HomeCalendarCertificationsColumnsFeaturesForumResourcesVitals
 
Image
 
linkedin_logo.png rss_logo.jpg
twitter_logo.png youtube_logo.jpg
Latest Additions
 
EH-Net Login
Welcome Guest.
Lost Password?
No account yet? Register
Who's Online
We have 39 guests online
 
Advertisement

You are here: Home arrow Ethical Hacking Discussions and Related Certificationsarrow Social Engineeringarrow Robber Uses Craigslist to Pull Off Bank Heist
EH-Net
May 23, 2013, 02:48:13 AM *
Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
News: Go back to The Ethical Hacker Network Online Magazine Home Page
 
   Home   Help Calendar Login Register  
Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: Robber Uses Craigslist to Pull Off Bank Heist  (Read 22354 times)
0 Members and 1 Guest are viewing this topic.
don
Editor-In-Chief
Administrator
Hero Member
*****
Offline Offline

Posts: 4167


Editor-In-Chief


View Profile WWW
« on: March 19, 2009, 10:07:18 AM »
I hadn't heard of this story until a classmate mentioned it at SANS 2009. Thought I'd share it with you as another example of electronically assisted social engineering. Basically, he placed a false ad on Craigslist to create a crowd around a bank truck to make himself less visible. Get the low-tech details at either of these 2 links:

http://arstechnica.com/old/content/2008/10/bank-robber-crowdsources-disguise-to-craigslist-floats-away.ars

http://news.cnet.com/bank-robber-hires-decoys-on-craigslist-fools-cops/

Don
« Last Edit: March 19, 2009, 10:09:45 AM by don » Logged
CISSP, MCSE, CSTA, Security+ SME
timmedin
Sr. Member
****
Offline Offline

Posts: 469



View Profile WWW
« Reply #1 on: March 19, 2009, 11:19:31 AM »
I laughed out loud when I first read this story. A real life blue colar Thomas Crown affair.

I hadn't heard the part about the "getaway inner tube" though. Classic!
Logged
twitter.com/timmedin | http://blog.securitywhole.com
mmurray
Newbie
*
Offline Offline

Posts: 17



View Profile WWW
« Reply #2 on: March 19, 2009, 01:24:24 PM »
This is why I always make the argument that SE attacks are really attacks of the imagination - this is the kind of thing that makes SE very difficult to defend against.  Predictable controls are easily circumvented by an unpredictable attacker.
Logged
--
Mike Murray
MAD Security / The Hacker Academy

Email - mmurray@thehackeracademy.com
Phone - 773-360-0658
Twitter: http://www.twitter.com/mmurray
LSOChris
Guest
« Reply #3 on: March 19, 2009, 01:30:31 PM »
very well put Mike!
Logged
jason
Hero Member
*****
Offline Offline

Posts: 1012



View Profile WWW
« Reply #4 on: March 19, 2009, 08:04:30 PM »
Ya, I remember reading about this one a bit back. Very slick solution  Cool
Logged
former33t
Full Member
***
Offline Offline

Posts: 226


View Profile
« Reply #5 on: March 19, 2009, 08:56:27 PM »
I hadn't heard of that, but it reminds me a lot of the movie Inside Man where most of the robbers in a bank heist get away by dressing everyone (including themselves) in painters' uniforms and masks and running out of the building with all the hostages.  This didn't even require hostages, just a lot of unemployment and some people willing to believe they would make $28/hr for manual labor...
Logged
Certifications: CREA, MCSE: Security, CCNA, Security+, other junk
MicroJay
Full Member
***
Offline Offline

Posts: 101



View Profile
« Reply #6 on: March 20, 2009, 06:01:24 AM »
It just tells you that anything can be possible!  If you can think, you can achieve.
Logged
GSEC - GCIH - GSNA - GPEN
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Joomla Bridge by JoomlaHacks.com 		Valid XHTML 1.0! Valid CSS!
Page created in 0.07 seconds with 24 queries.
 
Exclusive Deal

sansfire13_245x90_cw90.jpg
SANSFIRE 2013
June 15 - 22

5% Off w/ Code: EHN_5

SANS Deals 4 EH-Netters
5% OFF Any SANS Course in Any Format!
Coupon Code: EHN_5 Including SANS Rocky Mountain 2013 & SANS Boston 2013
Polls
Compared to this year, 2013 will be:
 
Recent Forum Topics
EH-Net News Feeds
Latest Additions
 
         
Advertisement

© 2013 The Ethical Hacker Network
Joomla! is Free Software released under the GNU/GPL License.