personal emails.
- May combine any data intercepted with additional information like “select credit bureau information” and other sources like “consumer preference reporting companies or credit reporting agencies”.
If a kid with a scary hacker name did this sort of thing, he’d be arrested. But this is Sears, so who knows what will happen to them. But what should happen is that the anti-spyware companies should treat this as the malware it is, and not ignore it because it’s done by a Fortune 500 company.
Sidebar photo of Bruce Schneier by Joe MacInnis.