Crime Could Have Paid (maybe).

At some point we read in the news about a murder for an amount of money that seems senseless, especially given the amount. I cannot recall the story exactly but there was one where a person in a homeless shelter was murdered over a debt of tube-socks.

In the homeless world where clothing and shoes are donated, socks are not, so discount socks become a valuable commodity. Quite sad this happened but as one goes up the socioeconomic ladder we see crimes that reflect the values of the class and perpetrators. An Oxy addicted bank robber might kill someone over $2000.00 to $4000.00, a typical amount taken when a threatening note is passed to a teller. An Armored car robber might not bother killing someone for that fee and certainly would not bother to kill someone over socks, but at over $100,000? I am sure its been done for that amount or less.

Some jobs pay well. A few years ago I was involved in a Penetration test where we had to “capture the flag” (present the contents of a file to a supervisor) for pay plus a bonus if a glaring weakness was discovered. I set about trying to get into the company from within, since I figured they would have shiny new firewalls and a 24/7 admin team and someone, someone always knows that a Pen Test is going to happen because most people are terrible at keeping secrets and no one wants to look bad.

I did a google search on the company. Nothing really interesting but that is always my first step. The next I did a whois search and found that they had 4 nameservers, 2 were third party, most likely secure, and 2 were of the same domain name and in a sequential IP address . So I did a “host -al” type lookup and all the subdomains popped up and they all had IP addresses not belonging to the webhost.

A quick scan of port 80 and port 443 revealed open ports on a number of internal servers. One that looked interesting to me was I pointed my web browser to the HR site and it had all types of useful information including the procedure for starting your first day on the job. The person to see, what to bring (photo ID for passport, Drivers License and job ID) . It also had instructions for supervisors. One was that the supervisor had to have the resume of the new hire on file within 2 months after the 1 month trial period for new hires had ended. That was a 3 month limit. I signed up on their “careers” site and applied for a job as a network admin and submitted a 17k jpg file saved as a txt file and then a .docx file…so it was gibberish. (I would submit again if needed) and I was emailed back a Thank You for Applying notice that gave the Job ID.

The next day I followed instructions on the HR server, talked to who I was supposed to talk to, filled out tax forms, signed an agreement that I was employed for 1 month only on a trial basis (the term “A Good Fit” was not used then, but I am sure it is now) I watched a video on diversity and harassment policy, I agreed not to ask anyone out on a date and then I reported to the Senior System Administrator. I was also told to bring my resume again as they were not able to read the one they had on file for some reason.

He was baffled as to why I was there. He said “who hired you?” and I said “I don’t think he is here now or he would have met me” and he said “Dave”. You must be hired for the second shift.

I left and had a coffee, then I had about three beers, then a coffee and then some Life Savers and went back for the start of second shift. I met “Dave” and said “Bob told me I was on second shift”

And I was in.

I got the file easily as I had access to everything from the start. The next morning I contacted my supervisor for the gig and told him the contents of the file. Then I told him how I got it.

He was quite angry, He said it was a penetration test of the firewall and passwords and other technical things. I got paid for the job but I did not get the bonus.

Then I wondered, what would have happened had I just quit my security gig after getting the Network Admin gig? I would have had a job that paid about $90,000 per year if I made it through the one month trial period. I would have known about the file and protected it and made my team look really good. But I would have gotten the job via fraud. If I was ever discovered people would have had a good reason to never hire me again for anything.

But it could have been a crime that paid. I likely would have never gone to jail for it even if I had been discovered. I probably would have never even been arrested.

People are deceptive at job interviews all the time. People exaggerate on their resumes quite often, this would have just been one step above that by never actually going to an interview.

For $90,000 there are people out there who would kill for that amount, but $90,000 + health and dental & a 401k and maybe some profit sharing and a chance for a promotion and Christmas bonus for 5 years or more?

That is tempting and perhaps I was foolish for doing the job I was hired to do instead of doing the job I was never hired to do for more money and more stability, but here I am now.

I have always had this in the back of my mind. I wondered who has done this? Who has done something similar? A well crafted career fraud can pay better than most crimes and be legal and have your proceeds “laundered” because you have been getting them as a legitimate paycheck and paying taxes on it.

Yesterday on LinkedIn I saw a “Trending” story about an ex-poker player named Haseeb Qureshi who landed a $250k job with Airbnb with about 1 year experience as an instructor at one of those “coding camps”. The interesting thing about the story is that Qureshi had previously been involved in a poker scam where fake accounts and references were used to produce a profit. More later as I investigate this.

