- FrankonFraud
- Posts
- Sell Me Your Sign-On. Hackers Try New Sim Swap Methods
Sell Me Your Sign-On. Hackers Try New Sim Swap Methods
Frank McKenna
August 15, 2023
Greetings Fraud Fighters,
Here is a quick view bullet list of big things in fraud this week;
Fraudsters went big on Mortgage Payoff Scams
Hackers created new Sim Swapping Schemes
Ai was used to find synthetic identities in India
A Dealer Employee got caught impersonating Borrowers
Scammers used Fake CarFax Reports to Bilk Victims
A maybe inside job at the IRS emerged in new report
The FBI nabbed a Telegram fraudster
Hackers are targeting Plastic Surgeons’ Offices
Experian sheds light on Money Mules
Every VC has a fraud on their portfolio
Let’s get to the top stories of the week!
Sell Me Your Sign-On. Hackers Took Sim Swapping To The Next Level
A new government report is shedding light on the techniques that a teenage led hacking group used to attack some of the largest companies in the world to extort money.
The group was so creative that they created two techniques to SIM Swap that are destined to become part of the hackers playbook for many years into the future.
A Face That Launched 658 Fraudulent Sim Card Synthetic Identities
Synthetic Identity is not just the fastest-growing financial fraud in the US - it’s going global.
The government uses new AI-powered scanning software in India to find synthetic identities tied to SIM Cards.
Over the past 4 months, the software has identified over 24,000 suspected fraudulent SIM Card registrations tied to potential synthetic identities.
In one case, 100 to 150 different SIM cards were tied to a single Aadhaar number - the Indian equivalent of our social security number.
The AI software is called ASTR analyzes photos taken at the time of the SIM registration and uses facial recognition to find SIM Cards that are registered with the same face.
In one case, the software identified over 658 Sim Cards tied to the same face. Amazing!
Finance Manager That Wanted To Be Cop Caught Impersonating Customers
An employee of Red Rock GMC was arrested for impersonating a customer during borrower verification calls with Canvas Credit Union.
The employee Tiffany Miller was caught when the Credit Union got suspicious since the phone call to them originated directly from the car dealership itself.
It was a multi-layered ham-handed fraud attempt and what makes the story even crazier is the impersonator was actually applying to become a police officer in the city!
Mortgage Payoff Fraud Is Spiking – Up 532%
The housing market is way down. In fact 99% of metropolitan areas in the US are reporting sharp decreases in mortgage activity. Nationally mortgage lending activity has reached a 20 year low across the US.
So mortgage fraudsters are shifting their tactics. A new CertifID report finds that fraudsters are shifting their tactics and resorting to more lucrative mortgage fraud schemes including diverting closing funds.
The firm caught $1.9 million in attempted mortgage payoff fraud in Q1 2023. By Q2 of this year, that number rose 532% to $12 million, according to CEO Tyler Adams.
Every VC Has Some Fraud In Their Portfolio, Here’s Why.
All these Unicorns and high-flying startups that came out of the pandemic resulted in many founder frauds.
Remember Charlie Javice? Sam Bankman Fried? NS8?
Scammers Used Fake CarFax Reports And Disabled Odometers
2023 is the year of olden times frauds. Odometer fraud is as old as check fraud but it has been making a dramatic comeback as well.
This week 3 suspects were arrested for buying cars for $1,000 to $3,000, pretty and turning around and selling them for $5,000 to $10,000 after altering the odometers in the cars.
The scammers would use completely fake CarFax reports that they would alter to “prove the car had low mileage” and told victims that the broken odometer could be fixed at a shop for $40.
Never buy a car with a broken odometer and if you do, pull the CarFax report yourself!
Empty Boxes – Is This An Inside Job At The IRS?
A report by a watchdog group is calling into question the IRS’s processes for protecting taxpayer data.
And a report in the Daily Mail this week indicates that the IRS has lost track of millions of sensitive records putting taxpayers at risk of identity fraud.
Auditors discovered the potential data breach that no one is talking about when empty boxes appeared in warehouses that the IRS cannot account for
Whose data is missing, and what is the extent? That is the question.
Experian - 30 Basis Points Of Bank Accounts Are Money Mules
A mule and his money are soon parted.
A new eye-opening Blog Post by Experian is shedding light on the problem of Money Mules.
By Experian’s estimate, 30 basis points of bank accounts are run by money mules. That might not sound like a lot, but given the over 107 million bank accounts in the US, 321,000 mule accounts out there are doing their thing.
