The propensity to defraud is part of who we are. Since humans first started interacting, we’ve tried to deceive and defraud each other. It may seem cultural, but evidence of intentional deception has even been found in our nearest genetic relatives, the great apes.
Perhaps little surprise therefore that each and every year we (individuals, businesses, charities, governments and more) lose the financial equivalent to an economy the size of The United Kingdom or Germany to fraud, with conservative estimates putting the global financial burden at over $4 trillion per annum. To put it another way, shadowing our legitimate economy is a $4 trillion criminal enterprise, financing many of our world’s most pressing problems- from narcotics to human-trafficking, inequality and terrorism.
To understand more about this world, I spoke to Frank Abagnale– one of the world’s most respected authorities on forgery, embezzlement, and secure documents who has spent 40 years working with institutions, corporations and governments around the world.
Mr. Abagnale’s rare blend of knowledge and expertise began more than 50 years ago when he was known as one of the world’s most famous con men. His riveting story provided the inspiration for Steven Spielberg’s 2002 film, Catch Me If You Can, starring Leonardo DiCaprio as Abagnale and Tom Hanks as the FBI agent fast on his heels.
Q: What motivates those that commit fraud?
[Frank Abagnale]: For the most part, fraud is motivated by financial gain; but when you get into cybercrime, for many it’s like playing a video game- who’s the best at breaking in? who can score the highest? Who can get the most information, or cause the most disruption? It’s like a game amongst a group of people who play and challenge each other.
For the vast majority of financial crimes, embezzlement, credit-card scams, information selling and so on; this comes down to one simple motivation- making oneself richer, greed.
I’ve been teaching at the FBI academy for 42 years, and the level of greed you see out there is unbelievable. When you look at the big banking and financial crimes, you have people approaching retirement age who made tens of millions of dollars each, without people knowing about it – but then, instead of thinking, ‘we literally got away with it…. Let’s move on….’ They think, ‘let’s see if we can make another 50 million, maybe 100 million…’ These are individuals who made more money than they could ever spend in a lifetime, and yet they carried on- risking getting caught- why? Greed.
The vast majority of fraudsters, and criminals get caught not because of good police work, but because they continue doing the same thing over and over again, until someone notices. If someone escapes prison, goes to hide in the countryside as a farmer with a new identity- chances are, they’ll never get caught; but if they go speeding down the interstate with a car full of drugs and guns, there’s a chance they’ll get caught eventually.
Criminals are not as bright as people think, and their greed motivates them totally.
Q: What is the psychology of fraud?
[Frank Abagnale]: Because of the internet, you now have people committing crimes from thousands of miles away. One of my clients is the AARP (American Association of Retired People), they have 40 million members- and I deal with all financial crimes against their seniors and elderly members. These are scams, sweepstake scams, internet scams and other methods that can cost people their life savings; but a lot of the criminals are based in China, Russia and other places, not the UK.
In many cases the criminal never sees the victim, so there’s no emotional tie… they don’t feel sorry about it… they don’t feel like they’ve taken enough. Dehumanizing the victim through the internet has enabled people to commit crimes and not worry about their conscience.
Q: What makes us susceptible to financial crime?
[Frank Abagnale]: Here’s the thing, the vast majority of people- if they can benefit from something or make some money, will look the other way. It’s like walking down the street and seeing someone selling a Gucci purse for $40 that looks like the real thing which would cost $3500. You know it’s illegal to buy counterfeit goods, you know you’re harming the company’s brand and trading name; but it benefits you to save the money- so you do it. It’s personal greed, without thought about the consequences.
The truth is that we live in a very unethical society. We don’t teach ethics at home, schools or university. As a consequence most businesses don’t have a code of ethics or conduct.
In the 1940s and 50s, people were taught right and wrong by their parents, in schools, colleges and had a sense of doing the right thing. Even the media at the time usually injected moral code or moral story into their dramas and films; you walked away thinking the guy who did the right thing, won. Young people today are surrounded by corruption on screen, in politics, in business, and in their communities and at some level this absolutely teaches them that it must be OK to behave like that.
