MENU
component-ddb-728x90-v1-01-desktop

"Original Internet Godfather" offers tips for preventing cybercrime

Brett Johnson's website, Anglerphish.com, details his past as a cyber criminal and the work he is now doing to help protect identities and information.{ }

You've heard the warnings about protecting your identity - but are you listening? There are new scams coming out that could trick even the most tech-savvy person.

Those who fight cybercrimes say one of the keys to defeating the scammers is to understand them. For the Oklahoma City office of the Federal Bureau of Investigation that means getting insight from the criminals themselves, or at least one of them.

Brett Johnson consults with law enforcement and businesses about cybercrime. His experience with cybercrime is not just academic. You might say he helped start it.

“I'm the founder of one of the first dark markets online one of the first places that sold stolen credit cards and identity theft information,” Johnson told FOX 25. “Online I ran basically everything as far as English-speakers went.”

Johnson does not brag about his past, but he does claim it because it allows him a chance to now help others.

He was once known as the “Original Internet Godfather” to the federal authorities who made one of the first major cybercrime busts. After his arrest, the United States Secret Service went on to hire him as a consultant. However, Johnson continued to commit cybercrimes; sometimes his crimes were committed from within the government offices where he worked.

Johnson would eventually be arrested again, escape from prison and be arrested again and put in prison for nearly a decade. It was separation from his family and those he loved that helped him realize his need to change.

“People who have committed the crime have a unique perspective, that others just can never have, they are wired to think a certain way that's very, very powerful,” said Preston Ackerman, the Supervisory Special Agent for the cybercrimes division of the FBI’s Oklahoma City field office.

Ackerman brought Johnson to Oklahoma with the help of the University of Tulsa, which recently started a new Master’s Degree program in cyber security. Ackerman says fighting cybercrime means taking on criminals with a variety of motivations. Sometimes they are motivated by money, other times by ideology.

Often the cyberattacks come from other nation states, even Oklahoma is not immune to attacks by other countries.

“[Nation-State Cybercriminals] go after such a wide variety of information that it is impossible for anywhere in the U.S. to not have some intrusions of that nature,” Ackerman told FOX 25.

One of the keys to fighting cybercrime, Ackerman said, is understanding it. At the heart of cybercrime is what is called social engineering; cybercriminals are, in effect, very proficient con men. They are able to know how to write a fraudulent email that will gain your trust.

“As a fraudster I may not be able to send you a phishing email that has a request for your banking information you may know that is a phishing attempt,” Johnson explained, “But could I send you a phishing email that request you update your information on your utility bill? Or if you are a member of a dating site or a forum somewhere what are the odds that you're using the same password for some miniscule site that you're using for your banking credentials? Pretty decent.”

Brett and the FBI recommend using a password manager program which will generate difficult codes but still allow you ease of access. Ackerman said good password managers can be found by reading reviews by credible tech magazines.

Johnson recommends freezing your credit to protect your identity. It can cost $20 per credit monitor bureau to do this, but it will stop anyone from opening an account with your information. You can also do this with your children. If you do need to open a new line of credit you will have to pay to “thaw” your credit, but it will cost far less to do this than to clean up your credit if someone steals your identity.

Updating software on your computer or smartphone as soon as possible is another way to protect yourself.

“At the moment that Microsoft, or any company, patches a security flaw in their software, by announcing that what they've updated, that tells attackers where there was a vulnerability,” Ackerman said.

Another simple solution to protecting yourself at home is to make sure not everyone in the house has administrative privileges. Children should have separate login information so if they click on the wrong thing your entire system is not compromised.

Finally, back up all your information on a regular basis. This will make sure ,if your network is compromised, you won’t lose anything.

If you are a victim of cybercrime or identity theft, the FBI says report it to law enforcement. You can file a report through the FBI as well. While your case may not immediately launch a federal investigation, the tips are analyzed to try and connect crimes to specific criminals in hopes of identifying larger patterns of crimes.

For business owners, the same rules apply but the experts stress the need to educate every employee about cyber security.

That education should also include staying on top of the latest scams. Johnson said there is one scam that many businesses do not know about, but in the last year it has resulted in $50 billion in losses.

It's called synthetic fraud.

“[Synthetic fraud] is setting up a fake person within the credit bureau system and then bumping up the credit score of that person to a very high amount in a very short amount of time,” Johnson explained.

That fake person could be a social security number of a child or an unassigned number if the scammer is able to figure out the system of assigning numbers.

With the fake credit score, the scammer will go to qualify for store credit or car loans and make big ticket purchases. It is a scam that is possible at any store that offers credit or financing.

“The credit score comes back as very high and they say that is someone we can trust to provide credit to,” Johnson said, “But if you actually take the time to look at the credit report there are certain things that are indicative and will always be indicative of synthetic fraud.”

Johnson said look at the credit report and not just the score. Make sure the “person” on the page has actually existed long enough to get the credit score they have.

Both Johnson and the FBI says identity theft is something that will haunt you for the rest of your life. It is one reason why Johnson said he is doing the work he does now. While he has paid for his crimes legally, he still paying for them personally.

“I think about what I’ve done every single day and I think, I probably always will carry that with me,” Johnson said. “I just don't think there is any need to run from it. I can use the information that I have and the knowledge that I have to try to make whatever amends I can make for the damage that I’ve done.”

Johnson not only works with law enforcement and businesses but he also helps individuals. His website is called Anglerphish, named after the federal operation that led to his initial arrest, and he says people can contact him personally to help find out ways to protect their personal information.

Trending