Conde Nast Sent $8 Million To A Scammer After A Single Email

from the financial-controls? dept

Apparently it's not that hard to scam a big company out of millions of dollars these days. You can just send a single email, pretending to be from a vendor of that company. That's apparently what a guy named Andy Surface discovered when he set up a bank account for an operation he called "Quad Graph," likely designed to be similar to Quad/Graphics, the giant printing company that prints many big name magazines. He then sent a single email to magazine giant Conde Nast, leading the magazine company to send that new account $8 million:
In early November, Conde Nast received an "Electronic Payment Authorization” form by email at its offices in ... New York. The form appeared to have been sent by Quad/Graphics. The form requested that Conde Nast direct payments for Quad Graphics to the Quad Graph Account, and provided account information. Conde Nast filled out the form and returned it by facsimile from its offices in ... New York to the facsimile number provided in the form. Following Conde Nast's receipt of the "Electronic Payment Authorization" form, Conde Nast started making payments for Quad/Graphics bills by ACH transfer from a Conde Nast account with JPMorgan Chase Bank in New York to the Quad Graph Account.
The whole thing was discovered when the actual printer noticed that it was no longer getting paid and asked Conde Nast what was up. Conde Nast went to the feds, who arrested the guy and amazingly discovered that all $8 million was still sitting in the bank account.


Reader Comments (rss)

(Flattened / Threaded)

  1.  
    identicon
    Anonymous Coward, Apr 4th, 2011 @ 7:06pm

    Funniest thing I've read all day.

    Also if he didn't spend any of it maybe it won't be SO bad for him... Still real bad though.

     

    reply to this | link to this | view in thread ]

  2.  
    icon
    Jay (profile), Apr 4th, 2011 @ 7:13pm

    Wait...

    Doesn't Conde Nast own Wired and Ars Technica...?

    If so... This just became x10 funnier if computer nerds got duped by a scammer...

     

    reply to this | link to this | view in thread ]

  3.  
    identicon
    dc, Apr 4th, 2011 @ 7:24pm

    Re: Wait...

    Add Reddit and Webmonkey to that. Although they're primarily a magazine publisher.

    http://en.wikipedia.org/wiki/Cond%C3%A9_Nast_Publications

     

    reply to this | link to this | view in thread ]

  4.  
    icon
    ChurchHatesTucker (profile), Apr 4th, 2011 @ 7:27pm

    Re: Wait...

    To be fair, I doubt they run their bills by Bruce Schneier.

    Although they obviously should.

     

    reply to this | link to this | view in thread ]

  5.  
    identicon
    Another AC, Apr 4th, 2011 @ 7:28pm

    Re: Wait...

    Unfortunately, the persons responsible for completing/checking the paperwork on this are not computer geeks regardless of which publication they support. These are accountants and finance clerks. They can crunch the numbers with the best of them, but take from me, they are clueless when it comes to stuff like this. I work for a fairly large IT orginization. We handle everything from simple colocation to custom security solutions. Our finance/accounting teams are computer stupid some days.

     

    reply to this | link to this | view in thread ]

  6.  
    identicon
    Anonymous Coward, Apr 4th, 2011 @ 7:56pm

    He should have put a rush order on his application for a passport and visa to Brazil.

     

    reply to this | link to this | view in thread ]

  7.  
    icon
    Capitalist Lion Tamer (profile), Apr 4th, 2011 @ 8:08pm

    This "Electronic Payment Authorization Form"

    Does anyone have a copy of it? I'd like to send it to a few periodicals and see what comes back. The NYT in particular seems to have a few extra million to burn.

     

    reply to this | link to this | view in thread ]

  8.  
    identicon
    Anonymous Coward, Apr 4th, 2011 @ 8:17pm

    Re: Wait...

     

    reply to this | link to this | view in thread ]

  9.  
    icon
    PopeRatzo (profile), Apr 4th, 2011 @ 8:37pm

    Re: Re: Wait...

    actually, it looks like they're just the publisher.
    "Just" the publisher? Do you know what it means to be the "publisher" of a magazine?

