Risk

8/20/2009
05:08 PM
50%
50%

Eight Indicted For $22M Identity Theft Scam Against AT&T, T-Mobile

Defendants allegedly hijacked customers' identities to steal millions of dollars in wireless gear

Eight defendants were arraigned in a Brooklyn court yesterday for allegedly using the stolen identities of AT&T, T-Mobile, and Asurion customers to steal some $22 million worth of wireless equipment and services.

An indictment was unsealed in Brooklyn federal court yesterday morning charging Courtney Beckford, Gabe Beizem, Rawl Davis, Lennox Lambert, Marsha Montayne, Saul Serrano, Ron Shealey, and Rohan Stewart, with conspiracy to commit mail fraud and wire fraud. Beizem, Montayne, and Stewart were also charged with wire fraud and aggravated identity theft.

According to the indictment, between February 2005 and July 2009, Beizem -- an owner of Got Wireless (aka USA Wireless), a former authorized AT&T and T-Mobile dealer that operated in Brooklyn -- obtained dealer access codes for AT&T's and T-Mobile's online customer databases. Stewart, the owner of KP Wireless -- an authorized T-Mobile wireless device dealer operating in West Palm Beach, Florida -- also obtained dealer access codes for T-Mobile's customer database.

Using these access codes, Beizem, Stewart, and Montayne, and others, allegedly obtained existing customer information from the customer databases, including customers' names, addresses, and personal identifying information, the indictment says. Montayne, and others, then fraudulently assumed the identities of existing customers and obtained new wireless devices without payment and without the customers' permission.

In some cases, the indictment says, the defendants called AT&T and T-Mobile, adding new lines of service to existing customers' accounts, and requesting new wireless devices to support the new lines. In other cases, they allegedly called AT&T and T-Mobile, falsely claiming that a wireless device belonging to an existing customer was damaged or defective and requesting replacements. In still other cases, the defendants allegedly called AT&T and Asurion, falsely claiming that existing customers' wireless devices were lost or stolen and requested new wireless devices under AT&T's insurance program with Asurion.

As a result of these fraudulent requests, AT&T and T-Mobile shipped new or replacement wireless devices for express mail delivery by FedEx, DHL or UPS, according to the indictment. The FedEx and DHL shipments from AT&T were generally shipped to addresses along the routes of private express mail drivers whom Beckford, Davis, Lambert, and Stewart, and others, allegedly recruited and paid to divert the packages.

FedEx and DHL drivers, including Serrano and Shealey, then allegedly scanned the packages into their respective carrier's computerized tracking systems as "delivered" to the stated delivery addresses, but actually diverted the packages to Beckford, Davis, Lambert, and Stewart, and others. UPS shipments from T-Mobile were shipped directly to addresses connected to the defendants and their associates.

Beckford, Beizem, Davis, and Montayne, and others, allegedly then sold the fraudulently obtained wireless devices to others. When charges were incurred on these devices, they were billed to existing AT&T and T-Mobile customers' accounts. When the customers reported or confirmed the fraud on their accounts to AT&T and T-Mobile, the companies absorbed the losses, which included the cost of the devices, insurance payments, shipping costs, and wireless service and other calling charges.

"Identity theft can ruin customers' credit and seriously disrupt their lives," stated U.S. Attorney Benton Campbell. "The type of fraud alleged in the indictment strikes at the very heart of our modern digital economy and imposes substantial costs on commercial businesses. It is a serious problem that requires serious action. Those who commit identity theft can expect to be investigated and prosecuted to the full extent of the law."

If convicted of conspiracy to commit mail fraud and wire fraud, the defendants each face maximum sentences of 20 years of imprisonment. Defendants Beizem, Stewart, and Montayne also face additional mandatory two year consecutive sentences if convicted of aggravated identity theft.

Have a comment on this story? Please click "Discuss" below. If you'd like to contact Dark Reading's editors directly, send us a message. Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-7907
PUBLISHED: 2018-09-26
Some Huawei products Agassi-L09 AGS-L09C100B257CUSTC100D001, AGS-L09C170B253CUSTC170D001, AGS-L09C199B251CUSTC199D001, AGS-L09C229B003CUSTC229D001, Agassi-W09 AGS-W09C100B257CUSTC100D001, AGS-W09C128B252CUSTC128D001, AGS-W09C170B252CUSTC170D001, AGS-W09C229B251CUSTC229D001, AGS-W09C331B003CUSTC331D0...
CVE-2018-3972
PUBLISHED: 2018-09-26
An exploitable code execution vulnerability exists in the Levin deserialization functionality of the Epee library, as used in Monero 'Lithium Luna' (v0.12.2.0-master-ffab6700) and other cryptocurrencies. A specially crafted network packet can cause a logic flaw, resulting in code execution. An attac...
CVE-2018-17538
PUBLISHED: 2018-09-26
Axon (formerly TASER International) Evidence Sync 3.15.89 is vulnerable to process injection.
CVE-2018-11763
PUBLISHED: 2018-09-25
In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol.
CVE-2018-14634
PUBLISHED: 2018-09-25
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerabl...