Law enforcement authorities in Barcelona, Madrid, Lleida and Tarragona, Spain identified a new type of scam conducted by organized criminals, where the suspects sell smartphones that are assembled with illegally imported counterfeit or stolen parts and are sold on the internet. A researcher skilled in the topic suggested that there are connections to the darknet in the criminal activities.
Law enforcement authorities in the region call these devices “Frankenstein phones” since some parts of the smartphones are stolen or fake. According to the police, criminals are selling these devices on the internet, marketing them as original ones for a much cheaper size than the original. The illicit phones are sold again with a new IMEI (serial number, which is the unique ID of the device). While doing their business, criminals resort to various tricks, especially with the iPhone devices. The tools on iPhones enable the user to disable the remote phone lock and therefore the payment system (if enabled) and access to information through another device using the same phone.
Therefore, criminals operate in the following manner, according to a researcher. First, they turn off the device to avoid being tracked by law enforcement authorities. From a place, where it is assumed that police can’t enter without getting a warrant first, they start the phone to find out if the owner disabled the protection. Some criminals use social engineering: they call or send a message pretending to be police or other law enforcement authorities, and they are asking for passwords and login credentials.
If the user falls for the scam he can lose more than his account. The victim is not only logged out of his or her device, but the phone is without a valid IMEI (that appears in the iTunes account). The IMEI could be used for another phone if it had not been blocked yet, or the criminals could also sell the information on illicit clearnet (the normal part of the internet people usually refer to) and dark web forums and marketplaces. The new owner only discovers the issue when he or she updates the software. If he or she tries to update the software of the device, the phone will be blocked and the user can’t use it anymore.
“The scam is having some success,” the researcher warn.
Sometimes fraud is discovered by the potential buyers of the devices. This usually happens when they want to update the system and synchronization program rejects, the researcher said. On the internet, there are websites (mostly blackhat forums or sites) where criminals can find information how to fix these problems. If the IMEI number of a device is stolen, it could be valuable for the criminals since they can sell the information on the dark side of the internet for a good price, the researcher claims.
“If the phones remain unused, perhaps there is no choice but to restructure it and sell it like a new one. They sell phones as if they were iPhones skin imitations in a perfect condition and with an Android operating system at a modified at half price. Believe it or not, the criminals have success selling these phones because they know what type of customers to look for. They put ads on the internet saying ‘I have an iPhone or Samsung Galaxy for 100 euros.’ There are people who like to pretend,” the researcher said.
According to the researcher, the websites where the phones are sold are only created for the fraud. Criminals put advertisements on social media websites, sites that offer classified ads, and they redirect the customers to their selling sites. After they have enough sales on one site, they delete them for security reasons and make other ones. Sometimes, the websites are deleted since law enforcement authorities receive reports from internet users, and they take down the illicit sites.