Source, The Times Herald, Gary Puleo
UPPER MERION — “Passwords are for treehouses.”
When identity theft expert Frank Abagnale predicts that passwords for the digital world will be obsolete in a few years, people tend to listen.
In fact, a few hundred people came to listen when the author and subject of the hit movie “Catch Me if You Can” shared his decades of wisdom at Valley Forge Casino Resort in King of Prussia on Tuesday evening.
For more than 40 years, Abagnale has advised the FBI on how to outsmart con artists, and now he’s hooked up with the AARP Fraud Watch Network and AARP Pennsylvania to advise us on the best ways to spot and avoid being victimized by the constantly changing landscape of scams.
Although his stunningly crafty and charismatic methods ultimately landed him in prison in Europe, between the ages of 16 and 21, Abagnale successfully posed as an airline pilot, an attorney, and a doctor and cashed millions of dollars in fraudulent checks.
“When my sentence was up in France I was extradited to Sweden where I was convicted of forgery in a Swedish court of law and sent to a Swedish penitentiary,” the Bronxville, N.Y. native told the audience, adding that he was eventually returned to the U.S., where he was sentenced to 12 years in federal prison.
“I served four of those 12 years at a federal prison in Petersburg, Va. When I was 26 years old the government offered to take me out of prison on the condition that I go to work for the government for the remainder of my sentence.”
In addition to his long career as a consultant for the FBI, Abagnale founded his own agency, educating corporations, financial institutions and government organizations on how to locate and handle fraud.
“This year I’m celebrating 43 years with the FBI,” he said to resounding applause. “I make my home in South Carolina where I live with my wife of 43 years and my three sons and I actually fly to work in Washington every Monday and back home on Thursday.”
He noted that his oldest son is an FBI agent who “has made his dad very proud.”
He credited Johnny Carson for suggesting he pen his first book during an appearance on the legendary host’s late night show.
“I raised my three boys in the same home in Tulsa, Oklahoma, for 25 years, away from Washington and for 25 years commuted to Washington D.C. My neighbors didn’t know who I was. But in the end Steven Spielberg said he felt compelled to tell the world the story because, as he put it, not because of what I did as a teenage boy but because of what I had done for my country. In the end, my family and I were very pleased with the outcome of that film.”
Getting to the “scam alert” segment of the evening, Abagnale said that he had stepped away a bit from the world of business crimes to focus on crimes against consumers, at the request of AARP.
“It’s a great privilege to be able to do that,” he said, adding that much of his presentation would be drawn from his book, “”Stealing Your Life.”
“I started writing about identity theft back in the 1980s with a book called ‘Crimes of the Next Generation.’ I always liked to write about crimes five years from now, ten years from now, because when you teach FBI agents you want them to know what they’ll investigate five years from now.”
Back then, of course, there were no computers, no laptops, no e-mails, Abagnale said.
“In the mid ’90s I wrote a book called ‘The Art of the Steal,’ talking about identity theft once again, only now people started to realize that (identity theft) was becoming a problem. We had probably a billion dollars in losses from that crime. And then in 2007, I wrote ‘Stealing Your Life,’ an update to where we were with identity theft. At the time of that publication, there were 15 million victims annually in the United States, or one every two seconds today.”
In 2017, $17 billion was stolen from Americans in identify theft crimes, said Abagnale, whose latest book is titled “Scam Me if You Can.”
“It’s a very costly crime and it takes years to get your life back in order. It’s a very serious crime,” he said.
From corporations to government offices, all have been the targets of data breaches, Abagnale noted.
“Every breech occurs because somebody in that company failed to do something they were supposed to do. Hackers do not cause breaches; people do. All hackers do is look for soft spots in open doors. So, in the case of Equifax, they didn’t update their technology. So hackers got into Equifax and then sat there for three months deciding on what they were going to steal. No matter what company we look at, from the smallest to the largest, there are soft spots. All hackers do is look for that door.”
Between now and 2021, about $6 trillion in losses from cyber crime are expected, Abagnale said.
“We’re already at $1.7 trillion, so we’re well on our way.
With phishing emails (a type of online scam where criminals send an email that appears to be from a legitimate company and ask for personal info) getting more clever due to the information people make available on their social media accounts, he advised everyone to be more cautious than ever about emails that may seem benign but are fraudulent.
“You have to be more careful than even a few years ago because (the scammers) are more sophisticated when they write them. We develop a lot of technology in this country but we never go to the final step, which is ‘how would someone use this in a negative way?’ And that’s why we have so many products in our households that are very easily hacked into and manipulated.”
Passwords were invented in 1964 and should no longer be relevant, Abagnale said.
“I was 16 and I hadn’t even started to do the things I did. I’m now 71 and we’re still using passwords. We absolutely have to get rid of passwords and we should have done it years ago. In the next two or three years passwords will disappear. You will identify yourself by your device.”
He predicted the wave of the future is “trusona,” identity via a physical characteristic such as a fingerprint, voice pattern or other feature.
“Just to give you an idea, a bank spends about $100 million every year resetting passwords. So that bank eliminating passwords saves $100 million every year.”
Everyone should be wary about the personal information they post on social media, Abagnale noted.
“There are 2.7 billion hits a day — that’s what Facebook gets because you said you like this hotel, you like this car service. I’ve been out to Facebook and Google many times to speak to their security teams, so this isn’t me saying this, this is them saying this, that within six months they know your gender, age, your religion, whether you use alcohol, whether you smoke…why would you want anybody to know all those things? We complain about people stealing our idenities but in the meantime we tell everybody everything about us. Obviously, Facebook is a marketing company, selling those profiles is their business. I think one day we’ll wake up to the fact that social media was a bad experiment. Because when you start controlling the minds of over 2 billion people and what they believe to be fact or fiction, that becomes a real serious problem. And that’s where we are today, so I hope we’ll wake up to the fact that it’s not a good thing thing to do.”
The robocall will soon be giving way to “its evil twin,” the robotext, Abagnale warned.
“When things get a little bit difficult, criminals always switch to another mode. They know people are very familiar with the IRS scam that’s been so publicized so they switched to a letter. Now you get a letter from the IRS, it’s very official when you open it, saying you owe money, call this number below. It’s just another form of a scam.”
As a man who “shreds everything” Abagnale had some advice when it comes to choosing the right kind of shredding machine.
With the wrong kind, the straight shred, he said he was capable of reassembling the shredded pages of a Wall Street Journal back together in about four hours.
“I tell people it’s not who makes the shredder, but what type of shredder it is. You want the ‘security micro cut’ shredder. It destroys everything.”
When choosing a credit monitoring service, he said two questions need to be asked.
“Do they monitor all three credit bureaus, and do they tell me in real time if someone is trying to use my credit? Not two weeks later, not two days later, but that moment of that day.”