I have just finished reading a book that I found rather scary. It made the hairs on the back of my neck stand up at times and kept me from sleeping well more than once. When most people think of scary books they think of authors like Stephen King. My book was written by Jesse M Greenwald in the early 1990’s.
Mr Greenwald is not your average author of scary books. Actually he does not write horror or thriller novels, and is only an ‘author’ because of this one book.
Mr Greenwald wrote “Document Fraud and Other Crimes of Deception” whilst serving a prison term in 1992 (the latest of five) for .. well, document fraud. After 22 convictions and five prison terms (by the early 1990’s) he found out what worked when committing frauds and, obviously since he had been in prison five times, what did not.
Now many ex-criminals have written books about what they did and attempted to teach us how to avoid becoming a victim of other fraudsters. Some like Frank Abagnale Jr (who was the topic of the 2002 movie ‘Catch Me If You Can’) spent life after prison assisting law enforcement agencies catch fraudsters.
Not Mr Greenwald. Under the U.S. Constitution’s protection of free speech, and while prison guards were looking over his shoulder, he wrote what could only be termed as a How To book for aspiring fraudsters. The book passes his vast knowledge of fraud to a new generation of law-breakers.
Now he did write his book in the early 1990’s and describes frauds done against the American system and government agencies, but the apparent ease that these frauds can be committed would transfer easily to Australia.
One particular chapter of his book deals with credit card fraud. Essentially it is on how to produce a fake credit card – actually how to produce hundreds of them. The idea being that you only used a card for a day or two, make your money, destroy it and move to the next card.
He says that you need a few pieces of equipment to set yourself up:
(i) a personal computer (practically everyone has one these) and a scanner (scanners cost as little as $100). Remember that when the book was written, the popular computer was the ‘386’. Most people under 30 may not remember these dinosaurs. Technology has come far since then.
(ii) blank magnetic swipe cards. You may think that these are difficult to get, but a quick Google search brings up about 51,000 hits on that term and amongst them are many places that sell these blank cards – cheaper by the hundred. The fact that these cards are also used everyday for ID cards, door key cards at hotels etc and cark-park access cards etc means that they are very common and supposedly (though I have never tried) easy to purchase.
(iii) a printer that will print on these cards. The same place that will sell you the blank cards will sell you the printer. They cost from $1,700. You can even get printers that are good enough to put your photo on the card – for ID purposes of course. The graphic images to print on the cards can be scanned from anywhere or downloaded from bank’s websites. With the number of different cards that have been issued by a vast range of different banks, finance companies and retail stores, the average salesperson will not know whether the image on the card is real or not. You can download the software needed to design your artwork for free.
(iv) an embosser to place the indented numbers etc into the card. Getting this is a little more difficult. I only had 16,900 hits on Google. They cost from $300.
Mr Greenwald is not an great advocate of actually getting the information from the magnetic strip of your victim’s card and placing on the back of the fake card. He reasons – and apparently has had a lot of experience to prove the point – that many magnetic strips on credit cards do not work on store readers and sales staff simply types the numbers into the machine and process the sale. He even described how to scratch the strip to make it look damaged to avert suspicion.
Until very recently I had a credit card with a magnetic strip that could not be read. I used it for almost a year with no problems. Salespeople simply typed the numbers into the machine and processed the transaction – and no one ever asked me for ID. I only stopped using it when the card expired and I got a new one. It seems like Mr Greenwald was right on this point.
But, if you decided that copying the information from the victim’s card is necessary, card readers to get that information are available cheaply from many of the places where you get the embossers, and you get a discount if you also buy the machine that writes the captured information onto a new card.
Just to highlight the point: Last week I was on leave staying at a resort in Queensland and the room keycard was one of these cards with the magnetic strip – identical in size to a credit card. You hold the card up to the reader on the door to unlock it. This resort obviously buys these blank cards, prints their logo on the front and has a machine that writes the electronic message to the individual room keycards.
The advice from Mr Greenwald is to go to a city where you do not intend to commit your frauds. Set up a business (using one of your false identities of course) that will supposedly produce ID and key car-park access cards for customers and use that business to buy the necessary equipment. You then move it all back to your neutral city and set up shop. You commit your credit card frauds in still other cities. The man obviously was careful.
So how do you get the information (the account numbers and expiry dates etc) to put on your fake cards?
Mr Greenwald says: “The best and most dependable form of this information is a copy of the user’s card.” Nearly every time a card is used a copy of the transaction is made and high turnover sales areas may not dispose of the copies well. Mr Greenwald used to get most of this information from ‘dumpster diving’ the waste bins of restaurants etc. Businesses are disposing of this information more appropriately these days, but there will always be some information that can be obtained. Once you have the information from the sales receipt copy, you emboss it on the fake card, put your photo on the card next to it, and go shopping.
But technology has surpassed Mr Greenwald’s 1990’s activities. Many thousands of businesses of all types have databases of customer information and this usually includes their credit card details. Hackers have made the headlines more than once by accessing these databases and literally getting the credit card details of hundreds of thousands of people within minutes. Imagine if someone hacked into the Amazon.com database holding the credit card details of millions of people.
But these headlines only tell the story of the hacks that have been uncovered. If the hacker is good enough to leave no trace of his activities, well ..
Once you get bored committing credit card fraud, you can use your fake card and your fake birth certificate in the same name (you might was well put your computer, printer and scanner to good use) to get other ID documents in your victim’s name. You are now into Identify theft, but I will cover that some other time.
So, who has had your credit card details recently? Sleep well..