GearBits

e-Fraud(R)

I just saw Catch Me If You Can, a fairly interesting and entertaining film. It takes some dramatic licenses, but generally describes some of the interesting and clever frauds and cons perpetrated by Frank Abagnale in the late 1960's. Throughout the movie, Abagnale is shown creating fake documents of all types -- checks, diplomas, etc. He does this using a variety of manual techniques, such as stenciling, forgery, press-printing, and so on.

What occurred to me at some point during the movie was how very differently so much of the identity theft and fraud happens today. Granted, there is still a lot of check forging and so on, but many of the techniques and scams that Abagnale used are now either completely impossible or very unlikely to be effective on any significant sums of money. So many financial networks employ interlinked information systems that the detection of suspect behavior is likely to be found much sooner. Recently, I bought airline tickets to Australia. My credit card company thought that was a bit strange, so they called me the next day. You think a person is looking these things over? No way -- some fraud detection routine found this transaction fishy and flagged my account for checking up.

Better technology also contributes to this reduction in the efficacy of Abagnale's traditional tricks because the delays in handing off information from one entity/corporation/government body to another in the chain have been greatly reduced. What used to take 2 weeks just to transfer (physically) can now be transmitted, processed, and reconciled in just a few days, if not hours. Relying on this "float" time to commit fraud is getting harder and harder to do.

However, these same systems that have eliminated a lot of the opportunity for traditional fraud schemes have opened up new opportunities -- the occurrence of digital fraud is increasing rapidly and a lot of it can be done from the convenience of a living room, a dorm room, or a public library. Wherever Internet-accessible computers can be found, fraud can be attempted, if not committed. From the rather pathetic emails we all get to the semi-intelligent attempts at stock manipulation to the theft of credit card information, the opportunities for large-scale fraud are greatly expanded as everything becomes digital. While Abagnale had to print each physical check out individually, today's digital thieves can steal and/or manipulate thousands of records/transactions/accounts almost simultaneously and from nearly anywhere on the planet.

The opportunities for "really bad things" happening are impressive. While I'm nowhere near keeping my money under the mattress or in the cookie jar, I am fairly careful about dealing primarily with companies having reputations for decent security. While "your friend Bob" might be a great investor and a Certified Financial Analyst, if he's keeping your portfolio details on the PC in his home office, which also happens to be attached to a cable modem, and he doesn't know what a firewall is, you might think twice before handing him a big ol' check, your social security number, and your mother's maiden name. Just a thought.