The AFU and Urban Legend Archive Misc airport laptop theft Select a topic - - - - - - - - Home Searches AFU FAQ - - - - - - - - AFU Animals Books Celebrities Classic Collegiate Death Disney Drugs Food GIF Language Legal Medical Misc Movies Politics Products Religion Science Sex Songs TV - - - - - - - - Other sites

From: Bob.Hiebert@worldnet.REMOVE.att.net (Bob Hiebert )
Newsgroups: alt.folklore.urban
Subject: Laptop Thieves Part I - The UL
Date: Sat, 12 Apr 97 08:15:32 GMT

In December, 1996 I became intrigued with the story about laptops being stolen at airport x-ray machines, and I started looking into its origins. For a while I thought I was going to trace all the way back to the original source of the Urban Legend (UL). I did trace the UL launch point, but never managed to find my way back to the specific incident that was being reported. Along the way I found a lot of very interesting information. At least it was interesting to me. I hope you enjoy it half as much as I did investigating it.

Some of the facts have been discussed in alt.folklore.urban before, while other elements are new. There are really two stories here. First is the veracity of the actual tale about laptop thieves. That is the focus of this piece "Laptop Thieves Part I - The UL."

The second story is how the UL propagated and mutated. This was the part that I found most fascinating, for I believe that this UL could not have happened without the Internet. Because of the length of this post, and the fact that these would probably evolve into (at least) two unique threads, I have separated the second part into a post entitled "Laptop Thieves Part II - UL Propagation"

REVIEW OF THE UL

For those people that aren^Òt familiar with the UL, this story swept the Internet in the first 6 months of 1996. The story is told about how there is a "new scam" being run in airports. A team of thieves waits for someone to put their laptop computer on the x-ray conveyor belt. Then one member of the team steps in front of the victim and proceeds through the metal detector with a lot of metal in their pockets. While the victim is waiting their turn to go through the security point, another team member takes the laptop off the x-ray belt and gets away. One version of the UL says that the warning comes from the Federal Aviation Administration (FAA).

It could be argued that this is not a UL, but is the Internet equivalent of FAXlore. I believe that the combination of instillment of fear and the general vagueness of the threat qualify this as a UL. The retelling and mutation of the story that took place are also symptomatic of folklore. In any case, it is an interesting tale that has already demonstrated itself as being topical by the amount of traffic it generated on alt.folklore.urban.

ASSESSMENT OF THIS UL:

1. T - Teams of thieves delay travelers at airport x-rays machines and take the person^Òs laptop computer before the victim can get through the security checkpoint.
2. T - This "scam" is not as rampant as one would be led to believe by the stories that float around.
3. Tb - The FAA put out a warning about this problem

DEFENSE OF CLAIM 1&2 --

• T. Teams of thieves delay travelers at airport x-rays machines and take the person^Òs laptop computer before the victim can get through the security checkpoint.
• T. This "scam" is not as rampant as one would be led to believe by the stories that float around.

The story about delaying potential victims at the x-ray machine goes back a ways. The oldest cite I have was in the January 30, 1995 edition of The National Law Journal. Another version appeared in The Washington Post on March 05, 1995 (Sunday, Final Edition). A more specific version appeared in the September, 1995 edition of ASIA, INC. which can also be found in their on-line archives. This article is about how Asian travelers are targeted by airport thieves in general. It does provide a cite for the x-ray laptop theft against a particular Asian, though no name is given. The source of the story that caused all the excitement in 1996 wasn^Òt reported until around December 1995.

The large number of instances I found was leading me to believe that this probably has happened. They took place in various cities at different times, though that in and of itself is no clear indication of the story^Òs truth. A couple of more specific articles led to more conclusive proof. The September 14, 1995 edition of the Los Angeles Times quoted a person by the name of Kevin Coffey. In the article he described the scam in almost identical terms as the classic story that floated around the Internet in 1996.

