In the largest bust of its kind, authorities arrested 111 people in connection with a massive identity theft operation based in Queens, New York. The suspects are allegedly responsible for fraud losses that amounted to more than $13 million in the 16-month period between May 2010 and September 2011.
The group, who apparently have ties to gangs in Asia, Europe, Africa and the Middle East, were under surveillance for two years in a sting called “Operation Swiper,” in which police placed wiretaps on dozens of phones in the area, intercepting thousands of conversations in Russian, Mandarin and Arabic.
This is how the thieves apparently operated their massive scheme:
Bosses of each crime ring received blank credit cards from suppliers in Russia, Libya, Lebanon and China. The bosses then hired “skimmers” who posed for jobs such as waiters and retail shop workers so they could use electronic devices to steal information from customer credit cards. That information was then sent to a “manufacturer” who programed the information into the magnetic strips of blank credit cards.
The crime rings also used card printing machines to forge credit cards and state drivers licenses to match them. “They can actually make a license from any state in the union, print credit cards of any color and even put the holograms on there,” said NYPD deputy inspector Gregory Antonsen.
Police then said “shoppers” in the crime rings would use the forged credit cards and IDs to go on weekly shopping sprees around the U.S. at retailers such as Nordstrom’s, Macy’s, Gucci and Best Buy and sell those items mostly to people overseas.
But by far, Antonsen said, thieves spent the most time buying computer products from Apple. “This is primarily an Apple case,” Antonsen said. “Apple is a big ticket item and a very easy sell.” Antonsen added forged credit cards were easy for criminals to make here because U.S. credit cards are less sophisticated than those in Europe, where fraud of this magnitude would have been much more difficult.
Which brings us to the topic of U.S. credit card companies and their lack of initiative regarding credit card security. Queens District Attorney Richard A. Brown mentioned just that when he accused U.S. credit card companies of “putting too much money into marketing and not enough into security.” He stated that these companies would rather take the losses than invest in much-needed security measures.
Europe has already caught on to the fact that credit cards need the highest level of security embedded into them. European cardholders are required to enter a personal identification number on a keypad during purchases. These “smart cards” also contain computer chips that encrypt the customer’s transaction information. U.S. banks issue cards with a simple magnetic strip on the back, which are more vulnerable to thieves.
American banks realize they need to change, but are reluctant to do so because, of course, it costs money. The good news is, however, that change must come — and soon. Both Visa and Mastercard have announced that retailers who do not support smart cards by 2015 and 2013, respectively, would be liable for fraudulent transaction.
Is the smart card our answer to credit card fraud by way of ID theft?
Maybe. But only until thieves figure out a way to outsmart the smart card.
Really nice post and one that I will certainly use at work to help get the type and scope of this threat across to management. We have conversations about this sort of thing, but this drives it home. Thanks! One nit to pick, though. Europe is a continent composed of about 47 (give or take) independent states/countries. Even with the European Union, it isn’t, on its own, a country.