     

    reply to this | link to this | view in thread ]

  10.  
    identicon
    Anonymous Coward, Apr 4th, 2011 @ 8:41pm

    Perfect opportunity missed

    Would have been even funnier if he donated it all to Reddit (mega-popular website owned by conde nast that is in serious need of funding for more servers)

     

    reply to this | link to this | view in thread ]

  11.  
    identicon
    Pixelation, Apr 4th, 2011 @ 10:11pm

    Hi, my name is Mambutu and I am from Quad Graph. Please Western Union 8 million dollars to my account in Nigeria. Thank you very much.

     

    reply to this | link to this | view in thread ]

  12.  
    identicon
    Anonymous Coward, Apr 4th, 2011 @ 10:18pm

    Re:

    Sounds legit, but I'm from Quint Graph, we're 1 graph better and need 9 million.

     

    reply to this | link to this | view in thread ]

  13.  
    icon
    The eejit (profile), Apr 5th, 2011 @ 12:45am

    Re: Re:

    I'm from Qyantum Graph and I require half of your monthly profits to protect you from your lawyers.

     

    reply to this | link to this | view in thread ]

  14.  
    identicon
    Anonymous Coward, Apr 5th, 2011 @ 3:38am

    Neat, I learn more about the place I work from the internet than I do from actually working there...

     

    reply to this | link to this | view in thread ]

  15.  
    identicon
    JPHeindel, Apr 5th, 2011 @ 4:11am

    Irony?

    I find it ironic(?) that any number of the banner ads displayed around this aritcle are probably scams.

     

    reply to this | link to this | view in thread ]

  16.  
    icon
    senshikaze (profile), Apr 5th, 2011 @ 4:42am

    Re: Irony?

    You mean like the Arkansas tourist info one? Or the umpteen billion Microsoft ones? While I fully agree with you that Microsoft is scam, are you trying to say that Arkansas isn't real?

    Which of course brings up the question of what exactly are you seeing in your ads? Have you been to bad places on the 'net? Maybe they just go you pegged. :)

     

    reply to this | link to this | view in thread ]

  17.  
    identicon
    Anonymous Coward, Apr 5th, 2011 @ 4:50am

    Re: Re: Irony?

    Every time a see you folks talking about those things(i.e. ads and buttons) I can't help but think about unicorns.

    I always ask myself what ads? what buttons? where?

     

    reply to this | link to this | view in thread ]

  18.  
    identicon
    Anonymous Coward, Apr 5th, 2011 @ 4:53am

    Re: Irony?

    Banners? Ads?

    There are ads on the Internet?

    What is this? 1998?

     

    reply to this | link to this | view in thread ]

  19.  
    icon
    The eejit (profile), Apr 5th, 2011 @ 5:13am

    Re: Re: Irony?

    Only if you work in America, apparently.

     

    reply to this | link to this | view in thread ]

  20.  
    identicon
    Anonymous Coward, Apr 5th, 2011 @ 5:16am

    Re: Re: Irony?

    Oh yes you are so awesome. You hid the ads. Please go steal...I mean borrow...I mean it is an infinite good so just take it and place it on your hard drive.

     

    reply to this | link to this | view in thread ]

  21.  
    identicon
    Anonymous Coward, Apr 5th, 2011 @ 5:42am

    Re: Re: Re: Irony?

    I didn't hide anything. I merely prevented the site from executing a bunch of needless crap and loading a truckload of stuff from other servers that I don't want or need. And the only benefit they present me is a slowed down browser and 90% of the browser window covered in flashing ads. Yay! Go ads!

     

    reply to this | link to this | view in thread ]

  22.  
    icon
    senshikaze (profile), Apr 5th, 2011 @ 7:04am

    Re: Re: Re: Irony?

    I have actually changed how my adblocker works. On the main page of the top 12 sites I visit (what I have in my speeddial on firefox), I leave ads turned on. As soon as I click through to an article, though, I get no more flashy banners. Personally I think it is the best of both worlds. Sites get the views, I get to read the articles I want in detail without distraction.

