Who has been playing video games rather than hunting down criminals? How is a man alleged to have stolen manuscripts of unpublished books from celebrity authors? Which pot contains an elephant? And why has Graham been listening to podcasts about pest control marketing?
All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by cybersecurity veterans Graham Cluley and Carole Theriault.
0:00
0:00
0:00
0:00
Show full transcript ▼
This transcript was generated automatically, probably contains mistakes, and has not been manually verified.
You know, it just doesn't work. You got writer's block, basically, right? Maybe there's no book in there, Graham. Maybe there's no book in there.
What? No book in me?
Yeah. Do you think there's a book in you?
Yeah, you're probably right.
Some people say there's a book in everyone. I don't think I agree.
Smashing Security, Episode 257. Pokémon Hunting Cops and the Spine Collector Scammer with Carole Theriault and Graham Cluley.
Hello, hello, and welcome to Smashing Security, Episode 257. My name's Graham Cluley.
Hello, hello, and welcome to Smashing Security, Episode 257. My name's Graham Cluley.
And my name's Carole Theriault, and this is the first show of 2022. You should say that.
Well, yeah, let you say that.
Oh, well, first time ever, eh?
We're back. We're back. Did you miss us, folks? Did you miss us?
I didn't miss you much, Graham, but I missed you listeners.
Ah, listeners plural. Wonderful. And it's just you and me, isn't it, Carole? No special guest this week and for a very, very good reason.
Yes.
Can I tell people how you're busy, Carole?
Not really.
Well, so obviously if we have a guest on, it requires a little bit more work, the editing and so on.
But Carole hasn't got very much time because Carole, ladies and gentlemen, is serving on a jury. And that sounds quite exciting, Carole. What's the case all about?
But Carole hasn't got very much time because Carole, ladies and gentlemen, is serving on a jury. And that sounds quite exciting, Carole. What's the case all about?
Okay, listeners, Graham has been calling me, I don't know, three times a day with questions, trying to get information.
And she won't tell me anything.
It's Heavyweight, right? At the beginning of every show, he's calling this person who's totally irritated. That was me. Oh yeah. So yeah.
Is it a big important case?
I can't talk about it.
Have you spoken to anybody about it?
I can't talk about it.
Because I read in the newspaper about a high-profile case going on in America where one of the jurors blabbed to the media and it's caused some problems.
Is your case about someone who may or may not have a sweating problem?
Is your case about someone who may or may not have a sweating problem?
I cannot confirm or deny how delicious the case is.
Oh, well, let's just get on with the show then.
Okay. First, let's thank this week's sponsors, 1Password and Upticks. It's their support that helps us give you this show for free. Coming up on today's show, Graham, what do you got?
There's a 212 in progress at the Crenshaw Mall. A 212.
Sorry.
Okay.
Sounds fantastic. We're going to be rusty, guys. It's been a while. And I'm talking about books. You know, those things that people read, stories. Oh yeah.
Yeah. Okay.
Yeah. And there's a security slant. So exciting. All this and much more coming up on this episode of Smashing Security.
Well, chum chum, picture the scene. It was a busy Saturday in downtown Los Angeles.
Pre-pandemic?
No, this is pre-pandemic. April 15th, 2017.
The good days.
Yeah. Well, not that good actually, 2017. That's pretty shit. That's not that great.
That was the worst. Was it? Fuck.
There'd been a homicide earlier in the day, and there'd been more calls to the Southwest Division of the LAPD than police cars to respond to them. So things were pretty hectic.
Okay.
And a call comes through to Captain Darnell Davenport, the patrol commanding officer. There's a 211 in progress. You know what a 211 is, don't you, Carole?
No.
It's a robbery.
Okay.
It's police code for a robbery.
Right.
There's a 211 in progress. Multiple suspects at the Macy's department store in the Crenshaw Mall.
And as chance should have it, Captain Davenport, he was actually stopped close to the Macy's department store. He could actually see it from where he was parked.
And as chance should have it, Captain Davenport, he was actually stopped close to the Macy's department store. He could actually see it from where he was parked.
Having a coffee or something.
Or donut or whatever it is that policemen have.
Whatever. Having a break, maybe. Whatever.
Parking. Well, who knows? Maybe just parked. Yeah.
Writing notes. Yeah.
Exactly. Perusing. And he could also see not just the department store. He could also see another police car tucked away down an alley.
Okay.
Just a few feet away.
So he's like, I got a buddy nearby.
Yeah, yeah, yeah.
I need some backup.
Well, the thing was, he noticed that the police car tucked down the alley didn't respond to the call over the radio.
So he thought to himself, well, that's weird, but maybe it's a traffic unit, you know, or maybe it's from a different division.
So he thought to himself, well, that's weird, but maybe it's a traffic unit, you know, or maybe it's from a different division.
Maybe he's having a pee. There must be times when you leave your car to go do something.
I suppose so.
And you're otherwise, could you answer if you're, you know?
Because they're not Amazon delivery drivers, are they? It's not they're doing it into water bottles.
Poor guys. Do the women drivers have to use sheepies? I don't know. You don't even know what that is.
I do.
Oh, okay.
A she-wee, isn't it? A she-wee?
Oh yes, she-wee. You're right, you're right, you're right.
Anyway, so Captain Davenport, he picked up his radio and he said, "Code 6 on the call." You know what Code 6 means?
No. Oh, you don't know.
How are you?
I don't know anything. I've been in jury duty!
Yes, but if you're on a jury, you should know this kind of parlance.
This is— No.
This is all about the law. A Code 6 means he was responding to the location. So he was going in, right?
So he's like, I know there's a robbery going on. I'm nearby. I'm going in. And he's alerting whoever, the controller, saying, this is what I'm—
And he might need backup. He might need backup, right? So there's actual robbery in progress. Multiple suspects, Macy's department store.
And as he's racing in, he sees the mystery police car reversing back down the alley and away from the scene of the robbery. Hmm.
And as he's racing in, he sees the mystery police car reversing back down the alley and away from the scene of the robbery. Hmm.
