Page 1 of 3 123 LastLast
Results 1 to 10 of 21

Thread: Hacker was an often frequent flyer

  1. #1

    Hacker was an often frequent flyer

    An Australian computer whiz who hacked into his former employer’s database awarded himself 11 million frequent-flier points. Former Qantas staffer Ferri Sutan Malik claimed 230 free flights in two years, news reports Wednesday said. Malik, who pleaded guilty to fraud in a Sydney court, browsed the Qantas database to find frequent fliers who hadn’t claimed their points and took them for himself. Before he was caught, 31-year-old Malik racked up free flights worth 450,000 Australian dollars ($292,000), The Sydney Morning Herald reported.

  2. #2
    T3h Ch3F
    Join Date
    Sep 2001
    Posts
    718
    Greetings.. Just a suggestion to you, try just posting a link to the story in question.

    BTW Welcome to AO, good people here. PM me if you need anything.



    Just post a link to the story in question, instead of the copy paste, the fact that you give the source is a good start, as you are not claiming to have writen it yourself.

    Read the "new member FAQ", it will help you a great deal. There are many good members here, just go with the flow and be yourself. Welcome and good luck bro!


  3. #3
    Banned
    Join Date
    Jun 2003
    Posts
    1,536
    DAM now y did i not think of that??
    *Evil grin*

    Nightfalls_Girl

  4. #4
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Interesting.................................in a previous life I was a chartered accountant.......certified public accountant to my US buddies........................then I discovered computers, and the fact that I did not like work...........the rest, as they say is history and one hell of a lot of fun!!!

    BTW, if you are an IT employee and about to neg me for that remark............please reconsider your career choice?

    I happen to think that this is an interesting post. There was a big fraud over here about 30 years ago, that used a similar MO (modus operandi)...can't quite remember the details, but I have them somewhere, I will try to find them and post them. THERE IS A REAL LESSON FOR IT MANAGERS HERE......and I do not usually shout?

    Szafran..............you might have padded it out with an intro and closing comment? but it is a good post..............I had not picked it up on the news over here in the UK...but the PRINCIPLE that you have kindly highlighted is important.

    Hell guys! when a computerised system gets ripped off......we get the blame


    Just my £0.02 worth, plus sales tax, minus airmiles

    cheers

  5. #5
    Banned
    Join Date
    Jun 2003
    Posts
    1,536
    ITS JUST NOT FER................... :'(\


    Nightfalls_Girl

  6. #6
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Nightfalls_girl

    There is nothing fair in fraud and business?, hey "fraud" is only "business" for those who don't like long words

    I just remembered that the guy I was thinking of, worked out that when we went decimal (currency) over here, there would be smalll amounts left over. He programmed the system to pay them into his account and got around £70,000 GBP, or $100,000USD; something around $85,000 Australian?

    He got 7 years in the end


    I guess I don't like cheats?

    cheers

  7. #7
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834
    There was a guy here in the states that also collected pennies from bank accounts. Some old lady caught him by forcing an audit on her account because she wanted to know... quote "Where is my damn 7 cents." I would have been happy to be within a dollar of balancing my own account And that was the motivation to perpetrate the deal.

    They saw that on what appeared to be random dates; pennies were sucked from several accounts. But the random pattern would repeat attacking different accounts. That is why code review by impartial parties is important.

    I don’t have a reference; this is from an IT director at the FDIC who I spoke to directly about 2 years ago at a security briefing in a hotel, and yes I was sober.
    West of House
    You are standing in an open field west of a white house, with a boarded front door.
    There is a small mailbox here.

  8. #8
    I think there was a guy who wrote Banking programs for a bank. And with certain transactions there would be like 10.5 cents to add to an account. Instead of having his program Round up to the nearest cent he had it round down and also had the Fraction of a cent submitted to HIS account. This program was used by many banks and within a few years he was a couple million in his account.

  9. #9
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    My advice to anyone working in this area is write audit programs that review for reasonableness, and have them run so that ordinary joes cannot intercept them.

    Most transactions have a "reasonable" value, so if you get 5,000 transactions for less than (say) 1$, you probably have a fraud going on.

    Also check the values of transactions going into high volume accounts, a lot of small values generally makes a fraud?

    Remember to look for any consolidation files/tables in your system.............they are not stupid and will be as aware as I am You consolidate the small values, then post them to the account as a "reasonable one"

    No...............I do not teach fraud, but I did used to use fraud stories to keep my class awake

    Cheers

  10. #10
    people stealing pointless pennies from someones account reminds me of office space? anyone seen that before? well i guess i just wanted to say that...go milton!
    Stay away from my friends, they\'re smooth operators lookin for a way in.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •