We’ve added a second session of the “one-time only” “Dragon and Knight” course on 16 Dec. to accommodate those who couldn’t attend the first one.

Classic Cases of Cunning: Really Easy Money

As amusing as the movie Catch Me If You Can is, the book–perhaps not surprisingly–is even better. Why? We learn more about real-life Frank Abagnale’s thoughts.1 In the book, for example, he tells us that three factors empower the check swindler: personality, observation, and research.

  • Personality, says Abagnale, includes dressing well and “[exuding] an air of confidence and authority.”2 While sharp attire is perhaps not as important in today’s era of remote attacks, a keen understanding of personality and human nature is as indispensable as ever.
  • “Observation,” Abagnale tells us, “is a skill that can be developed, but I was born blessed (or cursed) with the ability to pick up on details and items the average man overlooks.”3
  • Regarding research, he explains “I knew as much about checks as any teller employed in any bank in the world and more than the majority. I’m not sure a great many bankers possessed the knowledge I had of checks.”4

      That last claim might sound smug, but Abagnale demonstrates his skills again and again in the book. In one of the most cunning incidents, he recognizes and exploits a weakness in how a bank processes its deposit slips. Armed with his quick-witted observation, he artfully manipulates the system so the bank channels customers’ deposits into his account. Moreover, he does so largely in the open; in his scheme, there’s no need to break into the bank, threaten a teller, or sneak around in the dark. As far as the bank notices, Abagnale simply walks in, walks out, and four days later finds over $40,000 in his account. The details are available in the book.5
      What can we say about Abagnale’s scheme? First, it is indeed a fine example of research and observation. Abagnale knew the system well enough that when he saw a seam, he immediately discerned its value and exploited it. As he says, he knew the system at least as well as those who operated it–never a good situation for the defender (who must also anticipate attacks from knowledgeable insiders).
      Second, Abagnale’s trickery aligns well with the ancient Chinese stratagem “Crossing the sea while deceiving the heaven.”6 This stratagem, explains Harro von Senger,

… is aimed at exploiting a blind spot in the field of vision of the stratagem’s victim, by smuggling clandestine activities into routine procedures that are generally visible, but no longer monitored very carefully, and thus carrying them out unseen. Similarly, it is aimed at slipping through the loopholes in an attentiveness that has already naturally or artificially become deadened–to do something that is actually quite inadmissable in front of everyone’s eyes and get away with it scot-free.7

      Third, the anecdote illustrates the potential value of red teaming. The flaw in the system Abagnale spotted had apparently gone unnoticed. A good red teamer–someone who understood the system as well as Abagnale–could conceivably have found the weakness and reported it to the bank. Interestingly enough, Abagnale now applies his skills as a consultant and author.
      Finally, the anecdote underscores the value of the red teamer’s “eye.” A good red teamer isn’t just smart; a good red teamer thinks laterally and sees connections, sequences, and relationships others don’t. It’s an intangible quality that remains very difficult to teach. A student could read Sun Tzu, R. V. Jones, and Frank Abagnale every day and still not acquire it. It’s one more reason the really good red teamers are invaluable to their customers.

Share on LinkedInTweet about this on TwitterShare on StumbleUponShare on FacebookShare on RedditShare on Google+
  1. Frank Abagnale’s story is nicely summarized here. []
  2. Abagnale and Redding, Catch Me If You Can, p. 129. []
  3. ibid., p. 129. []
  4. ibid., pp. 129–130. []
  5. ibid., pp. 146-147. []
  6. von Senger, The 36 Stratagems for Business, p. 39. []
  7. ibid., p. 40. []