Interesting.
Right? Back at the police station, attempts were made to contact that police car, right?
Ask them via radio to assist Captain Davenport as he investigated the robbery, as he did his Code 6. At Macy's, but there was no reply from the police car.
And so, there was another police unit which was sent from the scene of the homicide I told you about earlier.
It raced with lights flashing, sirens blaring to Macy's to provide backup for this robbery.
Ask them via radio to assist Captain Davenport as he investigated the robbery, as he did his Code 6. At Macy's, but there was no reply from the police car.
And so, there was another police unit which was sent from the scene of the homicide I told you about earlier.
It raced with lights flashing, sirens blaring to Macy's to provide backup for this robbery.
For the cop that was going in to do the robbery with multiple suspects. Yeah, yeah, yeah.
Exactly. But there's still this mystery of what was this other police car up to? And it was, back at the police station later on.
Someone thought, "It's a bit odd." And he met up with the drivers of that police car later that evening.
He bumped into them at a 7-Eleven parking lot where they were topping up on their Dunkin' Donuts and their—
Someone thought, "It's a bit odd." And he met up with the drivers of that police car later that evening.
He bumped into them at a 7-Eleven parking lot where they were topping up on their Dunkin' Donuts and their—
You're outrageous.
What? No.
Getting dinner.
Yes. All right. Yes.
Yeah.
Supper.
Supper, sorry.
Cornflakes. He asked them, I always have breakfast cereal for supper, you see. I don't tend to have it in the morning.
Good for you.
So he asked them, he asked these two policemen who'd been in the car. He said, so did you hear the call for backup at Crenshaw Mall for the 211?
He said, and they said, oh no, no, we didn't hear anything.
He said, and they said, oh no, no, we didn't hear anything.
In fact, I was having a wazz.
No, no, they weren't having a wazz or a wank or a wee or a pee or anything that. But they had a better excuse.
They said that they were replying to a Code 6 at the local park where there'd been lots of really loud music, a really noisy PA system.
And so they hadn't heard the radio because they said that, well, we were around the corner at the park, you know, oh, so noisy. Oh, our eardrums.
And so the police were a bit suspicious about these two guys. And so they decided to review the DICVs. And the DICVs—
They said that they were replying to a Code 6 at the local park where there'd been lots of really loud music, a really noisy PA system.
And so they hadn't heard the radio because they said that, well, we were around the corner at the park, you know, oh, so noisy. Oh, our eardrums.
And so the police were a bit suspicious about these two guys. And so they decided to review the DICVs. And the DICVs—
Okay, you're supposed to ask me if I know what they are.
Do you know what DICVs is?
No.
No. DICVs is, again, I can't believe they've put you on the jury rather than me. DICVs is the Digital In-Car Video System.
Of course. Okay. Yeah. Well, you see, I would have assumed most cops would have those in their cars now.
Well, yeah, they did have it. They had DICVs.
Yeah. Okay.
It's not just recording the road.
I didn't know that was called that. What's it called really? DICVs? Okay.
D-I-C-V-S. DICVs.
Yeah.
How else would you pronounce it?
Yeah, you're absolutely right.
And it's not just recording the people on the road in front of them, or, you know, the culprits and ne'er-do-wells, but also the policemen too.
Oh, 'cause there's a microphone.
'Cause there's a microphone and video and all the rest of it. So you can hear what the cops are saying. And it revealed that they had decided not to respond to the call.
In fact, deliberately ignored it. And they'd laughed.
And the multiple occasions when they were contacted via the radio, they said, "Oh, well, we're dealing with a Code 6 somewhere else." Which is really odd, right? So why was that?
In fact, deliberately ignored it. And they'd laughed.
And the multiple occasions when they were contacted via the radio, they said, "Oh, well, we're dealing with a Code 6 somewhere else." Which is really odd, right? So why was that?
I have no idea. I have no idea. I have no idea.
I'll tell you why.
I'm barely clinging on to your story.
Yeah. I'll tell you why.
Okay. Tell me. I'm dying to know.
Because they weren't interested in catching robbers. But instead, they were hunting for Snorlax and Togetic.
Okay. You're going to ask me? You're going to ask me? No.
How do you know what Snorlax and Togetic are?
No.
They're Pokémon. Oh. They are flipping Pokémon. They are Pokémon monsters, which back in 2017, the whole world, they're rare Pokémon, which the whole world was playing that.
Do you remember the Pokémon Go app?
Do you remember the Pokémon Go app?
Do you know, is that back? Because just today I saw a dad and their very young kid in a very rural location in Oxford on my route today.
And the kid was holding the mobile phone and there was some kind of— and the dad looked like he was done. Like he was done. And it was dark, you know.
And the kid was holding the mobile phone and there was some kind of— and the dad looked like he was done. Like he was done. And it was dark, you know.
Little Timmy was jumping around, "I found a Snorlax!" Yes.
But I think it was in a floodplain. I think it was in a floodplain. I think someone put it in a floodplain. So dad's going, "Yeah, no, we're not going into the—" Pokémon GO.
Well, the game still goes.
So for anyone who doesn't know, Pokémon GO was this virtual augmented reality game where you'd walk around, in the days when we were allowed to walk around in the outside. Yeah.
So for anyone who doesn't know, Pokémon GO was this virtual augmented reality game where you'd walk around, in the days when we were allowed to walk around in the outside. Yeah.
The pre-rona.
You would look through your phone and you'd see obviously what your camera would see, but then it would also add Pokémon monsters and you could catch them with your Pokédex.
You could throw a ball at them and entrap them, and you could sort of— you could build them up in Pokémon gyms and make them stronger and fight each other.
They're basically virtual creatures.
And what was happening back in 2017 was everyone was bonkers about this game, including, it seems, these two policemen, because the DICVS, the Digital In-Car Video System, captured for about 20 minutes the two policemen discussing Pokémon as they drove to different locations where the virtual creatures had appeared on the Snorlax.
You could throw a ball at them and entrap them, and you could sort of— you could build them up in Pokémon gyms and make them stronger and fight each other.
