• fraudstersdiary

Information is Power

I was cajoled into going shopping the other day with Lucy, a female friend; she wanted to buy something expensive for her husband James and wanted my opinion before she spent a fortune. James is very like me inasmuch as he has a love of nice watches and has earned a huge amount of money from scamming - or in his case, more accurately selling information to scammers to allow them to target potential victims. Unlike myself however, he is still active.


Many scams are a 'numbers game' in that you have to try to tempt large numbers of people before you settle upon potential victims. Anything you can do to improve your odds has to be a good thing - for the scammers that is. Some of James's products are referred to as 'Suckers Lists' and comprise the names, addresses, email addresses, telephone numbers etc of people who have fallen victims of scams before or, who for any other reason, appear to be there for the taking. As distasteful as it is, these include the details of dementia patients. These lists are regularly traded between fraudsters.


The Suckers Lists are then combined with other information from data brokers to make the scammer sound even more convincing to the punter as they clearly already know a huge amount about them. Whilst these data brokers will confidently tell you that they only sell information to reputable and legitimate companies - in my experience, that is complete rubbish. They will sell to anyone willing to pay.


As we traipsed between shops looking at collectible watches, I joked that she has bought him at least half a dozen over the years so she should have a loyalty card at the dealer she invariably goes back to. I intended this to be a light-hearted comment, but Lucy immediately rounded on me and said, 'A loyalty card? are you mad? have you forgotten what James does for a living?' I laughed nervously and changed the subject.


Many years ago when James and I first met, we were both employed as salesmen in a Boiler Room fraud selling non-existent shares. Whilst I was confident cold calling people and scamming them out of their life savings, he wasn't. After a couple of days of failing to close a few big deals, the guy in charge had a heart-to-heart with him and told him to seek alternative employment - although they weren't the exact words he used!


Boiler Room frauds rely heavily on Suckers Lists and leads supplied by data brokers; typically these leads will provide the details of punters who have disposable funds in excess of £50,000 and who have admitted to being comfortable being exposed to at least a moderate investment risk. James knew roughly how much each lead cost as the guy in charge regularly berated the sales team for wasting the money he paid to the data brokers.


James realised that by combining as much information as possible into a single product would significantly enhance the success rate of the sales team - so he did just that. He brought together the Sucker Lists, the data broker lists, and augmented that data with (1) Social Media usernames and (2) Loyalty Card data. Its both amazing and worrying in equal measure that people are so happy to share their personal and sensitive information with complete strangers.


Being of a similar age to myself, James did not grown up on Social Media and as a result, his learning curve looped-the-loop in familiarising himself with, and creating fake profiles on Facebook, Instagram and Twitter. He very quickly formed the opinion that Twitter is largely filled with angry people, Facebook contains all sorts of niche interest groups where people place enormous trust in total strangers, and your credibility on Instagram depends almost entirely on how many 'followers' you have. I read something very interesting the other day from Susan Grossey in her excellent 'I Hate Money Laundering' blog which highlighted the power these influencers enjoy.


James quickly realised that if so many thousands of people were gullible enough to be persuaded to buy a product purely because it was being 'liked' by one of these vacuous 'influencers' (who are usually paid very well for their support) they are just as likely to fall victim to any number of scams. Of particular interest are those who promise to quadruple (or more) your money overnight. Of even more interest are the idiots who follow them - they might as well have a sign on their forehead that says 'gullible idiot - scam me now'. James harvested the Instagram details of these followers and gleefully added them to his pool of data.


Loyalty cards provide data from a different demographic; this data can tell you inter alia, what you buy, how often you shop, what time of day you shop, which store you usually visit, what offers tempt you, how do you pay, what debit card you use etc etc. The reward for your 'loyalty' works out at a paltry sum, usually less than 1p per point earned. On the flip side, the information you provide by handing over your loyalty card is priceless. Having paid another data geek for an enormous amount of loyalty card data he poured this into the data pool too.


Just as the Instagram accounts reveal the gullibility of those who follow obvious scammers, the loyalty cards reveal so much about the lifestyle of an individual. Do they always buy premium brands or stick to the store branded basic products? even if they prefer the latter, do they refuse to buy anything other than premium brand wine and spirits. Scammers are just looking for any angle to engage the punter in conversation, e.g. We understand that you are a whisky connoisseur and as such we think you might be interested in buying shares in a craft distillery as shareholder are automatically gifted a full case of single malt every Christmas. None of this is rocket science.


Data breaches are another obvious source of information, although they occur erratically and without warning. It always makes me laugh when a bank reluctantly admits that the details of hundreds of thousands of its customer'd details have been compromised (lost to scammers) but add that there is no need to worry as the three figure security code on the back of the card was not leaked! The bad news for punters is that it doesn't matter if it was or it wasn't! There is always enough information available to create a cloned card or set up a totally new account.


James is a master of his craft; he offers a mix and match service for scammers looking to target a particular demographic. He even works on a commission basis with a few 'trusted' scammers and provides the data packages free of charge but is paid a percentage of what the scammer takes from the victim.


For the adults amongst you reading this, perhaps you should think about ditching the loyalty card. What the store learns about you (and either fails to keep secure or sells on to other businesses) is much more valuable than the paltry discount they give you in return for your continued custom. Whilst I appreciate that Instagram caters for a younger audience, it is not exclusively used by them. Either way, be careful of who you follow and what you 'like' as it demonstrates a clear propensity to be easily influenced by someone whose only achievement is to have an overdose of lip filler and pout into the camera. If you think I'm joking - I wonder if you are interested in buying these magic beans I'm selling??

27 views0 comments

Recent Posts

See All