Feeds

T-Mobile and AT&T stung in $22m handset scam

Eight indicted in elaborate dealer fraud

Internet Security Threat Report 2014

Eight people have been indicted by a Brooklyn court for running a scam that involved dealers using customer details to order handsets, in a fraud worth $22m.

The charges allege that two of the defendants, who ran cellular dealerships in New York and Florida, picked up customer details from the network's databases, then used the details to impersonate those customers and order additional handsets, as well as making insurance claims for broken handsets. Deliveries were then either redirected en route, or simply sent to the defendants' addresses.

Got Wireless operated out of Brooklyn and was authorised with AT&T as well as T-Mobile, while KP Wireless was based in West Palm Beach, Florida, and only had access to T-Mobile's customer database. But the owners of both companies are accused of lifting customer details and then posing as those customers to buy additional handsets or make insurance claims for replacements.

The group apparently then bribed delivery drivers subcontracted by FedEx and DHL to intercept the packages, while other confederates scanned the boxes as having been successfully delivered.

UPS deliveries obviously presented more of a problem as they were sent directly to addresses connected to the defendants.

When customers called up to complain about the devices appearing on their bills, the operators just wrote off the amounts, which totalled (including shipping) $22m.

Catching the miscreants took a while, and apparently is "an example of the strategic partnerships between the Secret Service, the New York State Police, and our private sector partners", according to the Special Agent-in-Charge.

Dealer fraud is a big deal for mobile operators, though all the networks have been cracking down over the last few years, and steps such as the international database of stolen handsets help a lot.

The problem here is that dealers, by necessity, have access to exactly the information needed to impersonate the customer. Therefore the customer, and the network, are both required to trust the mobile-phone shop: which might worry anyone who has visited one. ®

Business security measures using SSL

More from The Register

next story
Brit telcos warn Scots that voting Yes could lead to HEFTY bills
BT and Co: Independence vote likely to mean 'increased costs'
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Blockbuster book lays out the first 20 years of the Smartphone Wars
Symbian's David Wood bares all. Not for the faint hearted
Bonking with Apple has POUNDED mobe operators' wallets
... into submission. Weve squeals, ditches payment plans
This flashlight app requires: Your contacts list, identity, access to your camera...
Who us, dodgy? Vast majority of mobile apps fail privacy test
Apple Watch will CONQUER smartwatch world – analysts
After Applelocalypse, other wristputers will get stuck in
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.