Jailed Brit con phishes prison, gets bail A convicted British fraudster used a fake website and fake identities to trick prison officers into releasing him. Neil Moore — jailed for fraud worth £1,819,000 — used a smuggled mobile to post a website mirroring that of the Southwark Crown Court. He then emailed prison officers with instructions for his release, according …
From reading the BBC article it's pretty clear that there's no website involved; he just registered a deceptive domain and used it to email the prison. Significantly less challenging than attempting to clone a website using a mobile phone!
It would also be nice if the author of this article could copy place names accurately - it's Southwark, not "Southwalk". Perhaps Southwalk was the typo the Beeb mentioned that the cheeky felon made, but it's not a London borough.
"Did he use the phone to build the site or was that someone else? If he managed to code a phishing site entirely on a phone smuggled into jail, the man is a genius with very small fingers and a future of RSI."
Word --convert to HTML -- sorted!
If folks can fall for phishing, then a Word-built site will fool them, no problems.
>If folks can fall for phishing, then a Word-built site will fool them, no problems.
Certainly, because they use ie, the only browser that can render that shit.
Dunno who that was, but I think that must have been the fastest downvote ever, LOL - the site still says "9min to edit your comment".
You are aware that many phones today can run an SSH client, right?
I could code up a web site with nothing more then that and a server to talk to.
Yes. Particularly a phishing site, where nearly all of the content is going to be stolen (statically or fetched as necessary) anyway.
My phone has a physical keyboard, and really it's only the lack of Esc and Ctrl keys1 that would pose any impediment to editing one of my sites over ssh, or working on the phone itself via one of the Android shell apps.
1For vim, and vi-mode in bash or ksh, obviously. And yes, I know keyboard mappings are available for both local and remote use; they just slow things down.
I am not saying it isnt possible to build a site on a phone and SSH in to transfer it.
However, this is a phone which someone managed to smuggle into prison so I assume it isnt a Note4. There isnt really the scope for creating sensible graphics and testing anything is going to be challenging.
So either there was no site and it was purely phishing emails (much easier to spoof, although getting the garbage most GSI type messages include might be a pain in the backside) or he has small enough fingers that spending the time coding wont cripple him.
Which was the RSI bit.
"Wonder how long was left on his sentence and why he turned himself in?"
He hasn't been sentenced yet, he was awaiting trial. They've posted the story now, because he's just now been convicted (he pleaded guilty) and there is no possibility of prejudicing a trial. That is the conventional time to do a full press report in the UK.
And it was the 10th March 2014 that he originally escaped.
the current edition of the Concise OED doesn't say whether a verb is transitive or intransitive
For the Nth time, the OED is descriptive. It can only confirm that intransitive use of "harbour" has been observed. And it has. Right here.
Google Ngram Viewer shows plenty of instances of "harbour in", and variants thereof, though declining in frequency quite sharply 1820-1860 and more slowly thereafter. Most are false positives, of course, where "harbour" is being used as a noun or otherwise not a case of intransitive use; but consider e.g. "Never did I think / Such tyranny could harbour in thy breast", from Metastasio's "Hypsipyle". Everyone remembers "Hypsipyle", right?
Is it just me or is the heaping of back-handed compliments on the perpetrator feel like an attempt to deflect blame away from people who should have been smart enough to notice they were being scammed?
"That Homer feller grifted you good"
"Well son, there's no shame in being beaten by the best."
"But he didn't seem so smar - "
"We were beaten by the best, son."
Not just you, but there's more.
Just because these companies thought that he represented BOA or others does not mean that what they were doing was legal.
I would like to know who or what the accounts provided safety from.
Did the judge ask or is it assumed that if a company wants to move large amounts of money over the phone discreetly they are probably doing something legal?
Hands up whose job involves obeying emailed instructions that nobody's checked are authentic..
Or better, if you get an email from a third party asking you to enter your company username and password into their website (and then you ring your Infosec, and find out it's genuine)
"used a smuggled mobile to post a website mirroring that of the Southwark Crown Court."
"using legitimate personal details (including registering the Website in the name of Detective Inspector Chris Soole) in a bid to make the scam look legitimate."
Why would a fake Court website registered in the name of a DI look legitimate? And who would check the registration anyway?
The Register 
Biting the hand that feeds IT
Copyright. All rights reserved © 1998–2024