They're basically virtual creatures.
And what was happening back in 2017 was everyone was bonkers about this game, including, it seems, these two policemen, because the DICVS, the Digital In-Car Video System, captured for about 20 minutes the two policemen discussing Pokémon as they drove to different locations where the virtual creatures had appeared on the Snorlax.
So they were, oh, hey, we could go in and help the guy who's gone in alone at Macy's to face the robbers and stuff. But actually, let's go get this monster.
It's really close by. Let's go. Exactly. There's, oh, a Togetic has just popped up. Or they were saying to each other, here on Crenshaw, just south of 50th, we can pick up a Snorlax.
Embarrassing. And it also—
Embarrassing. And it also—
And there's no kid in the car, right? No, no, no, no. There's no kid they're trying to entertain or anything.
There's not little Timmy going, "Please." No, it's not Take Timmy to Work Day.
There's not little Timmy going, "Please." No, it's not Take Timmy to Work Day.
That's not what's going on. These are two grown men, presumably with guns because it's America, right, as well, who are spending their— And they're cops. And they're cops. Yeah.
Well, it's irrelevant really.
Well, it's irrelevant really.
On-duty cops. They're on-duty cops.
They're on duty. On duty.
They're going around and apparently they're caught saying, "Got 'em!" Or, you know, "Go get it!" or "Don't run away, don't run away!" But they're actually talking about Pokémon monsters.
Exactly.
They're going around and apparently they're caught saying, "Got 'em!" Or, you know, "Go get it!" or "Don't run away, don't run away!" But they're actually talking about Pokémon monsters.
Exactly.
Every time they say that.
And it's, "Holy crap, man, this thing is fighting the crap out of me," says one of them to the other one.
"I've been ultra-balled." You know, if they had been smart, if they had been smart and timed their timing better to when actual big shit was going down, but actually stayed in the car and, you know, they could have probably pulled it off.
You know, the sound effects would have been perfect if they said, "Oh, I got him!" They'd be, "Yeah, I know. Yeah." Well, the police— Wow. Mortifying.
You know, the sound effects would have been perfect if they said, "Oh, I got him!" They'd be, "Yeah, I know. Yeah." Well, the police— Wow. Mortifying.
The policemen had their collars felt over this, and they denied playing the game. They said they were—
Of course.
They said, "Well, no, no, no." They said, "We were just having a conversation about Pokémon GO." "We have children." Yes. And they said, "Oh, no.
I've been receiving text messages and alerts from a Pokémon GO players group." And other people were bragging about their scores, they said.
But detectives thought maybe the police weren't telling completely the truth about this.
I've been receiving text messages and alerts from a Pokémon GO players group." And other people were bragging about their scores, they said.
But detectives thought maybe the police weren't telling completely the truth about this.
Well, because they had the audio. So that helps, you know.
So these two cops, Louis Lozano and Eric Mitchell, they were found guilty of failing to respond to a robbery call, making misleading statements, failing to respond to the radio when contacted, playing Pokémon Go on duty.
I don't know if that's a specific rule.
I don't know if that's a specific rule.
Who makes Pokémon Go? Nintendo. Well, do they not have to respond to this? And say, look, we're distracting officers of the law. We've built something that's a little too addictive.
Well, maybe they should. Yeah. Well, there were big concerns that kids could go into dangerous parts of town.
Yes, I remember.
Looking for these things. Now you might be wondering, why am I talking about this now if it's 2017?
Because it's 2022 and you haven't had time to do enough research?
No, no. It's because these two cops Lozano and Mitchell, the Pokémon Go fans, they appealed their misconduct trial where they were basically struck off as cops.
So they said, "No, we weren't really." Well, part of their argument was that the Digivice, the surveillance system, the video in-car thing, it shouldn't be allowed to be used in this fashion because they said this was a personal conversation.
Rather than anything to do with police. And should conversations you have in your car be private? What about if your car is provided to you by your employer?
All of these devices with microphones now are collecting information. So they tried to say, well, this is just outrageous. We have basically been spied upon.
So they said, "No, we weren't really." Well, part of their argument was that the Digivice, the surveillance system, the video in-car thing, it shouldn't be allowed to be used in this fashion because they said this was a personal conversation.
Rather than anything to do with police. And should conversations you have in your car be private? What about if your car is provided to you by your employer?
All of these devices with microphones now are collecting information. So they tried to say, well, this is just outrageous. We have basically been spied upon.
And before you tell me what happened, my immediate reaction to that is okay, but you have a gun, right? And you're out there trying to protect the public.
You're video-cammed and there you go. Yeah, they weren't being the best policemen, were they? And I'm afraid, well, maybe I'm not afraid, their appeal has now failed.
But you can read more about it in the links in the show notes.
But you can read more about it in the links in the show notes.
Fascinating though, and mortifying for them. There's no heroic angle to this.
Well, maybe their kids are impressed because they got some really rare Pokémon.
Oh, yeah. Well, we'll find out in 20 years when they have their own podcast.
Sell them as an NFT. My dad. I can't imagine your dad playing Pokémon. Carole, what have you got for us this week?
So let's say, Graham, you want to write a book. Oh yes, I do. Yeah, see, I know you do. And you don't want to write just any book, do you? You want to write the book.
I want to write the book about you. Spotlight on Carole. That's not weird. A clinical examination from a psychological viewpoint.
Well, you'll need a lot of experts to help you out there. Let's say, for example, that you had trouble finding the engaging lead. You had trouble.
You're writing a fiction book, maybe you had trouble finding the struggle. You had trouble finding who suffers and who falls in love and all the yada yada.
You're writing a fiction book, maybe you had trouble finding the struggle. You had trouble finding who suffers and who falls in love and all the yada yada.
And something to get people hooked right at the beginning, saying juicy or a weird twist in the tale.
And maybe you're sitting there at your desk, right? Maybe you'd have your laptop and you just have a blank screen. And it was a cold night. Delete. It just doesn't work.
