It Apparently Doesn’t Take a Psychic

Posted on February 22, 2013 by Paul Fidalgo

You really have to watch this video of this mystical guy who really seems to know things he could not possibly know about the people he’s giving readings to. Watch to the end to have your mind blown.
http://www.youtube.com/watch?feature=player_embedded&v=F7pYHN9iC9I

Published by Paul Fidalgo

Odd duck. View all posts by Paul Fidalgo

9 thoughts on “It Apparently Doesn’t Take a Psychic”

Katherine Lorraine, Tortue du Désert avec un Coupe-Boulon February 22, 20133:44 pm Reply

I work in computer security and we tell people this allll the time. Be careful what you post, it can be used against you.

LikeLike
Marcus Ranum February 22, 20133:48 pm Reply

Oh, this is great stuff!! I’m still laughing my ass off!

LikeLike
Tsu Dho Nimh February 22, 20136:38 pm Reply

🙂
Which is why I use a pseudonym on-line

LikeLike
Mr. Anon February 22, 20136:38 pm Reply

This is why I don’t even post comments on blogs.
…

D’oh!

LikeLike
1. TeeDee February 27, 20132:33 am Reply
  
  you made me laugh–thank you! xo
  
  LikeLike
oolon February 22, 201310:39 pm Reply

Hmm, sceptical about the bank account number and amount spent on things… You’d need to get into their bank account to get that info and that is far from easy. Also illegal, so would they do it for an advert?

LikeLike
John Morales February 23, 20138:50 am Reply

oolon, you’re really quite naive, no?
(You thought it was real?)

LikeLike
Marcus Ranum February 24, 201311:39 pm Reply

you’d need to get into their bank account to get that info and that is far from easy
There are huge databases of compromised credit card numbers (and debit card numbers) out in the blacknets, keyed by first/last name and often address. So, it’s plausible. They were obviously setting that up just to be cute* and cool and I’m sure some of that was faked, but it actually would be straightforward. Another possibility is that the person who invited the people to participate tried to find out whether they were cardholders with the bank that made the video – in which case it would be a very easy check. But, whenever you hear about some credit card payment agency accidentally letting their database of 50 million credit cards go walkies – where do you think that data went? Not in the trash can.
(*It’s a crime to trade in that data, and I doubt a bank’s security people would do that for a video. Ergo, it was almost certainly faked.)

LikeLike
Marcus Ranum February 24, 201311:49 pm Reply

Actually, if they knew that the “victim” was an account-holder with their bank, they probably could do it under the exemption for operational security.
I also imagine that if I were trying to do a trick like that for real, you’d pick the marks that had a less common name, so there’d be cleaner hits for searches. If you were in the US (for example) and stuck to males of the right age to have served in the military prior to 2005 you could be pretty sure that if they’d served in the military you’d have their SS# from the VA’s big database leak. Given an SS# you can get bank information from the security department if you have a few other tidbits. I don’t know if you’ve done it lately but if you call the automated line nowadays many banks ask “Please verify the following recent charges: one on 2/11/2013 for $14.33 press 1 if this is correct…” so they’re not telling you “purchase from amazon.com” but the mark might fall for it if you had the exact dollar amount. I am guessing if you just stuck to marks with a fairly unusual name and hit Equifax and the renters and insurance databases you’d be able to tell them all kinds of impressive nuggets.
Psychic: “I see you’ve recently moved here. From Seattle? And now I see a street name where you live. Near a church?”
Mark: “OMG! I live on Church Street!”
If you paint a broad-brush picture, the mark will infer that you have the details.
But it’s an advert. It’s all a lie. It made its point effectively, but it’s a lie.

LikeLike