We also get conditioned into behaviours that make us susceptible. I’ve given talks to senior bankers, senior leaders… I’ve told them the sort of things that criminals can do and they say, ‘wow, I didn’t know you could do that!’ These are the CFOs, CEOs and CIOs of Fortune 500 companies.
I always try to be observant when I travel; and at airports, you’ll see airline crews going past security, flashing their ID cards- usually partially covered by their hands. And we’re not even talking about advanced cards, these are relatively simple- anyone could make them- and so even with all the security we have, there’s a chance anyone- who could make a convincing ID card and a uniform- could get on a plane because our habits don’t make us break behaviours and processes that put us at risk, it’s very scary.
Q: How resilient are organisations to fraud?
[Frank Abagnale]: The vast majority of organisations are not resilient to fraud. I’ve worked with the US government for over 4 decades, and I can tell you it’s one of the easiest organisations to defraud; we have over $200 billion in Medicare fraud alone, no commercial business could sustain those losses.
We have a lot of people in business and government who think, ‘oh, it can never happen to me…. I don’t want to spend the money on prevention…’ – but if you don’t keep on top of your data security and organisational resilience, your assets become worthless. I see this every single day where companies are not protecting the information that’s been entrusted to them by clients and customers. If you make it easy to steal from you, someone will.
Criminals are not looking for challenges, but opportunities. Every breach I’ve been involved with comes down to the fact that someone in the company did something they weren’t supposed to or failed to do something they should have done. Hackers don’t cause breaches, they wait for doors to open; and we’re making it so easy for people to steal from us that we’re creating unlimited doors.
Q: Can our law enforcement teams deal with cyber and financial fraud?
[Frank Abagnale]: When you get down to the level of local police, sheriff departments, county police and even city police, these people have not had proper training, resources or the technology to respond to cybercrime.
The scale of this is overwhelming. In the United States, we had over $940 billion dollars of fraud in 2017, that’s almost $1 trillion. There isn’t enough law enforcement in the world to deal with that.
Today’s cybercrimes are made even more complex because they’re transnational. You can’t easily go and arrest someone because even if you have their name and address, they may be in another country which won’t cooperate with us.
The scale of crime also means that investigations have set dollar amounts; for example, in the FBI, where there are around 13,000 agents, they are only investigating federal crimes over $100,000; and then you have a federal prosecutor who determines whether or not to proceed with a prosecution, and usually that benchmark goes up to $250,000. So, the criminals know that by staying below certain limits, the chances of arrest are slim; or if prosecution does occur, you’ll end up doing community service or limited jail time. For many criminals, the lack of law enforcement action makes this a high reward, limited risk crime, it doesn’t get much better.
I really like the way the European Commission handles enforcement of data protection, it’s the way the United States should have done it to begin with. The consumer should control their information. If I don’t want anyone to see my credit history, I could freeze it, but would have to pay a fee; so $10 to freeze, $15 to unfreeze, for example- I testified on this matter before congress and told them how I didn’t give Experian and Equifax my explicit permission to have my information. I never signed paperwork that enabled them to store and sell my data for profit. As an individual, I should have the right to say, ‘look, you store my data, but I control who you show it to…’ To that end, they passed a law this year in congress, a federal law, that now provides for everyone in the United States to be able to freeze their credit so that the only people who see their credit is people they want to see their credit.
Q: Do we have the trust between agencies and participants to protect us?
[Frank Abagnale]: We don’t currently have tremendous cooperation between enforcement agencies; the FBI for example, does it’s best to get local police and agencies to work with them, and we also try to get overseas agencies involved. A few months ago, we held a forum in Washington DC of 30 prosecutors from 30 countries including the UK and Australia. These face to face meetings are important, it means a prosecutor can pick up the phone to his peer and go, ‘Hey, I met you at that forum, I’m in Brazil, but have a problem in the UK, can you help?’
The general public however has a real lack of trust in companies and enforcement. Lets face it, a lot of these ‘legitimate’ companies are ripping people off from overcharging for pharmaceuticals to mishandling data.
The recent Cambridge Analytica scandal for Facebook was telling. I’m not on any social media, but I do believe that there will come a day when we look back on social media and say, ‘this was the wrong thing for humanity… this was a bad experiment, and we should never have done that…’ – We are giving organisations detailed information on every aspect of our lives, more information than we know about ourselves, and that information is now being used to manipulate us, our psychology and our behaviour. It’s extraordinarily dangerous.
Q: What do you hope your legacy will be, what are you worried about?
[Frank Abagnale]: I’m working with companies, helping them to develop technologies that will solve some of the issues that face us. For the past 5 years, I’ve been working with a company called Trusona. I went to them and said, ‘we need to do away with passwords, they’re only appropriate for treehouses!’ – Passwords are a 1964 technology that we’re still using in 2018! We need to eliminate passwords completely as we already have technologies that allow us to identify and trust each other digitally, with close to 100% accuracy.
What keeps me up at night is very simple.
Until now, cybercrime was all about making money and stealing information (because information is money). Today however, we have the ability- from 30 feet away- to shut off someone’s pacemaker. A malicious individual could walk down a street today, and shut-off bodily devices that are controlled by computer chips, murdering them. In a few years’ time, they will be able to do this from thousands of miles away. A law enforcement agent today can stop a vehicle on the freeway providing they are within 35 feet of it, because the average vehicle has over 240 microprocessor-controlled components; you can shut it off, lock the doors, enable airbags…. In a few years’ time, a malevolent individual may be able to do that from thousands of miles away, on mass. Today, we think of cybercrime as financial crime, but I fear it will become much darker, more of a terrorist tool, and much more harmful to our wellbeing.
Frank Abagnale is one of the world’s most respected authorities on forgery, embezzlement, and secure documents. For over 40 years he has worked with, advised, and consulted with hundreds of financial institutions, corporations and government agencies around the world. Mr. Abagnale’s rare blend of knowledge and expertise began more than 50 years ago when he was known as one of the world’s most famous con men. His riveting story provided the inspiration for Steven Spielberg’s 2002 film, Catch Me If You Can, starring Leonardo DiCaprio as Abagnale and Tom Hanks as the FBI agent fast on his heels. The Tony-Award winning musical, Catch Me If You Can, directed by the legendary Jack O’Brien, opened on Broadway at the Neil Simon Theatre in April of 2011.
“I chose to immortalize him on film because of what he’s done for the country for more than 30 years.” -Steven Spielberg
Mr. Abagnale has been associated with the FBI for over 40 years. He lectures extensively at the FBI Academy and for the field offices of the Federal Bureau of Investigation. He is a faculty member at the National Advocacy Center (NAC) which is operated by the Department of Justice, Executive Office for United States Attorneys. More than 14,000 financial institutions, corporations and law enforcement agencies use his fraud prevention programs. In 1998, he was selected as a distinguished member of “Pinnacle 400” by CNN Financial News – a select group of 400 people chosen on the basis of great accomplishment and success in their fields. In 2004 Mr. Abagnale was selected as the spokesperson for the National Association of Insurance Commissioners (NAIC) and the National Cyber Security Alliance (NCSA). He has also written numerous articles and books including The Art of the Steal, The Real U guide to identity Theft and Stealing Your Life.
“Abagnale’s lecture may be the best one-man show you will ever see.” -Tom Hanks
Mr. Abagnale refuses to accept payment for any of his government work. Today, the majority of his income is derived from consulting with major corporate clients such as LexisNexis, Intuit, AARP, and Experian and his public speaking engagements. Mr. Abagnale has conducted over 3,000 seminars on identity theft, cyber crime and fraud worldwide. Mr. Abagnale works as an advisor to a number of print and technology companies around the world. He spent 20 years as an advisor to the Standard Register Company, creating security features for negotiable instruments, car titles, etc. He spent 10 years as an advisor to the 41st Parameter which developed fraud detection technology, now used in 80 countries around the world and recently purchased by Experian. Today, Mr. Abagnale is an advisor to Trusona (www.trusona.com) in developing the world’s first and only insured authentication platform.