CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Fraud & Identity Theft

Hacker Conversations: Alex Hall, One-Time Fraudster

A first-person journey from undetected fraud to defending trust—how life events, neurodiversity, and hard-won insight shaped a former fraudster into a fraud fighter. The post Hacker Conversations: Alex Hall, One-Time Fraudster appeared first on SecurityWeek.

Alex Hall

Fraud: how to do it and not get caught – by someone who did it and didn’t get caught but now catches other fraudsters.

Alex Hall’s professional life is typified by two major geomagnetic reversals in his moral compass: first from neutral to bad, and then from bad to good. Here we discuss the causal life events, and how the reversals affected his everyday life culminating in his current position as a Trust and Safety Architect at Sift.

The making of a fraudster

Asked if he is a hacker, Hall replies, “in the modern sense of the word today, ‘No’.” But he added, “I used to be a fraudster, which many people think of as a type of hacking.” We decided to differentiate the two types of hacking: manipulating the business process is fraud; manipulating the business code is computer hacking.

But what made him a fraudster? “I was once interviewed by a criminologist, a criminal psychologist from Germany. After a few hours of chat, he concluded that the trigger for me becoming a fraudster was rooted in a breakup with my early sweetheart.”

Following the breakup, Hall dived into alcohol and partying, and found fraud. The relationship breakup caused PTSD, and the PTSD caused a breakdown of his moral compass. His subsequent partying brought him into contact with new, less salubrious people, and he began to learn about the practice of fraud. 

Alex Hall

The party scene was wild. “There was alcohol, and there were different types of drugs floating around. Through networking and traveling across the city of Las Vegas, I interacted with many different groups. I would hear from this group that they’re leveraging checks for fraud; and then I’d hear about credit cards from that group, and then I would see somebody doing something really well, and I would see them getting the benefit of it without the risk. After that, I started to go to the platforms to see what other processes were in play when someone did that.”

He concluded there was no way the banks and retailers weren’t aware of what the fraudsters were doing. “It was more that the fraudsters hadn’t been caught than that they couldn’t be caught. I thought to myself, ‘Let me find my own way’ – and so I did. I had gained a little insight, so I took that insight and built on it and expanded it. I realized that here was a very lucrative way of paying the bills without getting caught.”

The ADHD effect

Like many hackers in this series, Hall is neurodiverse – or more specifically, ADHD. It’s not a necessary condition for being a hacker, but it certainly helps. His therapist told him exactly that. 

“She calls it the ‘spicy brain’. She says that neurodivergent people need an abundance of input. From the outside looking in, it looks like that person is scatterbrained and jumping from point to point to point – but she says in her experience, it’s this type of ‘spicy brain’ that allows neurodivergents to hold down so many variables, keep so many processes in place, and see all the potential outcomes by running all the possible calculations.”

At the end of the conversation, he continued, “She said, ‘It’s because process evaluation and manipulation come naturally to neurodivergent people, who are good at managing a lot of input and compartmentalizing it and intangibly or ethereally manipulating it.’ So, yes, I do think that being ADHD was a contributory factor to being a successful fraudster.”

This is a common theme in our conversations with hackers. Many, if not all, have been diagnosed as ASD (autism spectrum disorder generally, although ADHD or Aspergers more specifically). ASD is not a prerequisite for hackers but is often described by them as their superpower. And although it isn’t a direct causal condition for hacking, it can have an indirect influence. Social difficulties, especially those linked with Aspergers, can drive youngsters to retreat into their computers and virtual relationships with people who live on the edge.

In Hall’s case, it is worth noting the bi-directional relationship between ADHD and PTSD – being ADHD increases the likelihood of PTSD after a traumatic event. Hall became a fraudster through PTSD, and that PTSD may have been aggravated by his ADHD which then made him a more accomplished fraudster.

The Hall of Fraud

Like many versions of fraud, Hall’s approach started with account takeover (ATO): getting hold of a valid username and password. “Back then,” he said, “MFA and other types of verification were not common, so with valid credentials it was easy to access someone else’s account.” But he didn’t get the credentials from the Dark Web. He stayed away from anything that might draw attention to him. His drive was not just to profit from fraud, but to avoid arrest for fraud. So, a key principle was to be and remain anonymous.

“I had a very tight knit group of 10 or so people [acquired from his partying days] who I could go to for different parts of my operation. No one knew my real name. No one knew where my home base was, where I lived. I would meet them at these drop houses or at these casinos or hotels.”