And it might be the guy is completely legitimate but I saw a bit of my penetration testing technique in his story so I have to check it out.

Recruiters who say they are from America but are not at all

Anyone who thinks they are immune to scams and frauds will usually be taken by a scam or fraud.   This is how people make money for nothing, by relying on people thinking they are too clever to fall for something so they fall for it harder than ever.

This has happened to me more times that I care to recall.  Its embarrassing.

One time I had a person approach me with the “Hey, I lost everything but I can get it back if you give me a large sum of money and you give me your address so I can mail the money back to you”.  He said he was American, but had married a Norwegian but he and his wife lost everything in their luggage and he could not stay at the youth hostel on Amsterdam Avenue on the upper West Side because they did not allow Americans to stay there (which is true…Americans, Canadians and Mexicans cannot stay there…which is probably in the tourists best interest).  And I ended up quizzing him about Norway, a place I am familiar with, and let him know he failed miserably and gloated over the fact he asked the wrong person.

Then one year later I gave $40.00 to a guy in a bar because he made me feel his calloused hands and showed me a Union Card and he promised he would pay me back.

He never did.  It dawned on me later that his calloused “workingman’s hands” were really just hardened by years of holding a hot crack pipe.

I got suckered because he sized me up as someone who knew what it was like to work and get screwed over and I felt sorry for him and gave him drug money thinking it would get him back home to New Jersey so he could be among his loved ones and some proper hand lotion.

I have been looking for a job lately.  The environment has changed since I last had to look.  Back in 2006 I met a recruiter who I swore up and down she had been sent to me by god.  She got me a great job that I loved, we hung out and often had dinner together and enjoyed pleasant conversations and good food.  She advocated for me with my employers if needed and I reviewed resumes for her to make sure she had the most trustworthy candidates possible.   I know I probably just got lucky and ran into an exceptional recruiter but my experience with her has perhaps made me overly trusting and vulnerable with others.

I am very suspicious of someone who uses a name that is not theirs during any kind of transaction.  If your name is Robert and you go by “Bob” then that is fine.  If you have a name that Americans easily forget because you or your parents were not born here then it is perfectly fine if you want to simplify and use “Bob” instead of Rabinidranath (Bob Tagore wrote the national anthem of India) but if your name is Rabinidranath Tagore and you go by the name “Bob Smith” then there is something wrong with you.  If you have a Voip phone that claims you are based in the US but its connection drops at the same time there are network outages in Mumbai then I am really suspicious.  I have had run ins with folks from the Indian subcontinent who have done this before and it always seems to be a way to cover their butts when their business plan goes belly-up.

But, in spite of my experience, successful lawsuit against someone using a similar tactic in a different field I have fallen for a recruiter who claimed to represent a company as an Anglo-Named businessman but really was just a resume combing person who tried to get me to sign away on not applying for another job.

From what I can gather the method seems to be designed to get H1B visas issued but I have no idea if it really works or not.  The trick is this:

1. Be a recruiter with a PO box in the USA but do not be based in the USA.

2. Contact job applicant.

3. Get them to agree to be exclusively represented  by their company.

4. Get enough qualified people to make this agreement.

5. Try to convince the company to sponsor H1B visas since no other qualified applicants can be found.

6. If you succeed, get one of your “recruiters” back in India to take the job and then get a big cut.

I am not naming real names because I have no proof of this.  It is pure speculation on my part.  But I did fall for another scam I should not have fallen for.  I will probably always be vulnerable to a degree but I assume everyone else is as well.



I once saved my life with social engineering

Normally when someone says something dramatic like the above statement they go on and you realize that they were just speaking metaphorically like “Read this book, it will change your life” and then you read about the book and find out it is written by a smiling man who either wears a tie with no jacket or a jacket without a tie and his words are used in the same manner as his fashion.  He will not change your life at all.  It is just a scam written by the heartless for consumption by the gormless.

When you are in the business of computer security a side project is always tackling scam artists because the twains often meet and sadly you also learn that no matter how poor and desperate someone is, they always have $20 to spend on a book and they always have $200 to spend on a “turn-key” business.

Unlike hucksters, when I say something like this it is really true.  If I had not been a social engineer I would be dead right now.  I suspect my remains would be somewhere in the Port Au Prince bay or perhaps laying in Cite Soliel but I would not be typing this and I don’t want sad and needy people to give me money.

