| Date: | February 21, 2006 / year-entry #65 |
| Tags: | non-computer |
| Orig Link: | https://blogs.msdn.microsoft.com/oldnewthing/20060221-00/?p=32213 |
| Comments: | 15 |
| Summary: | Michael Cassini used forged documents to pretend that he was a Microsoft millionaire and managed to con people out of over $4.5 million before he was finally caught. Cassini claimed a net worth of $12.3 million, an annual income of $700,000; $8 million on account at Barclays Bank, and more. It was all right there on paper. And... |
Michael Cassini used forged documents to pretend that he was a Microsoft millionaire and managed to con people out of over $4.5 million before he was finally caught.
(Wow, $700,000, putting him in the nearly same range as Bill Gates, Steve Ballmer, and Jim Allchin, who in 2003 each earned approximately $850,000 in combined salary and bonuses.) The Seattle Times has the story as well as a chart of his loans and big-ticket purchases and a Smoking Gun-style collection of legal documents, including a copy of the plea agreement [PDF]. (A chronicle of events starts on page 10.) Maybe the family that took him in is still in shock, but you know you're in trouble when even the judge tells you to wake up and smell the coffee. I was particularly taken with this statement: "Nobody was hurt other than Michael ... I hate to say except banks, but it's bank-application fraud." Apparently, when banks and insurance companies lose money to fraud, nobody gets hurt. (In unrelated news, check out Seattle Times columnist Ron Judd's take on the Olympic ice dancing competition. And Slate explains why they fall down so much.) |
Comments (15)
Comments are closed. |
Well of course noone was really hurt – after all, the banks have loads of money, don’t they?
Yes, they do, and it’s all ours. Bank fraud losses are transferred to customers, spread around here and there, so that there’s another few dollars in annual fees to your bank for everyone.
Much like spam, or taxes, because the cost is diluted to become a little cost for everyone, noone thinks too hard about the overall number that is stolen.
That’s a common lie. Banks transfer everything to their customers whenver they lose money due to fraud, changing interest rates, any financial market thing, or just when they feel like giving someone a raise or building a new branch. They constantly load you with bullshit fees, and pay you a pitiful interest rate on any money you "invest" with them. They deserve no sympathy for any fraud they suffer, and I applaud Michael Cassini for sticking it to them.
lmao, are you sarcastic, or just that oblivious?
1) Banks pass all fraud losses onto customers.
2) Cassini defrauded the bank.
3) Cassini’s fraud is passed onto customers. (1+2)
How do you applaud him for "sticking it to them"? His actions don’t hurt the bank nearly as much as they hurt the customers. It’s not about feeling sympathy for the bank. It’s about recognizing who fraud actually hurts.
There’s certainly more than enough blame to spread around here. Michael is a thief and a liar, and the banks that loaned him the money are idiotic and irresponsible. I can assure you I’ll never do business with any of them.
Funny thing is he would have gotten away with it all if he had just moved to some other country and changed his name
<i> I was particularly taken with this statement: "Nobody was hurt other than Michael … I hate to say except banks, but it’s bank-application fraud." </i>
Um. Yeah.
<i> Apparently, when banks and insurance companies lose money to fraud, nobody gets hurt. </i>
Love the sarcasm. Pity others are too dumb to see it.
Quote:
"In my eyes, what I did the rest of the country does except I used a much higher dollar figures," he wrote. "Everyone in America overstates assets to get a loan."
Really? I guess I’m the exception. I’m honest and play by the rules.
The problem with banks is that they’re not really liable for any losses. It’s too easy for them to pass the cost on to their customers after the fact.
Don’t you think that if banks were directly liable for fraud that they’d spend a whole lot more money trying to stop it in the first place, instead of just compensating people after it’s happened?
Of course, making sure that they don’t actually pass the cost onto customers is hard. If they had a particularly large case of fraud, followed by an interest rate hike, how could you prove that one was related to the other?
"Don’t you think that if banks were directly liable for fraud that they’d spend a whole lot more money trying to stop it in the first place"
First of all "directly liable" doesn’t mean anything in your context. If you think it does you need to go read how a bank works again.
Let’s work this through, suppose the bank loses the equivalent of 0.1% interest income through fraud. So they charge 2.1% for loans instead of the 2.0% they would charge in a hypothetical fraud-free world. Your proposal is that the bank should choose to spend say 0.2% equiv on comprehensive anti-fraud measures, thus increasing their loan rates to 2.2% but reducing fraud almost to zero. You would, we suppose, choose to pay these higher rates instead of going to another bank with less stringent anti-fraud measures.
Even if I believed you, which I don’t, most customers won’t agree and the bank will go out of business.
Fraud is a cost of doing business. Banks implement anti-fraud measures based on a cost-benefit analysis.
A concrete example — my bank sometimes calls me to confirm unusual credit card transactions. If they never called then people anywhere in the world could use stolen credit card details to run up debts on my card, debts the card company would be responsible for. On the other hand if they called every time I used the card it would eliminate fraud, but it would cost so much that they’d lose money operating the card.
Dean, now you’re talking about something completely different. Raymond’s topic was fraud directed at the bank itself, not at customers.
As to the idea of letting a bank web page examine the user’s anti-virus settings, I think you’ve just given a lot of security people their morning belly laugh.
The South Korean legislation is, as the article explains, feel good stuff. It still says the bank isn’t liable if the customer did anything wrong, so your E*Trust guy still needs to learn to secure his computer, but by passing another law the government boosts public confidence.
Nick: I’m talking about things like this: http://www.businessweek.com/technology/content/nov2005/tc20051103_565150.htm
Now, it’s not actually a bank, but it’s the same sort of thing. E*Trust said that they’d done nothing wrong, and so don’t have to compensate the poor guy who’s just lost $160,000 in stock.
There is plenty of things a bank can do to stop this sort of thing from happening in the first place. Perhaps they could *require* that you have anti-virus installed before you access their bank (and that they verify it before letting you on) – that would have solved this case.
South Korea will pass legislation (http://www.finextra.com/fullstory.asp?id=14634) which requires financial institutions to compensate victims of fraud, whether the bank is actually at fault or not. I think that’s a good thing – it certainly won’t stop anything to begin with, but with the banks directly liable, they won’t take long to start putting measures into place to make sure it’s not so easy as before.
Saying that the bank is responsible for making sure you’ve got antivirus software installed makes about as much sense as saying that the bank is responsible for making sure you haven’t written your PIN on the back of your ATM card.
I’m not sure what the solution is, but I’m pretty sure it’s not the bank’s fault. (Well, maybe Wells Fargo, for opening the fraudulent account in the guy’s name.)
"Well of _course_ noone was really hurt – after all, the banks have loads of money, don’t they?
Yes, they do, and it’s all ours"
If it’s your money, then why didn’t they ask you before they gave *him* a loan?
The guy was just a fraud and it doesn’t surprise me that the banks fell for him. Who is more at fault in these so called "identity theft" cases, the person posing as you asking for a credit, or the bank that gives it to him?
E*Trust example is very stupid.
Managing such a large sum without any protections.
This kind of scan can be possible to prevent using specialy designed devices like this one http://www.aladdin.com/eToken/
User must store his USB key in safe place and this will limit (but in NO WAY I claim that this is fully-secure – I know several kinds of attacks that can be done) that hackers can do.
haha I met this guy on several occasions at a local gathering spot for car enthusiasts. I even have pictures of me sitting in the driver seat of his $140K porsche :)