In total, about $3 billion in money mule activity.
Experian admits this estimate is low because most mule activity is undetected or reported.
And banks are taking note. According to AITE, banks’ third priority in terms of investment spending is in detecting and preventing mule activity at the application stage. Only check fraud and scams rank higher.
He Created A Telegram Channel To Sell Stolen Checks - But The FBI Was Watching
Mekhi Diwone Harris created his very own fraud channel on Telegram called Work Related Slips. He specialized in stealing checks out of the mail and then posting them for sale on his channel.
His channel was popular - boasting over 800 subscribers - and he posted fresh high dollar stolen checks on daily basis.
But the FBI was watching his illegal deeds and believe he may have posted over $15 million in stolen checks. In a criminal affidavit that you can find here, they lay out all the evidence against him which is a lot.
The FBI was able to track him down by verifying ownership of the CashApp account where he took payment, but also by matching pictures of a silver bracelet he wore while showing off a stack of cash on Telegram and another picture he posted on his now deleted Instagram Account.
Your bank is probably a victim in this case because there are thousands of stolen checks posted.
Did he target your bank? A quick run through of his Telegram channels shows checks drawn on Capital One, Regions, Bank of America, Chase, Wells Fargo, Synovus, Cadence Bank, First Horizon Bank, Stellar Bank, Truist, PNC, Valley National.
Is The Biggest Scam In The World? Printer Ink! 😠
Consumers are getting ripped off big time, and everyone knows it. How many times have you purchased a new cartridge, and a few weeks later, it’s empty again?
Check out this video or just how bad consumers are getting ripped off and a new type of printer that might change everything and finally stop the massive scam.
The $4.6 Billion Fraud Wave That Australia Completely Missed
The Australian Tax Office (ATO) is being blamed for missing a $4.6 Billion fraud trend that went viral on Tik Tok.
The fraud was terrifyingly simple. Anyone with some ID could apply for an Australian Business Number (ABN), then use their MyGov account to register a fictitious business.
Once registered, the new “business owner” would submit a fictitious business activity statement in which they claimed to have spent a huge amount of money setting up the business. They immediately applied for a refund on the 10 percent of these fictitious expenses, which was GST.
Banks in Australia were the first to catch on noticing thousands of customers getting massive deposits for tax credits that were not typical for their profile.
Plastic Surgeons Are The New Preferred Target of Hackers
There appears to be a worrying new trend in the hacker’s playbook - targeting plastic surgeons.
Plastic surgeons are being targeted - like this one in Brazil because they have wealthy clientele, but the data can also serve other nefarious purposes.
Cybercriminals exploit sensitive content like nude photos and other explicit pictures in harmful ways, including extortion and blackmail of patients.
Does Chase Use This Strange Strategy To Protect Accounts Against Fraud?
This might be the weirdest fraud mystery out there.
A viral post on Reddit has people scratching their heads about a mysterious $99,999,997,834.99 withdrawal placed on a customer account by Chase.
Karisse Hendrick forwarded me the article and pointed to the last sentence, illuminating the mystery.
"A Chase representative said it routinely places massive debt on accounts held by people who have passed away to protect against unauthorized withdrawals.”
What the heck? This reminds Karisse and I of the decades-old workarounds we used to have to do in risk when we couldn’t get people to stop removing the temporary blocks on accounts.
If this is the case, this has to be one of the oddest workarounds by risk to prevent account fraud.
Would Be Fraudster Rejected By Fraud Group Because He Could Not Type
A Chinese man named Wu was rejected by a fraud telecom group in Thailand and deported from the country - all because he couldn’t type.
He tried to return again to land the job - maybe after he learned to type better but he was arrested by police for crossing the border fraudulently.
I Am Piping Mad After Reading This Story On LinkedIn. What Do You Think?
If you hate to see fraudsters get away with their dirty deeds, this story posted by Troy Huth might make you piping mad.
Apparently some fraudsters go into certain retail stores, take every gift card of the rack and then load them to the max with counterfeit gift cards - one after another. Then, like trash, they leave the debit cards on the counter. They simply don’t care about getting caught at all.
And why would they? Apparently, even management tells the retail associates to turn a blind eye and not question the activity.
This reminds me of how bad shoplifting has gotten in retail when staff is instructed to not intervene of even call police.
Those are the top trends and stories of the week. Please let me know if you have any tips or stories you think are interesting.
Have a great and positive fraud fighting filled week.