With Insider Help, ID Theft Ring Stole $700,000 In Apple Gift Cards

itwbennett writes The Manhattan District Attorney's office has indicted five people for using personal information stolen from around 200 people to fund the purchase of hundreds of thousands of dollars in Apple gift cards, which in turn were used to buy Apple products. "Using stolen information to purchase Apple products is one of the most common schemes employed by cybercrime and identity theft rings today," District Attorney Cyrus Vance said in a statement. "We see in case after case how all it takes is single insider at a company—in this instance, allegedly, a receptionist in a dentists' office—to set an identity theft ring in motion, which then tries to monetize the stolen information by purchasing Apple goods for resale or personal use," he said.

What about the banks?

[TechyImmigrant]

>We see in case after case how all it takes is single insider at a company—in this instance, allegedly, a receptionist in a dentists' office—to set an identity theft ring in motion, which then tries to monetize the stolen information by purchasing Apple goods for resale or personal use

Those people can do that because of the horribly insecure payment methods the banks impose on everyone. If crime requires motive and opportunity, then it's the banks who are providing the opportunity.

Re:What about the banks?

[TechyImmigrant]

Being able to take someone's money by taking plaintext credentials like social security numbers and the numbers written on the front of a card is exactly the fault of the banks.

Re:What about the banks?

[Insightfill]

Being able to take someone's money by taking plaintext credentials like social security numbers and the numbers written on the front of a card is exactly the fault of the banks.

Exactly - as long as we continue to call it "Identity Theft" and not "Credit/Financial Fraud", it will have the perception of being the victim's problem and fault. If you get your car window smashed and things stolen out of your car, it's often perceived as partially your fault for where you parked, what you had exposed, etc. In the case of so-called "identity theft", the actual crime can be taking place miles away, and you may have no realistic way of preventing it. The bank has a problem - not me.

Re:What about the banks?

[stephanruby]

What about them? They got screwed.

No, they didn't get screwed.

The contract is written in such a way that it is always the merchants that take the financial hit for fraudulent charges, not the banks (even if the merchants themselves did everything correctly on their end).

Also calling the receptionist at a dentist's office "an insider" is misleading. That kind of language was specifically designed for the banks to avoid taking responsibility for the fraud. It was not the dentist's office that was being ripped off, it was Apple. By that novel definition "an insider", there are millions of Apple/Banking insiders in the US alone, from the waitress, the janitor, and the bus boy of every restaurant or little hole in the wall where they serve food, to the regular employee, janitor, intern, and temporary employee of every office building where credit card numbers are taken over the telephone.

I know the use of the word "insider" was introduced by Slashdot itself (either the submitter or the editor), but the word "employee" used in the title of the original ITWorld article leaves a lot to the imagination too, probably for that same reason that if one was to clearly describe what happened, everyone would be assigning blame to the banks and their system, instead of excusing the breach on having an insider employee somewhere (which is very hard to protect against).

Homo sapiens assholius

[Black+Parrot]

Why are so many people such jerks?

why steal information

[ihtoit]

when you fucking idiots are GIVING IT AWAY on your fucking Facebook accounts??

Re:here's an idea

[pen]

Here's another idea:

Apple products can be deactivated remotely, even laptops.

Each device has a serial number that can be linked to the gift cards which can be linked to the stolen credit cards.

Do a little bit or leg work, deactivate the illegally obtained devices. Even if you don't nab the thieves, you make this scheme way less profitable.

Re:Apple knew this would be abused

[tlhIngan]

Apple made the business decision to have the instant credit provided by a 3rd party. There was a lot of money to be made in this channel and Apple is sitting on billions in cash so why did Apple not provide the credit directly? Because they knew this would be abused and they couldn't put a solid number on the potential downside. There are probably some interesting emails to be subpoenaed by an enterprising attorney on this subject. I would guess the Apple CFO would have been for offering the credit directly and the CMO against it.

Probably because banking regulations get hairy, quickly. Offering credit isn't an easy thing (especially if you want to legally be able to collect the money owed) and there will be plenty of edge cases that Apple needs to handle. Plus, with legislation varying between states, that's a nasty furball.

Sure, Apple could do it, but they have no experience in the area, no way of being able to tell good risk from bad risk, having to deal with pulling credit reports, late payments/bankruptcy/nonpayment, and even tricky ones like overpayment and refunds.