Man escapes from jail after sending fake bail email

library
crime | hacking | security

A fraudster imprisoned in South West London’s Wandsworth Prison cooked up a bogus set of bail instructions and emailed it to prison officials.

The email must have looked pretty legit, since the officials dutifully let him walk out of the prison.

As the BBC reports, Neil Moore, 28, from Ilford, London, had a history of manufacturing elaborate ruses, having previously used four different aliases to commit fraud.

While on remand, Moore used a contraband mobile phone to create a fake email account and to pose as a senior court clerk to send bail instructions to prison staff.

He was released on 10 March. Moore’s ruse wasn’t uncovered until solicitors came by to interview him and found that he was gone.

Moore turned himself in three days after his jailbreak.

Southwark Crown Court heard that Moore tricked prison officials by creating a fake web domain that was only slightly changed from the court service’s official domain.

Beyond that, he also registered the lookalike website in the name of investigating officer Detective Inspector Chris Soole, listing the address and contact details for the Royal Courts of Justice.

Using his fake email, he sent an email to prison’s custody inbox with instructions for his release.

The BBC quotes Prosecutor Ian Paton, who called the whole thing rather ingenious:

A lot of criminal ingenuity harbours in the mind of Mr. Moore. The case is one of extraordinary criminal inventiveness, deviousness and creativity, all apparently the developed expertise of this defendant.

The judge, Recorder David Hunt QC, also described Moore’s stunt as “ingenious” criminality.

It does seem rather ingenious, but it’s certainly not uncommon for fraudsters or spammers to use lookalike email or web sites to snare people.

Among the many traps out there, we’ve seen spammers pretending that they’re Facebook and telling recipients that they’ve got a new profile; phishers sending email looking like it came from PayPal, baited with the offer to “click here to cancel” a phony transaction; and typosquatting sites, “Wikapedia.com” and “Twtter.com,” that pulled a bait and switch, offering advertisements for iPad and MacBook competitions.

Scientists recently found that in spite of our brain activity revving up when we try to suss out whether something coming into our inbox or appearing on our browser is fake or not, we still fail to spot fake sites, averaging just a 60% accuracy rate.

Thus, it’s not surprising that a convincing email coming from a lookalike domain that’s rigged with an official’s name and address fooled the prison officials.

And it’s certainly not like Moore’s new at the fraud game; he has a history of impersonating people for gain.

Besides the creation of his get-out-of-jail-free card, he’s used four aliases to pose as staff to bilk Barclays Bank, Lloyds Bank and Santander for a total of £1,819,000 (about $2,694,000).

One of his ploys is to answer calls using a man’s voice, pretending to transfer the call to a coworker, and then resuming the conversation in a woman’s voice.

The BBC reports that Moore was so convincing that police initially co-charged his partner, Kristen Moore, with the fraud.

All charges against her have now been dropped.

Moore pleaded guilty to eight counts of fraud and one count of escape from lawful custody.