Feeds

T-Mobile and AT&T stung in $22m handset scam

Eight indicted in elaborate dealer fraud

Designing a Defense for Mobile Applications

Eight people have been indicted by a Brooklyn court for running a scam that involved dealers using customer details to order handsets, in a fraud worth $22m.

The charges allege that two of the defendants, who ran cellular dealerships in New York and Florida, picked up customer details from the network's databases, then used the details to impersonate those customers and order additional handsets, as well as making insurance claims for broken handsets. Deliveries were then either redirected en route, or simply sent to the defendants' addresses.

Got Wireless operated out of Brooklyn and was authorised with AT&T as well as T-Mobile, while KP Wireless was based in West Palm Beach, Florida, and only had access to T-Mobile's customer database. But the owners of both companies are accused of lifting customer details and then posing as those customers to buy additional handsets or make insurance claims for replacements.

The group apparently then bribed delivery drivers subcontracted by FedEx and DHL to intercept the packages, while other confederates scanned the boxes as having been successfully delivered.

UPS deliveries obviously presented more of a problem as they were sent directly to addresses connected to the defendants.

When customers called up to complain about the devices appearing on their bills, the operators just wrote off the amounts, which totalled (including shipping) $22m.

Catching the miscreants took a while, and apparently is "an example of the strategic partnerships between the Secret Service, the New York State Police, and our private sector partners", according to the Special Agent-in-Charge.

Dealer fraud is a big deal for mobile operators, though all the networks have been cracking down over the last few years, and steps such as the international database of stolen handsets help a lot.

The problem here is that dealers, by necessity, have access to exactly the information needed to impersonate the customer. Therefore the customer, and the network, are both required to trust the mobile-phone shop: which might worry anyone who has visited one. ®

HP ProLiant Gen8: Integrated lifecycle automation

More from The Register

next story
Scotland's BIG question: Will independence cost me my broadband?
They can take our lives, but they'll never take our SPECTRUM
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Bring back error correction, say Danish 'net boffins
We don't need no steenkin' TCP/IP retransmission and the congestion it causes
NBN Co adds apartments to FTTP rollout
Commercial trial locations to go live in September
Samsung Z Tizen OS mobe is post-phoned – this time for good?
Russian launch for Sammy's non-droid knocked back
Telstra to KILL 2G network by end of 2016
GSM now stands for Grave-Seeking-Mobile network
Seeking LTE expert to insert small cells into BT customers' places
Is this the first step to a FON-a-like 4G network?
What FTC lawsuit? T-Mobile US touts 10GB, $100 family-of-4 plan
Folks 'could use that money for more important things' says CEO Legere
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Application security programs and practises
Follow a few strategies and your organization can gain the full benefits of open source and the cloud without compromising the security of your applications.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Securing Web Applications Made Simple and Scalable
Learn how automated security testing can provide a simple and scalable way to protect your web applications.