If your room number is printed on your key, complain.
The Hilton Tokyo-Bay, aka Japan’s Disneyland Hilton, was shockingly behind the times when we visited. Our paper electronic room keys had our room number printed right on them, instead of on an envelope. That’s a serious security risk. This was two years ago. Anyone know what their keys look like today?
We checked into a hotel last month and plodded through the tedious check-in procedure in a daze. It was a Millennium Hotel, but I won’t say in what city.
I liked our room right away because it had an open window. Then I thought: isn’t it strange that the window is already open? And the tv was on and tuned to CNN—also unusual. It wasn’t until all our bags were settled in that I noticed a man’s jacket sprawled on a chair. The room was already occupied.
I tried calling the front desk, but in ten minutes of trying, they never picked up the phone. Then I noticed that the room number printed on the phone didn’t match the number of the room I was in. Sloppy.
Bob took the elevator down to the lobby, leaving me alone in the room to face the jacket-man when he returned, or emerged from under the bed. We changed rooms without incident—just inconvenience.
Who's jacket is in my hotel room? Or, whose room am I in?
I wonder now how many times other people have entered our various hotel rooms while we’ve been out. It happened once while we were in—in bed. It was in Paris. Two men entered our room in the dead of night. Luckily, we woke up and Bob dramatically commanded them to get out. “Pardon,” they said, “c’est une erreur,” it is a mistake. The strange thing was that they had been standing there whispering for a moment. If it had truly been a mistake, wouldn’t they immediately back out of an occupied room?
How are hotel rooms assigned to multiple parties? The most basic computer system shouldn’t allow it.
Mammut MicroTool pocketknife.
Brother-in-law, though a frequent flyer, forgot to move his pocket knife from his carry-on to his checked bag. He groaned when TSA discovered it. The knife was a gift from us, a gorgeous little oval less than two inches long, but heavy and well-made. Bob and I found it on a trip to Germany, and bought one for ourselves, too. A Mammut MicroTool, it’s called.
B-I-L, the self-proclaimed Swedish Okie and country bumpkin, was on his way back to Sweden. When the TSA officer dangled the contraband with its dangerous half-inch blade, B-I-L recognized a glint of proud ownership in the eye of the new beholder. The officer beheld a prize. B-I-L is a sore loser.
B-I-L snatched the knife away, determined that it should not slip beneath the crumpled handkerchief in the warm pocket of the TSO. He could not bear the thought of his fine knife snug among the unmentionables, in pilled cotton intimacy under an overhanging gut. B-I-L intended to destroy the little tool.
He hadn’t counted on the strength of the precision German instrument. He ripped, he stomped, he tried to bend. It took him fifteen minutes to render the tool unusable, the stubborn vengeful bumpkin.
I know a man in Las Vegas who makes his living on the forgetfulness of travelers. He buys great lots of TSA’s confiscated pocket knives for pittance at auction, and sells them one by one on eBay. (The profit, they say, is in the “shipping and handling” fee.) He’s never seen a fine little tool like the exotic Mammut MicroTool. He must get an, um, filtered selection.
What we call “confiscated items,” TSA refers to as “voluntary abandoned property.” [sic] If I were a TSO, I’d protest the extra work involved in providing envelopes to passengers. I’d say it’s a bad idea. It would mean I’d have to hand over an envelope, wait for the passenger to address it, then collect a fat fee and provide a receipt. All that work! No more perks!
What would you do if you opened the safe behind the hotel manager’s desk and found your passports gone? One woman took creative action.
Mary from Michigan and her two adult children just quit their jobs and sold or stored everything. They’re taking a year to travel the world. Oh, what a plan!
After seeing our show, Mary told us about her recent visit to Laos. She and her son and daughter stored their stuff in Bangkok and took a boat down the Mekong to Laos. There, Mary put her few valuables into the hotel lobby safe: the family’s three passports bundled with $2,000 folded into an envelope, and some very large camera lenses.
When she went to retrieve her things, only the lenses remained. Mary quickly discovered that one key opened all twenty safe deposit boxes, and her interrogation of the hotel manager led her to suspect an employee (rather than a guest).
Mary channeled her fear and anger and made a plan. She and her kids fanned out among the alleys surrounding the hotel and shouted into the darkness with volume and authority. “I’ll pay $200 for the stolen passports!” Within half an hour, Mary was lightly tapped on her shoulder, the passports, still bundled, proffered.
And Mary paid up. She told me that people think she was crazy to pay, but she’d promised. The thieves hadn’t discovered the $2,000.
Also read: Purse stolen off lap
Do not let a power outage compromise your security.
