Case Study 1:
By the time the New York identity theft fraud case was solved, over 30,000 people had suffered a total combined loss of over $2.7 million. This money had been stolen by a ring of New York residents who had accessed the victims’credit information and exploited that information to steal the victims’ identity. The fraud began when Linus Baptiste approached Philip Cummings about a plan to steal and sell people’s personal information. Philip Cummings had begun to work at Teledata Communications, Inc., a third-party credit-reporting agency that facilitates the retrieval of credit history data. Teledata had outstanding contracts with over 25,000 companies, allowing these companies to check on the creditworthiness of potential customers, thus creating a direct line past the three main credit bureaus. As a customer service representative, Cummings had obtained access to many confidential access codes. These access codes were used by the clients of Teledata to gain approval on credit requests. With access to these codes, Cummings had the opportunity to commit fraud. In early 2013, Cummings and Baptiste began to steal credit reports. The two fraudsters sold this information to a group of Nigerian nationalists. The Nigerian nationalists would pay up to $60 for one person’s information. After some time, the Nigerian nationalists began to provide the two fraudsters with names and Social Security numbers to help facilitate the process even further. To convert the information into money, the Nigerian nationalists would use the information to gain access to the victim’s bank accounts and other financial information. The group of Nigerian nationalists would then take the following steps:
- Deplete the bank accounts of the victims through wire transfers.
- Change the addresses of the accounts so the current information was not sent to the victim. Order new checks to be written off of the victim’s bank accounts.
- Order new ATM cards so the money could be taken out in cash.
- Order new credit cards under the victim’s name.
- Establish new lines of credit under the victim’s name.
By using these techniques, the fraud ring was able to steal over $2.7 million from consumers. This money was stolen over a period of about three years. The most intriguing aspect of the fraud was that Cummings quit working at Teledata half way through the fraud period, but was able to continue to steal the information for an additional two years. Cummings claimed that most of the access codes he had stolen while working at Teledata remained unchanged for the full two years after he left the company. After three years, Cummings began to get greedy and his greed led to the detection of fraud. Perceiving that he needed to make more money, Cummings stole around 15,000 credit reports from Teledata by using the access codes of Ford Motor Company. Then for the next four months, Cummings again stole a large number of names. This time, Cummings used the access codes of Washington Mutual Bank to steal 6,000 credit reports. Finally, three months later, Cummings made what would be his last big credit report theft. Using the access codes of Central Texas Energy Supply, Cummings was able to steal 4,500 credit reports. After the theft using Ford’s access codes, Equifax, one of the three large credit bureaus in the United States, began to see the request spikes in Ford’s account. After the next two large batches of requests, Equifax decided to investigate further. Equifax found that almost all of the credit report requests came from one phone number, and that the requests were done in large batches of about 100. The location of the phone number was found, and a search by federal authorities turned up a computer and other equipment that were used in the fraud. 2 Cummings was prosecuted, sent to prison, and had to pay large fines. The victims faced the dreadful task of restoring their credit, a process that, in some cases, took a long time to complete.
Questions: Assuming you are an agent with the Federal Bureau of Investigation, do the following:
- Plan and coordinate an investigation in a manner that would not arouse suspicion from Cummings and Baptiste.
- Create a vulnerability chart to coordinate the various elements of the possible fraud.
- Assuming your investigation used surveillance and/ or covert investigation techniques, what types of surveillance and/or covert operations would you use? How would technology play a role in this part of the investigation?
- Finally, how would analysis of physical evidence help in this investigation? What types of physical evidence would be especially helpful?