Caught Off Guard: A Q&A with Frank Abagnale Jr.

As a young man, Frank Abagnale Jr. successfully impersonated an airline pilot, a lawyer and a doctor, and cashed hundreds of thousands of dollars’ worth of fraudulent checks before his arrest and imprisonment.

But Abagnale, whose escapades were dramatized in the 2002 Leonardo DiCaprio film “Catch Me If You Can,” went on to help the FBI investigate other scams and con artists. He eventually became an expert on embezzlement, forgery and fraud prevention and a sought-after consultant for major banks, corporations and government agencies.

Recently, he teamed up with AARP and its Fraud Watch Network to educate consumers on how to protect themselves against fraud and identity theft.

In an interview with City & State’s Jon Lentz, Abagnale discussed whether the film accurately portrayed his life, how much the U.S. government is losing to fraud and why he never uses a debit card. 

The following is an edited transcript.

City & State: Most people only know about you through the movie “Catch Me If You Can.” What is the biggest difference between that depiction of you and what actually happened?  

Frank Abagnale Jr.: I wasn’t really involved in the movie, but I thought Steven Spielberg did a good job. I was one of four children – he said I was an only child. My mother never remarried, and in the movie he had her married and there was a little girl at Christmastime in the window – that didn’t exist. I escaped off the aircraft through the service doors where they bring on the food and drinks, and he had me escape through the toilet. But other than that, I think he stayed pretty close to the story. The three FBI agents, they were retired, and he was smart enough to bring them on the set during the entire filming and got a lot of advice from them about when they were chasing me. He went out of his way to stay as close to the story as he could, but he did change some minor things. He told me the whole purpose for him was he loved the redemption side of my story, that I did those things, then spent 40 years with the FBI. My son’s an FBI agent and I’ve been married for 39 years. That’s why he wanted to tell the whole story.

C&S: Tom Hanks’ character, Carl Hanratty, was loosely based on a real FBI agent named Joe Shea. Did you stay in touch with him?

FA: Absolutely. We were friends for almost 30 years. He died just a few years ago. When I wrote my last book, “Stealing Your Life,” I dedicated the book to him and our relationship. He had two daughters that I stayed very close with.

C&S: You’ve recently partnered with AARP’s Fraud Watch Network. How did that come about?

FA: This was a unique opportunity for me and one of the reasons I agreed to it is I’ve spent my entire 40-year career speaking to banks and corporations and Fortune 500 companies about cybercrime and fraud, embezzlement, check forgery, identity theft, but very rarely do I ever have the opportunity to speak to a room of consumers, people who really need to know how to protect themselves and their families. I’ve written five books, some of them business-related, some consumer-related, but no bank is going to bring me in to speak to their checking account customers. AARP approached me and said, look, we don’t want to sell anything, there’s no fee to come, we simply provide refreshments, we open the door to as many people as want to come, we just want you to come and give your expertise on helping these people protect their identities. That’s why I agreed to do it, and it’s been great so far.

C&S: It’s no longer surprising to hear about security breaches at major U.S. companies and banks, like JPMorgan, Sony and Target. Just this week a breach at Blue Cross Blue Shield was in the news. How worried should consumers be?

FA: Very worried. First of all, please understand that every breach occurs because somebody in that company did something they weren’t supposed to – took a laptop home they shouldn’t have taken home, went online where they shouldn’t have gone online, read an email they shouldn’t have read. Basically the hackers simply wait for doors to open. Someone like Chase Bank spends $250 million a year just on software to keep those types of people out. However, they employ 200,000 people. So somewhere along the line, somebody is going to do something they’re not supposed to do, and so they wait for that door to open. That’s why during the month of October I’m out a lot speaking to these companies’ employees directly to make them aware how important their job is of keeping that information safe.

We have the technology to keep them out. For example, the Office of Personnel Management has had three or four breaches before. They were told they were going to have those breaches. They were told to fix the problem. They never fixed the problem. And they ended up with 21 million federal employees’ identities stolen and 1.2 million fingerprints of federal employees. These things can be prevented, but companies have to teach and educate their people about how important it is to protect that information. They don’t do a very good job. Certainly the government does a worse job than the private sector does.

C&S: How is the U.S. government doing in responding to cyberattacks?

FA: This is the area where I spend most of my time, so let me give you a few agencies off the top of my head. In 2014, Medicare and Medicaid paid out $100 billion in fraudulent claims. That’s 10 percent of their combined budgets. The IRS paid out $5.6 billion of the taxpayers’ money to people who filed using someone else’s Social Security number. We have $7.7 billion in unemployment fraud. And it goes on and on. I used to tell people I used to work in the millions and now I only work in the billions, and what’s amazing is the amount of money the government gives away to criminals every year. A lot of these criminals don’t even live here. There are criminals in the Eastern bloc countries, criminals who live in Russia or China, but when you sit there and say that the IRS mailed 1,100 refunds to the same address in Lithuania – you want to say, you don’t have some software in place that would have caught that in the mail room or some basic software that would have caught that? My experience has been this: If I go into a company and they bring me in because they feel they have a problem and I say to them, here’s your problem, you have a loophole right here, if you don’t close the loophole, people are going to be able to do this. I leave there and they tell me by 6 o’clock tonight you can rest assured coast to coast we’ll have closed this loophole. If I go into a government agency and say, you know, you have a loophole here, and this is a problem, if you don’t close the loophole you’re going to have a breach  – ah, OK, thanks. They never do anything about it. It’s very frustrating when it comes to the government, but I don’t think the taxpayers are aware – and I’m just giving you a few agencies, forget about state government, city agencies – how many billions of dollars of taxpayer money they give away, which is totally unnecessary. As I point out to them, if you cut that just 25 percent, that’s billions of dollars that can go back to build roads, to build schools, to feed the homeless. There’s so many more things you could do with that money than giving it to criminals that don’t even live in this country that are perpetrating these crimes.

