Destroying Lives For Profit

Check out this amazing and terrifying story in The Intercept about a lawyer whose life is being systematically destroyed by a large corporation.

“Chevron has hired private investigators to track Donziger, created a publication to smear him, and put together a legal team of hundreds of lawyers from 60 firms, who have successfully pursued an extraordinary campaign against him. As a result, Donziger has been disbarred and his bank accounts have been frozen. He now has a lien on his apartment, faces exorbitant fines, and has been prohibited from earning money. As of August, a court has seized his passport and put him on house arrest. Chevron, which has a market capitalization of $228 billion, has the funds to continue targeting Donziger for as long as it chooses.”

What did he do to piss them off? He helped tens of thousand of Ecuadorian farmers to successfully sue Chevron over contamination of their lands. They were fined $18 billion – and then refused to pay up.

It’s a stark warning about what can happen if you try to take down a corporation by yourself.

Disclaimer: I’m not saying these people are psychopaths. But this is the kind of behaviour we should expect from psychopaths and psychopathic organisational cultures.

Protecting whistleblowers from psychopaths

I mention in the book that the way a company treats whistleblowers is a good indication of how psychopathic its culture has become. Investment fund Blue Sky allegedly fired one of their managers when he spoke out internally about shady practices.

People who speak up about their ethical concerns should be highly valued by organisations, not punished. They are the canary in the coal mine. But to a psychopathic culture, they are perceived as a threat, not a tuning fork.

We need legislation that makes it extremely difficult for organisations to punish whistleblowers. One way to limit the power of psychopaths is to make it less dangerous for the rest of us to call them out on their bullshit.

TMZ Seems Psychopathic To Me

Someone in management at TMZ, it would seem, made the decision to leak the news about Kobe Bryant’s death, knowing that it was quite likely his family would hear about it from a gossip site before being contacted by the police. Imagine that scenario. A friend of the family calls and asks “is it true?” “Is what true?” you ask. When they tell you the rumour, you frantically try to call your husband. He doesn’t answer. You try your daughter. SHE doesn’t answer either. What a horror story.

What kind of person would willingly do that to someone in the name of being first to market and therefore getting some additional profit?

Disclaimer: I’m not saying these people are psychopaths. But this is the kind of behaviour we should expect from psychopaths and psychopathic organisational cultures.

The Wells Fargo Culture

In my book, The Psychopath Epidemic, I talk about how psychopaths in power can influence entire organisational cultures to become psychopathic. Even societies can become psychopathic (for example, Germany in the 1930s and the United States today).

Organisational cultures can become psychopathic to such an extent that the behaviours that should be shunned in fact become something they are proud of.

John Stumpf, the ex-CEO of Wells Fargo, presided over massive consumer fraud. The bank opened two million checking and credit-card bank accounts without the consent of its customers. He didn’t go to jail. But he did get a fine that he could easily afford and a “strongly worded critical letter“… so that’s something, I guess.

As a young man, one of his first jobs was as a repossession agent. Having worked as one of those myself when I was about the same age, it’s a profession well suited to psychopaths. I hated it. It was soul destroying.

Stumpf was known for his folksy sayings:

“When we hire somebody around here, we want to know how much you care, before we care how much you know,” he says, without the slightest hint of irony as we sit with him at his San Francisco office. “We call our employees team members, not employees. Employees denote an expense to be managed. Team members are an asset to be invested in.”

Wells Fargo: The Bank That Works, Forbes, Jan 25, 2012

In this same Forbes article from 2012, they talk about what a heartwarming departure he was from other banking executives:

All of Wells Fargo’s 264,200 “team members” receive a 37-page book, Vision & Values signed by Stumpf, full of warmed-over prescriptions for how to behave, treat customers and, above all, increase revenue. But in a field where sayings like “every man for himself” and “eat what you kill” have led to blunders of historic scale, it’s also a welcome departure.

Wells Fargo: The Bank That Works, Forbes, Jan 25, 2012

Which I guess just goes to show that we should never believe corporate PR.

Disclaimer: I’m not suggesting Stumpf or any Wells Fargo people are psychopaths. But this is the kind of behaviour we should expect from psychopaths and psychopathic organisational cultures.

PS: Warren Buffett’s Berkshire Hathaway are the biggest shareholder in Wells Fargo. Charlie Munger, Buffett’s partner, calls what happened at Wells a “blind spot”. Warren referred to it as a “big mistake“. As listeners of our investing podcast, QAV, would know, I’m a big fan of both Buffett and Munger, certainly as investors, and they have a reputation for very high ethical standards. And I don’t expect investors to be responsible for corporate culture of the companies they invest in. But it’s disappointing to hear them dismiss this kind of behaviour as just big mistakes and blind spots.