You got writer's block, basically. There's maybe there's no book in there, Graham. Maybe there's no book in there.
You got writer's block, basically. There's maybe there's no book in there, Graham. Maybe there's no book in there.
What, no book in me?
Do you think there's a book in you?
Yeah, you're probably right.
Some people say there's a book in everyone. I don't think I agree. I'm not sure I agree. Anyway, you want to be this best-selling celebrated author, right? But you don't have a story.
So what do you do? Are you actually asking me what would I do? Yeah, it's not rhetorical at this stage.
I've sometimes wondered about this, and I thought what would be quite a clever idea would be to find a book written in a foreign language which hasn't been translated into English, maybe something from 60 years ago, and just translate it and then flog it as my own.
I've sometimes wondered about this, and I thought what would be quite a clever idea would be to find a book written in a foreign language which hasn't been translated into English, maybe something from 60 years ago, and just translate it and then flog it as my own.
And hope that Google Translate does a really good job for you. So you're not alone, Claude. There's someone else who's in this predicament. Filippo Bernardini. Oh, Filippo.
Okay, 29, Italian resident, and he's been arrested. And maybe I should tell you first what happened to him so you don't fall into the same sinkhole when you write your own book.
Right? Because this guy claims he wanted to, you know, write the book that ends all books, and he's looking for a plot.
And interestingly, or very conveniently perhaps, he works for a major publisher, Simon & Schuster. Oh, yes. Right? And he works as a low-level rights coordinator.
I'm going to ask you, what does a low-level rights coordinator mean? Well, you've got your high-level rights.
Okay, 29, Italian resident, and he's been arrested. And maybe I should tell you first what happened to him so you don't fall into the same sinkhole when you write your own book.
Right? Because this guy claims he wanted to, you know, write the book that ends all books, and he's looking for a plot.
And interestingly, or very conveniently perhaps, he works for a major publisher, Simon & Schuster. Oh, yes. Right? And he works as a low-level rights coordinator.
I'm going to ask you, what does a low-level rights coordinator mean? Well, you've got your high-level rights.
And you've got your medium-level rights, but there are those ones which sort of float around your ankles, and those are the ones which really need to be coordinated.
So, it took me a while, right? I actually got someone else to do the recon on this because I couldn't find anything, but basically it's selling rights to books for translations.
Oh, hello. Yep. Audiobooks, TV, movie versions, newspapers, that kind of thing. And how much do you think they get paid on average?
This is based on some weird page on the internet, but what do you think? What do you think they get paid?
Oh, hello. Yep. Audiobooks, TV, movie versions, newspapers, that kind of thing. And how much do you think they get paid on average?
This is based on some weird page on the internet, but what do you think? What do you think they get paid?
I think they get paid £35,000 British pounds a year. Half that, £18,000. Oh, that's not very generous, right?
So, okay, so I'm just trying to build a picture for Filippo Bernardini. Yeah, right, he's, you know, low to mid-income, right, working at a very huge publishing house, 29.
You would think Simon & Schuster could afford more than that.
But whatever.
The problem is, is that Filippo got arrested last Wednesday at JFK Airport in New York because he's accused of basically impersonating the movers and shakers of the literati world in order to allegedly dupe authors into handing over their not-yet-published manuscripts or parts of them.
The problem is, is that Filippo got arrested last Wednesday at JFK Airport in New York because he's accused of basically impersonating the movers and shakers of the literati world in order to allegedly dupe authors into handing over their not-yet-published manuscripts or parts of them.
Hang on, hang on. When you say he impersonated people in the world of literature—
Okay, I should clarify.
Was he dressing himself up as Salman Rushdie or something?
He dressed up as Margaret Atwood, right? No, no, he didn't do any of that. He, of course, he used the easiest method that we all fall for.
He used email and he used phishing tactics and he cleverly hid I's into 1's and changed addresses and email addresses in order to convince people that he was writing from the right place.
But of course, he had a huge, you know, Rolodex. Kids, that's kind of your contacts list. But he had a Rolodex of really important names, right?
Because he worked at Simon & Schuster, and he would have had access to all that information.
He used email and he used phishing tactics and he cleverly hid I's into 1's and changed addresses and email addresses in order to convince people that he was writing from the right place.
But of course, he had a huge, you know, Rolodex. Kids, that's kind of your contacts list. But he had a Rolodex of really important names, right?
Because he worked at Simon & Schuster, and he would have had access to all that information.
Oh, and because he's part of that industry, the people who he does deal with are sometimes dealing with big, big authors.
So in the interview with the bookseller in 2019, Margaret Atwood confirmed that there had been concerted efforts to steal the manuscript of her book, The Testaments, which came out, I think, last year or the year before.
But, you know, trying to get it before it was released.
And she says, quote, "There were loads of phony emails from people trying to wrinkle even just 3 pages, even just anything," she noted.
But, you know, trying to get it before it was released.
And she says, quote, "There were loads of phony emails from people trying to wrinkle even just 3 pages, even just anything," she noted.
So would he send an email, Margaret Atwood, or something like that?
What was that? You know, what's that Scandi book? The Scandi, oh, Stieg Larsson's Millennium series.
Yeah, yeah, yeah, the girl with the dragon tattoo, all that stuff.
Yeah, right, right, right. So, okay, so apparently when he was writing it— but he died at the third book, I think he died during the series.
Yeah, but anyway, apparently he was no one could see anything, right? Everything is just under lock and key.
And there was all these crazy ways, you'd only get it when it was done because he didn't want it to leak because it was such hot property.
Yeah, but anyway, apparently he was no one could see anything, right? Everything is just under lock and key.
And there was all these crazy ways, you'd only get it when it was done because he didn't want it to leak because it was such hot property.
Oh, the publishers don't want people getting advanced copies. It's a bit like J.K. Rowling. If she's got a new Harry Potter book, or who's that Da Vinci Code chap?
Exactly. Right. Okay.
Yeah. So it's a big media event. It's all under lock and key and you can't have copies.
But if they're being translated, I suppose they are being distributed, aren't they, to various or some people?