C&S: I just took your online “Catch the Con” quiz, and I got most of the questions wrong. How much do people need to be educated on these issues?

FA: They absolutely need to be educated. You can’t scam and you can’t con a dishonest person. They’re going to see it coming. Fortunately, the majority of people in our country are honest, and because they’re honest they don’t think in a deceptive way. So when someone sends them an email or gives them a phone call – it’s election time coming up next year, we’re raising money for this particular candidate, do you want to put it on your Visa card? They don’t stop to say, wait, is this real, or is somebody just getting money on my credit card? They don’t think that the scam is there, and that’s basically because they’re honest. And there aren’t a lot of places to go if you’re a consumer to protect yourself from these simple scams. But I’ve found in my entire career that if you go out and educate people and say these are the scams, these are how they work and this is what you do to protect yourself – I have nothing to sell, I sell no products, I provide no services, so I’m not telling them to go buy anything – I simply say to them, just follow these steps and you’ll protect yourself from being victimized by these crimes, they’re smart enough to go do it. But they need somebody to tell them how to do it. The government doesn’t do a good job. Years ago we used to have public service ads and bank statement stuffers with all these tips. You don’t see that anymore. So consequently the consumer doesn’t even know where to go to get the right information.

C&S: One simple thing you recommend is to use credit cards instead of debit cards. Why?

FA: The credit card is truly the safest form of payment that exists on the face of the earth, whether it’s Visa, MasterCard, American Express, Discover Card. That’s what I do. I don’t have a debit card. I’ve never owned a debit card. I have three grown sons and I’ve never allowed them to have a debit card. Every day of my life I spend the credit card’s money. I go to the dry cleaner, I swipe the card to get groceries, I swipe the card to put fuel in my boat, I travel, I swipe the card. If someone looks over my shoulder, and I’ll do everything I can to make sure they don’t, but if someone gets my number and charges $1 million on my credit card tomorrow, by federal law my liability is zero. I have no liability. When I use my credit card and I pay the bill every month, my credit score goes up, so I build credit. When I use a credit card I get points for restaurants, airline travel.

When I use a debit card, every time I pull the debit card out I’m exposing the money in my account. If they steal any money, they’re stealing it from my bank account and taking my money. I could use a debit card for the next 10 years, it’s not going to raise my credit score by one point. We have a lot of young people who see the debit card as convenience. So they go to college for four years, they come out, they get a job, they apply for an apartment, and the landlord says, “Son, you don’t have any credit. You don’t even have a credit file at the credit bureau. So you’re going to have to get your parents to co-sign the lease.”

When we had all these breaches, Target, T.J.Maxx, the people who had a debit card waited sometimes as much as two months to get their money back, and Home Depot as long as six months to a year while they said they were investigating. Well, that was your money in your bank account, you needed that money. Everyone who had a credit card said, no, they just canceled my card and three days later I got a new card in the mail and went on about my business. It’s a very simple thing, if you got a statement tomorrow from your credit card company and there were three airline tickets on there for $6,000, you’d call them and say, I didn’t buy these tickets, it had nothing to do with me, and I’m deducting the $6,000 from the balance you say I owe and I’ll remit the balance. If you have a problem, you can send me an affidavit. But if it’s your debit card, you’re now trying to say to the bank, look, I didn’t do this, you need to put the $6,000 back in my account, I need that money to pay my mortgage, pay my car note. Well, we’re investigating it. Yeah, but I need my money now. So it is a much simpler, easier way to just use a credit card.

C&S: Anything else?

FA: I’m out giving this tour for AARP, and these are people probably 50, 55, 60 years old – myself, I’m 67. Yes, I’m very concerned about the elderly, but when we really talk about identity theft, the real victims here are children. If you were selling me identities right now and you were sitting in my hotel room, and said here’s the first one, this guy’s a multimillionaire who owns real estate all over New York, he has all kinds of bank accounts, he’s 60 years old. How much will you give me for him? Well, let me see, who’s the other guy? He’s a 14-year-old boy, goes to school in New Rochelle, New York, he’s just a student. I’ll take the student – every time. Because a child has no credit, and the child is not likely to seek credit for many years. So I can steal the identity of a 2-year-old, I can be that 2-year-old for a long period of time before anyone ever finds out that I’ve stolen that 2-year-old’s identity. That’s why on the black market a 2-year-old’s identity sells for a lot more than a 14-year-old’s, simply because you have a lot longer to sell it. So while I am concerned about the elderly, I’m very concerned about children’s identities and parents making sure that they’re protecting their children’s identities as well.