The headquarters of a large national bank had detected fraud on an account and sent word to an Atlanta branch to be on alert: If an individual comes in to pick up the new debit card linked to that account, call the Atlanta Police Department.
An alert bank employee did just that when Khoi Nguyen, 43, came in to the branch to claim the debit card. Officers arrived quickly to ask Nguyen about his identity and the name on the bank account. Upon questioning, Nguyen produced a Department of Defense identification badge and claimed to be in law enforcement.
The police weren’t buying it, so they called the FBI to investigate Nguyen for impersonating a federal law enforcement officer. It was soon discovered that he was not only impersonating a government official but more than a dozen different people in a sophisticated identity theft scheme.
“In his bag at arrest were 20 cellular phones, 13 different identifications, a number of credit cards, and about $11,000 in cash,” said Special Agent Marcus Brackman, who worked the case out of the FBI’s Atlanta Field Office.
Brackman said that Nguyen had some technical skills and likely purchased the stolen personal information he used to create fake documents and open fraudulent financial accounts off encrypted websites. “Criminals can buy identities for 50 cents on the dark web,” Brackman explained.
Nguyen pleaded guilty to aggravated identity theft and was sentenced in October 2018 to two years in federal prison for his crime. He was also ordered to pay restitution to the financial institution and is facing additional state charges related to similar alleged activity in other areas of the country.
“Identity theft is very prevalent,” said Brackman. According to the Bureau of Justice Statistics, an estimated 26 million people age 16 or older in the United States experienced some form of identity theft in 2016—with many of those cases involving the misuse of a credit card or bank account. Brackman said that it was gratifying to hold someone responsible for a crime that affects so many people and creates such a headache for victims.
Those struggling to make ends meet sometimes rely on short-term, unsecured payday loans when they need quick cash.
Richard Moseley, Sr.—through his group of payday lending businesses known as the Hydra Lenders—preyed on these consumers’ financial vulnerability. His businesses scammed more than 600,000 Americans by charging them illegally high interest rates and even stealing their identities.
“A lot of these victims had to rebuild their financial lives. They had to shut down their bank accounts and open new ones. This was one of the only ways for victims to stop being defrauded,” said FBI New York Supervisory Special Agent Matthew Taylor, who oversaw the investigation. “Some of the individuals victimized were financially struggling at the time—including grandmothers, grandfathers, and former military members who served our country. In most cases, victims did not get the money back that was illegally taken from them.”
The FBI first learned about the Hydra Lenders when another government agency brought a consumer lawsuit against the group to the Bureau’s attention. Through traditional investigative techniques such as reviewing financial records, interviewing employees and victims, and collaborating with partner agencies, the FBI learned that Moseley’s enterprise routinely broke the law in issuing and collecting on loans.
From 2004 to 2014, the Hydra Lenders offered payday loans online to consumers across the country, even in states where payday lending was effectively outlawed. Some of the group’s illegal tactics included:
Charging illegally high interest rates of more than 700 percent
Using deceptive and misleading loan documentation
Taking additional, undisclosed fees from customers’ bank accounts
Withdrawing only the interest payment from the borrowers’ accounts and not applying any funds toward the principal, deepening their debt burden
Setting up payday loans for customers who had not agreed to them but had simply inquired about loan eligibility
As borrowers began to complain to state governments and consumer protection organizations, Moseley dodged regulators by insisting that his businesses were located overseas in Nevis and New Zealand and could not be regulated. In reality, the FBI’s investigation showed the enterprise operated entirely out of offices in Kansas City, Missouri, with all of its employees, bank accounts, and other aspects of the businesses located there. Moseley simply used fake letterhead and a mail forwarding service to give the appearance of an overseas location.
A recently closed California hacking and identity theft case sadly illustrates the misery that can be visited on unsuspecting victims when their personal information is compromised.
Between 2011 and 2014, four U.S. citizens who resided in San Diego—but carried out their crimes from across the Mexican border in Tijuana—hacked the computer servers of major U.S. mortgage brokers, stealing detailed loan application information from thousands of customers and then using the victims’ Social Security numbers, addresses, dates of birth, and driver’s license numbers to open unauthorized lines of credit and take over and drain victims’ retirement accounts.
