Trusting the “Wisdom of the Crowd” can defeat the evil of the few.
This is not an easy story to tell because it’s very embarrassing for me personally. It’s about me being “Scammed”, which is a dishonest scheme to defraud. More embarrassingly I was scammed by what is known as a “confidence trick”. I allowed another to gain my confidence and exploit my naivety. All of the things I describe in this story happened to me and I hope will not happen to you after reading this story.
If anyone reading this story lives or works in proximity to either St. Gallen, Weinfelden, Switzerland or 275 7th Ave in New York City and is interested in investigating the location of offices of persons who attempted to defraud me, I’ll be happy to privately send detailed information to facilitate the investigation. Just contact me by responding to this story on Medium.com
A confidence trick — (synonyms include confidence game, confidence scheme, ripoff, scam and stratagem) is an attempt to defraud a person or group after first gaining their confidence, used in the classical sense of trust. Confidence tricks exploit characteristics of the human psyche, such as credulity, naïveté, compassion, vanity, irresponsibility, and greed.
In the software industry we were constantly on guard for “points of failure” in a system. A point of failure is a part of a system that, if it fails, will stop the system from working. The most catastrophic point of failure is known as a “single point of failure” (SPOF) which is a part of a system that, if it fails, will stop the entire system from working. There were a number of points of failure in the confidence trick in which I became a willing participant. Luckily the single point of failure did not occur but it came very close to occurring and resulting in a financial catastrophe for me.
SPOFs are undesirable in any system with a goal of high availability or reliability, be it a business practice, software application or personal financial transaction like mine. In an information system the most dangerous point of failure is failing to maintain healthy skepticism with regard to the information being processed. I’ll be pointing-out the points of failure that occurred through-out the scam to which I became the victim.
Not long ago my wife and I decided to “retire”, although I’m not really sure what “retire” means in 2017. It used to mean you stopped working and funded your expenses from savings and/or some type of fund to which you contributed while working.
It could still mean that but It could also mean you supplement your savings and retirement fund by working some limited number of hours. I found the need to do the supplement thing simply because I wanted to do more for my family than I found I could on retirement funds.
As It turns out I began submitting my resume to a variety of on-line job recruiters from which, I now understand, the scammers got the initial information they used to offer me a job. At least that’s what they called it. This was the first point of failure. I willingly provided personal information to an on-line service for which I had no knowledge. I had no assurance my personal information would not be used nefariously, knowingly or unknowingly.
Essentially, the job I was offered and accepted was to purchase items based on purchase orders issued to me by my employer. I was then instructed to ship the items to my employer’s designated locations.
I was provided what I thought to be very convincing documentation to indicate the company for whom I worked was a Swiss company with headquarters in Weinfelden, Switzerland and offices on 7th Ave. in New York. I was also provided with an Employer Identification Number (EIN) which is a nine-digit tax identification number issued by the Internal Revenue Service. However, I now know this was a worthless piece of information because all tax identification numbers, personal or business, are considered private, and there isn’t any easy way to verify an EIN unless you have the authority of the business.
However, the first thing I should point-out is that I speak of my interactions with those representing themselves as “my employer” but thinking back on it now, for all I knew, I was simply communicating with a machine behaving as if it were a human. This is little different from the test Alan Turing proposed to determine if a computer was intelligent.
The test was introduced by Turing in his paper, “Computing Machinery and Intelligence“, It opens with the words: “I propose to consider the question, ‘Can machines think?’” Because “thinking” is difficult to define, Turing chose to “replace the question by another, which is closely related to it and expressed in relatively unambiguous words.” Turing’s new question is: “Are there imaginable digital computers which would do well in the imitation game?” The answer I told myself was, no! I fully believed the conversation I was having was indeed with a real, live human being and I pretty much did as she asked. This was the second point of failure. I allowed myself to believe the person who presented herself as my supervisor was indeed a real human being to whom I could assign my trust. If I was much more guarded with my trust I could have avoided the entire scam.
The company/computer never asked me for my credit card or bank information. It did, however, provide me bank accounts ( one Wells Fargo and one Chase) from which, my “supervisor”, authorized me to set up “payment accounts” on my American Express account (AMEX). She then instructed me to make payments from the company accounts to my American Express account, which resulted in a credit balance on my AMEX account. I could then use my AMEX card to make the purchases for which I was issued purchase orders. While not exactly a point of failure this procedure certainly should have increased my skepticism with regard to what I was getting into. Why would anyone you had never met provide you with tens of thousands of dollars without it being a huge advantage for them? After all once the money was credited to my AMEX account I could have spent it on anything.
The first purchase order I received was for twenty-one iPhones, both iPhone 8 and 8s. That seemed reasonable only because I understood many people outside of the U.S. had difficulty finding newer model iPhones. The total value of the purchases was $18,000.00 but I was authorized to make a payment to my AMEX account for $19,900.00. I was to use the $1,900.00 balance for shipping costs.
