Feeds

T-Mobile and AT&T stung in $22m handset scam

Eight indicted in elaborate dealer fraud

3 Big data security analytics techniques

Eight people have been indicted by a Brooklyn court for running a scam that involved dealers using customer details to order handsets, in a fraud worth $22m.

The charges allege that two of the defendants, who ran cellular dealerships in New York and Florida, picked up customer details from the network's databases, then used the details to impersonate those customers and order additional handsets, as well as making insurance claims for broken handsets. Deliveries were then either redirected en route, or simply sent to the defendants' addresses.

Got Wireless operated out of Brooklyn and was authorised with AT&T as well as T-Mobile, while KP Wireless was based in West Palm Beach, Florida, and only had access to T-Mobile's customer database. But the owners of both companies are accused of lifting customer details and then posing as those customers to buy additional handsets or make insurance claims for replacements.

The group apparently then bribed delivery drivers subcontracted by FedEx and DHL to intercept the packages, while other confederates scanned the boxes as having been successfully delivered.

UPS deliveries obviously presented more of a problem as they were sent directly to addresses connected to the defendants.

When customers called up to complain about the devices appearing on their bills, the operators just wrote off the amounts, which totalled (including shipping) $22m.

Catching the miscreants took a while, and apparently is "an example of the strategic partnerships between the Secret Service, the New York State Police, and our private sector partners", according to the Special Agent-in-Charge.

Dealer fraud is a big deal for mobile operators, though all the networks have been cracking down over the last few years, and steps such as the international database of stolen handsets help a lot.

The problem here is that dealers, by necessity, have access to exactly the information needed to impersonate the customer. Therefore the customer, and the network, are both required to trust the mobile-phone shop: which might worry anyone who has visited one. ®

Top three mobile application threats

More from The Register

next story
Virgin Media so, so SORRY for turning spam fire-hose on its punters
Hundreds of emails flood inboxes thanks to gaffe
A black box for your SUITCASE: Now your lost luggage can phone home – quite literally
Breakfast in London, lunch in NYC, and your clothes in Peru
AT&T threatens to pull out of FCC wireless auctions over purchase limits
Company wants ability to buy more spectrum space in auction
Turnbull leaves Australia's broadband blackspots in the dark
New Statement of Expectations to NBN Co offers get-out clauses for blackspot builds
Facebook claims 100 MEEELLION active users in India
Who needs China when you've got the next billion in your sights?
Facebook splats in-app chat, whacks brats into crack yakety-yak app
Jibber-jabbering addicts turfed out just as Zuck warned
Google looks to LTE and Wi-Fi to help it lube YouTube tubes
Bandwidth hogger needs tube embiggenment if it's to succeed
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.