How did this scam work?
April 16, 2020 12:31 PM Subscribe
So I’m a customer of a major cell provider, the same one for 20 years. A few weeks ago I got notified that I had entered into a credit agreement for the purchase of two new iPhones at a carrier retail store in NYC. I had not done so. Issue is resolved with carrier but I can’t figure out how the scam worked. Any ideas? Details below the fold.
So after I get a text from my provider saying I had bought two new iPhones on their equipment installment plan, I called the provider. They told me that someone had purchased the iPhones at a carrier store in NYC (this was when things had already gotten bad there). The phones had been purchased by someone with my number and assigned to two lines on my account. I’ve bought phones from them on the EIP before, but I didn’t buy these, and I wasn’t even near NYC at the time. Carrier told me the scammer would have needed my ID, but I have all my IDs safe and sound. The carrier fully refunded the charges and wiped out the installment plans, and told me I’d get a call from their investigations unit. But I never did.
I’m trying to figure out how someone had the combination of my name, my cell phone number, (even those first two would not be that easy to find searching online, and I check) as well as knowing my carrier (to go into that store) and had some sort of convincing fake ID — a drivers license or passport — with my name, and then with all that went for the low hanging fruit of two iPhones as if I’d never notice a $1500 hit on my account in installments of $70 a month.
All I can think of is it’s an inside job by someone who had access to the carrier’s back end. But then again why blow your cover for two iPhones when you’re sure to get caught and fired and prosecuted if you work for the carrier.
Nothing else weird has happened on any of my credit accounts or bank accounts. All seems normal otherwise.
Any thoughts? I’m just curious at this point and wondering if I left a leak unplugged somewhere. But I can’t think what.
So after I get a text from my provider saying I had bought two new iPhones on their equipment installment plan, I called the provider. They told me that someone had purchased the iPhones at a carrier store in NYC (this was when things had already gotten bad there). The phones had been purchased by someone with my number and assigned to two lines on my account. I’ve bought phones from them on the EIP before, but I didn’t buy these, and I wasn’t even near NYC at the time. Carrier told me the scammer would have needed my ID, but I have all my IDs safe and sound. The carrier fully refunded the charges and wiped out the installment plans, and told me I’d get a call from their investigations unit. But I never did.
I’m trying to figure out how someone had the combination of my name, my cell phone number, (even those first two would not be that easy to find searching online, and I check) as well as knowing my carrier (to go into that store) and had some sort of convincing fake ID — a drivers license or passport — with my name, and then with all that went for the low hanging fruit of two iPhones as if I’d never notice a $1500 hit on my account in installments of $70 a month.
All I can think of is it’s an inside job by someone who had access to the carrier’s back end. But then again why blow your cover for two iPhones when you’re sure to get caught and fired and prosecuted if you work for the carrier.
Nothing else weird has happened on any of my credit accounts or bank accounts. All seems normal otherwise.
Any thoughts? I’m just curious at this point and wondering if I left a leak unplugged somewhere. But I can’t think what.
I think it's at least plausible that the employee who sold the phones didn't follow procedure, for example by not asking for ID. Some scam artists are pretty skilled at social engineering, so they might be able to charm or persuade a retail employee into skipping some of the usual steps.
The only piece of information you know the scammer has is either your name or phone number, just enough to associate the purchase with your account.
posted by mekily at 12:46 PM on April 16, 2020 [11 favorites]
The only piece of information you know the scammer has is either your name or phone number, just enough to associate the purchase with your account.
posted by mekily at 12:46 PM on April 16, 2020 [11 favorites]
I don't know where they got your information, but you are a victim of identity theft, and should immediately check your credit report at https://www.annualcreditreport.com/and set up credit monitoring. If they have successfully used your information for an application once, they may well keep at it.
posted by agentofselection at 12:48 PM on April 16, 2020 [11 favorites]
posted by agentofselection at 12:48 PM on April 16, 2020 [11 favorites]
Many years ago, someone with my first name (but not spelled the same) and a totally different last name was able to use my social security number to get auto loans on two cars and then default on both.. Untangling the mess was a nightmare (and, charmingly, her name still appears on my credit report as one of the names I've used—I've never been able to get it corrected). At one point, in order to convince the bank that issued the loans to believe it wasn't me who bought the cars, I had to file a police report and submit it. The police were very helpful about this.
I was astonished when a detective called me to tell me the results of their investigation, because I hadn't expected there to be one. It turned out that the person selling the used cars drove the scam, and he'd been known to the police before, but had moved on by the time all this started catching up with him. He had gotten hold of social security numbers somehow (this was a long enough time ago that people hadn't really caught on that SS numbers were something that should be protected—my student ID at one college I attended was my SS number, for instance). He worked at one of those "No credit? Bad credit?" used car places, and he hooked up people with loans approved under someone else's credentials—arguably, the buyers didn't even know he was doing it.
That was the detective's take on it—the car seller got some chunk of money from the scam, and moved on when he was likely to get caught. I thought it was pretty fishy that the woman who bought the cars lived across from a house I'd lived in, but there were never really any answers.