As Peter Steiner’s famous cartoon informs us, ”While it may be true that “nobody knows your a dog on the Internet”, it’s also true that nobody really knows anybody! I certainly did not know the person or machine messaging me in what I believed to be a legitimate business conversation.
As soon as I received the purchase orders for the iPhones I dutifully began purchasing them and fulfilled the order with purchases from four different retailers.
Eventhough AMEX approved those purchases they also contacted me saying they could not verify the fund transfers from the bank accounts I was provided. I could not help AMEX verify the the Wells Fargo funds because I was not personally a signatory on the accounts. Initially the woman, designated as my supervisor, appeared to get involved and assist AMEX verify the funds for the Wells Fargo account because AMEX approved the purchases each time I used my AMEX card to pay for iPhones. This was the third point of failure. I fully expected AMEX to verify the transfer of funds from Wells Fargo before they authorized the use of $18,000 in purchases with my AMEX card.
The fourth point of failure could have been completely catastrophic. On December 19 I received a mail from my supervisor instructing me to “use the POST OFFICE ONLY to mail them out!! Please DO NOT use a "UPS store" to drop boxes.” I was also instructed to “Declaration and Dispatch Note : electronic parts with a Price/Value: $1500”. Clearly that was an instruction for me to lie on a Postal document which I have to believe is a violation of a federal law. ( Title 18, United States Code, Section 1001 makes it a crime to: 1) knowingly and willfully; 2) make any materially false, fictitious or fraudulent statement or representation; 3) in any matter within the jurisdiction of the executive, legislative or judicial branch of the United States.)
My suprvisor went on to say “We need you note a small value because of huge customs tax in HK”, which I subsequently found out is completely wrong. There are no import taxes in Honk Kong (http://www.customs.gov.hk/en/faqs/cargo_clearance/clearance/index.htm) Of course my supervisor instructed me to execute all shipping instructions in my name. “The 1st time the Sender Details are: your name and your address. We need you indicate your name and address because it’s 1st shipment”. I have to believe all of these December 19 instructions were intended to entrap me in a violation of Federal law so that it could be used against me in the event I filed a complaint against what I thought was my employer.
Shortly after I made the purchases AMEX informed me I could no longer use the Wells Fargo account to fund my card and they suspended the use of my card. That’s when I frantically began trying to think of ways out of the “employment” arrangement or whatever it was I got myself into. The only good thing I did during the whole ordeal was maintaining possession of the iPhones. This could have been the fifth and ultimate point of failure in my entire ordeal. If I had not maintained possession of the iPhones It would have been the single point of failure. It would have eliminated any opportunity I had to recover charges to my AMEX card for which I was responsible.
As quickly as I could I contacted AMEX to explain the difficulty in which I got myself. AMEX was extremely helpful and assigned a fraud specialist to stay on top of my case. They also referred me to an FBI site (https://www.ic3.gov/default.aspx) where I was able to file a complaint regarding the scam that appeared well underway. I also filed a complaint with the JP Morgan Chase “abuse” site (firstname.lastname@example.org). AMEX also advised me to immediately return the phones to the companies from whom I purchased them for credit to my AMEX account which I dutifully did. Twenty-one iPhones, valuing $18,000.00, have been returned to both Apple and Best Buy for credit to my AMEX card.
In the end I may have escaped catastrophe but I did not escape harm. I experienced a great deal of harm just realizing how close I came to losing $20,000.00 I need to take care of my family. However, I also experienced the learning of just how dangerous anonymity on the Internet is.
A while ago I wrote a story entitled “Internet Anonymity is Ok”. ( https://medium.com/@WillmsmithSmith/internet-anonymity-is-ok-7309ea79a65). I was wrong, it is not! The Internet is a “virtual” world. It is not the real world to which human beings are accustomed and that “virtual reality” can be used to disguise harmful activity human beings might otherwise be able to recognize.
In digital environments, virtual artifacts are independent entities that can exist and interact outside the human mind. The most important aspect of an image is that a real image can be made visible on a screen such as a sheet of paper whereas a virtual image is not produced on a screen. It is “displayed” using a display device like a CRT or more recently “flat panel” display technologies such as LCD, plasma display, and OLED displays. Some common examples of real images are those made by a camera lens on film or the images made by a projector lens on the screen of a cinema hall.
In order to see an image on a screen light rays must come to a focus on the screen. But in the case of a virtual image, there are no actual light rays coming together at the location of the virtual image which is why you cannot see a virtual image on screen. While real images can be obtained on a screen, virtual images cannot be seen on a screen. So while it’s true that on the Internet nobody knows your a dog, it’s also true that, on the Internet nobody knows what you “really” are. We all need to protect each other from the evil of the few who spend an inordinate effort creating virtual images to harmfully scam and entrap the many. _______________________________________________________________
- http://isturingtestpassed.github.io, Also see — https://www.washingtonpost.com/news/morning-mix/wp/2014/06/09/a-computer-just-passed-the-turing-test-in-landmark-trial/?utm_term=.44a478ac2180