- FrankonFraud
- Posts
- 43 Million SSN's For Less Than A Cup Of Starbucks ☕️
43 Million SSN's For Less Than A Cup Of Starbucks ☕️
Greetings from FrankonFraud,
You might have noticed I didn’t post a newsletter last week. That is because I took some PTO with the family for the first time in years. We went up to Vancouver, Canada, and it was stunning! I highly recommend it if you want to visit a fantastic city and beautiful natural surroundings. 🌲
But now, back to work - Fighting Fraud! 💪.
Evolve Bank Freeze - The US Secret Service seizes $5 million from Evolve Bank & Trust accounts linked to Chinese nationals involved in crypto fraud and money laundering.
Revolut Fraud Fiasco - Revolut's fraud reimbursement dispute with the Financial Ombudsman Service has left 1,000 victims in limbo, unable to reclaim £34 million in losses. The ongoing dispute raises questions about complaints about their fraud practices.
Hacking Hero - Did one guy just save the world from a massive cyberattack? Read about Microsoft Engineer Andres Freund who uncovered a huge attack before it happened.
Bail Scam Shootout 🔫 - An elderly man shot and killed a lady who tried to pull a fake bail scam on him claiming a relative was in jail. When she showed up to his house to get the money, he shot her.
Fraud turns deadly - A staged gas-station robbery designed to get a Visa for an immigrant as a crime victim backfired when the immigrant was shot and killed during the fake robbery.
IRS Clawback - 1,300 taxpayers have voluntarily returned over $225 million in ERC money as part of the IRS forgiveness program.
Camera Con - A company called NUCA is releasing a new camera that uses AI to create a deepfake nude of anyone you take a picture of. It’s like like X-ray specs on steroids.
AI Kidnapping Alert - The FBI in St Louis is warning that AI kidnapping scams are booming and alerting families to establish “safe words” as proof of authenticity.
43 Million SSNs and Fullz For Less Than A Cup of Coffee ☕️
Did you hear about the ATT data breach?
Gary Warner says it’s the most significant breach in over a decade, and for good reason. The depth and breadth of the data and the fact that it has been publicly leaked make it a complete disaster.
He says his white-hat group of investigators at Dark Tower (his company) were able to acquire Fullz, including all of this information on over 43 million identities, for a mere $4.
If Gary’s group could do it, any hacker or fraudster could also access to this PII treasure chest.
This data is in the wild and will cause massive increases in Account Takeovers because fraudsters can answer virtually any security question. The influx in breached data could also result in a big rise in identity fraud on loans, credit cards, and bank accounts.
How widespread is the data? Gary checked for me and found records of people in my family! 43 million means about 13% of the US Adult population is impacted.
The ATM Claim And Jam Method Is Hot On Telegram 🔥
Banks might want to examine their faulty ATM cash deposit claims more closely. There’s a new method making the rounds on Telegram.
It’s called the ATM claim and jam method, and it seems to be catching on. The method involves various techniques, from folding the cash to making the cash stick together with chemicals so that the machine jams up when it is deposited. When the machine tries to return the faulty cash, the scammer will hold the door down so it can’t be returned.
Then, they file a claim that they tried to deposit hundreds of dollars, which the bank typically credits to their accounts within 24 hours.
This is from a post instructing how its done on Chase ATM’s 👇️
Thanks to Michael Diamond for the tip.
Synthetics Are Booming, And They Will For A Long Time. This is Why.
Deep in the heart of Telegram Fraud Channels lie clues to why synthetic identity is booming and will probably continue to do so for a long time.
Fraud pattern hunters at Point Predictive analyzed millions of messages from the top 20 fraud channels to determine how often CPNs are mentioned or advertised. And CPN’s are literally on fire right now. 🔥
The issue is that CPNs are fraudsters' codes for stolen social security numbers used to create synthetic identities. This doesn’t bode well for synthetic identity since Telegram is often ground zero for new and emerging fraud trends.
“AI Lawyers” Are Sending Fake Threats In Mass Emails To Scam People
In a bizarre twist, a gadget review website has been linked to a backlink SEO scam involving AI-generated lawyers and baseless copyright infringement claims.
The law firm Commonwealth Legal Services appears to be entirely run by AI Lawyers who don’t exist. These “lawyers” are sending out thousands of email threats to victims trying to get them to post backlinks to articles or risk getting sued for copyright infringement.
Investigators determined that the pictures of the lawyers were entirely AI-generated when they ran it through deepfake detection software.
This is a relatively new and insidious scam, and the company associated with the scam Tech4Gods.com, has also been linked to other complaints on Reddit.
Shanghai Woman Held 9 Concurrent Jobs, Hired Extras To Pretend To Be Her Clients
A woman named Tao from Shanghai took “fake it til you make it” to a whole new level. Armed with a fake MBA and bogus resume, she conned her way into accepting offers at nine different companies as a salesperson simultaneously.
Once she got the job, she hired extras to play would-be clients to give the illusion that she was a hot-shot rainmaker.
She was paid a paltry 30,000 Yuan (about $4,300 a month) for all those jobs. In this case, crime didn’t pay.
They Called Him Crazy and Locked Him Up, But He Was A Victim Of Identity Theft
This is the weirdest and most tragic identity theft case I have ever heard of.
An Iowa Hospital Executive stole hot dog vendor William Woods's identity in the 1980s and used it for 33 years to get a job, buy cars, and get over $200,000 in loans.
Now that might have been it, but the story took a weird twist.
Woods eventually became homeless, and in 2019, he discovered the $200k in bad debt that had been racked up in his name. He went into the bank to clear his name, present his social security card, and answer security questions, but the bank thought he was a fraudster, so they called the police.
The police reached out to the Iowa Hospital Exec, assuming he was the real Woods, and the exec faxed his forged docs to the police. The police arrested Woods, and when he was taken to court, they found him “not fit to stand trial,” so they put him in a mental institution.
Facebook Fake Accounts Scale Will Blow Your Mind 🤯
It’s the era of fake accounts, and the scale of how often they happen cannot be underestimated.
Facebook publishes shocking statistics on the number of fake accounts it removes from the platform each quarter.
These are the numbers in millions. They removed a record 2.2 billion accounts in a major sweep 3 years ago and it has been trending downward since👇️
In the fourth quarter of 2023, Facebook took action on 691 million fake accounts, down from 827 million in the previous quarter.
Inside the Brazen MGM Hack and The Chaos That Ensued
The New York Times provides a fantastic, blow-by-blow account of the hack that brought down MGM and other casinos in Vegas.
In a daring Las Vegas heist, teenage hackers from the notorious online community "the Com" infiltrated MGM Resorts, wreaking havoc on its systems and demanding a $30 million ransom. As the gaming giant scrambled to contain the damage, it’s clear that this new tech savvy generation of hackers is going to wreak havoc on lots of organizations.
Thanks for catching up on fraud with me each week. As always, if you have any fraud tips or trends you think the world should know about, send them to me here.
I hope you all have a fantastic week.