Anyway: the answer might be that the buyer didn't need to be the one running the scam. The salesperson might have had some angle.
posted by Orlop at 1:21 PM on April 16, 2020 [6 favorites]
I was astonished when a detective called me to tell me the results of their investigation, because I hadn't expected there to be one. It turned out that the person selling the used cars drove the scam, and he'd been known to the police before, but had moved on by the time all this started catching up with him. He had gotten hold of social security numbers somehow (this was a long enough time ago that people hadn't really caught on that SS numbers were something that should be protected—my student ID at one college I attended was my SS number, for instance). He worked at one of those "No credit? Bad credit?" used car places, and he hooked up people with loans approved under someone else's credentials—arguably, the buyers didn't even know he was doing it.
That was the detective's take on it—the car seller got some chunk of money from the scam, and moved on when he was likely to get caught. I thought it was pretty fishy that the woman who bought the cars lived across from a house I'd lived in, but there were never really any answers.
Anyway: the answer might be that the buyer didn't need to be the one running the scam. The salesperson might have had some angle.
posted by Orlop at 1:21 PM on April 16, 2020 [6 favorites]
I think the scam is to sell the phones on Craigslist for cash before they're blacklisted. You can get the carrier from the number, and your name from voicemail or social engineering. Make a fake ID and go in right before the store closes, and I bet you'd have the two phones on record time. Now that people have their whole lives in their phones, they expect to walk into the store and get them now. And sometimes they have next to no information about their own accounts. Sorry this happened.
posted by wnissen at 2:32 PM on April 16, 2020 [2 favorites]
posted by wnissen at 2:32 PM on April 16, 2020 [2 favorites]
Response by poster: Thanks all. I’m still trying to ponder a self-respecting criminal good enough to make a fake drivers license for a one off theft, which after dropping $200 in deposits and taxes and considering the likely discount of a Craigslist quick sale at best likely netted them $600-800 profit... it seems like if you were good enough to make a convincing license you’d set your sights higher. So I am inclined toward “salesman drove the scam” or inside job or maybe a sales associate falling down on the job accidentally but hmm, surely enforcing an ID requirement for letting $1800 worth of hardware walk out the door would be a pretty high priority item for “keeping your job” purposes. Hard to imagine even a good con artist pulling that off without showing a card, you know?
And yes I have credit monitoring and watch my credit report closely. And I do anyway. I’ve been eagle eyed about it since this happened, but nothing has even blipped.
My cell phone number does not appear on any voicemail that I’m aware of. Nor is it easily searchable to my name online, or even with difficulty. To my knowledge it has appeared online once alongside my name and that was 7 years ago when an organization I was on the board of published a previously internal document that had my number as a PDF. I had that taken down in a month and it has not reappeared in any archive, etc.
The specific targeting of my identity is what seems oddly non- random here. It’s not like someone skimmed my credit card, this took steps. And effort. For a low reward.
Or someone inside was behind it. I had in fact bought an iPhone 11 legitimately on the EIP, albeit for another line on the account, just in late December, which I should have mentioned. I did it online, not in a store. I haven’t been in my carrier’s stores in almost 20 years.
Anyway I really appreciate the insights.
posted by spitbull at 3:59 PM on April 16, 2020
And yes I have credit monitoring and watch my credit report closely. And I do anyway. I’ve been eagle eyed about it since this happened, but nothing has even blipped.
My cell phone number does not appear on any voicemail that I’m aware of. Nor is it easily searchable to my name online, or even with difficulty. To my knowledge it has appeared online once alongside my name and that was 7 years ago when an organization I was on the board of published a previously internal document that had my number as a PDF. I had that taken down in a month and it has not reappeared in any archive, etc.
The specific targeting of my identity is what seems oddly non- random here. It’s not like someone skimmed my credit card, this took steps. And effort. For a low reward.
Or someone inside was behind it. I had in fact bought an iPhone 11 legitimately on the EIP, albeit for another line on the account, just in late December, which I should have mentioned. I did it online, not in a store. I haven’t been in my carrier’s stores in almost 20 years.
Anyway I really appreciate the insights.
posted by spitbull at 3:59 PM on April 16, 2020
My cousin just reported a slightly orthogonal but maybe related scam in NJ - are you sure it was your provider that texted you? From my cousin:
Someone called today claiming to be from Verizon. They said someone was trying to purchase an iPhone on our account and they wanted to verify whether it was us. It wasn’t us so they said they would send us a link to set a temporary password. The link came from the Verizon number that we receive texts from for our account. He gave us a temporary password and said to enter it in the link and it would take 48 hours before we could set a new one.posted by ChuraChura at 5:35 PM on April 16, 2020 [4 favorites]
My husband hung up on him and he called back. We didn’t give them any info and didn’t click the link. I asked why they were having me set a temporary password that they were creating and why they couldn’t just cancel the order. I asked for his name and a number to call back. He gave me his name and then hung up when I asked for a number. I went on the Verizon app and logged into my account. There didn’t seem to be an order in place but I called Verizon directly. They verified that they did not place that call nor would they have done so.
