Identity Theft and Cell Phones

Recently there have been identity thefts with the use of “credit mules” posing as new or existing cell contract costumers. These posing consumers scammed thousands of free or subsidized phones from AT&T, Verizon, T-Mobile, etc.

According to previous lawsuits, in Taylor, Michigan U.S. Secret Service agents witnessed a few individuals walking with iPhone boxes and cell phone shopping bags into a store run by iBuy Express inc. After leaving the store, the individuals left the store without their boxes and bags. They only came out with loads of money in their pockets. After witnessing this, the agents looked into the store’s garbage and found receipts, bags, and empty boxes from AT&T, Verizon, Apple, Best Buy, and Radioshack. According to the suit, these credit mules scammed subsidized phones by using stolen IDs to sign new 2-year contracts with multiple carriers. This is a type of social engineering where they would pose as a fake customer and use the stolen IDs to gain access on these private phone plans and completely taking control of it.

In my opinion this could be very well achieved by anyone who gains access to cellular data from another individual. They may very well go through your trash and find phone receipts and personal contract information.

Sources: http://www.forbes.com/sites/janetnovack/2013/09/24/id-theft-ring-scammed-thousands-of-cell-phones-from-verizon-att-apple/

Advertisements

3 thoughts on “Identity Theft and Cell Phones

  1. This is an interesting article. Although some of the information provided is vague, I’m still thinking about the investigative discovery – finding receipts and empty boxes in the trash container. Unless there was some sort of exchange program, perhaps the clients whom returned the boxes, contained credit information written on a piece of paper.

    The customer would go into the store, making a claim that their Apple device (or other smart device) was damaged, and they wanted to make a refund. Prior to the exchange, they would collect information such as: Is the store doing an exchange program, does the company reimburse for personally damaged or lost items, or does the customer need to supply some form of identification to verify the credit information?

    If the customer was clever enough, they could understand that fake credit cards can be made, with a stolen credit number embossed onto the card. If the card is swiped on POS, it wont work, but will then prompt a representative to enter the card number into the computer. These are just theories that could possibly work, but I’m still trying to figure out how this happened.

  2. It seems to me as if scam artists are always searching for new ways to break the system, and this is just another way in which they do it. I have never heard of such a process, but it is interesting to see how easy this article makes this exchange out to be. In my past experience with wireless distributors, I have been given quite a difficult time from these types of stores for simply wishing to upgrade my plan, so I wonder how thorough these ID thiefs must have been in order to gain access to these subsidized phone plans. Apart from that, this plan is rather clever, mainly because many cell phones that are free of charge with a new two-year plan still have a high technological and monetary value, even if they are looked upon as out-of-date. Take the IPhone 4, for example. With all of the new models of this device being released, Verizon wireless has made this model free when signing up for a two-year plan. Although this is certainly an older model of the IPhone, these scam artists can still earn quite a pretty penny when exchanging these new devices for cash.

  3. And this is why I mentioned in the past, “A good way to prevent this from happening is looking at some of the vulnerabilities in the system, and tightening them further, so there is little”. I’m not sure whether or not it is possible to remove sensitive information from bar codes, but maybe there is a better way to tighten this sort of vulnerability, so that people as such would need to provide valid identification and/or the previous owners’ information from the box cannot be collected once disposed.

Comments are closed.