A 24-Year-Old Scammed Apple 42 Times In 16 Different States 419
redletterdave (2493036) writes "Sharron Laverne Parrish Jr., 24, allegedly scammed Apple not once, but 42 times, cheating the company out of more than $300,000 — and his scam was breathtakingly simple. According to a Secret Service criminal complaint, Parrish allegedly visited Apple Stores and tried to buy products with four different debit cards, which were all closed by his respective financial institutions. When his debit card was inevitably declined by the Apple Store, he would protest and offer to call his bank — except, he wasn't really calling his bank. So he would allegedly offer the Apple Store employees a fake authorization code with a certain number of digits, which is normally provided by credit card issuers to create a record of the credit or debit override. But that's the problem with this system: as long as the number of digits is correct, the override code itself doesn't matter."
Wow ... (Score:3, Interesting)
Who the hell came up with that idea?
That's no security in any meaningful sense of the word.
I'm betting some lobbyist made it so that the banks didn't really need to do anything concrete, just look like they were.
If that's all that's required, the banks deserve to be getting ripped off.
Re:Wow ... (Score:5, Interesting)
Except they're not, Apple was. TFA states that since they accepted it even after it was denied, Apple's on the hook for it.
shift of blame. (Score:3, Interesting)
Once upon a time, the retailer would have to take the blame for this because it is the retailer who is supposed to make the call to the financial institution on the retailer's own phone line, not using the cardholder's phone or trusting the cardholder's ability to dial the number.
Unfortunately, the retailers are successfully using the police to cover for the incompetence of their staff.
Re:Wow ... (Score:5, Interesting)
Visa wakes up, takes a dump, then wipes its ass with $300,000 dollars. It is nothing compared to the billions they make in clearing fees alone.
Vendors are not even allowed to do things like require an ID, (I know they do, but it is against the vendor agreement), even though it would make purchases a lot more secure, because EASY trumps everything, EASY makes billions. Secure override codes... Who cares?
This is an Apple/retailer fail (Score:5, Interesting)
From TFA:
>> merchants can be liable for charges if they override a credit or debit card denial in this fashion
>> In (another) case...after defrauding Victoria’s Secret, Banana Republic, and several other retailers out of $557,690 in the same manner, which is known as a “forced sale” or “forced code.”
I think the operational problem here is that store managers have the authority to override denials to boost their own sales numbers...while the risk for bad credit decisions may fall on the owners.
What a strange title. (Score:5, Interesting)
Does the fact that the guy was 24 have any bearing on the story what-so-ever? Why not say "scam artist" or something more generic?
Re:in fairness... (Score:2, Interesting)
If you believe IP == worthless, then yes.
No, Apple believes Chinese children are worthless [qz.com].
Re: Wow ... (Score:2, Interesting)
The bank supplies Apple's POS software, so the bank is on the hook.
Pretty simple really.