But if they're being translated, I suppose they are being distributed, aren't they, to various or some people?
Well, they're being distributed to specific people, probably for make the cover art from these 4 chapters, please, or from this description.
There must be loads of reasons why you'd send segments of your book. And he would take advantage of that this is the allegation, why he's been arrested.
And he would email them pretending to be maybe their agent or their editor, right?
And say, hey, hope you're great, can you just resend me the link to the manuscript, because I've deleted it accidentally or something, right?
There must be loads of reasons why you'd send segments of your book. And he would take advantage of that this is the allegation, why he's been arrested.
And he would email them pretending to be maybe their agent or their editor, right?
And say, hey, hope you're great, can you just resend me the link to the manuscript, because I've deleted it accidentally or something, right?
Whatever. But if he was sometimes stealing just a few pages from the likes of Margaret Atwood, how's that going to help him?
How's he going to compile some sort of book with a bit of this and a bit of that? It's gonna be some sort of Frankenstein's monster, isn't it?
How's he going to compile some sort of book with a bit of this and a bit of that? It's gonna be some sort of Frankenstein's monster, isn't it?
That's really interesting because I wonder if he came up with that afterwards.
I think what he was doing was collecting all these little bits and then probably gonna put them underground for 30 years and then come up and go, "You see, now that blah blah is dead, I have the writings that they never put out." I don't know.
I think what he was doing was collecting all these little bits and then probably gonna put them underground for 30 years and then come up and go, "You see, now that blah blah is dead, I have the writings that they never put out." I don't know.
Or he could claim that they stole it from him, but he still has some.
Oh, yeah, he was the original. Yes, he had an email. Yes, yes. But he was first rumbled way back in 2016 with someone working on the Fifth Dragon Tattoo book, right?
Still, you know, huge deal. And the recipient felt something was off about the email asking to reset a password giving access to the hush-hush manuscript.
So they contacted the apparent sender by another means. So let's say they were dealing with Jessica, right? Instead of replying to the email, they called Jessica.
And quickly figured out that there was a scam going on because Jess was going, I never asked you to send me that, right? And they're going, well, I just got an email.
And apparently while they were having this conversation, there was another request on the email while they were chatting on the phone.
So, this is all into an article from The Vulture. I will put in the link. It's worth reading.
Still, you know, huge deal. And the recipient felt something was off about the email asking to reset a password giving access to the hush-hush manuscript.
So they contacted the apparent sender by another means. So let's say they were dealing with Jessica, right? Instead of replying to the email, they called Jessica.
And quickly figured out that there was a scam going on because Jess was going, I never asked you to send me that, right? And they're going, well, I just got an email.
And apparently while they were having this conversation, there was another request on the email while they were chatting on the phone.
So, this is all into an article from The Vulture. I will put in the link. It's worth reading.
So this guy was quite active.
How long was he doing this? 200 authors he went after. 200. He was called the Spine Collector. Oh, that sounds— that would be—
Book spine. I know. Yeah, I get it. Yeah. That would be— but that would be, that'd be quite a good name for a book.
The Spine Collector, wouldn't it? Maybe that's what he was doing all along. He now has his story. So journalists, this is going on 2016, right?
Journalists pick up on the story, dig in for a while, couldn't figure out who it was because every clue just turned out to be another spoofed email address.
And apparently he'd always imitate the writing style of the person. So obviously someone with insider knowledge for how people act and write.
Journalists pick up on the story, dig in for a while, couldn't figure out who it was because every clue just turned out to be another spoofed email address.
And apparently he'd always imitate the writing style of the person. So obviously someone with insider knowledge for how people act and write.
But did he ever ask for a ransom, or did he ever, you know, post up?
He didn't do anything. He didn't do anything with manuscripts either.
Oh, what a weirdo. Allegedly.
Well, maybe he was working on that. Allegedly.
Well, after that many years. Allegedly. Allegedly. And the allegation—
Alleged— no, the allegation is definitely that he used his insider knowledge of the industry to get authors to send him their unpublished books and texts by posing as agents, publishing houses, and literary scouts.
And he's been charged with wire fraud and identity theft for a scheme that prosecutors said affected hundreds of people for more than 5 years.
And he's been charged with wire fraud and identity theft for a scheme that prosecutors said affected hundreds of people for more than 5 years.
It's a bit odd, isn't it? I mean, it's almost like he's collecting these just for his own entertainment.
It's a bit like, you know, someone who's collecting art but can never show it because it's been stolen.
It's a bit like, you know, someone who's collecting art but can never show it because it's been stolen.
The power thing. And it'll be totally worth a lot of money, the story afterwards, being able to say, and then I stole this from this person.
He was basically building his novel by stealing the stuff, right? Or he wasn't at all involved.
He was basically building his novel by stealing the stuff, right? Or he wasn't at all involved.
Exactly. And I think that's— and he's very innocent. That's important for us to stress. However, if he were to be found guilty, we will talk again about it.
What's going to happen to him, allegedly?
What's going to happen to him, allegedly?
Well, allegedly, huge, huge years. I think it was something like 50 years he was facing or something ridiculous. We'll see what happens. It is in America. I don't know.
But more interestingly, did you know that Ethan Hawke was also affected by this? And I was just interested that he wrote.
But more interestingly, did you know that Ethan Hawke was also affected by this? And I was just interested that he wrote.
I think he's written a few. He's the guy from Before Sunset, isn't he? With Julie Delpy. Right.
I think that's where I know him from, but I can't remember what movie I know him from.
Wasn't he in Gattaca as well? These are all movies I haven't seen, obviously. But yeah, I think he's written a few books. Ethan Hawke.
Ethan Hawke. See, cute and smart.
You don't know he's smart just because he's written a book.
Well, you haven't written a book. What, QED?
Start the year off right with 1Password University.
Our chums at 1Password have always been about helping you stay protected, private, and productive, whether you use its password manager or not.
With 1Password University, they are putting their many years of security expertise to work creating fun, dynamic, and free learning resources for people of all skill levels.
