Tony Sales — director of strategic development at We Fight Fraud, a security firm dedicated to helping businesses fend off fraudsters — knows something about security that most security professionals do not.
It can always be broken, because no matter how slick the technology and systems we use, there is always a human being that can be hacked as part of the transaction.
People, according to Sales, have weaknesses — and like a computer hacker, a human hacker only has to find those weaknesses to succeed.
And Sales would know, possibly better than anyone else, because before he was a security professional, he was a fraud professional. And, according to most counts, a pretty good one at that. During his criminal career, it is believed that he managed to make off with £30 million all in all, working a wide variety of scams. He eventually went to prison for this, and when he came out, he had a new passion: helping people protect themselves from criminals like him.
Which means, he noted, he spends a lot of time teaching corporations and individuals how to not just spot fraudsters, but to think like them.
“What tends to happens is, loss prevention people really lack a criminal element. The precautions they come up with are developed through the eyes of decent, hardworking, honest people,” Sales pointed out. “People who don’t like lying and other kinds of things. Criminals don’t have a code like that — all ethics go out the window, they are only thinking about the money. And so they can really start spotting holes, and seeing they are everywhere if you don’t care what you have to do to exploit them.”
He used to pay waitresses to steal card information for him, he noted, by exploiting the fact that they were likely underpaid and not well treated. Receptionists can be fooled into granting access to sensitive places, usually with a little leg work and a bit of politeness.
Find out more about hacking humans here.