Mr. Coffey was at that time a Los Angeles police detective who founded the airport crimes investigations detail of the Los Angeles Police Department. In his off-duty hours, he was the founder of Corporate Travel Safety, a travel safety consulting firm that provides seminars to businesses. At that time his client list included Motorola, Amgen and Atlantic Richfield.

Kevin Coffey was also quoted a year earlier in a related scam. From The San Francisco Examiner - April 10, 1994, Sunday; Fifth Edition:

        "Thieves know this and will follow right behind a traveler
        and grab his bag before it goes through on the conveyor 
        belt," says the security consultant.

I thought this was an interesting twist. Steal the bag before it even gets inside the x-ray machine.

Since then, Mr. Coffey appears to have gone into the security consulting business full time. I called him and got some additional information. According to Coffey, laptop thefts happen in general and do happen at the x-ray machine. However, he confirmed that this particular technique has gotten blown way out of proportion. It is more likely that personal property will be stolen at the ticket counter or in the waiting area by the gate. He mentioned that the thieves tend to specialize in one particular technique, so there are some that focus on the security checkpoint approach to bag-nabbing. I found an overwhelming amount of information available on the net about thieves in airports and the various techniques used to steal property. As I read the information I kept picturing Karl Malden peddling American Express traveler^Òs checks.

The thieves are not very discriminating. They steal ALL types of personal property. Sometimes that happens to be a laptop. Coffey cited one particular instance where they caught an individual that had taken personal property from 40-50 travelers using the x-ray security point method. Only a few of the items were laptops. Most of the items were purses.

One interesting related insight was that airport crimes are much more prevalent than are reported in the papers. As Coffey told me, "Crimes against travelers are bad for business." The tourism problems that the state of Florida faced after tourists were killed by car-jackers certainly supports this notion.

DEFENSE FOR CLAIM 3
- Tb - The FAA probably put out a warning about this technique

The story element that claimed the warning was from the FAA was in only a small percentage of the versions that I found. It has been reported in alt.folklore.urban that many people have tried unsuccessfully to track down anything from the FAA. I was also unable to find anything specific to the UL.

There is one FAA location that discusses a general concern with laptops getting stolen. This was in their Intercom employee communications e-zine from December 19, 1995. It is located at

http://www.faa.gov/APA/INTERCOM/1995/DEC19/dec19.htm

This is just a warning to employees to be careful with their stuff in airports during Christmas vacation, and doesn^Òt specifically mention the x-ray machine scam. I don^Òt believe it is the source of the FAA connection in the UL.

In my searches, I found one location that I believe validates the report on the FAA as a source. The Canonical "FAA source" version of the UL is at a site called AirportNet.

http://www.airportnet.org:80/depts/federal/compnew.htm

This is the web site for the American Association of Airport Executives. Their Federal Affairs site includes Airport Alerts, Airport Defense Fund Newsletters, legislation, AAAE testimony, letters to Congress, FAA regulations, Supreme Court cases, biographies of Members of Congress, and GAO reports. The page that holds the story lists "SOURCE: U.S. Federal Aviation Administration." It is included in such a way as to indicate that the FAA wrote the piece, and wasn^Òt just being quoted. Since reposting government data is a primary purpose of the website, that is a reasonable guess, and I wouldn^Òt classify this as a "U." However, a second source to confirm the story would be required before I would suggest taking off the "b".

That concludes Part I. In Part II I^Òll discuss how the UL propagated and mutated through the Internet. As I researched this story, it became more interesting to me than the UL itself.

No other restrictions apply.

From: Bob.Hiebert@worldnet.REMOVE.att.net (Bob Hiebert )
Newsgroups: alt.folklore.urban
Subject: Laptop Thieves Part II - UL Propagation
Date: Sat, 12 Apr 97 08:30:11 GMT

Part II is about how the UL got vectored around the world in just a couple of months. It^Òs also a little bit about how I tracked the information down. While it^Òs not Dashiell Hammett, its still a pretty good detective story (but then I^Òm probably just a little bit biased).