“The damage crimes like these have on victims, the economy, and society in general are significant,” said Special Agent Chris Christopherson, who investigated the case from the FBI’s San Diego Division. “Individuals had their finances wrecked and their credit destroyed, through no fault of their own. For many of them,” he added, “the impacts are still being felt.”
One of the fraudsters in the conspiracy, John Baden, was the chief hacker. He infiltrated mortgage companies using a common hacking technique known as “fuzzing,” which works by overloading a web server with massive amounts of data that can lead to the server revealing security loopholes.
Once Baden had access to victims’ information, he and his conspirators, Victor Fernandez, Jason Bailey, and Joel Nava, went to work. Fernandez—the group’s ringleader—identified multiple victims’ brokerage accounts and took control of them by calling the companies and providing the victims’ personal information to change passwords and contact information. Then it was simple for him and his conspirators to wire funds—sometimes up to $30,000 at a time—from the victims’ accounts to accounts they controlled.
Victims stretched from California to Florida, and one individual lost nearly $1 million in the scheme, Christopherson said. A second part of the scheme involved extensive credit fraud. The criminals used victims’ detailed personal information to set up bogus lines of credit and retail credit card accounts to which they charged thousands of dollars for goods and services. Most of the proceeds from the sale of items in these crimes were used to buy drugs.
“A Pennsylvania man who assumed the identity of a baby who died in Texas in 1972 has been arrested on charges of Social Security fraud and aggravated identity theft after the baby’s aunt discovered the ruse on Ancestry.com.
Jon Vincent, 44, was arrested in Lansdale, near Philadelphia, on Monday, but had also lived near Pittsburgh and York, Pennsylvania since 2003 — after first obtaining a Social Security card in the name Nathan Laskoski in 1996, federal prosecutors said. Vincent remained jailed Wednesday, when a federal magistrate ordered him to appear for arraignment May 2.
The real Nathan Laskoski died in December 1972, two months after he was born near Dallas. Vincent stole the dead child’s identity after escaping from a Texas halfway house in March 1996, and used the dead baby’s identity to start another life, prosecutors said. The Texas conviction was for indecency with a child, though the precise sentence Vincent was serving wasn’t immediately clear, said Michele Mucellin, a spokeswoman for the U.S. Attorney’s Office in Philadelphia.
Vincent lived in also lived in Mississippi and Tennessee under his assumed name, holding jobs, getting drivers’ licenses and even getting married and divorced as Laskoski before the scheme unraveled late last year, according to online court records.
That’s when Laskoski’s aunt did a search on Ancestry.com, a genealogy website.
In researching her family tree, Nathan Laskoski’s name came up as a “green” leaf on the website, which led to public records suggesting he was alive. The aunt told Laskoski’s mother, who did more research and learned that someone had obtained a Social Security card under her son’s name in Texas, as well as finding public marriage and divorce records, Laskoski’s mother filed an identity theft complaint with the Social Security Administration.
An investigator from the SSA’s Office of Inspector General took it from there in January, court records show.
MESA, AZ - A woman from California racked up $16,000 in charges using identities stolen from 18 people across the country.
Court records show that the woman took the identities of eighteen people, created multiple credit card accounts from four department stores where she purchased items on a weekly basis.
Mesa police report that between June 1, 2016, and February 1, 2017, Maria Del Carmen Ramos, age 37, used stolen identities to create and use credit cards accounts to buy items at 15 different Kohl’s stores in Maricopa County.
Police say Ramos received personal profiles of 18 people from a friend in California. Ramos allegedly used these profiles to create credit card accounts at Kohl’s, Macy’s, Toy ‘R’ Us and JC Penney.
Loss prevention officers at Kohl’s say they have video evidence showing Ramos using the fake cards to make 36 purchases totaling over $16,000. Police say the total benefit value to Ramos could rise as high as $100,000.
So far police have identified 18 victims whose identities were stolen. One of the victims set up a password on her account after seeing fraudulent purchases. This hold, police say, allowed them to capture Ramos at the Kohl’s store near McKellips and Hayden roads on February 1.
