In the hole
If Pinsky is ever going to pay Terpin that $20 million, Pinsky is going to need to work extra hard on more SIM swapping capers.
A man who lost $24 million in cryptocurrency in an elaborate SIM swapping scam has won a multi-million-dollar judgment against the thief, who was 15 at the time of the hustle. According to court documents [PDF] filed Friday in a federal New York City court, Ellis Pinsky agreed to pay Michael Terpin $22 million for his starring …
... a judge threw out a $200 million damages claim Terpin had filed against AT&T.
So ...
According to the judge ATT has no responsibility in what transpired?
No accontability whatsoever?
I have never even thought of using my cell phone to do any sort of on-line activity involving my bank, buying or paying for something.
Call me backwards if you will, but I think it is just asking for trouble.
O.
I have never even thought of using my cell phone to do any sort of on-line activity involving my bank, buying or paying for something.
In this case, you wouldn't have to. You'd just have to use a web email service that insisted on using SMS for 2FA. That's all Pinsky needed the swap for, according to the article. Well, maybe for some other SMS 2FA responses.
Of course, if your phone shows SMS messages on the lock screen (or isn't locked), then the SIM swap is unnecessary if the thief gains physical access to the phone, as reported last week.
Now, we all know SMS is abysmal for 2FA; but many companies continue to use it, and the alternatives are mostly also terrible. TOTP on a smartphone, for example, also has terrible failure modes, though at least in many of them it fails closed. The same is true of biometrics.
So, if you steal $24 million off someone and get caught, you don't get prosecuted as long as you pay $22 million of it back to them, and they let you keep the tiny sum of $2 million as a reward for what a good boy you've been? If it's that easy and risk-free it certainly sounds like a better idea than working for a living..................
where is the IRS in all this?
If you started with 1mil of a crypto that is worth $.10 the value goes from $.10 to $10.00 you now have on paper $10mil. During that time you traded it back and forth and you don't move it into US dollars thinking it is like the stock market and it is "like transactions" but you now have to pay income tax on unrealized gains. It was never sold into US currency.
Then January it falls back to $.10 and you need to sell it to pay taxes, you give all of your assets and home to the IRS to stay out of jail (this is our "voluntary" tax system by the way). You can't apply this year's loss against last year and you can only bring forward $3,500 in loss till the day you die.
Ok, so lets say you go the other way. You have $10 mil in crypto at the first of the year, and at the end of the year you have $1 mil. Great! I can take the unrealized losses as a loss. NOPE, it is a one way street in the US favor. You can't take unrealized losses.
The US made BILLIONS in taxes from this crypto IRS scam.
Indeed, before social media there was no way to identify who might work for which organization. A completely impenetrable mystery, that. No one ever dumpster-dived a copy of the company phone book or anything. Txtfile lists weren't posted to BBSes. Why, it's a wonder any insider crime ever occurred.
"Pinsky has not...been charged with any crime, and it's presumed this is because he was a minor at the time of the theft..."
Hah! The minimum age for prosecution in federal criminal matters is 11.
https://www.economist.com/graphic-detail/2017/03/15/the-minimum-age-of-criminal-responsibility-continues-to-divide-opinion