OVERVIEW OF VECTORS

One of the reasons I found this particular UL so interesting was that there were so many versions with the exact same wording. Every path I traced had the same warning. Without reprinting the entire piece, the relevant section is as follows:

*****begin extract*****

Recently, Brussels Airport security advised that one method involved the use of security x-ray machines. The first thief would precede the traveler through the security check point and then loiter around the area where the carry-on luggage had already been examined. When the traveler places his laptop computer onto the conveyer belt of the x-ray machine, the second thief would step in front of the traveler and set off the metal detector. While the traveler was being delayed, the first thief would remove the traveler^Òs laptop computer from the conveyer belt just after it had gone through the x-ray machine and quickly disappear.

******end extract*****

I tried to track down the appropriate people at the Brussels Airport to verify the source of this story. There is a website for the smaller Brussels Airport, but I couldn^Òt even track down any addresses for the larger airport. With this dead-end stopping me, I went after the individual vectors. There are three that I found.

1ST VECTOR - ROBINS AIR FORCE BASE, GEORGIA, USA The full text can be found at http://hercules.robins.af.mil/cio/laptop.htm The source of the story is cited as Army Material Command. Though I tried repeatedly to find out more details, no one would respond to my requests. This was a very quick dead end.

2ND VECTOR - US AIR FORCE NEWS SERVICE
http://www.af.mil/pa/Apr96/an042496_24apr96_960385.html

This article was in April of 1996, so it was late into the UL propagation. But its reference to Ramstein AFB in Germany led me to believe that *this* may be the link I was looking for to Brussels. The Air Force News Service directed me to the US Air Force Europe (USAFE) public affairs office. They have a pretty nice website with the exact same story archived from February of 1996 at:
http://www.usafe.af.mil -- Great Logo graphic here as well.

According to the USAFE Public Affairs Manager Capt. Lindsey Borg, the story was written using inputs "from several Air Force sources" with "the majority of the information...from our communications squadron here at Ramstein." This was the same 786th Communications Squadron called out in the news bulletin. I had already tried this avenue and did find some web locations for the 786th and Ramstein. However, I was unable to locate any contact points. This vector had come to a dead end.

3RD VECTOR - The Zmudzinski Connection (I like the Robert Ludlum sound of this)

Of all the original versions of the Stolen Laptop UL, the most prolific is the Tom Zmudzinski post. In fact, it was a copy of this that first showed up in alt.folklore.urban. I am not certain if it was the first posting of it in AFU, but on April 28, 1996, Mathew Wiener presented it in response to a Bo Bradham question regarding the issue. In this post, he also mentioned that he first saw it in comp.risks, RISKS vol 17, #67.

The Zmudzinski posting is everywhere on the net. I found a copies in the strangest places. One of the more peculiar was at a location in the National Institute of Health website. A healthy UL is a good thing. With the many dozens of locations this showed up, it looks like it was the spark that set the fire. At the very end of the Zmudzinski post was a phrase that those who follow Internet wildfires will recognize:

"3. Request widest dissemination of this correspondence."

Little did he know how much the Internet community would oblige. Like many Urban Legends, the origin comes from someone trying to do good. The impact of the propagation and mutation cannot be foreseen.

The final place that I found the downstream vector intact was in a couple of police websites. There is apparently a network of police communication where this information was shared. To give an example of "widest dissemination", the exact same information can be found at:

Spokane, Washington Police Department http://www.ior.com/`spd/laptop.htm

POLNET Police Website - Scotland - http://www.cqm.co.uk/polnet/home.htm

Having taken the downstream path as far as I cared to, I turned my attention back upstream; back to the source that had eluded me thus far. Mr. Zmudzinski had stated in his post that his source was a Mr. Buddy Guynn, and that Mr. Guynn^Òs source was the Army Material Command. That was consistent with the first Vector.