It all started almost ten years ago.  I was at the Gare Du Nord train station in Bucharest Romania.  Gare Du Nord is probably the most notorious train station in Europe and for good reason.  Lots of petty hustlers, large areas of the station are unoccupied and you can quickly find yourself being shaken down by someone with a badge.  In Bucharest, they give everyone at the train station a badge it seems.

Anyway, I got a train ticket to Istanbul and I had to wait a few hours for my train to leave.  I sat with my back to the wall so no one could sneak up behind me and just watched people.  Nature called and I lost my place because I had to pack up all my things and take it to the toilet with me and when I returned I had to stake out a new seat.  I was approached by a man pretending to be a policeman.  He told me that he had to check my money for counterfeit bills.  This meant that the bill he found would indeed be counterfeit and he would give me a receipt for it and then he had 100,000 lie for just the cost of a fake badge.  For some reason I decided to pretend he spoke very poor English.  No matter what he said and how clearly he said it I pretended he had said something else.  He asked for my passport and I offered him a potato chip.  He asked to see my train ticket and I showed him a photograph of my parents.  Finally he stopped speaking and resorted to hand gestures and he made a certain motion with his hand, mouth and head that I took to mean “do you want a prostitute?” but it also looked similar to how one would quickly eat an ice cream cone so I got up and bought one.  He threw up his arms in frustration and left me alone.

That did not save my life really, but it taught me that I always had to the power to cause doubt in people.  He lost his pretend air as an authoritative policeman and quickly degenerated into a stammering, confused man prone to making obscene gestures.  The next time I encountered that was when I went to the Haitian slum of Cite Soliel the next year.

Cite Soliel is a flat outcropping that juts out into Port Au Prince bay and it is the poorest slum in the western hemisphere.  It is not even made out of “land” as we know it, it is made out of shells and detritus.  The shacks there are made of metal and string and when the wind blows you cannot hear anything because the whole place rattles with loose corrugated metal and flattened 55 gallon oil drums.  There are children everywhere.  It is like a “where is Waldo” game but with real people…you stare at any given area long enough and suddenly your eyes adjust and you start seeing children.  Lots of children.  You never see any old people because they are dead.

There are also street gangs.  I hired a gang of pro-Aristide thugs who were followers of a gangster named “Tupac”.  I found it ironic that a real Haitian gangster had himself named after a fake American gangster.  It would be like a real General naming himself after Donald Rumsfeld.  These guys were about 14 to 18 and kept guns in their underwear.  One fellow had the gun go off in his shorts and blew part of his foot off.  My body guards main rival was another Gangster named Billy.  Billy and Tupac were supposed to be brothers in films that are made about them but that is not true, they were foster brothers.  Orphans are numerous in Cite Soliel and their foster mother (I met her, her name is “Mom”) raised them to be gangsters simply because that was her best hope for prosperity.  In Cite Soliel a woman does not take care of others children to be charitable.

At the end of my tour this fellow in a red bandana and riding a BMX bike showed up.  My bodyguard on crutches said “Billy’s soldier!” to me before he started hobbling away.  This was a gang of people whom everyone in Cite Soliel was terrified of, but here they were, clucking like hens about to be eaten by a fox just because a kid on a bicycle showed up.  While my bodyguards were cowering I approached the guy on the bicycle.  I walked up to him and looked him in the eye and said “Hello, my name is Erik.  It is nice to meet you.” and he stared at me, looking at me like I was a pinata and all he had to do is figure out where to hit me to cause candy to come spilling out and said “Gimme da money” and I said “sure” and I reached in my pocket and pulled out a stick of Wrigley’s Spearmint Gum.  As he and I both chewed he had a confused look in his eyes and he said “da money.  gimme da money.” and I gave him another stick of gum and walked away.

I went over to my cowering bodyguards and said “thank you, this money is for all of you to share.” and I gave them about $100 in Gourdes in bills so large that they had to fight over it.  I then jumped into a an old Honda Civic and sped off.  I looked in the mirror and saw that Billy’s Soldier was following me on his bicycle and trying to shoot me.  He missed the car completely thanks to pot holed roads screwing up his aim.

It is very likely I would have been killed had I not distracted him by causing his own doubts about his English ability to surface.

Later that day I was caught in the middle of a gunfight and then briefly kidnapped by a voodoo priest in Petionville.

But that is a story for another day.