BULLETIN: FTC Paints Picture Of Spectacular, International Fraud Involving At Least 16 ‘Sham’ Companies, More Than 100 Bogus Merchant Accounts And 14 ‘Money Mules’; More Than 1.3 Million People Fleeced

PP BLOG BULLETIN >>> MOVING >>>

More than 1.3 million debit or credit-card numbers have been compromised in an international micro-payments scheme that resulted in fraudulent charges totaling more than $10 million.

The money appears to have been whisked offshore to bank accounts in Lithuania, Estonia, Latvia, Bulgaria, Cyprus, and Kyrgyzstan, the FTC said.

At the moment, the agency said it believed the fraudsters opened more than 100 bogus merchant accounts, formed 16 “dummy” corporations and relied on a network of 14 “money mules” recruited in a spam campaign to raid the cardholder accounts of small amounts that created a large amount in the end.

Part of the deception was to create “phony company names” resembling the names of real companies, the FTC said.

“The FTC believes the defendants may have run credit checks on the identity theft victims first, to be sure they were creditworthy,” the agency said, describing the deception as monumentally elaborate.

Chillingly, the agency added that the perpetrators “cloaked each fake merchant with a virtual office address near a real merchant’s location, a phone number, a home phone number for the ‘owner,’ a Web site pretending to sell products, a toll-free number consumers could call, and a real company’s tax number found on the Internet.”

It is likely that the scam was designed to scrape small amounts from cardholders’ accounts to minimize the chance of getting caught and to permit the scammers to stay under the radar and emerge with a huge sum, the FTC said.

“None of the consumers affected by the scam had contact with any of the defendants. Most consumers either didn’t notice the charges on their bills or didn’t seek chargebacks because of the small amounts — charges ranged from 20 cents to $10,” the FTC said.

“Consumers who called the toll-free numbers that appeared on their bills either found them disconnected or heard recorded messages instructing them to leave a message, but no calls were returned,” the agency said.

Each of these companies (below) is a “sham” and has been named a defendant, the FTC said. NOTE: Remember, one of the allegations is that the perpetrators used “phony company names” that resembled the names of real companies. The information below reflects the names of the bogus firms, as reproduced from court records the FTC released today:

1. API Trade LLC, a Pennsylvania limited liability company incorporated in 2006.
2. ARA Auto Parts Trading LLC, a limited liability company.
3. Bend Transfer Services LLC, a Nevada limited liability company incorporated in 2006.
4. B-Texas European LLC, a Texas limited liability company incorporated in 2006.
5. CBTC LLC, a Delaware limited liability company incorporated in 2007.
6. CMG Global LLC, a Pennsylvania limited liability company incorporated in 2006.
7. Confident Incorporation, a California company incorporated in 2002.
8. HDPL Trade LLC, a Pennsylvania limited liability company incorporated in 2008.
9. Hometown Homebuyers LLC, a Texas limited liability company incorporated in 2002.
10. IAS Group LLC, a California limited liability company incorporated in 2008.
11. IHC Trade LLC, a New York limited liability company incorporated in 2007.
12. MZ Services LLC, an Arizona limited liability company incorporated in 2004.
13. New World Enterprizes LLC, a New Jersey limited liability company incorporated in 2005.
14. Imports LLC, a Louisiana limited liability company incorporated in 2006.
15. SMI Imports LLC, a Florida limited liability company incorporated in 2006.
16. SVT Services LLC, a New York limited liability company incorporated in 2008.

Also named a defendant is “John Doe,” described as “one or more individuals or entities whose true name and address of residence are unknown to the FTC at this time.”

How The Scheme Worked (From March Court Filing The FTC Released Today; Italics, Coloring, Indentations Added)

Defendant(s) Doe have hired under false pretenses a group of at least fourteen individuals in the U.S., referred to here as the “money mules.” Defendant(s) Doe then direct the money mules to form companies and to open one or more U.S. bank accounts in the name of those entities.

A group of sixteen companies formed by the money mules are named as defendants in this action and will be referred to here as the “Money Cashing Defendants.” In addition to the Money Cashing Defendants, Defendant(s) Doe themselves also have created over a hundred fake companies using false identities. These fictitious companies — some of which purport to be located in [the Northern District of Illinois] — are the “merchants” that place the unauthorized charges on consumers’ accounts.

With this infrastructure in place, Defendants have proceeded to assess unauthorized charges to consumers’ accounts and to deposit the funds into the U.S. bank accounts of the Money Cashing Defendants. Defendant(s) Doe then direct the money mules to wire the funds to offshore accounts in Lithuania, Estonia, Latvia, Bulgaria, Cyprus, and Kyrgyzstan, where the funds presumably end up in the hands of the Doe Defendants. In this way, Defendants have essentially stolen over $10 million. More than 1000 consumers have filed complaints with the FTC about these illegal practices.

The defendants’ assets have been frozen.

Investigators said the scheme, which had been operating since 2006, relied on stolen records to proliferate. (Citations omitted by PP Blog):

“In setting up the fake companies, Defendant(s) Doe use names that sound similar to legitimate companies and provide addresses located in the vicinity of the legitimate companies,” the FTC said. “Defendant(s) Doe purchase ‘virtual office addresses through a company that sells business address services. All mail sent to these office addresses is then forwarded to another company that scans the mail and uploads it onto a secure server so that Defendant(s) Doe can view it electronically from any location.

“The fake companies also use Employer Identification Number (‘EIN’) tax numbers of the legitimate companies. Defendant(s) Doe also create a website for each fake company so that the company appears to credit card processors to be a legitimate online merchant. These web sites appear to only operate for a short period of time, probably just long enough for a credit card processor to . . . perform due diligence on the account application . . . The websites of the fake companies purport to sell some kind of product such as electronics and office supplies. Each fake company also has a toll-free telephone number, as well as a ‘home’ telephone number for the ‘owner’ of the company. The toll-free numbers forward to a cell phone number registered in Belarus.”