How to steal … the easy way

We were privileged to host Tony Sales last week.

Tony is Britain’s Greatest Fraudster, according to the Sun …

… stealing over £30 million in a lengthy criminal spree of
robbing cards and retailers of goods and services.

Easily done, as it turned out.

And you can see why when you listen to this phone call.

This is Tony pretending to be a bona fide customer sales person from a retailer who
the customer visits regularly.

Tony’s got their details by using a man-in-the-middle
attack.

This is pretty easy to do.  For example, in Tony's presentation, he harvested this customer information by creating a wifi hotspot called “Starbucks wifi”.

The customer therefore thinks they’ve safely logged on to Starbucks
wifi in their local café when, in reality, they’re logged onto Tony’s wifi
hotspot.

As the customer entered their card details to the superstore, Tony stole them.

He also did a lot more that I could tell you about, but you
need to join the Financial Services Club if you want to know about that.

What I will share with you is this phone call.

As mentioned, Tony knew the customer used this store for shopping
and that they used a certain card regularly. 
So, here goes, this is Tony trying to get a little more out of the customer.

Credit Voucher Scheme from Chris Skinner on Vimeo.

Shocking and sweet, and so easy and so true.

The thing is that Tony is using basic social engineering skills
to achieve this and, as he pointed out regularly in his presentation, the
problem we have is that most people believe people are honest.

Whether you are working in a bank or getting services from a
bank, you think they and the people who work there are honest.

Not all of them are.

So Tony’s murky past and honest present – he advises banks
and retailers on how to avoid fraud today – is all about preying upon people’s
honest.

Then imagine if you had a hoard of people using such skills.

Oh!   There are?  OK.