Phantom mobsters By Adam L. Penenberg Nothing makes for better copy in a big-city newspaper than a techno-mobster story. In a June 17 story that appeared on page 3 of the New York Post, Beth Piskora, a business reporter with the Rupert Murdoch-owned tabloid, writes that at a conference on organized crime sponsored by Kroll Associates, the big-time New York-based business intelligence firm, she learned of a high-tech scam being perpetrated by an unnamed organized crime family. According to Piskora, the mob had set up a phony consulting company to help companies solve their Y2K-related problems. She claims the consultancy had even published a web site and offered a toll-free number, as well as other features, in an attempt to appear legit. "Then," she writes, "they started to fix things, all right." Piskora claims the mob-hired programmers rewrote financial software to redirect payments to mob-controlled accounts. She also says that this is "just one example of the way the mob is using technology and Wall Street" and that the FBI was investigating. Various people present at this conference, however, including Steven Cohen, a former mob prosecutor who was on the conference panel, and several FBI agents say Piskora's account is news to them. They've never heard of such a scam and say they would know if there was one going on. In addition, no one at the FBI that Forbes Digital Tool contacted had heard of any such investigation. "The first time any of us had heard of that story was when it appeared in the New York Post," says Cohen, who is now a partner with the Manhattan law firm Kronish, Lieb Weiner & Hellman. "It bothers me that this type of story was reported without checking it out first." FBI special agent Jim Margolin, a spokesman for the Bureau's New York office, says, "I am not aware of any organized crime tech-scam like this and I checked with people in a position here who should know." This colorful mob anecdote was also picked up as news by Information Week News Editor at Large John Soat, who, in his June 22 column "I.T. Confidential," mentioned the scam without crediting the New York Post. Soat initially directed the Tool to James Bucknam, a managing director of Kroll Associates. But Bucknam says, "I can tell you unequivocally that I am not the source of information on any Y2K-related scams for either Beth Piskora or John Soat." When confronted with this statement, Soat admitted his information came secondhand. "I got a tip from one of my reporters and it came from the New York Post." According to Cohen, Seth Farber, a former federal prosecutor and a partner at Dewey Ballantine, as well as several FBI agents and other conference attendees, it is true that Lewis D. Schiliro, assistant director in charge of the FBI's New York office and also a conference panelist, did field a question from an audience member about any connection between the mob and the Y2K problem, but he responded by saying that he was not aware of any. "When a man in the audience asked the question, 'Has the mob done anything to exploit the Y2K problem,' we thought it was a funny line," recounts Cohen. "Lewis Schiliro told him that to the best of his knowledge, no, the mob has not gotten involved in Year 2000 work. And based on my experience with Schiliro, he is briefed on everything the Feds have going on in this area." Queries directed at Schiliro by the Tool were handled by agency spokesman Margolin. Piskora says she doesn't recall anyone from the audience asking about any relationship between the mob and the Y2K problem, but admitted that didn't mean the question wasn't raised. She claims she picked up the anecdote right after the conference. "A group of us were talking and one guy told me he was with the FBI," Piskora says. "I asked whether the mob was involved with Y2K and he said, ‘yes.'" When asked if she could recall the agent's name, she said she could not, that she would have to check her notes. After talking it over with Post Business and Financial Editor, Xana Antunes, Piskora said she saw no reason to share a "confidential source" with Forbes Digital Tool. But did Piskora check her source's identification? She says she didn't ask for a badge or identification but that she was sure that he worked for the bureau. Why? Because he said he did, and the conference was filled with FBI agents and Kroll Associates detectives. What about the web site and toll free numbers? Did she actually see them? No. Piskora says she was the one who raised the issue of the web site, toll free phone and other tools of business legitmacy in the form of a question and her mystery source said "‘Yes,' then clammed up." Antunes says the Post "stands fully" by the story. "No one from the FBI ever called me for a retraction, so we're not going to do anything about this. [The fact that no one can confirm the story] is not my problem." Agent Margolin says the FBI rarely asks for retractions, and only in instances that seriously affect bureau business--for instance, if an agent is misquoted in a manner that could jeopardize public trust or affect ongoing investigations. He says it never occurred to him to contact the Post to complain about the inaccuracies. What is not at issue is the fact that such a scam could indeed occur. Anup Ghosh, in his book E-Commerce Security: Weak Links, Best Defenses, relates the story of the German hacker group, Chaos Computer Club. The group demonstrated on German TV how an ActiveX control could be used to transfer money from a person's bank account to one belonging to Chaos without the account holder's knowledge. The group had hidden the ActiveX control on a web page and attracted traffic with the slogan: "Becoming a millionaire in five minutes." The hackers designed their ActiveX control to work with Quicken and to transfer the money at some point in the future so that the victim wouldn't find out about it until after he received his banking statement. (See "Downloader beware). And what of Piskora's mystery man? Maybe he does exist, but the Feds adamantly deny he's one of theirs. As Cohen remarked, "Why would an FBI agent at a conference contradict what his boss just said?" Cohen says the worst thing about the Post's reporting an apocryphal story is that it could lead to copycats. "When you publicize any criminal scam, odds are that some clever criminal is going to pick up on it and make it a reality." -o- Subscribe: mail majordomoat_private with "subscribe isn". Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:02:35 PDT