Louise Matsakis covers Amazon, internet law, and online culture for WIRED.Federal investigators were after more than a handful of call center workers. They were looking for the operation’s leaders. Last fall, Evans, Sapatin, and a third ex-employee not named in the 2015 lawsuit, DeVaughn Woods, reached plea agreements with the US government. All three pleaded guilty to charges connected to their dealings with Fahd, and agreed to testify against him at trial, according to court documents. Fahd has now been charged with wire fraud, accessing a protected computer in furtherance of fraud, two counts of intentional damage to a protected computer, and four counts of violating the Travel Act, among other charges. The indictment names another co-conspirator, Ghulam Jiwani, who court documents say passed away while in custody in Hong Kong.“We have been working closely with law enforcement since this scheme was uncovered to bring these criminals to justice and are pleased with these developments,” a spokesperson for AT&T said in an email. Lawyers for Fahd, Evans, Lam, Woods, and Sapatin did not immediately respond to requests for comment. The AT&T spokesperson said the company didn’t have anything additional to share about the status of the civil lawsuit.
Unlocking the CaseThe Justice Department’s charges describe an elaborate ruse that began in 2012. At first, the indictment alleges, Fahd and Jiwani ran their unlocking business without the use of any fancy technology. Fahd reached out to the AT&T employees on Facebook, over the phone, and through other means, often going by "Frank" or "Frankie." He then offered to pay them for unlocking AT&T devices, which they normally could in response to legitimate customer requests. Fahd instructed them to communicate with him using prepaid cell phones and anonymous email addresses, according to court records. Once they were on board, the workers were given lists of international mobile equipment identity numbers—unique to each device—and told to free the phones from their associated AT&T contract plans. To receive their payments, the AT&T workers were told to set up business banking accounts and fake shell companies. One even traveled to Dubai to accept a bribe, according to the DOJ.Jiwani and Fahd’s scheme soon grew more complex, according to the indictment. In April 2013, they began asking AT&T employees to install malware on their work computers, which was designed to observe how the company’s network functioned. Using that information, they developed a software program that made it possible to carry out the unlocking process remotely, ostensibly so bribed employees didn’t need to enter each IMEI number manually at their desk. Six months later, Fahd and Jiwani ran into a problem: AT&T had discovered their malware, and several of the employees who were using it subsequently left the company or were fired, including Evans, Sapatin, and Lam. But the hiccup didn’t stop the scam for very long.Not all of the bribed AT&T employees were apparently caught. Fahd allegedly went on to instruct the remaining workers to install not only malware but also hardware devices, which were used to process unauthorized unlock requests until approximately September 2017. All the while, federal authorities were apparently investigating the criminal activity, according to court documents. In February of 2018, Fahd was finally arrested. He made his first appearance in a Seattle federal court on Monday.
There’s an enormous, global appetite for secondhand smartphones, which are useless if still tethered to years-long contracts with US carriers like AT&T. The DOJ’s indictment provides a glimpse at some of the ways that demand is met. “The wireless industry has frequently fallen victim to large-scale phone trafficking operations in which illegal operators buy or steal large quantities of phones,” lawyers for AT&T wrote in their original 2015 lawsuit. They “unlock them, and resell them in foreign markets.”The case is also evidence of a cybersecurity threat that’s proven difficult for wireless carriers to combat: their own customer service employees. Customer service reps need access to sensitive data and tools in order to do their jobs, but they may also be overworked and poorly compensated. In a separate case from May, the Department of Justice accused two former AT&T contract employees and one Verizon employee of providing customer information in exchange for bribes, which was used to steal victims’ phone numbers .
- How scientists built a “living drug” to beat cancer
- Hey, Apple! “Opt out” is useless. Let people opt in
- Big banks could soon jump on the quantum bandwagon
- The terrible anxiety of location sharing apps
- Now even funerals are livestreamed
- 🏃🏽♀️ Want the best tools to get healthy? Check out our Gear team’s picks for the best fitness trackers , running gear (including shoes and socks ), and best headphones .
- 📩 Get even more of our inside scoops with our weekly Backchannel newsletter