Today, cybercrime is chiefly about financial fraud. Tomorrow, it will focus on the destruction of human life. That's what teenage fraudster turned FBI consultant Frank W. Abagnale of "Catch Me If You Can" fame tells ThinkAdvisor in an interview. "Technology will get very scary," he warns.
(Related: A Broker Who Broke Bad)
Abagnale's 1980 autobiography inspired the feature film "Catch Me If You Can," starring Leonardo DiCaprio, released in 2002. From ages 16 to 21, Abagnale, a native of Bronxville, New York, brazenly and successfully posed as an airline pilot, a physician, an attorney and more, while cashing $2.5 million in forged checks in every U.S. state and 26 foreign countries.
For 40-plus years, he has been consulting to the FBI, after serving jail time in France, Sweden and the U.S. The bureau released him after five years of a 12-year sentence on condition that he work with the agency as an unpaid consultant.
Abagnale's knowledge about identity theft, cybersecurity and fraud prevention has benefited some 14,000 financial institutions, corporations and government agencies. A popular speaker, he is AARP's Fraud Watch Network ambassador; and his Abagnale & Associates clientele includes the American Institute of Certified Public Accountants, Bank of America, Fiserv, Goldman Sachs and Morgan Stanley, among numerous other firms.
In the interview, Abagnale, 70, stresses that ever-new technologies and internet insecurity have created a perfect storm for making cybercrime easier.
Indeed, the U.S. Cyber Command is reportedly taking a more aggressive stance against international cyber threats in the face of increased attacks. Cyber threat is the country's No. 1 risk, the Defense Department said this past February.
ThinkAdvisor recently interviewed Abagnale, speaking by phone from his Washington, D.C., office. He discussed his dark cybercrime forecast, how he tries to prevent his own identity from being stolen, what he thinks of former FBI director James Comey and why he refused three presidential pardons. He also points out that today's tech would make all the fraud he committed 50 years ago 4,000 times easier. "People are still writing 38 billion checks a year," he notes.
Here are highlights of our conversation:
THINKADVISOR: Is a devastating cyberattack looming?
FRANK W. ABAGNALE: Of course. We expect to see about $6 trillion worldwide in cybercrime by the year 2020. Now it's all about stealing money, but technology will get very scary as time goes on because of its capability to perpetrate cybercrime.
What do you mean?
Years from now, I see technology more as a terrorist tool doing bodily harm to people. Right now we're able to shut off someone's pacemaker or commandeer a car from 35 feet away. In five years, could you do those things — like lock someone in their car — from 500 or 5,000 miles away?
Do you foresee similar disastrous uses of social media?
It will go the same way. Someday people will realize that Facebook and Instagram weren't good things: Any time you're controlling the psychology of 2 billion people, it becomes really dangerous. We certainly give away too much information on social media: date of birth, birth place, mother's maiden name [etc.] Then we wonder why people steal our identity. One day we'll wake up and know that wasn't a good thing to do.
What should financial advisors keep top-of-mind to protect clients from identity theft and hacking of sensitive account information?
Based on the fact that over a billion identities have been stolen, you have to assume that by now everybody's identity has been stolen.
So many hackers out there!
Hackers do not cause breaches; people do. All hackers do is look for doors to open and take advantage of open ones that are available. Every breach occurs because somebody in a company did something they weren't supposed to or failed to do something they should have.
Is that why the huge Equifax breach occurred last year?
Eventually over 200 million people will report being victimized by that breach. It happened because someone at Equifax didn't do what they were supposed to: didn't fix their technology or update patches [bug fixes] sent by Microsoft, [etc.]. Consequently, that negligence let the hacker get in.
Any other similar examples?
Someone hacked into the Charleston, South Carolina, tax revenue office and stole 3.8 million citizens' tax returns, including mine [I live in Charleston]. It turned out that an employee at the office had taken home a laptop they weren't supposed to and went online in an unsecured environment. The hacker got in and stole all those returns.
When someone's information with a retailer is hacked, is it good for them to sign up for a credit monitoring service for a year?
It's absolutely worthless. If I breach Target or Home Depot, say, and steal credit card information, I have to get rid of that [data] right away. It has a very short life span. But if I steal your name and Social Security number, the longer I hold onto that information, the more valuable it is when I go to sell it. That's why we typically don't see that sort of data surface for three or four years.
If someone knows or suspects their identity has been stolen, what should they do?
You can freeze your credit [and at no charge, as of Sept. 1, 2018, nationwide]. If, one day you want to buy a car, say, you can tell the bureau to unfreeze your credit for the purpose of that purchase. Then you can freeze it back when the purchase is completed.
Any other methods?