Ramos reportedly told police that she was making purchases weekly, buying mostly clothing for her family, as well as shoes, electronics, and gift cards because they were easy to sell. Police say they found multiple identifications in her purse when she was arrested.
Police are contacting the victims, five of who are from New York.
Ramos has been charged with 130 counts of forgery, identity theft and fraudulent schemes.
“It’s a classic, if gruesome, staple of Hollywood action movies. The villain, desperate to gain access to the secret government vault, tricks the biometric security system by opening the door with the severed finger — or dangling eyeball — of the security guard.
In the real world, fake fingerprints and other forms of biometric spoofing pose serious challenges to the security community. Just this week, a team of Japanese researchers proved how easy it is to copy someone’s fingerprints from a “peace” sign selfie. A few years back, a hacker scanned the fingerprints of the German defense minister using a publically available press photo. The same hacker once fashioned a fake thumb out of wood glue to fool Apple’s Touch ID sensor.
But before you toss your new iPhone out the window or put on gloves every time you take a selfie, you might want to hear about a new technology that can tell if a biometric image like a fingerprint or an iris scan is really “alive.”
Matthew Valenti is the West Virginia University site director for the Center for Identification Technology Research, a multi-institution collaboration that has developed and patented anti-spoofing technology based on something called liveness detection.
“There are subtle features that are only present in a living person,” Valenti told Seeker. “Your fingers, for example, have tiny pores in them, and the signal processing algorithms used to scan your fingerprint can look for the presence of sweat in your pores. A spoof wouldn’t have that.”
Valenti’s colleague Stephanie Schuckers at Clarkson University is a pioneering researcher in liveness detection. She has tested her perspiration algorithms against fake fingers made out of wax and Play-Doh, and also a few dozen cadaver fingers from the morgue. Schuckers’ algorithms are the core technology behind NexID Biometrics, a private company claiming that its software can spot a fake fingerprint with 94 percent to 98 percent accuracy.
Still, liveness detection is so new that you won’t even find it on the latest biometric gadgets like the new MacBook Pro. So should we be concerned that hackers and identity thieves are scouring Instagram looking for fingerprints to steal?”
New York City NY April 28 2016 More than three dozen members of a Bloods-affiliated gang were charged Tuesday with running a $414,000 identity-theft ring focused on making purchases with stolen credit card accounts at Barneys, prosecutors said Tuesday.
In all, 39 gang members, who called themselves the “Pop Out Boys,” used stolen bank information it pulled from the Dark Web to create their own credit cards to shop at Barneys and Saks Fifth Avenue, said NYPD Inspector Joseph Dowling.
Their gang name referred to their flashy lifestyle. “They sort of pop out, wearing expensive clothes, a lot of popping the cork on champagne bottles,” Dowling said.
One defendant, Larry Dathan, raps under the name Big B’Z, Dowling said. In one song, “Trapping out da Uber,” he raps about using the car service for getting around while committing crimes.
Detectives executed eight search warrants, finding five handguns and five “credit card mills,” which included computers, credit-card making equipment and cash, Dowling said.
Investigators recovered the equipment at the apartments of defendants in Brooklyn and Queens.
“In at least one case, an individual is accused of making nearly twenty trips to the same luxury department store to buy designer clothes and merchandise,” DA Cyrus Vance Jr. said in a statement.
The suspects bought and resold Goyard handbags and other luxury items, then used the cash to fund nightclub outings and trips to Miami, California and Georgia, police said.
Dowling said the crew has 59 members, with ages ranging from 16 to the 30s.
Detectives caught wind of the alleged fraud while investigating another case at Barneys. They saw some of the defendants shopping with a stack of credit cards, Dowling said.
If one didn’t work, they’d use another one,” he said.
Younger gang members, millennials in particular, have been moving towards credit card and identity theft crimes because they grew up using computers, Dowling said.
“Three people from out of state who were staying at a Tewksbury hotel are facing felony charges after Nashua police say they found them with over 250 allegedly counterfeit credit cards and debit cards.
Nashua police said in a press release that they were called to the Pheasant Lane Mall on Monday about 7:30 p.m. for a report of suspicious activity involving several people.
A mall security guard called police after being notified by employees of a store at the mall that on two different occasions a male and female tried to purchase gift cards with more than one credit card.
