The United States Department of Justice (DoJ) has announced that Miami, Florida, resident Edwin Fana pleaded guilty to a sophisticated international telecoms fraud that caused ‘at least’ USD1 million of losses.
The FBI found over 80 mobile phones in active use when they searched Fana’s house. Each phone had been reprogrammed to emulate the stolen details associated with one of 11,000 genuine accounts. Fana received the account details from his accomplices, who would also send him VoIP traffic to be routed through the phones, meaning the cost of the calls was charged to the bills of victims. Fana then used the phones to make thousands of calls to Cuba, Jamaica, and the Dominican Republic.
The DoJ did not explain how the 11,000 identities had been stolen, but they did say that…
…Fana and his co-conspirators participated in a scheme to steal access to and fraudulently open new cellphone accounts using the personal information of individuals around the United States.
Fana pleaded guilty to: aggravated identity theft; access device fraud; the use, production or possession of modified telecommunications instruments; the use or possession of hardware or software configured to obtain telecommunications services; wire fraud; and conspiracy to commit wire fraud. Sentencing will be scheduled for a later date.
We should be glad to see law enforcement chasing and prosecuting telco fraudsters, but we must also question how telcos could permit such significant losses to be racked up. Over 80 phones were wired for use from a single address; even in a busy apartment block this should appear like an unusual concentration of users and calls. Many Floridians have links to Caribbean countries like Cuba, but how much analysis was automatically performed on the number and value of expensive international calls being charged to the victims’ accounts? Real phones and customers cannot be in two places at once, so location data should also have suggested the cloning of phones. Put simply, good automated data analysis will not stop fraud, but it can significantly reduce it. The fraud management systems that can perform this kind of analysis may not be cheap, but it does not take many million-dollar frauds before they pay for themselves.