I contacted Mr. Zmudzinski who works for the US Air Force Defense Information Systems Agency (DISA). He referred to my Internet-based investigation as "computer archaeology" (a term I took an immediate liking to), and provided a lot of help. The original post was to the "Risks" forum moderator and to the C4I-PRO maillist. The original was sent out on January 24, 1996. This was the trigger event to the whole network explosion.

Mr. Zmudzinski then helped me to track down Mr. Buddy Guynn who was his original source. Mr. Guynn is also part of DISA, and more specifically is the Security Manager at the Defense Megacenter (DMC) at Maxwell Air Force Base in Montgomery, Alabama. He had originally put the story on the DISAlan internal bulletin board system in December of ^Ñ95 or early January ^Ñ96. This is where Tom Zmudzinski found the information.

Mr. Guynn turned my search in a completely new direction. He said his source was the National Counter Intelligence Center and not the Army Material Command.

I went to the National Counter Intelligence Center^Òs website. This is a very interesting place if you are into spy stuff. http://20.1.20.1/ Suddenly I was no longer dealing with the friendly world of airports (where I spend too much time already). I had been dropped into the world of espionage, and was reading about "bag ops" where the bad guys grab stuff from hotels and steal all the secrets from your computer. Wow! This was an unexpected turn. Unfortunately, nowhere could I find the link to the x-ray machine. My third and final dead end was reached. I had been certain that with three identical stories from three different sources I would be able to trace this UL^Òs origin to a single point. It was with a great sense of disappointment that I gave up my search for the original theft that was at the root of the story.

THE UL EVOLUTION
Starting in about April of 1996 a lot of articles started appearing about the x-ray machine laptop scam. These were no longer the original story, but were just a retelling of the warning. They showed up in on-line magazines, travel agency websites, and many many other places. It was the signal that the UL had reached full force and was spreading at a whirlwind rate.

I believe that without the Internet this UL would never have gained momentum. While the threat is serious, it doesn^Òt affect a broad audience. The people it does affect, however, are all computer users, so it hit home with the computer community and spread through the computer users^Ò normal communication channels. The other element that was key to the propagation was credibility. All the early sources were either government or police organizations. There was motive, method, and opportunity. The rest was probably inevitable.

SUMMARY AND CONCLUSIONS

The Internet is changing the way that ULs propagate. It speeds the distribution up, but slows the mutation down, at least in terms of mutation per "transaction." The speed with which someone can quote verbatim what they just read, dwarfs the classic word of mouth and more recent FAXlore modes of transmission. Because it was about computers it maybe the second generation of ULs to be exclusively transmitted by computers. The first would have to be the computer virus ULs.

This particular UL may never show up in this form again, though that was probably said about Craig Shergold, Stolen Kidneys, etc. As a minimum it has been assimilated into the collective conscience of the community as one of those "facts" that everyone "just knows." The truth is, you should be careful in airports. People are out to get you. If all you worry about is the x-ray machine, they^Òll probably get you at the ticket counter.

On April 22, 1996 a Business Wire story relayed the Stolen Laptop UL. It gave its source as Road Warrior Outpost of Fountain Valley, California, an Internet resource for portable computer users. Kevin Prince, a vice president for the firm, provided a quote that holds a certain irony:

"It shows that the Internet can be used to immediately convey important information to a subscriber list, much faster than traditional mail could have done, and at much lower cost."

A slightly different perspective is provided by Buddy Guynn who told me, "...save some time and forget the Internet study. It is an unsafe, not secure, not to be trusted system. Use the Post Office and a $.32 stamp."

I say, "It is the best of times, it...well, it^Òs Good Times."

Bob Hiebert
Correspondent at Large
Special Investigation Unit
AFU, Inc.

SPECIAL THANKS TO
Barbara Mikkelson for locating transcripts of the newspaper articles cited.

Tom Zmudzinski and Buddy Guynn for digging deep in their memories and having a good sense of humor.
Kevin Coffey for taking time out from business to provide some real facts from the real world.
Lots of other people too numerous to mention.