So start off 2022 right and learn how to make the most of your 1Password account features.
Find out how to build a culture of security in your workplace, or discover why reusing the same password across multiple accounts puts you at risk.
Learn at your own pace and discover how to form an entire ecosystem of tools and tactics that can help you stay safe on the internet.
Whether you're a business leader or a home user, 1Password University has a free course for you. Go on, check it out now. Find out more.
Try 1Password University for free at www.smashingsecurity.com/university.
Our chums at 1Password have always been about helping you stay protected, private, and productive, whether you use its password manager or not.
With 1Password University, they are putting their many years of security expertise to work creating fun, dynamic, and free learning resources for people of all skill levels.
So start off 2022 right and learn how to make the most of your 1Password account features.
Find out how to build a culture of security in your workplace, or discover why reusing the same password across multiple accounts puts you at risk.
Learn at your own pace and discover how to form an entire ecosystem of tools and tactics that can help you stay safe on the internet.
Whether you're a business leader or a home user, 1Password University has a free course for you. Go on, check it out now. Find out more.
Try 1Password University for free at www.smashingsecurity.com/university.
We are also sponsored by Uptycs. Uptycs is a cloud-native security analytics platform built to protect the modern attack surface.
Uptycs zeros in on blind spots that are preventing you from identifying and responding to existing threats and vulnerabilities in your ecosystem.
Plus, Uptycs normalizes telemetry across macOS, Linux, Windows, and containers, records system activity for historical investigation even when no alert has fired, and enables you to build complex custom detections.
In short, Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform.
Visit smashingsecurity.com/uptycs, that's U-P-T-Y-C-S, to learn more about its cloud-native security analytics platform. And thanks to Uptycs for sponsoring the show.
And welcome back.
Uptycs zeros in on blind spots that are preventing you from identifying and responding to existing threats and vulnerabilities in your ecosystem.
Plus, Uptycs normalizes telemetry across macOS, Linux, Windows, and containers, records system activity for historical investigation even when no alert has fired, and enables you to build complex custom detections.
In short, Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform.
Visit smashingsecurity.com/uptycs, that's U-P-T-Y-C-S, to learn more about its cloud-native security analytics platform. And thanks to Uptycs for sponsoring the show.
And welcome back.
Can you join us for our favorite part of the show? The part of the show that we like to call Pick of the Week.
Pick of the Week. Pick of the Week.
Pick of the Week is the part of the show where everyone chooses something they like.
Could be a funny story, a book that they've read, a TV show, a movie, a record, a podcast, a website, or an app. Whatever they wish. Doesn't have to be security related necessarily.
Better not be. Now, Carole. We're big fans on this podcast of the Smashing Security podcast. It's one of our favorite podcasts, in fact, right?
Could be a funny story, a book that they've read, a TV show, a movie, a record, a podcast, a website, or an app. Whatever they wish. Doesn't have to be security related necessarily.
Better not be. Now, Carole. We're big fans on this podcast of the Smashing Security podcast. It's one of our favorite podcasts, in fact, right?
It's just stellar. Do you know it's been going for 5 years?
Do you know this week is the 30th anniversary of me working in the cybersecurity industry? 30 years.
I can't believe you just said that on air.
30 years of me just wibbling on, telling people to turn on multifactor authentication. Anyway.
I've often wondered, I thought, are there any other podcasts out there like Smashing Security, which maybe aren't about cybersecurity, but are about something else instead?
I've often wondered, I thought, are there any other podcasts out there like Smashing Security, which maybe aren't about cybersecurity, but are about something else instead?
Wouldn't that be wonderful?
Let me introduce to you, like a parallel universe version of Smashing Security, which I've discovered.
Okay.
Good song. 993-0004. They've got a great song. One of the best songs I've ever heard about pest control marketing.
Hello folks, it's Hal Coleman and welcome to another episode of Pest Control Marketing.
Hello folks, it's Hal Coleman and welcome to another episode of Pest Control Marketing.
So what do you see in here? One of them's like me and one of them's like you, I thought.
Yeah. I think actually we are.
Yes. There's a similarity.
He's an artist, obviously, because he's got a lot of pictures, a lot of art going on. My guy.
That's Hal. You're Hal Coleman. Yeah. And the other guy is Mike. I love it. And they're very knowledgeable about pest control marketing. And they do this every couple of weeks.
Incredible.
Incredible.
It's very entertaining. How do you end up on this? Do you have a pest problem?
No, I don't have a pest problem. No, no, I have no infestations currently.
Do they do STD stuff as well? Oh, sorry. Whoa, sorry, sorry. Sheesh.
But they also, Hal Coleman and Mike Stewart, other than helping pest control companies improve their marketing with regular podcasts and live streams, they also have a sister site called pestcontrolmarketingjingles.com.
Hey, can I see that as well?
Oh yeah, go to pestcontrolmarketingjingles.com and they've got, well, they're showing off their 40-year experience and expertise at writing and producing jingles and audio ads.
Pest control that you can trust, Google can't determine. Count on us, call 770-479-1598 today. Now admittedly, some of them do sound a bit similar.
But I reckon if you've got a winning formula, don't mess with it. Call 770-479-1598. Although they're not afraid to try something a bit more experimental.
Pest control that you can trust, Google can't determine. Count on us, call 770-479-1598 today. Now admittedly, some of them do sound a bit similar.
But I reckon if you've got a winning formula, don't mess with it. Call 770-479-1598. Although they're not afraid to try something a bit more experimental.
Pest control that you can trust. To kill cats and termites, count on us. Call 770-479-1598. Graham, we are in our 5th year. Don't you think it's time to bring me a present?
We could ask them to do a jingle for us. You know?
We could ask them to do a jingle for us. You know?
I think they only do jingles for pest control firms. I'm not sure they like to branch out beyond that. They know what they're good at.
I'm reading the testimonials about people who have used their jingles. They sound super excited. The first day my jingle played on social media, I started getting phone calls.
Sure, somewhere, some— sure, somewhere, some were— some were for— I can't speak. Sure, some were for— I can't do it.