A reader of this blog recently wrote to me and described a suspicious encounter:
In Dublin, I noticed a tall young man in a green sweater keeping pace behind us, regardless of our window shopping. I turned down a busy side street, and he turned with us. We turned back to our original route, and the fellow with the green sweater appeared to be gone. Then I noticed that the same man was again following us, with the sweater rolled up and behind is back. I suddenly turned and said, “Good morning. How’s your day going so far?” The fellow said “Fine,” and then turned and walked off.
—Vern (and Pattie) Leming
I like the way Vern confronted his green sweater suspect. What he did is actually what many police and security officers do. It’s called aggressive hospitality: a friendly encounter meant to indicate “I see you, I’m watching.”
At a street festival, for example, police want to prevent incidents. When they spot a known suspect lurking, or an unknown person exhibiting suspicious behavior, they may confront the person with a friendly question: “Enjoying the festival?” or “Don’t I know you from somewhere?” A security guard at a theme park or in a mall will do the same. “Have you lost someone?”
Walmart practices the same principle to stem shoplifting. Called the “10-foot rule” there, store employees greet every customer who comes near them. If employees suspect shoplifting in progress, they offer to help the customer with his shopping.
Hotels and resorts also engage in aggressive hospitality. While guests notice a friendly staff greeting them at every turn, thieves, rogues, and transgressors lose their anonymity and feel watched.
Richard Buske, Security Manager of Nordic Hotels, takes this philosophy a step further. All staff members at his hotels are trained in security matters. All are taught to be observant and are praised for alerting management to suspicious behavior. Security is considered a team effort to be conducted in a friendly, positive manner.
A former mortgage broker put 40 boxes of customers’ personal information into a Las Vegas dumpster. It was December 2006, but we all knew enough about identity theft already to know better. The Fair and Accurate Credit Transactions Act of 2003, effective in 2005, requires the proper disposal of consumer report information and records, as does state law.
The boxes were found and put into safekeeping, probably before any documents were stolen from them. The Las Vegas Sun reported that the boxes contained “tax returns, mortgage applications, bank statements, photocopies of credit cards and drivers’ licenses, at least 230 consumer reports, and other documents containing sensitive consumer information.” Only now is the Federal Trade Commission charging former mortgage broker Gregory Navone with violating the Act.
Five gone-bust mortgage brokers dumped documents at around the same time—five that we know of. We can assume that many others dumped docs too, or deserted their premises complete with documents, which were left for the bad guys to find. No wonder Las Vegas is at the forefront of fraud and identity theft.
Bob and I recently spent many hours with a tweeker (meth-addict) during one of her clean and coherent spells. I’ll call her Kristin, because I can’t use her beautiful, real name. The time was just between her release from jail and her next bust. She had a job, her family had taken her back in and were supportive, and she was poring over a university catalog. She was full of hope and determination.
But the boyfriend…. Still in prison, a meth-cooker and ID thief, due out soon, demanding daily phone calls to keep his girl tied to the old life…
Right. He got out and Kristin disappeared. Back into the cycle of drugs and ID theft. We could have cried for her, this pretty 21-year-old. She was smart, but not strong enough to resist the lure of meth and easy money.
When she was high, she told us, she knew she’d never be caught; she was too clever. She knew she was going to get caught; she was always looking over her shoulder. Confident and paranoid.
In those hours we spent with Kristin, she told us how she used to “get profiles.” A profile is information about a person. It doesn’t have to be much because with a little goes a long way. With a little, you can find the rest.
Her favorite way to get profiles was out of dumpsters located behind businesses. She’d also get quick-credit apps from insiders in casino booths, who’d allow her to take a few off the top on the way to the shredder. Car registrations were good, too, easily found in glove compartments.
With the profiles, she created IDs. First simple ones, just good enough to allow her to purchase the special inks and papers needed to print government IDs. She had the precious printer, but supplies for it are regulated. For Kristin, easy to get around with a simple fake ID, a sweet smile.
With her newly minted IDs and profiles (for herself and her pals), Kristin and her team leased cars. Cadillac SUVs, to be specific, whatever they’re called. They always drove the latest models. They had an endless source of identities, cash, and credit.
They lived in motels, where they set up their mobile meth labs. Kristin, just the clean-up girl in the operation, got too close to the fumes once and got chemical burns on her face, neck, chest, hands, and arms. She was scabbed over for a year. She pointed out the scars, and the thick makeup she wore on her face to minimize them.
In a moment of desperation, Kristin once grabbed the profile of a wealthy family friend from her father’s home office. Tears trickled down her cheeks as she told us how she destroyed the man’s credit—and her father. Because he knew. She was ashamed of herself; mortified. Now she recognized that she was out of jail on an incredibly lucky break. She was going to study to become an architect. She was going to return to ballet.
Kristin’s back at it again, getting profiles, getting cash and credit on other people’s good histories, wreaking havoc. She and how many others?
