Tech Scammer Who Fooled Cisco, Microsoft and Lenovo Out of Millions Jailed For Over Seven Years (theregister.com) 26
An anonymous reader quotes a report from The Register: A scammer who convinced some of the world's biggest tech businesses to send him replacement kit has been sentenced to seven years and eight months in the U.S. prison system. Justin David May, 31, used stolen hardware serial numbers, a plethora of fake websites and online identities, social engineering tactics, and a network of associates, to scam Cisco out of nearly $3.5m in hardware in just 12 months. Microsoft lost 137 Surface laptops (retail cost $364,761) to the crew, with Lenovo US also losing 137 replacement hard drives worth $143,000 and APC (formerly American Power Conversion) getting scammed out of a few uninterruptible power supplies. May pled guilty to 42 counts of mail fraud, 10 counts of money laundering, three counts of interstate transportation of goods obtained by fraud, and two counts of tax evasion.
In the largest scam against Cisco, run from April 2016, according to court documents [PDF] filed in eastern district court of Pennsylvania, May and the team set up domains and email addresses to mimic cisco.com user IDs and harvested serial numbers of legit machinery. They then used these to trick Cisco into sending out replacement kit, such as a Cisco Catalyst 3850-48P-E Switch worth around $21,000 at the time, and a couple of Cisco ASR 9001 routers priced at over $100,000 for the pair. The same scam worked well for Microsoft and Lenovo too, it seems. The court docs note that May was skilled at picking imaginary faults that weren't remotely repairable, such as basic software issues, but which were more obvious as serious flaws needing a replacement unit. In addition the crew digitally altered images of their supposed kit and serial numbers to fool support staff. Once the hardware was received, usually via UPS or FedEx, the companies never got the faulty kit back because it never existed. Meanwhile the packages were picked up, sold on eBay and other second-hand sites, and the cash pocketed, or in the case of Microsoft, some of the hardware shipped to Singapore for resale.
In the largest scam against Cisco, run from April 2016, according to court documents [PDF] filed in eastern district court of Pennsylvania, May and the team set up domains and email addresses to mimic cisco.com user IDs and harvested serial numbers of legit machinery. They then used these to trick Cisco into sending out replacement kit, such as a Cisco Catalyst 3850-48P-E Switch worth around $21,000 at the time, and a couple of Cisco ASR 9001 routers priced at over $100,000 for the pair. The same scam worked well for Microsoft and Lenovo too, it seems. The court docs note that May was skilled at picking imaginary faults that weren't remotely repairable, such as basic software issues, but which were more obvious as serious flaws needing a replacement unit. In addition the crew digitally altered images of their supposed kit and serial numbers to fool support staff. Once the hardware was received, usually via UPS or FedEx, the companies never got the faulty kit back because it never existed. Meanwhile the packages were picked up, sold on eBay and other second-hand sites, and the cash pocketed, or in the case of Microsoft, some of the hardware shipped to Singapore for resale.
Seems reasonable (Score:1)
Re: (Score:2)
His only mistake was not doing it for billions. If you bribe politicians to make protectionist laws for you and you pals, you can fleece taxpayers via the federal government, legally, for decades on end!
Re: (Score:1)
Re: Seems reasonable (Score:3)
Re: (Score:2)
His only mistake was not doing it for billions. If you bribe politicians ...
You need a budget of about $10M to fund an effective lobbying campaign that will net billions. That is a hundred-to-one ROI, but you can't play the game if you don't have the entrance fee. This guy didn't have a spare $10M lying around.
Re: (Score:2)
if everyone who can think clearly about the problem is automatically part of the problem, you're going to have a rough life. (shrug)
Re: (Score:2)
He was working on it! He just got caught before he hit $10 mil.
Re: (Score:2)
If you steal stuff, you go to jail.
His mistake was not being an executive in large corporation with powerful lawyers.
Re: (Score:2)
But 7 years for stealing 2 routers and 3 transceivers? It's not like he stole a Pearson textbook and ruined the company.
Re: (Score:2)
Nah he hit four different companies. His biggest haul was the $3.5 mil in gear from Cisco.
Re: (Score:3, Insightful)
If you steal stuff, you go to jail.
Oh please. If you steal a candy bar from Walmart, you’re charged under criminal law, face time in a cage, and will have trouble getting a job and/or apartment in perpetuity.
If you’re a CEO and you knowingly and willfully overcharge tens of millions of customers, causing their bank accounts to be debited for an amount in excess of what they owe ... the customers have to hire a lawyer at which point the case will be tried under CIVIL law. Zero cage time possib
I mean, classic (Score:3)
Yeah, he exploited a loophole in the warranty system and he ran the same scam long enough that the rubes caught on. Brilliant, but lazy and a lot greedy, too.
Seems like whether it's credit card gas pump skimmers, junk bond purveyors, or those engaged in Madoff-level Ponzis; they all play the short game long. It's a live for the moment, scam now, pay later scheme, destined to end in having your bills paid by the State for longer than it seems worth it.
The most difficult part of working a successful hustle is knowing when to get out and work another.
Re: (Score:3)
For the purposes of your prosecution and sentencing you are presumably on the hook for the full list price (even in cases where full list price is either just a joke that you and your account rep use to break the ice before discussing the real price; or where vendor-authorized FRUs have nominal prices wildly higher than
Re: (Score:2)
What I want to know is how they get advance replacement hardware sent out without needing some payment authorization.
It's easy on a subscription product because the subscription gets transferred over but for warranty replacements almost always require putting a credit card or something.
Then again, I guess people who spend millions on equipment and support plans get special treatment
Companies should hire him (Score:3)
He got a hold of Cisco TAC *and* got replacement equipment sent out? This is impossible with a valid contract. Hire him!
Re: Companies should hire him (Score:1)
Re: (Score:2)
Re: What kind of hard-drives are those?! (Score:2)
Ones that have had a sticker put on them that says "For Servers".
So tech support is only defense for scams? (Score:2)
Re: (Score:2)
The data often is sold, both to criminals and to intelligence agencies.
Re: So tech support is only defense for scams? (Score:1)
Scam dependent on low product quality (Score:2)