On the Case

April 4, 2010 - 8:21 pm

After the sunshine and cantatas and alleluias of this morning, the last thing I wanted was to pore over Google Analytics. So naturally I procrastinated as long as possible.

Finally, when I ran out of excuses and distractions, here's what I discovered: someone in Karachi, Pakistan, (Karachi? As in the Taliban stronghold? That Karachi?) spent more than 20 minutes on the Fitzgerald Communications site yeserday. As did someone else in an unspecified location in India. And it seems my friends in Moscow have finally discovered this site as well.

 Why does all of this give me such a bad feeling? Until I find out, I'm trying to hold on to my Easter glow. 

 Stay tuned.

Add a comment (0 comments)
April 3, 2010 - 10:00 am

"Your situation is excruciatingly common."

And,  the Secret Service agent continued, the trend is worsening among businesses like yours.

 Why, I wanted to know.

Simple. Big companies tend to be well-defended. So foreign hackers are focusing instead on the thousands of small- to mid-sized firms that populate the American business landscape. Auto dealerships, independent restaurants, storefront retailers, small-fry marketing firms...they're all being targeted as never before.

Listening hard and taking notes furiously, I decided that I liked his voice. It was just about perfect for someone in law enforcement: calm, definite, matter-of-fact, authoritative. A little like Joe Friday's voice, but with energy and personality behind it.  The kind of voice that manages to be both comforting and slightly intimidating. 

The voice went on. Had the hackers defrauded me of any money? And if so, how much?

 They haven't stolen money, I told him. Not from me anyway. Just my good name. And my ability to sleep at night.

 Yes, of course, there's that, he agreed.

I imagined him giving a shrug.

But the fact is, he explained with weary patience, American law enforcement cannot prosecute attempts to defraud. Even in cases of domestic hacking, it generally takes a "spectacularly large scale" criminal success to trigger a formal investigation--sometimes as little as $50,000 but, more typically, $500,000 or more.

 I gulped. He laughed. "More than Fitzgerald Communications of Ann Arbor, Michigan is likely to lose," he said.

Then, he went on, there's the problem of jurisdiction. Hackers in Russia and China are beyond law enforcement's reach. Their governments are completely uninterested in investigating, let alone prosecuting, their activities.

And, who knows, I thought to myself, some of those governments may even be quietly applauding cyber attacks on American interests.

But there is good news here, he said. 

 I waited.

"First of all, you've done everything right. And you seem to be more savvy than most small business owners who go through something like this." The one thing I'd overlooked: filing a formal report with the Ann Arbor PD. Get yourself over there in person, he said, with every shred of documentation you have.

I'll do it on Monday, I promised. Any more good news?

"Yeah. If you keep frustrating them, if it's clear their scam isn't working, they'll give up pretty quickly."

You mean they'll give up on me. And move on to the next mark.

"That's right. They'll find someone else."

I'd say that qualifies as cold comfort.



Add a comment (0 comments)
April 1, 2010 - 8:00 pm

You meet the nicest people when you're being hacked.

 No, of course I'm not referring to those soul-less sociopaths who are perpetrating the scam from Kiev or Beijing or wherever.

 I'm talking about friends who have been abundant in their kindness and concern. About colleagues and clients who have cut me slack on project deadlines, knowing how preoccupied I've been. And about the media buyers and planners who were targeted by the fraudsters, and who made an effort to track me down and get to the truth. 

 One of those media buyers in particular--Barb Rogers of Casale Media-- has been extremely supportive and helpful. It was Barb, in fact, who made the connection with another online malware case that took place last fall in Chicago--a case she helped to crack.

 Barb's story makes for fascinating reading, as you can see for yourself in this e-mail excerpt:

 I personally have a "red flag" alert on at all times with this, because of another hoax that happened out of a Chicago agency in October that is in my territory.

What happened in Chicago was pretty huge.  The Chicago media agency was Spark Communications, which is a part of Publicis (one of the largest ad agencies in the world, if you are unaware of who they are).  This "George Delarosa" contacted a bunch of ad networks through a "lead" that came through my corporate office. 

