Tweet
Hi all,
Sometime between 2011 and 2013, I watched a video of a DefCon talk. The talk was likely several years old by the time I viewed it. I've been desperately trying to relocate it but haven't been able to. The talk included several stories of non-technical (and sometimes accidental) hackers who had exploited systems for profit, but weren't necessarily crimes. Basically, stories about legal loopholes.
One story was about a woman from New Jersey (I think) who accidentally discovered a glitch in an online shopping site where she could place an order, cancel it at the right moment, and her order would still show up. The glitch was that the order was sent to the shipping department before it went to the billing department, so she would receive the item without paying for it. Technically, because she had canceled the order, and because the law states that you owe no duty to return something that is erroneously mailed to you, she hadn't really committed a crime. I think they ultimately got her on mail fraud because of the way she was reselling the items.
There was another story about a man who took advantage of the ACH verification system. Back then, to verify that you were the owner of a bank account, a vendor would send two small transactions to your bank account. You would have to verify what those amounts were to verify that you were actually the owner of the account. This guy created thousands of accounts and just let the tiny amounts pile up. It wasn't really a crime, but he was eventually arrested for identity fraud because he signed up for these accounts using fictional characters like Mickey Mouse and Donald Duck.
Does this ring a bell for any one? I've been searching and I haven't been able to find it.
Sometime between 2011 and 2013, I watched a video of a DefCon talk. The talk was likely several years old by the time I viewed it. I've been desperately trying to relocate it but haven't been able to. The talk included several stories of non-technical (and sometimes accidental) hackers who had exploited systems for profit, but weren't necessarily crimes. Basically, stories about legal loopholes.
One story was about a woman from New Jersey (I think) who accidentally discovered a glitch in an online shopping site where she could place an order, cancel it at the right moment, and her order would still show up. The glitch was that the order was sent to the shipping department before it went to the billing department, so she would receive the item without paying for it. Technically, because she had canceled the order, and because the law states that you owe no duty to return something that is erroneously mailed to you, she hadn't really committed a crime. I think they ultimately got her on mail fraud because of the way she was reselling the items.
There was another story about a man who took advantage of the ACH verification system. Back then, to verify that you were the owner of a bank account, a vendor would send two small transactions to your bank account. You would have to verify what those amounts were to verify that you were actually the owner of the account. This guy created thousands of accounts and just let the tiny amounts pile up. It wasn't really a crime, but he was eventually arrested for identity fraud because he signed up for these accounts using fictional characters like Mickey Mouse and Donald Duck.
Does this ring a bell for any one? I've been searching and I haven't been able to find it.