Many people tell us they’re afraid to shop and bank online. But these activities are not a big factor in identity theft. The real threat is out of our hands. It’s how others keep our information. Big businesses with databases. Small businesses with manila folders. Mom & pops with a property to rent and an old box of rental apps (as I recently found in my garage—and shredded).
One man’s garbage is another’s fortune. Kristin and her friends are ready to exploit that old, forgotten information.
But there’s worse. Much worse. I’ll write about that soon.
Can you identify this thief?
Loot ‘n scoot: Through my police friends, I learned of another devious M.O. resulting in theft from hotel rooms. The thief simply poses as a guest. Wearing pool attire, she enters a hotel room that has a housekeeping cart at the door, as if she’s just returning to her own room from the pool. She tells the maid that she forgot her key, starts looking for it, and dismisses the maid. I suppose her beach bag is big enough for all the goodies she grabs, and she scoots out in her swimsuit looking as innocent as can be.
Maid left hotel room open and empty.
In another version, a female thief gets a nearby housekeeper to open a hotel room door because she’s carrying a heavy load. She may or may not have spotters on the lookout for guests returning to that floor.
In both cases, the security of our belongings is in the hands of the maids. How well are they trained? How much discretion do they have? When should they break the rules in order to be nice? When should they bend the rules in anticipation of a nice gratuity? What about temporary workers during the hotel’s high season—do they receive as thorough training? How many of us have approached our room only to find that we forgot our key, or the key doesn’t work, and a nice service staff member volunteers to let us in?
Hotel policy is one thing; compliance is another. How do you react when you find that your key doesn’t work (for the third time), the front desk is far away (giant hotel), your feet hurt and your arms are full and you’re dead tired, and the maid with a master key says “I’m sorry. It’s for your own security.”?
The burglars described in the recent police bulletins were females of average height and weight, 50ish and blonde. Nicely generic. The maid may believe she’s seen the impostor; and perhaps she has. Should she risk offending the “guest”?
Perhaps the maid should be required to ask the name of the guest and match it to a list. Yeah, a list on a clipboard left on the cart, that the thief’s accomplice copped a glance at. Perhaps the maid should be required to snap a photo of the guest “for your security.”
As a very frequent hotel guest, I have many times returned to my room to find the door left open by housekeeping staff “just for a minute” while they run to do something else. This always infuriates me, as there’s usually a laptop or two left out, as in the photo here, not to mention other valuables. But this is simply housekeeping error, and with proper training, can be corrected. The impostors described above are skilled social engineers, harder to protect against.
Bruce Schneier is currently blogging from SHB09, the Second Interdisciplinary Workshop on Security and Human Behavior, at MIT. I doubt if discussions covered “tricking hotel maids,” but what a complicated and interesting subject. I would have liked to be a fly on the wall there. Instead, I can read articles by the presenters.
No hassle flight: no security
We flew from Anchorage to Homer on Alaska Airlines flight 4878, operated by ERA Aviation. No TSA. No screening; none at all. Liquids? Okay! Weapons? Whatever you want! Just check your large roll-ons and climb aboard, big boots ‘n all.. 20 seats. Open seating, open cockpit.
Rejected passport photos
Four days away from an international trip and Bob and I have no passports. Scary. They were perfectly good and valid still for five years, until they were punctured and made invalid by Federal agents in Los Angeles. The only thing wrong with them was that they had too little space for new immigration stamps. We’d both received additional page inserts multiple times, and now we were required to get new passports.
Fine. All we needed was enough time to send them in, or better yet, bring them in and get them while we wait. That’s the tricky part, given that there is no passport office in Las Vegas. And our itinerary is packed with international trips, so there’s no time to send them in for replacement.
Time for a trip to Los Angeles, then. We gave two presentations at the California Tourism Safety and Security Conference in Anaheim May 7. Perfect timing for a visit to the passport office.
In Las Vegas, we prepared by getting official passport photos. Official, to be certain they’d be the right size, with the right background, etc. No time for mistakes. We used the “official passport photo service” at the local UPS store. When the lackadaisical employee handed over the two pairs of photos, Bob and I gawked. Our heads were small, surrounded by lots of white space, the images were contrasty, and almost black & white.
“These look terrible,” we said.
“They’re fine,” the employee assured us. “We do this all the time. Our photos are never rejected.”
We reluctantly paid $10 each and left.
Los Angeles: palms, smog, and traffic.
The U.S. Passport Office rejected the photos. It didn’t take much time to get new ones at the handy passport photo service just outside the Federal Building. The new ones were bright, clear, and large. We had our new passports several hours later.