Fundamentally, his route was to obtain credentials, use them with social engineering to create different personas and open bank accounts, and to use these different personas / bank accounts to pay his bills.

“Typically, we think of a fraudster as someone who buys 10 TVs and then sells them at a 50% discount off the list price. They obtain items with fraud and then fence them in the black market.” But that leaves a trail that can be followed, and he believed that absolute anonymity was the key to successful fraud. 

“I didn’t interact with the dark web. I didn’t go into Telegram, Signal or any of these channels. I didn’t collaborate with fraudsters internationally or even outside of Las Vegas.”

He had realized that it would be more efficient (and safer) not to use fraud to acquire cash, but to pay his bills using fictitious names while personally remaining invisible. And it worked. “I found out how to get my cigarettes, how to get gas, how to always have a fleet of rental cars at my disposal, two or three cars at any point in time, several houses in Vegas that were acquired through fraud, but not officially to my name. They were in someone else’s name through a rental agreement, but I had five or six different houses. I used fraud to give me all the things I needed in life. Rather than using fraud to get 50% cash back on stolen products and then use that cash to pay my bills, I just had fraud pay the bills.”

It worked. He was never caught. But he eventually stopped when his moral compass came back to normal through a second seismic shift.

The road back

Just as a bad emotional experience triggered his descent into a life of trickery and deceit, so a good emotional experience triggered a complete about face from dark back to light. It was the birth of his daughter. “I call her my super, because she is my superhero. When she was born, her mother and I discussed, what now? What’s the plan? I stopped doing fraud immediately, and over the next couple of months I began to realize what being a father really meant to me,” he explained.

“I guess, through my daughter, I realized that when she became an adult and could reflect on her childhood and her life up to that point, I need to be someone supportive and influential in a positive way. Someone that she could be proud of and could learn from – my model for how powerful she can be. Ultimately, it was my daughter that brought me back to normalcy.”

Being a successful fraudster was not the legacy he wished for his new daughter. But what next?

“I did lie one more time, on a resume. I said I had all this fraud experience. I didn’t have the type of experience I was implying, so it wasn’t entirely false – but it was still a lie. I accept that, but I got a job as a fraud analyst. Within three months or so, I was Head of Fraud, overseeing three divisions, wholesale, retail, and drop shipping. After another nine months, I had identified and implemented active processes that would prevent about $2.4 million worth of fraud. So, I definitely earned my paycheck, despite the initial lie.”

Then COVID struck. He was laid off and his employer tried to replace him with automation. “I used my unemployment to start a company called Dispute Defense Consulting, where I worked with all the top line fraud prevention vendors. I did a lot of public speaking through webinars, podcasts, and interviews, and helped different companies with their fraud programs and their fraud strategy. Well, who has better insight to poke holes in a fraud program than a former fraudster?” Set a fraudster to catch a fraudster.

“During that time, I met my current employers, and they introduced me to the concept of being a TASA – a Trust and Safety Architect. From then on, I always wanted to be a TASA. I looked at it as being the Spec Ops of the fraud prevention industry. So, when the opportunity came, I grabbed it. If I could be an effective force on the dark side, how could I prove to be an effective force in fraud prevention? What better way than joining the Spec Ops of the fraud prevention industry?”

He had come full circle, from a law abiding youngster and a traumatic breakup into a successful and undetected fraudster – and from there back to good behavior and a successful career in society following the birth of his daughter. If his journey tells us one thing about being a hacker, it is that dark hacking may not be a psychological constant, rather a temporary condition caused and influenced by life events.

But there is one question we still need to ask: how common is his style of fraud today? “We couldn’t know,” he replied. “Because of the way I operated, the possibility of detection is low. Even if we did detect it in aggregated data, it would present as different identities doing different things across the marketplace. I’m confident that if there are clones of me from 12 years ago in operation today, we are not at a point yet that would detect those fraudsters. I don’t think we will be able to detect them quite yet.”

One word of warning, though, lest anyone thinks of using Halls’ history as a blueprint for future fraud: “Right now, we’re in the process of putting together a product that would be able to identify me,” he added.

Related: Hacker Conversations: John Kindervag, a Making not Breaking Hacker

Related: Hacker Conversations: Frank Trezza – From Phreaker to Pentester

Related: Hacker Conversations: David Kennedy – an Atypical Typical Hacker

Related: Hacker Conversations: Joe Grand – Mischiefmaker, Troublemaker, Teacher

Latest News

CYBERNEWSMEDIAPublisher