“It was learned that the male had used two credit cards to pay for one gift card, and that the female did not purchase the gift card because she could not get the exact money value she wanted on one gift card,” police said.
Security captured the female involved on surveillance video as she also entered another mall business to try and purchase a gift card. She then left the mall and got into the passenger seat of a vehicle outside.
Officers who responded to the call, along with detectives who were at the mall for an unrelated matter, stopped that vehicle as it left the mall and identified the occupants as Jovon William, 24, of Oakland, Calif., and Brittany Allen, 28, of East Orange, N.J.
Another male approached officers during that motor vehicle stop and identified himself as Queron Foreman, 22, of Oakland, Calif.
Nashua police said in a press release that officers found probable cause to take all three suspects into custody as they obtained a search warrant for the vehicle.
Once officers got a warrant, they searched the vehicle and said they found over 250 counterfeit credit and debit cards, over 20 gift cards and receipts, according to police.”
” A Turkish man who led three cyberattacks against global financial institutions that caused more than $55 million in losses pleaded guilty Tuesday, prosecutors said.
Ercan Findikoglu, 34, whose online nicknames included “Segate,” ”Predator,” and “Oreon,” entered the plea in Brooklyn federal court.
Prosecutors said he used cashing crews worldwide to make fraudulent ATM withdrawals on a massive scale across the globe. In a February 2011 operation, Findikoglu’s cashing crews withdrew about $10 million through 15,000 fraudulent ATM withdraws in at least 18 countries, they said.
The government said he hacked into computer systems of three payment processing companies. It said he and co-conspirators accessed prepaid debit card accounts, inflated balances and removed their withdrawal limits between 2011 and 2013.
In a February 2013 attack, crews in 24 countries made 36,000 transactions, withdrawing about $40 million from ATMS, prosecutors said. During one operation, they added, crews in New York City withdrew approximately $2.4 million from nearly 3,000 ATM withdrawals during an 11-hour period.
His lawyer hasn’t commented.
In a release, U.S. Attorney Robert L. Capers called the cyberattacks massive.”
The Van Dyke Money Gang in New York made off with more than $1.5 million this year — but it wasn’t in gunpoint robberies or drug running, it was a Western Union money order scheme. In New Jersey, 111 Neighborhood Crips used a machine to make dozens of fake gift cards for supermarkets, pharmacies and hardware stores.
In South Florida, gangs steal identities to file false tax returns.
These aren’t members of an organized Mafia or band of hackers. They’re street crews and gangs netting millions in white-collar schemes like identity theft and credit card fraud — in some instances, giving up the old ways of making an illicit income in exchange for easier crimes with shorter sentences.
“Why would you spend time on the street slinging crack when you can get 10 years under federal minimums when in reality you can just bone up on how to make six figures and when you get caught you’re doing six months?” said Al Pasqual, director of fraud security at the consulting firm Javelin Strategy and Research.
Law enforcement officials say they see increasingly more gangs relying on such crimes. This year, more than three dozen suspected crew members have been indicted in separate cases around the country. Grand larcenies in New York City account for 40 percent of all crime last year — compared with 28 percent in 2001. About 5 percent of Americans nationwide have experienced some kind of identity theft, with Florida leading the country in complaints.
New York Police Commissioner William Bratton wrote in an editorial in the city’s Daily News last week that white-collar crime was being committed by gang members “to an astonishing degree.”
Crews recruit bank account owners to help cash phony checks, they pay off crooked employees who skim credit card information using hand-held readers, and they buy identities online.
Pasqual said for some, it was a replacement for other crime. “For some it’s a supplement. They’re earning the money to grow the other side of their business, using white-collar crime to fund gun running. For a lot of them this becomes their day to day. They travel the country when they get really good at it.”
A task force created by federal officials in Florida has charged more than 400 people with causing more than $140 million in losses — including more than 60 charged three weeks ago — and officials say increasingly those arrested are gang members.
It’s an organized crime — but not “Organized Crime,” said Bill Maddalena, assistant special agent in charge of the white-collar branch of the Miami FBI office. “They’re very well organized. They have to recruit people to help steal devices, cash the checks.”