Virus purge on your laptop? That’ll be US$20m, please

Paul Raven @ 11-11-2010

OK, just to pre-empt any angry emails, I’m not posting this to gloat or mock the victim, nor to suggest that this sort of outright bilking of the ignorant is in any way acceptable behaviour. I’m posting it because it’s an astonishing story that says something simple yet profound about the gap of knowledge between technology end-users and technology adepts.

So, the headline says it all, really: a guy from one of those shady “de-virus your computer for ya, mister?” companies managed to screw something approaching US$20million out of composer Roger Davidson, who – pity him as I might – can only be described as a bit on the naive side, and not just with respect to computers [via TechDirt]:

The saga began in August 2004 when Roger Davidson, 58 years old, a pianist and jazz composer who once won a Latin Grammy, took his computer to Datalink Computer Services in Mount Kisco, saying the machine had been infested with a virus. The owners of the company, Vickram Bedi, 36, and his girlfriend, Helga Invarsdottir, 39, became aware of Mr. Davidson’s high profile and allegedly proceeded to convince him that he was the target of an assassination plot ordered by Polish priests affiliated with Opus Dei, a conservative Roman Catholic organization, authorities said.

[…]

When asked to remove the virus from the laptop, Mr. Bedi allegedly told Mr. Davidson that his computer had in fact been attacked with a virus so virulent that it also damaged Datalink’s computers, according to prosecutors.

Mr. Bedi told Mr. Davidson that he had tracked the source of the virus to a remote village in Honduras and that Mr. Bedi’s uncle, purportedly an officer in the Indian military, had traveled there in a military aircraft and retrieved the suspicious hard drive, prosecutors said.

In addition, Mr. Bedi told the victim that his uncle had uncovered an assassination plot against Mr. Davidson by Polish priests tied to Opus Dei, according to prosecutors.

Opus Dei was depicted in the popular Dan Brown novel “The Da Vinci Code” as a murderous cult. Mr. Bedi allegedly told Mr. Davidson that his company had been contracted by the Central Intelligence Agency to perform security work that would prevent any attempts by Opus Dei to infiltrate the U.S. government, authorities said.

In addition to the thousands of dollars charged to secure Mr. Davidson’s computer, Mr. Bedi and Ms. Invarsdottir allegedly charged thousands more to provide 24-hour covert protection for Mr. Davidson and his family.

Davidosn’s naiveté is only matched here by the incredible chutzpah of Bedi and Invarsdottir, who – from the sound of it – could have called it quits after the first million and retired into blissful offshore obscurity with no one any the wiser.

But as I mentioned above, this really highlights the knowledge gap between people who simply use computers and those who understand how they work – a gap regularly exploited by botnet operators and other scammy types. The unanswered (and possibly unanswerable) question is: can we ever effectively legislate or educate against this sort of exploitation of ignorance? Or is the sphere of human knowledge simply too large for these sorts of gaps not to occur?


ATM card-skimmers with SMS – OMG WTF hax!

Paul Raven @ 08-10-2008

ATM and graffiti - "another world is possible"Yet more evidence that scammers are always way out in front of the businesses they defraud… not to mention the enforcement agencies who are supposed to stop them. You’ve heard of credit-card skimmers, right – unofficial extras glued on to an ATM to store card details from the magnetic stripes as the machine is used? [image by Wrote]

Well, now it seems the things can simply text the captured data to the user, saving them the risk of getting busted when they turn up to collect it. As the Hack-A-Day blog (where the story was spotted) remarks:

ATM skimmer manufacturers have so far been really successful because of their commitment to security, from the paint they use to cover their skimmers to their exclusive clientèle. The manufacturer of this particular model claims that none of their clients who’ve used this new ATM skimmer has been arrested, and they only accept business from “recommended” clients. We think it’s interesting and ironic how these criminals have adapted their security procedures to deal with institutions we wish were more secure.

Quite. [image by Mathias Klang]