Caller ID Spoofing aided international identity theft ring

June 1st, 2009 Joanne Palmer

Until you lose your identity, you may not realize just how precious it is.

Some 6,000 people were jolted by this shocking reality when they fell victim to one of the largest international identity theft and credit card fraud rings in recent history.

The unraveling of this multi-million dollar scam began in September, 2007 when a package delivered to an employee of a  real estate office was opened by the owner of the office.  Upon finding 60 valid credit cards inside the package, the owner reported the find to law enforcement authorities who – with aroused suspicions – began a nearly two year investigation, involving electronic eavesdropping, physical surveillance and the translation of thousands of conversations and e-mails.

The investigation was revealed when forty-five indictments were handed down last month to individuals alleged to have stolen the credit cards and personal credit information of thousands of hapless victims.  The defendants are accused of shipping stolen or illegally obtained credit cards to buyers around the world.  The fraud, estimated at a staggering $12 million, hit individuals across the United States and Canada.

While announcing the bust, Queens Distrct Attorney Richard A. Brown said, “Our investigation reveals that – in terms of just the sheer number of people indicted – this is one of the largest identity theft networks uncovered in recent history and is just possibly the tip of a much larger global credit card trafficking operation.  Besides draining the bank accounts of individuals throughout North America, we believe that the defendants – some of whom live in California, Illinois, Maryland, Pennsylvania and Toronto – also shipped stolen or fraudulently obtained credit cards to buyers around the world and that purchases were made in such far-off places as Japan, Saudi Arabia and Dubai.”

New York City Police Commissioner Raymond W. Kelly and Brown said the ring was made up of three enterprises working together.  Commissioner Kelly said, “When these suspects said ‘charge it’ they stole more than cash and goods.  They robbed unsuspecting victims of their identities too.  This was a sophisticated crime ring which met its just end through painstaking investigation by NYPD detectives and unstinting support by Queens prosecutors.”

As part of the identity theft ring’s operation, a simple, easy-to-obtain and inexpensive technique called Caller ID Spoofing enabled the suspects to defraud the victims and their banks and credit card companies.  Caller ID Spoofing changes the number appearing on Caller ID and some providers of Caller ID Spoofing also provide services that can alter the caller’s voice to such an extent that a man can sound like a woman and vice-versa.

Legitimate uses of Caller ID Spoofing and SpoofCards purportedly enable professionals such as doctors and attorneys to protect their cell phone numbers.  However, in the hands of the defendants named in the indictments, Caller ID Spoofing allowed the defendants to impersonate legitimate credit card account holders by pretending to be calling the account holders financial institution.  Brown went on to explain, “SpoofCards are virtually untraceable and can be used by identity thieves and hackers to pose as government and financial entities as a means to unscrupulously obtain personal information from unsuspecting consumers.”

To acquire the credit cards three methods were used. Cards were either fraudulently taken over, fraudulently opened or intercepted in the mail.  Once the thieves had the stolen cards, all they had to do was visit the nearest ATM machine.  ID mills produced bogus back-up identification materials, such as driver’s licenses, to enable the suspects to present the cards to bank tellers and withdraw larger amounts of money.

This multi-faceted crime ring appears to have been well organized with individuals assigned to specific roles such as account washers, account preparers and account maintainers.

Account Washers:  Gathered specific information on account holders such as mother’s maiden name, household income and occupation to enable account preparers to take over the account.

Account Preparers:  Caller ID Spoofing allowed the defendants to activate the account by pretending to be calling from the account holder’s phone.  By posing as the account holder, the account preparers could then manipulate the information to their advantage by changing key information including the mailing address, PIN number and/or increasing the credit line on the account.

Account Maintainers:  Paid off accounts to avoid any suspicision of fraud and upped the credit lines.  Once the credit line reached a high point, all monies were withdrawn.

But, that’s not all.  Compromised accounts were then sold to identity theft cell leaders who in turn distributed them to the ring’s foot soldiers and shoppers.  Shoppers bought top-of-the-line electronics and were charged with finding “fences” who would buy the electronics from them.

The indictments charge the defendants with Enterprise Corruption under New York State’s Organized Crime Control Act.  Said District Attorney Brown, “Technological advances have made it increasingly easier to carry out identity theft and fraud, two of the fastest growing crimes in the United States…We will continue to work closely with our law enforcement colleagues to stamp out such fraud and help to maintain our nation’s safety and security.”

Posted in Data Breach, ID Theft, Identity Theft, Security Breach, caller id spoofing, credit card fraud, news, social engineering | No Comments »

Leave a Comment

Please note: Comment moderation is enabled and may delay your comment. There is no need to resubmit your comment.