Sure, somewhere, some— sure, somewhere, some were— some were for— I can't speak. Sure, some were for— I can't do it.
You can't speak any longer?
I'm done. A great jingle will make you money for years and will imprint your business in the minds of listeners forever.
They've got Country Cockroaches, Classic Smooth Smashing Security. Nashville. I guess it could be, because I mean, we do have bugs in cybersecurity. Maybe we could.
We don't need to, yeah.
We don't need to tell them that we're not.
Yeah, plausible deniability. See, legal term.
Right. Oh, you're learning. Anyway, I'll subscribe. I think you might get a lot from it, because I know you've had pest problems. And I said, I think Hal is you, Mike is me.
And I know a lot of our listeners do actually run pest control companies and may be interested in improving their marketing. Then this is an excellent resource for them to go to.
And that is why it is my pick of the week.
And I know a lot of our listeners do actually run pest control companies and may be interested in improving their marketing. Then this is an excellent resource for them to go to.
And that is why it is my pick of the week.
Okay. Mine's a little bit more highbrow. Okay, this is one I should do with a guest on because they would save me. They'd buffer you from your wrath. Okay, it's a podcast.
Right, Think with Pinker. With Steven Pinker.
Right, Think with Pinker. With Steven Pinker.
Steven, is he famous? Is he someone I should know?
Oh dear, yes, he's quite a well-known intellectual thinker about— is he one of these rational—
Has he written a book? Is that— he's one of them?
Yeah, he's written a few books, right? And you know, he also teaches at universities and has podcasts and does all kinds of stuff. And he's a really weird guy.
Now, he's also Canadian, I think.
Now, he's also Canadian, I think.
He is. I should— I've just looked him up.
He is, right? Okay, Canadian psychologist.
He's got crazy hair. Yeah, he's crazy looking, isn't he?
Yeah, he's crazy looking. And he's crazy sounding as well, so it makes for an interesting show. And there's a podcast called Think with Pinker.
And the whole idea is kind of— actually, maybe I should give you one of the dilemmas. Let me give you a dilemma, Graham. Okay, so there are three big pots in front of you, right?
And one of them has a car underneath it. Big pot, very big pot, all right, okay. And the other two do not have a car. Maybe they have elephants, okay.
And the whole idea is kind of— actually, maybe I should give you one of the dilemmas. Let me give you a dilemma, Graham. Okay, so there are three big pots in front of you, right?
And one of them has a car underneath it. Big pot, very big pot, all right, okay. And the other two do not have a car. Maybe they have elephants, okay.
Again, huge, huge pots or small elephants.
You're a busy guy. You don't drink coffee, you don't want to take care of fucking elephants, right? You don't want to be in— how do you get rid of that?
Who do you call?
How do you handle that?
Yeah, when you have an elephant dumped on you, it's a real pain, right? How are you going to deal with it?
You don't want to be dumped on by the elephant either.
And the dustman won't take them away. It's just, you know, yeah, it's a nuisance.
So I say, okay, choose the car. Here you've got pot one, pot two, pot three. One, two has elephants, one has a car. Go, okay, and so you make a selection.
So, you know, one, two, three, make a choice, yeah, make a choice, make a choice.
So, you know, one, two, three, make a choice, yeah, make a choice, make a choice.
Well, can I look under the pots? Just make a choice. Can I listen to see if there's an elephant inside?
The roar of the engine.
Okay, all right, all right, all right. One, there you go, right, I'm up to number one. Okay, one.
I'm lifting up one. Me and my eighteen men are lifting up the pot, right? And we lift up the pot and there's an elephant underneath, okay.
That wasn't entirely fair, Carole.
No, no, it's okay, it's okay.
You were gonna say that whatever number I said.
Okay, but maybe I say, "You have another choice now. You can go again."
You can go again.
"You can go again." Oh no, okay, I did it wrong, I did it wrong.
Is it actually Noam Chomsky? Is Noam Chomsky under one of these cups?
Okay, you said one, you said one, okay. Turns out that was correct. No, I say, "Good for you. I'm gonna lift up number three," right?
And I lift up number three, right, to show you maybe the car's underneath, maybe an elephant. It's an elephant. Okay, so now you've got fifty-fifty now, right?
It's elephant and car, you're much higher stakes. I'm saying to you now, okay, you get to go again, you get to go again, you want to stick?
Do you want to stick with one or do you want to go with two? I'll stick with one. This is what the podcast is like, it's not at all.
And I lift up number three, right, to show you maybe the car's underneath, maybe an elephant. It's an elephant. Okay, so now you've got fifty-fifty now, right?
It's elephant and car, you're much higher stakes. I'm saying to you now, okay, you get to go again, you get to go again, you want to stick?
Do you want to stick with one or do you want to go with two? I'll stick with one. This is what the podcast is like, it's not at all.
That's so pivoted. I could be listening to the pest control marketing podcast right now.
Can I just tell you, Bill Gates goes on this podcast, okay? So it's a really smart podcast, there's lots of cool stuff on the podcast.
It's not very useful, is it? This is not a likely scenario to happen, okay, no. All right, I'll stick on one, I'll stick. Keep playing with— I will stick on number one.
Okay, you know what? Worst decision you've ever made in your life.
Well, that's not fair.
Okay, because now you have an elephant. Because so when you made your first choice, you had a third of a probability of getting— so you always switch.
They give you a new opportunity to vote and you have a smaller amount of options, switch, just switch. Because probability dictates that you must, it makes sense to do it.
They give you a new opportunity to vote and you have a smaller amount of options, switch, just switch. Because probability dictates that you must, it makes sense to do it.
No, it doesn't. You've got to do it.
No, it does.
It does not.
It does. No. He chose lift number 3.
Can I tell you what happened?
Right before the show, I had all my notes, okay, for this bit, and I lost them. I did a cut and paste and I did another cut. So I lost my notes.
So I'm actually going to sound like an idiot right now. So listeners, I'm depending on you.