     

    reply to this | link to this | view in thread ]

  23.  
    identicon
    Anonymous Coward, Apr 5th, 2011 @ 7:12am

    Re: Re: Irony?

    Trust me. I live in Arkansas. It's not real.

     

    reply to this | link to this | view in thread ]

  24.  
    identicon
    Anonymous Coward, Apr 5th, 2011 @ 8:52am

    Since trademark enforcement is often viewed with a skeptical eye around here, I thought I'd mention that this is one reason why companies get uncomfortable about similar trademarks and domain names.

     

    reply to this | link to this | view in thread ]

  25.  
    identicon
    Anonymous Coward, Apr 5th, 2011 @ 9:29am

    Re: Re: Re: Irony?

    I live in Arkansas and I have no clue what you are talking about. All I see are IBM, SAP, Capital One and American Express ads...

    Back to topic, it is of my opinion that this is one example of why companies should not outsource spam filtering. There is just no 3rd party out there that can guarantee that every legit email is sent, and every non-legit email is filtered.

    Granted, mistakes can happen in house, but at our company, we are running, at most, a rate of 1-2 spam per month that actually make it to the end users inbox, and emails like this one would be caught, questioned, and actual phone calls made before any paperwork is filled out.

    Sometimes, there is just no substitute for "hey...wtf is THAT?!?!"

     

    reply to this | link to this | view in thread ]

  26.  
    identicon
    Anonymous Coward, Apr 5th, 2011 @ 10:50am

    Re: Re: Re: Re: Irony?

    Interesting idea. Personally, I get all my news via RSS/Twitter feeds though, so I almost never visit the home pages anyway. But, I like the idea in general.

    That said, I'd have no need for adblock if the people that ran the ads would take the time to make sure they are good. Even with all the profiling and such on the web, I'd still say less than 1% of ads appeal to me; having them load is a complete waste of time over 99% of the time.

     

    reply to this | link to this | view in thread ]

  27.  
    identicon
    Anonymous Coward, Apr 5th, 2011 @ 10:55am

    Re: Re: Re: Re: Re: Irony?

    Almost forgot; on top of being wildly mis-targeted, they are often equally annoying (flashing, animations, flash, etc). Google is the only advertiser that got it right (text only) and even they are straying from that principle now.

     

    reply to this | link to this | view in thread ]

  28.  
    icon
    BearGriz72 (profile), Apr 5th, 2011 @ 12:03pm

    Re: Re: Re: Irony?

    Thank You AdBlock/NoScript

     

    reply to this | link to this | view in thread ]

  29.  
    identicon
    Anonymous Coward, Apr 5th, 2011 @ 12:21pm

    Re: Re: Re: Irony?

    Oh yes you are so awesome. You hid the ads. Please go steal..

    Typical copyright supporter. We need to get rid of these people.

     

    reply to this | link to this | view in thread ]

  30.  
    icon
    Bt Garner (profile), Apr 5th, 2011 @ 10:33pm

    Re: Re: Re: Irony?

    You know, if your business model can be thwarted by a script, it may not be the best model out there.

     

    reply to this | link to this | view in thread ]

  31.  
    identicon
    Bobo Bolinski, Dec 14th, 2011 @ 9:28pm

    Too much

    In the late 90s some guy scammed SONY, out Co. and several others out of several mil of vieo gear by pretending to be a NATO general in England. He showed up to meetings in a limo w NATO flags on the fenders. No uniform.

     

    reply to this | link to this | view in thread ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here
Get Techdirt’s Daily Email
Save me a cookie
  • Note: A CRLF will be replaced by a break tag (<br>), all other allowable HTML will remain intact
  • Allowed HTML Tags: <b> <i> <a> <em> <br> <strong> <blockquote> <hr> <tt>
Follow Techdirt
A word from our sponsors...
Essential Reading
Techdirt Reading List
Techdirt Insider Chat
A word from our sponsors...
Recent Stories
A word from our sponsors...

Close

Email This