Home Podcasts Videos Guest Posts Q&A My Take Bio Contact

Book Excerpts


How credit bureaus created and perpetuate errors in your credit history

Book Excerpt

Zero Day Threat: The Shocking Truth of How Banks and Credit Bureaus Help Cyber Crooks Steal Your Money and Identity 2008 by Byron Acohido and Jon Swartz, Union Square Press, Sterling Publishing Co.

ISBN- 13: 978-1-4027-5695-5

Rife with Inaccuracies (Pages 88-94)

Lending is the art of hedging your bets. The basic model for doing it profitably is simple. Whenever possible, make loans only to borrowers of good repute likely to repay you as agreed, with reasonable interest. Should you choose to lend to folks who might be late with a payment-or worse, default on the loan-simply charge a higher interest rate to reflect your increased risk.

The art comes in differentiating reliable borrowers from risky ones; in short, profiling. When it comes to profiling prospective borrowers, lenders have a key accomplice: the big three credit bureaus, Equifax, Experian, and TransUnion. The big three comprise a singularly powerful and essential component of our built-for-speed credit-issuing and payments system. Together these giant data-handling companies keep close track of every loan, every installment payment, every credit application for every consumer. Each bureau maintains more than 210 million files and updates more than 4 billion pieces of data each month.

This intelligence is distilled down to individual credit reports, which form the basis for calculating interest rates and dictating repayment terms for all forms of consumer credit: bank loans, credit card accounts, auto loans, mortgages, stock portfolio margin loans-you name it. What’s more, insurance companies use credit reports to determine one’s policy premiums, landlords use them to decide whether to rent to someone, and employers sometimes use them to determine whether to hire a potential employee.

To consumers, credit reports loom as a cornerstone of financial life. Over a lifetime, your credit report will determine how much you’ll pay in interest rates and insurance premiums and could factor into where you are able to live and whether you qualify for certain jobs.… more

How the selling of fake antivirus got its start

Book Excerpt Chapter 14 – Gaps in the system Pages 177-181

Zero Day Threat: The Shocking Truth of How Banks and Credit Bureaus Help Cyber Crooks Steal Your Money and Identity 2008 by Byron Acohido and Jon Swartz, Union Square Press, Sterling Publishing Co.

ISBN- 13: 978-1-4027-5695-5


As the accountant for a boutique Atlanta law firm, Shaillie Gattis was naturally expected to be the resident techie. Gattis actually was well qualified. Her father, Roger Thompson, made his living as a virus guru, and as a teenager, she had worked for Thompson’s antivirus start-up, Leprechaun Software, back in Brisbane, Australia, before the family moved to America. So Gattis knew her way around computers.

But one day in early 2005, Gattis found herself stumped. The desktop PC of a coworker was hopelessly bogged down. She took the machine to her father, who confidently broke out the best set of diagnostic tools money could buy and went to work. Four hours later, Thompson was stumped.

“I couldn’t get file access to delete files, so I rebooted the system to safe mode and still couldn’t manage it,” said Thompson, cofounder and CTO of Exploit Prevention Labs. “I ran other diagnostics, trying to unpick this and unpick that. I eventually rendered the system unbootable.”

Gattis told her father that the last thing her coworker remembered doing was an Internet search for lyrics to “Pictures,” a duet sung by Kid Rock and Sheryl Crow. So Thompson fired up a test machine he used for analyzing malicious code and did a Google search for “lyrics Pictures Kid Rock Sheryl Crow.”

Clicking through a few music Web sites, he eventually came to one that displayed a prominent dialogue box, dense with text, and a “close” button at the bottom. Most PC users in a hurry would click the close button to make the box disappear. But clicking the close button also began a downloading sequence.

Thompson clicked … more

Wire transfer risk: why banks will not reimburse fraudulent ACH cash transfers

Book Excerpt

Chapter 11-Perception Change

Pages 140- 144

Zero Day Threat: The Shocking Truth of How Banks and Credit Bureaus Help Cyber Crooks Steal Your Money and Identity

ISBN- 13: 978-1-4027-5695-5

Plausible Deniability

When it comes to who gets to eat the losses from fraudulent activity, banks draw a marked distinction between individual consumers and small-business owners. Banks don’t need the trust of its small-business customers in the same way they need consumers’ trust. That’s because small businesses must have access to banking services to survive. As the financial industry pushes Internet-based commerce to the fore, small businesses have had no choice but to go along for the ride under terms dictated by their banks.

Consider what happened to Joe Lopez, founder of Ahlo, a Miami-based ink and toner cartridge wholesaler. An irrepressible man with close-cropped dark hair, brown eyes, and a radiant smile, Lopez built Ahlo from scratch to annual sales of $20 million the old-fashioned way, one deal at a time. When it came time to pay his suppliers or receive payment from clients, Lopez made it a practice to drive down to his neighborhood Bank of America branch and execute wire transfers in person.

On each such trip to the bank, a teller never failed to urge Lopez to make the switch to an online business account, for convenience’s sake. In October 2003, Lopez relented and opened an online business account. Not once during any of the relentless sales pitches, nor during the software installation, did any of the bank’s representatives drill down on the security risks of online banking.

“They said it was safe,” Lopez recalls from his office in a gritty industrial neighborhood.

On the morning of April 6, 2004, Lopez had a lot on his mind. His wife was nearing the end of a difficult pregnancy, and an important payment of $25,000 was due from a client in Venezuela. After accompanying his wife to … more

The end of hacking’s age of innocence

By Byron V. Acohido

Book Excerpt Chapter 3 Pages 38- 45 Zero Day Threat: The Shocking Truth of How Banks and Credit Bureaus Help Cyber Crooks Steal Your Money and Identity. 2008 by Byron Acohido and Jon Swartz, Union Square Press, Sterling Publishing Co.

ISBN- 13: 978-1-4027-5695-5

“billy gates . . . fix your software!!”

Precocious teenagers, disaffected computer geeks, egotistical virus researchers, determined spammers, all sharing varying degrees of disdain for Microsoft, most coveting each others’ respect and admiration-these were the enemies Bill Gates rallied his troops to repel in early 2002.

Gates had no way of knowing it at the time, but a cataclysmic shift in the attacker community was under way. A dozen years had slipped by since the Berlin Wall came tumbling down. Eastern Europe was crawling with educated, tech-savvy young men who were left to scratch for menial work in a perennially depressed economy. In North America, the dot-com bubble had burst, wiping out thousands of cushy tech jobs. With all this technical skill running around, the purist hacker’s mind-set was ripe for corruption. Hacking for profit was on the verge of becoming the new imperative.

The earliest manifestation of this change would surface on the Internet, in the private chat channels, where spammers began to communicate with virus writers, and on security bulletin boards, where researchers and virus hunters dissected obscure malware. This is where Joe Stewart, senior security researcher at SecureWorks, hung out.

Stewart never planned on becoming a virus hunter. Born in Athens, Ohio, he split time growing up between his mom’s home in Florida and his dad’s place in Arizona. An inveterate tinkerer, he and a sixth-grade buddy fiddled endlessly with a Radio Shack TRS-80 color desktop computer, staying after school every day to figure it out and teaching themselves how to program in BASIC. This was in the mid-1980s. Shortly thereafter, Stewart convinced his dad to buy a then-state-of-the-art Commodore VIC-20 desktop computer … more