Best answer: A lot of retail fraud is organized crime these days. Buy some names from somebody who makes their money that way, send your troops out with marching orders to go from city to city hitting every phone store they can, sell the hardware wholesale to some other criminal, soon enough you are talking real money.
posted by Pembquist at 9:28 PM on April 16, 2020
posted by Pembquist at 9:28 PM on April 16, 2020
I'm pretty sure a nice employee would take "I lost my ID and the DMV is closed can you take a copy of my poor paper copy (fake ID?) "From a scammer.
Could be someone on the inside, could be lucky guess. Either way, keep an eye on your credit report and follow up on the fraud investigation of you can.
posted by AlexiaSky at 12:18 AM on April 17, 2020 [2 favorites]
Could be someone on the inside, could be lucky guess. Either way, keep an eye on your credit report and follow up on the fraud investigation of you can.
posted by AlexiaSky at 12:18 AM on April 17, 2020 [2 favorites]
at best likely netted them $600-800 profit
Not sure how much your job pays, but that’s like $400/hr.
posted by sideshow at 12:24 AM on April 17, 2020 [3 favorites]
Not sure how much your job pays, but that’s like $400/hr.
posted by sideshow at 12:24 AM on April 17, 2020 [3 favorites]
Response by poster: Sideshow, you’re not including the time spent researching my identity or creating a credible fake ID, which could be used for a much larger score, or going from store to store to try to find one to accept no ID, or whatever. I suspect much more than 2 hours of work went into this scam, even if it was an inside job you’d need an outside partner and to coordinate with them and split the take with them.
I’m not at all convinced a retail employee could be easily scammed into accepting a paper copy of a drivers license at risk of losing your job at this moment. I’ve worked retail and encountered scammers, and it doesn’t ring true.
And I am sure I was texted by my carrier. 100%. And the charges were legit on my online account when I went to check.
Organized crime doing this at scale, maybe.
posted by spitbull at 5:21 AM on April 17, 2020 [1 favorite]
I’m not at all convinced a retail employee could be easily scammed into accepting a paper copy of a drivers license at risk of losing your job at this moment. I’ve worked retail and encountered scammers, and it doesn’t ring true.
And I am sure I was texted by my carrier. 100%. And the charges were legit on my online account when I went to check.
Organized crime doing this at scale, maybe.
posted by spitbull at 5:21 AM on April 17, 2020 [1 favorite]
I have never done an EIP so maybe the requirements are for that are different, but the last 3 or 4 phones I acquired did not require showing ID. (The procedures may have called for ID, but it was never asked for.) In one case they had to help me troubleshoot the password, too. Never a need to show ID, just a working credit card, and at the same time they will make whatever change you request to your account (eg, adding a new line). So potentially, your scam may have only involved knowing enough account details to sound convincing (ie, name and number, plus maybe the address, since so many people don't know their passwords) and having a working card (that was likely stolen or otherwise not being paid back).
posted by Dip Flash at 6:13 AM on April 17, 2020 [1 favorite]
posted by Dip Flash at 6:13 AM on April 17, 2020 [1 favorite]
My cell phone number does not appear on any voicemail that I’m aware of. Nor is it easily searchable to my name online
There's been enough data breaches over the years that it's very likely that this information is available on the so called dark web. Various groups aggregate different breaches into dossiers that can be purchased en-mass for this kind of thing.
had some sort of convincing fake ID
How closely do you think minimum wage employees are inspecting pieces of plastic that people hand them these days? It is also possible that the retail operation was in on it, either in an ongoing basis or one time bribe, but I can't believe that moral is very high during this situation.
posted by Candleman at 6:55 AM on April 17, 2020 [2 favorites]
There's been enough data breaches over the years that it's very likely that this information is available on the so called dark web. Various groups aggregate different breaches into dossiers that can be purchased en-mass for this kind of thing.
had some sort of convincing fake ID
How closely do you think minimum wage employees are inspecting pieces of plastic that people hand them these days? It is also possible that the retail operation was in on it, either in an ongoing basis or one time bribe, but I can't believe that moral is very high during this situation.
posted by Candleman at 6:55 AM on April 17, 2020 [2 favorites]
I'm wondering if this was in preparation for a SIM swap scam where they would eventually transfer your phone number to one of those phones to intercept one-time passwords sent to your phone?
posted by vivzan at 9:49 AM on April 17, 2020 [2 favorites]
posted by vivzan at 9:49 AM on April 17, 2020 [2 favorites]
"I’m not at all convinced a retail employee could be easily scammed into accepting a paper copy of a drivers license at risk of losing your job at this moment. I’ve worked retail and encountered scammers, and it doesn’t ring true."
As someone who has worked in these environments as well, I can guarantee that this is possible, and would likely not result in job loss where I live (unless the staff member was involved, of course).
posted by eisforcool at 9:33 PM on April 18, 2020 [1 favorite]
As someone who has worked in these environments as well, I can guarantee that this is possible, and would likely not result in job loss where I live (unless the staff member was involved, of course).
posted by eisforcool at 9:33 PM on April 18, 2020 [1 favorite]
This thread is closed to new comments.
posted by spitbull at 12:35 PM on April 16, 2020