We have seen our share of weird cases involving Craigslist, but nothing like these: Continue reading ‘Craigslist Crooks’
Archive for the 'Fraud' Category
Infamous hacker Kevin Poulson paid the defaulted Yellow Page accounts of escort services to get their defunct telephone numbers reactivated. He collected the profits and when the police became interested, only the original advertiser was on record with the telephone company. I once saw this done in a home renovation scam.
In Cynthia Hetherington’s excellent book, Business Background Investigations: Tools and Techniques for Solution Driven Due Diligence, she tells of a group of crooks who moved into an office recently vacated by an insurance company. They took-up the old phone number and began selling insurance.
When new policy holders complained about bad service to the insurance company’s head office, the scam was revealed, but the crooks had moved on.
It’s not just people who have their identity stolen.
Handwritten documents are important to any Investigator or Researcher as they are either creating them, or reading them. Archives throughout the country are full of original handwritten documents of value to researchers.
The age of the ubiquitous ballpoint pen began in the 40’s and this has caused some problems for archivists as so many companies strove to create inexpensive ballpoint pens. The problem has become one of education. The pen may write, but the ink may fade over time, or be vulnerable to water and other solvents. UV light and poor quality paper also do a fine job of obliterating cheap ink from poor quality ballpoint pens. The forgers art of cheque-washing in the following examples illustrate what can happen to documents that encounter solvents. Continue reading ‘Cheque Washing and Pens’
False blind man caught out during car check: report - Yahoo! News: “ROME (AFP) - A 70 year-old Italian man who had been pretending to be blind for 40 years to get an invalid’s pension was arrested as he drove his car, Sky TG24 television said Thursday.
The ‘particularly nervous’ man was stopped during a routine road check in the northern city of Spezia and could not provide a driving licence, city police chief Massimo Giaramita said.
‘Then we checked his medical record and were amazed to find that he was registered as 100 percent blind,’ Giaramita said.0
He had been claiming an invalidity pension and other benefits from his former employers for 40 years, the report said.”
An article by John Polyzogopoulos, a partner of Blaney McMurty LLP, in the January 2008 edition of the Commercial Litigation Update explains a Norwich order can help victims of fraud determine what happened to the money.
The recent decision of Justice James Spence in Isofoton S.A. v. The Toronto-Dominion Bank should be of interest to anyone who suspects they may have been the victim of fraud. In that case, Justice Spence granted a Norwich order to obtain the banking records of a party suspected of defrauding the applicant of over $3 million. The unique nature of the disclosure order was that it was directed not to the alleged fraudster, but to the fraudster’s bank. The disclosure order was made to assist the applicant in investigating the fraud and determining what happened to its funds.
The article also illustrates the need for due diligence research prior to entering into an agreement with a previously unknown supplier. Once the victim realised that the supplier was not acting in good faith, they hired a PI who determined that the the supplier was a company without the assets necessary to deliver the contracted goods.
We have all heard of the faked-death scams to defraud insurance companies, escape prosecution, or to start over. The latter always happens in the aftermath of mass-casualty events like train wrecks, fires, and terrorist attacks. But what about the reverse — pretending to be somebody who has died?
This is not uncommon simply because it is so difficult to uncover the truth of someone’s identity and it has been so throughout my thirty years of Canadian experience.
In Canada, registering deaths is a provincial responsibility. The national vital statistics death registration system run by Statistics Canada does not include the deceased’s name or date of birth. There are no public search facilities for determining if the identity that you are presented with is that of a dead person.
In the U.S.A., the Social Security Administration Death Master file includes 98% of deaths of persons who participated in the Social Security program. This is may be searched at several internet sites.
In the UK, Smee & Ford Limited created a database called Mortascreen, which was used to screen direct mail lists for deceased people. This data was augmented and is now used as the foundation for Halo, a database that covers 85% of the deaths occurring annually in the UK. It is updated monthly and includes historical data to make it useful for verifying a person’s identity.
According to the UK’s Fraud Prevention Service, CIFAS, since 2001, impersonation of the dead is Britain’s fastest growing identity theft crime. The latest research suggests the problem has been under-stated by 3.5 times and revised statistics now indicate that 70,000 families experienced the pain of discovering their loved one had been impersonated after their death, to open accounts such as credit cards and loans.
According to the Home Office figures on crime in England and Wales in Jan 2003, “Between April 2000 and March 2001, the passport agency detected 1,484 fraudulent applications of which 301 used the identities of the deceased.”
I suspect that Canada may have a problem with this type of identity theft, but there is no way of knowing the extent of the the problem.
An excellent CI related blog, Brand Killer Robots, offers this fun comparison of the black-hat hacker and the good guy training people to protect their assets.
Why have Ethical Hacker Training companies got it so wrong?
We ask, just who are the people that you are sending on Ethical hacker training courses and why are you sending them?
So lets first look at the white hats. Continue reading ‘Why Ethical Hacker Training Fails’
We wrote about this here in Ten Private Investigators Indicted on 7 Dec 07.
Wired Magazine has posted the Indictment of the accused who allegedly employed false pretenses to gain personal information. A related Wired article compares this type of pretexting to the HP mess.
