For five-plus years, members of the publishing industry have grown more and more distrustful as hundreds of unpublished book manuscripts appeared to be stolen and phished from emails. What’s made this more puzzling is that the entity (assumed a group because of the scale of the fraud) collecting these manuscripts never reached out to blackmail authors, publishers, or anyone. No investigations found these manuscripts on forums, public online marketplaces, or the dark web.
The last big story about this phenomenon came from Vulture‘s enthralling “The Spine Collector” story in late August 2021. However, The New York Times broke last week that the FBI arrested 29-year-old Simon & Schuster UK employee Filippo Bernardini at the JFK airport and indicted him on wire fraud and identity theft. Simon & Schuster suspended Bernardini, and the Department of Justice did not name the publisher in the indictment.
If it is Bernardini, how did he get away with it for so long?
Whether it is Bernardini and/or others, those who committed these crimes didn’t use any special software to do so. Instead, they laid out traps using phishing methods. The extraction was relatively simple, and a mistake anyone checking their email too quickly might miss.
They used fake email addresses with tweaked domain names. The DOJ alleges that Bernardini managed over 160 domains registered to achieve this. The indictment claims Bernardini used email addresses that replaced “m” with “rn” but didn’t clarify what company that domain was under. The NYT article uses @penguinrandornhouse.com vs. @penguinrandomhouse.com as an example.
In addition to images and domains looking familiar, the perpetrator (Bernardini or otherwise) would use industry jargon like “MS” for manuscript and “WEL” for world English language rights. Another phishing technique used was setting up imposter login pages and prompting users to reset expired or compromised passwords. (Reminder: This is why 2-Factor Authentification is so important!)
Often, people would find out what happened after it was too late. They’d follow up with the person they thought they were emailing over the phone or in-person conversation. On rare occasions, people would figure out that the phisher was not who they were pretending to be. For example, an assistant at a talent agency knew something was wrong because her boss would never say “please” or “thank you.”
Who were their victims, and why did they do this?
The titles chosen really ran the gamut. There were bestselling authors like Margaret Atwood, Sally Rooney, and Ethan Hawke, and there were debut authors (Like Kiley Reid) and indie titles. Fiction, nonfiction, poetry, short-story— nothing was safe, and nothing made it easier to pin down a person. The running theory among some in publishing was that this person was a literary scout. These scouts attempt to confirm information for adaptation (TV/movie or translation) deals.
As BookRiot pointed out, there was even an outlandish theory that North Korea was behind the stealing-unpublished-manuscripts operation. That theory is not just rooted in conspiracy and xenophobia, but this happened in the same span of time as the Sony leaks. It’s still laughable, but so is this entire situation to anyone not directly involved (authors, publishers, etc.).
why did the spine collector do it
— Twitter Books (@TwitterBooks) January 7, 2022
If it was Bernardini, we just might find an answer in the next few years, but in the meantime, someone get a film crew together stat because I want a documentary on this saga.
(via The New York Times, image: Disney.)
Want more stories like this? Become a subscriber and support the site!
—The Mary Sue has a strict comment policy that forbids, but is not limited to, personal insults toward anyone, hate speech, and trolling.—
Have a tip we should know? [email protected]