Cum-ex Psychopaths

The financial services industry is reputed to be over-represented with psychopaths. In my book I talk about the recent Australia Banking Royal Commission as one example of how the industry seems to attract them en masse. It’s hard to read this story about “cum-ex” fraud without thinking a lot of the people tied up in it, including the lawyers, might be psychopaths.

One of the German lawyers involved in stealing tens of billions of dollars from public treasuries reputedly said:

“Whoever has a problem with the fact that because of our work there are fewer kindergartens being built,” Dr. Berger reportedly said, “here’s the door.”

This is why I argue that the number one thing we can do to stop psychopaths from destroying the world is to implement psychopath tests of all managers across all kinds of organisations.

No half measures

One of the guys who created the CIA torture program says that waterboarding a prisoner, who has been held in jail for 13 years and never charged with a crime, over 80 times, only “verged” on breaking the law. Gee, I’d hate to see what ACTUALLY breaking the law looks like.

Imagine what kind of person you have to be to get paid $80 million to design a torture program.

Recovering From A Bank Hack

One of the downsides of technology is that it makes it easier for bad people in distant lands to do bad things. A couple of years ago we got hacked and learned some good security lessons as a result. They might help you avoid finding yourself in a similar situation.

The Backstory:

A couple of years ago, my mobile phone number and Chrissy’s mobile phone number were both fraudulently ported to another carrier – meaning somebody set up fake accounts with a phone carrier in our names, then requested that new carrier transfer our numbers over from our existing carrier. This is known as “number portability” and was set up years ago to make it easy for people to change service providers. Of course when they did that, nobody foresaw the day when mobile numbers would be used as authentication for bank accounts, etc. All they needed to provide to port our numbers was our mobile number, name, DOB and address. Pretty easy information to get, especially if they have access to your Facebook profile, etc. The number gets ported over to the new carrier within minutes and our phones were left with “SOS Only”. No signal. No carrier. If you’re lucky, you get a SMS message just before it happens. Chrissy got one – I didn’t. But it wouldn’t have mattered anyway, because we were camping and didn’t have much reception.

Once the hackers have access to your phone number, then any account where you have 2-factor authentication (2FA) connected to that number (eg bank accounts, email accounts, Dropbox, any cloud service) can be lost minutes later. The process is simple. They try to login to your online account (which requires them to know your email address or bank account number) – and check the “Forgot Password” box. That generates a six digit code which is sent to the mobile number as a text. They enter that number online and then create a new password. They can also change the email address on the account, the security questions, etc. And, of course, empty the bank accounts – which is what they did to us.

They also took over a couple of my email accounts which, of course, they use to try to find out things like your bank account number, family details (birthdays, names, passport numbers, etc). All of which they can use for further identity theft. All of this took a few minutes from start to finish.

Fortunately we got our money back quickly (although I had to play hardball with the bank). We also got our mobile numbers back, that took a few days. And with those I could retrieve the lost email accounts.

So that’s how it happens. Here’s what I did afterwards to try to prevent it happening again.

  1. Remove my public mobile number from all forms of 2FA.
  2. Where possible, use a physical security token for 2FA for things like bank accounts. I set up new accounts with a new bank, got tokens on our accounts, and locked the accounts down so the token is required for every login. It means always having the token on my person but that’s a small price to pay.
  3. Where a physical token isn’t possible, try to use a Time-based One-Time Password algorithm (TOTP) authentication app, like Google Authenticator. It works for Gmail, Dropbox, Evernote, Stripe, Facebook, Twitter, PayPal, etc. You need to provide a six digit code for every login and that code is provided the app on your phone (not the mobile number on the phone). An alternative is something like Yubikey, a USB-based physical token but support for Yubikey isn’t widespread yet.
  4. Where I can’t use a physical token or GA, I have set up a separate, totally secret mobile number. It’s on a SIM card which is sitting in an old iPhone 4 I had lying around which surprisingly still works. It’s only purpose now is to receive 2FA texts. The number will never be made public and therefore should be difficult to fraudulently port.

Hope you find that useful. I highly recommend setting something like this up. ID Fraud is apparently a lot larger (and easier) than I previously understood.

Do you think Trump is a psychopath?

As part of World Psychopath Day, we’re taking a poll on how many people think Donald Trump might be a psychopath.

Of course, this doesn’t suggest he *is* clinically diagnosed as a psychopath, it’s just a measure of public opinion.

And don’t forget to buy a copy of my new book The Psychopath Epidemic, out now!

Cameron Reilly's Psychopath Hunters

If you want to receive updates on my efforts to put together a global force of psychopath hunters, as well as news about my books, films, podcasts, public appearances or notification of my ultimate demise, please sign up to this newsletter.