Copyright 1997 by Bob Hiebert.
The author grants rights to anyone pursuing the research of Urban Legends that they may reprint this article in whole or in part as long as all brown M&Ms are removed.

No other restrictions apply.

From: bradham@panix.com (Bo Bradham)
Newsgroups: alt.folklore.urban
Subject: Re: Laptop Thieves Part I - The UL
Date: 15 Apr 1997 13:36:52 -0400

Bob Hiebert <Bob.Hiebert@worldnet.REMOVE.att.net> wrote: >In December, 1996 I became intrigued with the story about laptops being
>stolen at airport x-ray machines, and I started looking into its origins.

This is a great piece of work. I don't want the fact that I have a bone of contention with one aspect of it to take away from that.

>DEFENSE FOR CLAIM 3
>- Tb - The FAA probably put out a warning about this technique
>
>The story element that claimed the warning was from the FAA was in only a
>small percentage of the versions that I found.

I don't know what you mean by small percentage, but I recall the FAA connection being a key part of the warning when it first started appearing in afu. The typical version contained this information:
SOURCE:
U.S. Federal Aviation Administration
Captain Terry Bowman Chief, Technology Integration; Secretary of the Air
Force; Office of Public Affairs
(703) 695-****

Some of the non-email versions did not carry that, like the ones which showed up in various newsletters. But even most of them, as I recall, invoked the name of the FAA.

> It has been reported in
>alt.folklore.urban that many people have tried unsuccessfully to track down
>anything from the FAA. I was also unable to find anything specific to the
>UL.

I'm one of them. When this topic was current I looked at FAA's web site and saw many many press releases but nothing about this.

>In my searches, I found one location that I believe validates the report on
>the FAA as a source. The Canonical "FAA source" version of the UL is at a
>site called AirportNet.
>
>http://www.airportnet.org:80/depts/federal/compnew.htm

That same site has their May 1995 newsletter at http://www.airportnet.org/depts/publicat/security/ssnl595.htm It contains the following, not attributed to FAA: "Thieves know that people arriving or departing from airports are likely to be carrying cash, traveler's checks, credit cards, a passport (which can bring up to $30,000 on the black market in some countries), cameras and other valuable articles," Business Traveler International recently reported after a survey of business travelers.

Passengers should be on guard for such "hazards" as: [blah blah blah]
* other thieves who distract by clogging the security check line, blocking your way so that they can walk with the briefcase or purse you have sent ahead through the x-ray machine. Typically, they carry metal objects in various pockets so that they must pass through the metal detector two or three times. Wait until you are next in line before placing your carry-ons on the conveyer belt, the magazine advises.
--end quote--

I included that bit because it describes the x-ray scam, but predates the "FAA travel alert" by some months.

>This is the web site for the American Association of Airport Executives.
>...The page that holds the story lists "SOURCE: U.S. Federal
>Aviation Administration." It is included in such a way as to indicate that
>the FAA wrote the piece, and wasn^Òt just being quoted. Since reposting
>government data is a primary purpose of the website, that is a reasonable
>guess, and I wouldn^Òt classify this as a "U." However, a second source to
>confirm the story would be required before I would suggest taking off the
>"b".

It's equally likely that airport.net got the warning thru the folkloric channels, and instead of saying "we got this in e-mail" they credited it to the FAA, which was part of the folklore. If FAA had issued such a warning I'd really expect to see it on FAA's web site.

Is there a date attached to airport.net's "FAA" warning? It is indeed the canonical "this is becoming widesread" version. But when did airpost.net post it? And where did they really get it? (when I find that page via altavista it shows a date of 6 Mar. 97 but I'm not sure what that means.)

And what's up with the whole Capt Bowman connection? Why is an Air Force captain's name and phone number listed in what is supposed to be an FAA-issued warning?

Which reminds me. Isn't there some sort of Shergold award we can give Capt. Bowman for being immortalized in folklore?

I hate to sound stingy but I'm not in favor of the "T" part of that Tb evaluation.

Bo Bradham