Back at the UPS store, I complained and asked for a refund. The same slovenly employee shuffled off to the back room, unsure how to react. His mono-tasking mind forced him to set aside the job he was about to do: namely, sort customers’ mail into their rented mailboxes. So he set the thick stack of envelopes on the counter beside me and left me alone with it. I stood staring at the gas bill on top of the stack, wondering what could be gleaned from that heap were I an ID thief. I had plenty of time to consider the lack of security with which that mail was handled.
The manager (or franchise owner) appeared and, when I pointed out the stack of mail, said “puh-lease!” As if she had no idea that Las Vegas is at the forefront of fraud and identity theft. Or that her mailbox-rental customers had some expectation of the private and secure handling of their mail.
Airport security.
“Did you know you’re wearing mismatched shoes?” a well-dressed Englishman said to our friend, Brooks, at London’s Heathrow airport one day.
Brooks was talking on his phone, frantic at finding out that he was supposed to be at London’s other airport, Gatwick. He locked eyes with the stranger. “I am not!” he said, refusing to be distracted. “And you’ll not succeed in grabbing my briefcase!”
Brooks had become security-obsessed hearing our tales.
“Pardon me, then. But you are.” The man walked away, intentions defeated, whatever they were.
Brooks finished his telephone call, feeling rather smug that he’d thwarted a thief who’d tried to distract him. Then he looked down at his shoes, only to see one tasseled, one buckled loafer.
Everyone knows not to leave bags unattended in airports and, lest we forget, we are relentlessly reminded by annoying announcements. Bag-stealing strategists are devious, though. Even if you aren’t looking away from your things, you may be connived into doing so. Questions by an apparently confused or puzzled foreigner touch our good-natured core and we want to help. A moment’s distraction is all an accomplice requires. Who would suspect that the pretty girl asking to borrow your pen is merely a diversion as her colleagues snag your bag?
Or, here’s a good one: you’re suddenly paged. Who would page you at an airport, possibly a foreign airport, or a stopover? Who even knows you’re there? You rush off to find the white courtesy phone, befuddled and worried. The accented voice on the line sounds unclear, yet urgent. You may be asked to write down a number, requiring some gymnastics while you extract a pen and find a scrap of paper. Have you looked away from your briefcase? Have you lost physical contact with it? Where is it, anyway?
Earlier, the thief had examined the object of his desire, your bag. Its luggage tag informed him of your name. The strategist paged you. He distracted you. He created his own plausible situation. Or, as Bob would say, he created a shituation.
TSA
Airports give the illusion of safeness, especially now with increased security. The swirling crowd of dazed travelers, lost or rushed or tired, makes a perfect haystack for the needle-like thief. Your bag might disappear before you even get inside, in all the curbside commotion. Long, tedious, check-in lines can be disorderly madness in some airports, inducing inattention when you need it most.
Computers and purses disappear, too, at airport security checkpoints. Guards have their hands full keeping order at the chaotic bottlenecks, and they’re watching for bigger fish than bag thieves. Don’t assume they’ll safeguard your bags.
Practically every television news program has shown this ruse. The scam occurs just after you’ve put your items on the belt. Before you walk through the metal detector, a stranger cuts in front as if in a hurry. The equipment buzzes and he has to back up and remove his watch, his coins, something. Meanwhile, you’re trapped in limboland and your bags are free-for-all on the so-called secure side.
If you’re traveling with another person, make a habit of this: one person goes through security first and collects her and your bags as they appear. The other waits to see that all bags go fully and safely into the x-ray machine, and watches the belt to see that it isn’t reversed, leaving your items vulnerable on the other side. If you’re alone, wait for any crowd at the checkpoint to pass, if you can, or be alert to anyone who barges in front of you after you’ve let go of your things.
Excerpt from Travel Advisory: How to Avoid Thefts, Cons, and Street Scams
Chapter Three (part-a): Getting There—With all your Marbles
Two pickpockets looking for a victim.
I watched the first two episodes of Fox Network’s new television program Lie to Me, whose main character is loosely based on Paul Ekman, the world’s foremost expert on facial micro-expressions and how to spot when someone is lying. This is an intriguing, new subject to the majority of us. Call it a sexy science. Who wouldn’t like to immediately realize when his mate or partner is fibbing or deceiving him? And wouldn’t we like to ask our financial advisors: “have you ever swindled or cheated any of your previous customers?”
The bad guys, too, want to know how to manipulate their expressions when asked “where were you on the night of April 18?” Will this program suddenly shed light on surveillance and interrogation techniques that have previously been shrouded in mystery? It’s said that Paul Ekman is or has been working for the NSA. It’s confirmed that he’s involved in the structure of a limited program for TSA, in which screeners are supposed to detect irrational behavior in passengers that could indicate terrorist activity, signaling the need for additional and deeper screening of their luggage.
Dr. Ekman has spent a lifetime studying micro-expressions. What’s the chance Continue reading