The accused are from Washington, California, Oregon, Texas and New York:
Emilio Torrella, BNT Investigations, Washington State
Brandy Torella, BNT Investigations, Washington State
Steve Berwick, BNT Investigations, Washington State
Victoria Tade, C.I., Inc., California
Megan Ososke, P.I. and Information Services, Oregon
Robert Grieve, Robert Greive International, Texas
Ziad Sakhleh, Robert Greive International, Texas
Darci Templeton, sole proprietor, Texas
Patrick Bombino, AAA Allstate Investigations, New York
Esau Pinto, AAA Allstate Investigations, New York
The Indictment alleges that BNT supplied the improperly obtained personal information to the PI’s for a fee. BNT was not identified as a private investigation firm in the Indictment, but was identified as a company that sold its pretexting services to PI firms. Some of the PI firms even advertised for sale to other PI’s what they were obtaining from BNT.
Accusations #17 and #21 allege that BNT obtained medical information by pretext, much in the same way as was revealed by he Royal Commission of Inquiry into the Confidentiality of Health Records in Ontario, Canada, by Mr. Justice Horace Krever.
If Bill C-27 (2nd Session, 39th Parliament with first reading on 21 Nov 07) will make it an offence to recklessly make available or sell personal information knowing it will be used to commit fraud.
The wording that concerns me:
Everyone commits an offence who transmits, makes available, distributes, sells or offers for sale another person’s identity information, or has it in their possession for any of those purposes, knowing or believing that or being reckless as to whether the information will be used to commit an indictable offence that includes fraud, deceit or falsehood as an element of the offence
How will the term “reckless” be defined and measured? The people writing this law need to take into consideration what has happened with the requirement to safely store firearms.
In the case of the law requiring the safe storage of firearms, a group of street gang members rappeled down the side of an apartment building and broke into an apartment, and for four days, they continuously used industrial power tools to open a huge money safe and steal some handguns. Without a clear definition in law of what constitutes “safe storage”, the gun owner was charged with unsafe storage of the firearms. This type of malicious misuse will surely follow if Bill-C27 is passed without a clear definition of what constitutes being reckless.
Commtouch, an Israeli security firm that specializes in protecting e-mail integrity, says that it has detected a new malware outbreak that is spread through e-mails claiming to be from private investigators. According to Commtouch, the e-mails tell recipients that a private investigator has been recording the recipients’ phone calls and that an audio file of one of the calls is attached to the message. When unwitting recipients download the “call” to their hard drives, their computers become infected with malware…
Some common subject headings for the malware e-mails include “I’m monitoring you,” “You’re being watched” and “The tape of your conversation.” Commtouch says that the malware is sent in the form of a password-protected, compressed file that appears to be an MP3 sound file.
A recent study by the Center for Identity Management and Information Protection suggests that less than one fifth of criminals get their data from the internet. In most cases it they get their data by re-routing mail, dumpster diving and intercepting mail.
The study is available at the Center for Identity management and Information Protection (CIMIP) but unfortunately they what identifying personal information before you access the study.
If you want to learn the current state of Title Fraud, Title Insurance, and our land registry system, then you should read Title fraud and title insurance in Ontario: impact of recent changes by Bruce McKenna at Lang Michener LLP.
Normally I don’t use inexpensive pens, but lately I have found three inexpensive pens I now use for work and when I am travelling due to the good ink they contain. They are the Pilot G-2, Pilot G-TEC-C4, and now the uni-ball 207.
My current favorite, the uni-ball 207, uses an ink that contains color pigments which are absorbed into the paper fibers. The ink is in effect trapped on the paper fibres and can’t be washed off, as some forgers do to alter cheques. Refills are available. Uni-ball 207 is sold worldwide in stationery and office supply stores and other outlets. Mike Shea did some interesting tests of the ink in the uni-ball 207 and the G-2 and three other inks. The G-2 survived water but not soap and bleach. The uni-ball ink survived all the tests.
The Pilot G-Tec-C4 or the G-TEC-C writes with a very fine line. I use it for corrections and margin notes. They are so thin they write like mechanical pencils. The G-TEC-C seems to have a more durable ink, but it is hard to find in North America.
If your handwritten records have to survive intact for a long time, then you have to carefully consider the ink used to produce them. It seems I’ll be using the uni-ball 207 a lot more from now on.
Laurie Raye, a property owner from Tacoma, Washington was recently the victim of a phoney ad on Craigslist that invited the public to come in and freely strip the house of its contents and fixtures. The advertisement was on the Craigslist website for two hours before being pulled. Unfortunately, that was long enough for the vultures to find the house and pick it clean.
Its not uncommon to find all sorts of scams on Craigslist, but this takes the misuse of Craigslist to a new level.
We hear a lot about the ‘evils’ of ‘pretexting’ in the media lately. If you want to avoid complications involving the use of pretexts, follow my three simple rules.
The three rules:
1. Do not personate a living person.
2. Do not personate a representative of any existing company (or business) or anything to do with government.
3. Do not cause anybody to be concerned for their own safety or the wellbeing of any person, business, company, or property.