Spark is an agency I already have a relationship with, so I thought it was a little bizarre that this person was going through my corporate office to make contact, when I meet with them every few months.  Anyway, he told me that he had an "immediate" $20K to spend for Suzuki. 

His e-mail address was slightly different than Spark's, and the web site that he used looked exactly the same as Spark's (he somehow mirrored the Spark Communications web site as well).  Also, his phone number was not even close to the same trunk lines as Spark Communications.  Also, big companies, like Suzuki, very rarely, if never, spend $20K in such an immediate fashion. In addition, Suzuki had never run with our network before, so that was also a red flag for me.

In this Chicago case, similar to what has happened with you, the title of the person was "Purchasing Manager" and I usually deal with "Media Planners or Supervisors" so that was yet another red flag.  This had never happened in my territory, but I just thought there were a lot of oddities to it. 

I called the number and left a voice mail, and then also started communicating with this "George Delarosa" over email in a cautious manner, obviously.  He told me that he was in London attending the Ad:Tech London show when he emailed me back at a strange hour (up until 2009, Chicago had it's own AdTech show, and quite honestly, a Chicago agency is not going to send an employee to AdTech London...makes no sense...so another red flag). 

So, I contacted a SVP at Spark and they had told me that they were already taking legal action to catch the person who was trying to launch a virus through a scam ad campaign.  

What is funny in your case is that you are such a small agency, we would have required pre-payment (where with Spark, if there weren't so many red flags, we would have extended them enough credit more than likely to run the campaign since we already have a relationship with them and other agencies owned by Publicis).   

I don't think the person that we are dealing with from your perspective is very smart.  This George Delarosa knew terminology that we use in digital ad sales/planning/buying, so he was a bit savvier than our friends "Anna Miller" and "Linda Bodin."

I am just sorry that this person is attempting to latch onto your company to get a malicious campaign running with an ad network.  What a pain for you.  
Here is a link to some information on what we encountered and what happened in Chicago off of MediaPost:


What I don't understand is where these people make money off of launching viruses...anyway, thought I would give you some additional background as to what has been going on with other cases similar to yours.

I hope this helps.  


It did help, Barb. And I'm sending you a big, public thank-you in return!

Oh, and if the George Delarosa hoax has "sparked" your interest, here's some juicy reading for you:



Add a comment (0 comments)
March 31, 2010 - 8:41 pm

"What fresh hell is this?"

 That wonderful quote from Dorothy Parker kept running through my mind this morning. It echoed in my head as I dialed the number for the FBI Detroit Field Office. And then the Secret Service. And then the FTC.

(I should mention that the Secret Service wasn't answering their phone this  morning, at least not before 9:30 a.m. What's that about? Was national security taking a furlough day?)

 Dorothy's words were still rumbling around when I went online to file a formal complaint of corporate identity theft at cybercrime.gov. And then IC3.gov/complaint, which turns out to be a partnership between the FBI and a couple of government agencies I'd never heard of.

 Over the years, I've started work days in lots of different ways. With breakfast meetings. Showdowns with creative director bullies. Pre-dawn flights to interview CEOs and boy-genius product engineers. Relaxed water cooler chat. Creative conferences. And quiet, blessed, uninterrupted hours of writing.

But never have I started a day wondering how many people would be targeted on this particular day by someone using my name to steal data and dollars and possibly even plant malware.

 They're not hackers or scammers or fraudsters. They're terrorists. Creating little bits of hell on earth wherever they go.

Well, tomorrow is another day--bringing with it not only the possibility of another fresh hell but also the equally strong possibility that investigations will begin and the wheels of justice will start turning, however slowly.

As positive thinking goes, it's not much. But it will have to do for now. 

Add a comment (0 comments)

For more information about Mantra for Murder
Phone: 734/761-8440 • Email: lindafitz@mantraformurder.com