When Frank Abagnale Jr. receives a new debit card in the mail from his bank, he shreds it immediately.
Instead, he uses a credit card whenever possible to make purchases and take out cash. Why? Because Abagnale, a former scam artist who turned his life around and became a highly paid security consultant, anticipates what could happen if his card number were stolen.
“A debit card exposes your money. A credit card exposes the bank’s money,” Abagnale told a packed crowd of more than 500 on Thursday night at the University of Southern Maine’s Hannaford Hall in Portland. “If someone charges $1 million to your credit card, by law your liability is zero.”
Abagnale’s life as a teenage fraudster and his ultimate transformation into an anti-fraud innovator was immortalized first in book form, then in the 2002 Steven Spielberg-directed movie “Catch Me If You Can,” starring Leonardo DiCaprio and Tom Hanks. More recently, the story was adapted into a Tony Award-winning Broadway musical.
For the past three years, Abagnale has been touring the country with the AARP Fraud Watch Network to teach audiences how to avoid being scammed at a time when personal information is everywhere and fast-changing technology is constantly creating new security problems and solutions.
“I don’t get over-paranoid about these things,” he said. “I just use common sense.”
Abagnale offered a variety of lessons to the audience in Portland.
• Shred everything with your information on it before throwing it away. Abagnale said that even a seemingly benign mail-order catalog can contain enough information about the recipient on the address label to help a scam artist. He said strip-cut and cross-cut shredders aren’t sufficient because it’s relatively easy to reconstruct the original documents using software. Only a micro-cut shredder, which reduces documents to confetti-size pieces, is adequate.
• Fingerprint ID won’t save us. Abagnale said it’s a false assumption that fingerprint ID, the security method now commonly used to unlock computers and mobile devices, will keep out thieves. That’s because it is relatively easy to copy a fingerprint and fool the scanner, he said. “You can take a gummy bear, press your thumb into it until it makes an impression, and then use that gummy bear to unlock your iPhone.”
• Stop sharing detailed personal information publicly on social media. Abagnale said people generally share far too much information on sites such as Facebook and LinkedIn. Sensitive information such as birthdays, schools attended and employment history can be useful to identity thieves. Also, avoid posting straight-on portraits of your face on social media, he said, because advanced facial recognition software now exists that can scour the Web in seconds to match stolen names with faces.
• The cloud is safer than your computer. Abagnale said providers of cloud data storage services such as Google and Amazon offer a more secure alternative to storing sensitive personal information on a home or work computer, because those providers have invested a fortune in highly sophisticated security measures that no individual user can replicate.
• Avoid buying unnecessary “smart devices” that connect to the internet. The so-called “internet of things” is rife with security holes, Abagnale said, with manufacturers often failing to make sure the devices can’t be exploited to steal information about their users. So stick with standard appliances, he said. “I do not need my refrigerator to talk to my toaster.”
• Wipe hard drives on all electronic devices before discarding or recycling them. Abagnale said one of the most effective means thieves have discovered for stealing personal information is to get their hands on old digital printers. Inside the printers are hard drives that, unless wiped, can contain digital copies of every document scanned – tax returns, loan applications and much more.
• Join a credit-monitoring service. After a major data breach at a business or government agency, potential victims are usually offered one year of free credit monitoring. Abagnale said a single year of monitoring is useless, because identity thieves tend to sit on stolen information such as Social Security numbers for long periods before using it to commit theft. For a relatively small fee, consumers can join one of many services that allow them to monitor activity including attempts to apply for credit in their name on an ongoing basis. It’s worth it, he said, because identity theft can occur years after a data breach.
Attendees at Thursday’s lecture described it as interesting, helpful and a bit terrifying.
“Frank has done a wonderful job of scaring us to death,” said Rich Livingston, volunteer president of AARP Maine.
Old Orchard Beach residents Charlie and Judie Pearl said they plan to take action based on Abagnale’s advice.
“He said to get rid of your debit card,” Judie Pearl said. “I’ll make sure I do that.”
J. Craig Anderson can be contacted at 791-6390 or at: