Organized Fraud Rings Prey on Wireless Carriers

April 6, 2015
By Dr. Stephen Coggeshall

This post is the first in a three-part series on fraud techniques used to target wireless carries. The data collected and analyzed by ID Analytics has given us unique insight into how this type of fraud is planned and perpetrated.

In the wireless industry, where a customer might pick up a device worth hundreds of dollars and agree to pay for it later, the problem of identity theft increases the risk of significant losses. That risk also extends to the consumer whose stolen identity is used to acquire a phone. With the amount of data we have, we can search for patterns and develop a better understanding of how the scammers are targeting the wireless companies.

Using Patterns to Find Fraud Rings

Using data from transactions deemed suspicious, our researchers identified organized groups of fraudsters who attack cellular carriers. These fraud rings often steal large numbers of phones, selling them quickly through online sites or overseas.

When thieves breach a major source of consumer data, such as a healthcare company or a retail chain, they often separate the stolen personal information into batches and sell them to the highest bidders1. Once a fraud ring obtains a batch of this stolen data – perhaps the name, address, date of birth and Social Security numbers of hundreds of people – they use this information to place orders in person and online for new cellular service.

They’ll often use the correct name and Social Security number, which might be enough to get a transaction approved, with a new address or series of addresses, especially if the phone is to be delivered by mail.

300 Applications from One Fraud Ring

In one theft pattern detected by ID Analytics’ researchers, the identities of a number of people who had lived in Texas for years were used to buy phones in Philadelphia. It started with a slow trickle at first, with one identity used to apply for several dozen phones over a three-month period, perhaps to test the scheme. Then the activity picked up, with multiple people using multiple identities. In all, the ring applied for more than 300 fraudulent phone accounts over a 9-month period.

The patterns in the data were familiar to the fraud researchers: correct names and Social Security numbers, but incorrect dates of birth – perhaps because the date of birth was not included in the breached data. And addresses that were thousands of miles away from where those people had historically made purchases; in this case, it was a series of addresses in Philadelphia, often on the same street but with different street numbers.

The first transactions might not appear suspicious.  The idea that someone would move from Texas to Pennsylvania and open new cell-phone accounts for their family isn’t unusual. But when there’s a pattern of inconsistency in the data, such as the same person applying multiple times with different addresses or dates of birth, or one person buying phones in the same day from multiple vendors, the data starts to tell a story.

When we see an unusual volume of a particular kind of suspicious transaction in one location, it suggests perhaps there’s a more sophisticated fraud ring at work.

Protecting Your Business and Your Personal Information

For wireless carriers, being able to open new accounts in minutes is essential. Fraud prevention measures can add time, cost and hassle to the process, resulting in customer abandonment. But the carrier needs to verify the customer’s identity. This can be done in a variety of ways, from contacting the individual through multiple channels prior to approval, to more secure and advanced measures, like real-time authentication.

With real-time customer authentication, companies use tools to help them identify potential identity fraud before engaging in risky transactions. This can increase revenue and minimize losses. To learn more about fraud rings and how to minimize risk, download the I See Fraud Rings white paper. 

Dr. Stephen Coggeshall is Chief Analytics and Science Officer at ID Analytics.


1. Greene, Tim. Network World. (6 February 2015) Anthem Hack: Personal data stolen sells for 10X price of stolen credit card numbers, retrieved March 25, 2015 from