$200 Million Fraud Case: More Guilty Pleas

Nine Guilty Pleas So Far in Massive Synthetic Identity Case
$200 Million Fraud Case: More Guilty Pleas

Khawaja Ikram of Staten Island, N.Y., has pleaded guilty for his role in an international $200 million credit card fraud conspiracy that involved fabricating more than 7,000 false identities to obtain tens of thousands of credit cards.

See Also: Ransomware: The Look at Future Trends

Ikram pleaded guilty to one count of conspiracy to commit bank fraud, according to the U.S. Attorney's Office for the District of New Jersey. He was originally charged in February 2013 as one of 18 defendants in the scheme (see: $200 Million Card Fraud Scheme Alleged). Members of the conspiracy, including Ikram, doctored credit reports to pump up the spending and borrowing power associated with the cards, prosecutors say. The conspirators then borrowed or spent as much as they could, based on the phony credit history, but did not repay the debts, causing more than $200 million in confirmed losses to businesses and financial institutions.

Two co-defendants, Tarsem Lal of Iselin, N.J., and Azhar Ikram of Howard Beach, N.Y., pleaded guilty on April 2 to conspiracy to commit bank fraud, according to the attorney's office.

The latest pleas follow six earlier guilty pleas by individuals who admitted to playing key roles in the synthetic identity scheme (see: More Guilty Pleas in $200 Million Fraud Scheme).

The case highlights the need for continuous monitoring of transaction activity, says Wesley Wilhelm, lead fraud expert at NICE Actimize, a fraud prevention solutions provider.

"Since the loans in this case are credit card loans, the appropriate process for continuous review is to monitor the transaction activity, or lack thereof, on the accounts and identify both out-of-pattern behavior and in-pattern fraud behavior," he says.

Case Background

The scheme involved a three-step process in which the defendants would make up a false identity by creating fraudulent identification documents and a fraudulent credit profile with the major credit bureaus, according to prosecutors.

From there, the fraudsters would pump up the credit for the false identity by providing false information about that identity's creditworthiness to the credit bureaus. Following these efforts, the criminals would run up large loans.

The scheme required Ikram and his conspirators to construct an elaborate network of false identities, prosecutors say. The fraudsters maintained more than 1,800 "drop addresses," including houses, apartments and post office boxes, which they used as the mailing addresses of the false identities.

Ikram admitted he helped obtain credit cards in the name of third parties - many of which were fictional - and then directed the credit cards to be mailed to addresses controlled by members of the conspiracy, prosecutors say. He also admitted he knew the cards would be used fraudulently at businesses.

Ikram's charge carries a maximum potential penalty of 30 years in prison and a $1 million fine, or twice the gain or loss caused by the offense. He's scheduled to be sentenced on Sept. 23. Lal and Azhar Ikram are scheduled to be sentenced Sept. 17.

Increased Monitoring

To help prevent massive ID fraud schemes, institutions need to diligently apply know-your-customer practices for opening new accounts, Wilhelm says. "Then, focus on the diligence of monitoring the transactional activities to look for patterns to indicate these are accounts being stored or pharmed for future bust-outs," he says. "That comes from not just looking at the activity on accounts, but lack of activity."

Gartner analyst Avivah Litan says continuous monitoring is a must, given the ease in which synthetic identities can be created and processed through banking systems. "But if you're constantly monitoring, you would see some abnormal behavior," she says.

Another solution in mitigating fraud schemes is the use of big data analytics to identify patterns of fraud. "You can correlate a relationship and see there are 10 cards with the same address and same phone number, and they all have these same patterns where they're spending certain amounts," Litan says. "I have several bank clients who have used big data analytics to catch this kind of fraud."


About the Author

Jeffrey Roman

Jeffrey Roman

News Writer, ISMG

Roman is the former News Writer for Information Security Media Group. Having worked for multiple publications at The College of New Jersey, including the College's newspaper "The Signal" and alumni magazine, Roman has experience in journalism, copy editing and communications.




Around the Network