Can you explain to Graham by Twitter, email, whatever your means are, why he has to switch?
So I'm actually going to sound like an idiot right now. So listeners, I'm depending on you.
Can you explain to Graham by Twitter, email, whatever your means are, why he has to switch?
No, I disagree.
Okay, but that just shows you're an idiot and you should listen to the podcast. So listeners, if you think you need to stick— I don't even think he brings it up on the podcast.
But it's— these are the kind of issues that you will hear about. So you want to listen to— if you're like me, you want to—
But it's— these are the kind of issues that you will hear about. So you want to listen to— if you're like me, you want to—
Are you on a jury? Are you actually judging whether people should—
I'm not judging anything.
No, but are you determining the guilt or innocence of somebody? I cannot confirm.
That's very personal, Graham, and inappropriate. Just think with Pinker.
I think the defense could bring this up. They could bring this up against you. Just play this bit of the podcast. Edited.
So my pick of the week, I'm going to do this whole bit again. Should we do this again?
No, it's great. I think you've explained it perfectly. Everyone wants to listen to this now. Well, that just about wraps it up for this week.
Wow. Don't— maybe I should do it again one more time. No, it was great.
It was perfect. I have to edit it. It was perfect. You don't have to edit that at all. That is perfect as it was. Don't forget, next week we might have a guest.
It all depends on whether Carole is still on a jury service or not. Pray for me.
Until then, you can follow us on Twitter @SmashingSecurity, no G, Twitter must have a G, and also join us on the Smashing Security subreddit.
And don't forget to ensure you never miss another episode, follow Smashing Security in your favorite podcast app, such as Spotify, Overcast, and Apple Podcasts.
It all depends on whether Carole is still on a jury service or not. Pray for me.
Until then, you can follow us on Twitter @SmashingSecurity, no G, Twitter must have a G, and also join us on the Smashing Security subreddit.
And don't forget to ensure you never miss another episode, follow Smashing Security in your favorite podcast app, such as Spotify, Overcast, and Apple Podcasts.
And seriously, ginormous shoutouts to this episode's sponsors, 1Password and Upticks, and to our wonderful Patreon community.
It's thanks to all of you that this show is free for everybody.
For episode show notes, sponsorship information, guest list, and the entire back catalog of way too many episodes, check out smashingsecurity.com.
It's thanks to all of you that this show is free for everybody.
For episode show notes, sponsorship information, guest list, and the entire back catalog of way too many episodes, check out smashingsecurity.com.
Until next time, cheerio. Bye-bye. Bye. There's three enormous pots. One of them has a car, two of them have elephants. I say number one.
Your guy Pinker lifts number three and says it's an elephant.
Your guy Pinker lifts number three and says it's an elephant.
Do you remember Deal or No Deal? Same idea as this. Yes.
Okay, when you get to the end and you have two boxes left, or you've gone from three boxes to two, you always switch in order to create your probability to be 50/50 rather than a third.
Because the first time you made the choice, it was a third, third, third. And then when you have the next choice, it's half, half.
Okay, when you get to the end and you have two boxes left, or you've gone from three boxes to two, you always switch in order to create your probability to be 50/50 rather than a third.
Because the first time you made the choice, it was a third, third, third. And then when you have the next choice, it's half, half.
This is nonsense. This is nonsense.
It doesn't mean you're actually going to win if you do it the way I'm saying, I'm just saying you increase your probability of my changing.
You're not increasing your probability.
Can I just say I got 97% in high school probability, so you don't want to mess with me. And that was high school. Seriously.
Hosts:
Graham Cluley:
@grahamcluley.com
@
/ grahamcluley
Carole Theriault:
Show notes:
- Pokémon Go: Police fired for chasing Snorlax instead of robbers — BBC News.
- Pokémon Go-Playing LAPD Officers Fired For Ignoring Robbery — Kotaku.
- Court of appeal documents (PDF).
- The Mysterious Figure Stealing Books Before Their Release — Vulture.
- FBI Arrests Man Accused of Stealing Unpublished Book Manuscripts — The New York Times.
- ViacomCBS security group 'crucial' for FBI manuscript theft investigation, says Karp — The Bookseller.
- The Spine Collector: Man arrested for using fake email addresses to steal hundreds of unpublished manuscripts — Hot for Security.
- Pest Control Marketing Live! — YouTube.
- Pest Control Marketing Podcast.
- Pest Control Marketing Jingles.
- Think with Pinker — BBC Radio 4.
- Smashing Security merchandise (t-shirts, mugs, stickers and stuff
- Support us on Patreon!
Sponsor: 1Password
1Password University is a fun, dynamic and free resource for all skill levels.
Find out how to build a culture of security in your workplace, learn how to make the most of 1Password’s features, or discover why re-using the same password across multiple accounts puts you at risk.
Broaden your knowledge, starting with the basic building blocks of security. Learn at your own pace and discover how to keep yourself and your company safe on the internet.
1Password University’s growing catalogue of courses has definitely got something for you… and it’s a lot more fun than dull workplace training or scouring the web for advice.
Check out 1Password University – free online security resources, made for everyone – at www.smashingsecurity.com/university
Sponsor: Uptycs
Uptycs is a cloud-native security analytics platform built to protect the modern attack surface.
Uptycs zeros in on the blind spots that are preventing you from rapidly identifying and responding to existing threats and vulnerabilities in your ecosystem.
Uptycs normalizes telemetry from across macOS, Linux, Windows, and containers; records system activity for historical investigation even when no alert has fired; and enables you to build complex custom detections in addition to its industry-leading MITRE ATT&CK mapping.
Uptycs provides observability across both cloud workloads and endpoints in a single centralized platform.
Find out more and try it for free at uptycs.com
Follow the show:
Follow the show on Bluesky at @smashingsecurity.com, on the Smashing Security subreddit, or visit our website for more episodes.
Remember: Subscribe on Apple Podcasts, or your favourite podcast app, to catch all of the episodes as they go live. Thanks for listening!
Warning: This podcast may contain nuts, adult themes, and rude language.
