Social media platforms, for good or ill, have become the world’s “town square.” It’s here that ordinary people meet and interact, gossip, and learn the news. Social media is where legitimate companies come to target those consumers, and it is also very much the place where scammers and criminals target do the same.
Card cracking is one of the many scams that flourish on social media. Like a handful of others, it seeks not just to dupe a consumer, but also to frequently co-opt the victim as an accomplice and active collaborator. Uncovering the real-world individuals behind these scams can be challenging, but their reliance on social media to find victims can be a crucial vulnerability when investigators have access to social media intelligence (SOCMINT) tools.
Anatomy of the Card Cracking Scam
Card cracking is part of the larger family of “easy money” scams, in which the victim is offered an opportunity to earn either a one-time reward or an ongoing income in return for their cooperation. Although there are numerous variations on the theme, the scam typically follows these steps:
- Victims are targeted with a social media message, offering them the opportunity to earn money by assisting the message’s purported sender.
- Anyone responding to the message will be asked to provide access to their banking information, which the other party will use to make deposits (the pretext for this varies, but will be vaguely plausible).
- If the victim complies, the scammer deposits bogus checks into their account, and then immediately withdraws funds to the limit set by that specific bank or financial institution.
- The checks later bounce, leaving the victim responsible for the amounts that have been withdrawn. In some cases, scammers exploit their access to drain those accounts entirely.
Scammers target a range of victims with these messages but usually seek out those in financial distress or those who are more easily duped by reason of their youth and inexperience, including students and early-career serving members of the military.
The victim in some variations of this scam is encouraged to file a fraud complaint with the financial institution, claiming that their banking information was stolen and that the transaction was conducted without their consent, often securing reimbursement from the bank. At this point, the victim becomes an active accomplice by deliberately defrauding or attempting to defraud their financial institution.
The Easy Target and the Hard Target
The scam presents two targets for law enforcement agencies. The first is the scammer’s victim or dupe, who may be swayed to cross the line and deliberately participate in the fraud. The second is the actual scammers who initiated the transaction.
Gullibility is no defense before the law, and those who knowingly commit fraud or assist in the commission of fraud can be, and often are, prosecuted for their role. That is not necessarily a satisfactory result, from the law enforcement perspective. Finding and prosecuting the scammer or scammers is the more desirable outcome, but they represent a significantly more difficult target.
While their use of social media as a contact method necessarily creates an online footprint, connecting a given social media profile to a specific individual is not straightforward. Many social media platforms do not require their users to display a real name, offering anonymous or pseudonymous use even when the user’s genuine identity is required. Even on those platforms where identities are verified, the verification procedures are often weak and easily circumvented through the use of false identification or a completely synthetic identity. To trace those anonymous or pseudonymous accounts to their point of origin, investigators require the use of a specialized SOCMINT tool.
Approaching Card Cracking Cases Through the SOCMINT Lens
Card cracking is not a novel scam, going back several years, but it has become more significant since the start of this decade. The trends behind its rise are beyond the scope of this discussion, but the popularity of money-making “side hustles,” the pandemic’s disruptions, and recent years’ rise in the cost of living are potential contributing factors.
LEAs may become involved if the victim files a police complaint, or if a bank does so after detecting activity that suggests a card cracking scam. In the first instance, police can assume the active participation of the victim, but will still face the challenge of identifying the scammer or scammers. In the second scenario, the victim is also a potential perpetrator whose cooperation cannot be assumed, which represents a further complication.
Because social media provides both the initial point of contact between scammer and victim and the medium of communication between them, it is crucial that investigators be able to a) connect the victim/accomplice accurately to their social media accounts; and b) trace the scammers’ social media accounts back to real-world individuals who may then be identified and ultimately prosecuted. A SOCMINT tool that can consistently make accurate connections between individuals and their social media presence is fundamental to this kind of investigation.
Spokeo for Business As an Investigative Tool
Spokeo for Business is just such a tool. Spokeo launched in 2006 as a social media aggregator, and although it has since become a significant player in open-source intelligence generally it remains a leader specifically in SOCMINT data-gathering and analysis.
Spokeo’s powerful search engine can be applied to both of the foregoing use cases. In the case of an uncooperative and potentially complicit victim, searches using the victim’s name, address, phone number, or email (available through conventional investigative channels, or from the bank’s records when applicable) will return results that may include numerous social media accounts belonging to the putative victim, as well as previously unknown secondary phone numbers or email addresses which may in turn be linked to further social media accounts. These may then be scoured by investigators seeking connections to the scammer originating the scheme.
In the case of a cooperative victim investigators will typically be provided with the scammer’s social media persona, and potentially a direct telephone number or email address. All of these, including anonymous usernames, can be searched using Spokeo for Business.
Exposing Failures of OPSEC
Scammers use a number of methods to obscure their real identities, from fake signups to “burner” phones to fully synthetic identities. None of these are completely foolproof, and any lapses of operational security on the scammers’ part can undo their attempts at anonymity. Spokeo for Business’s search sifts through billions of individual records drawn from thousands of open and private sources, and can make connections that would be difficult or impossible through other means.
If a scammer has made any mistakes while setting up and operating the scam, there is a possibility of Spokeo for Business finding links back from the “anonymous” social media account or phone number to their point of origin with the scammer. Failing a direct identification, searches will often provide avenues for further investigation.
Some potential outcomes include:
- The social media persona being linked by Spokeo’s search results to the phone used to open the account. Search results will include a geographic region in which the phone is registered, and its carrier, which can potentially be used to secure a subpoena or search warrant as the investigation progresses.
- The target social media account may be connected to others opened using the same phone or email account, some of which may still be active. The target account’s friends list will often be populated with other scam accounts, which in turn can be traced back to their originating phone number.
- Investigators may be able to identify potential victims still interacting with one or more of these accounts and request their assistance in helping elicit potentially identifiable disclosures from the scammer. At a minimum, this prevents the successful commission of another fraud.
- Scammers setting up several accounts across multiple platforms may inadvertently use a personal phone or email on one of them, allowing those other accounts and phone numbers to be traced back to them personally.
- Scammers maintaining multiple personae across platforms must communicate with a number of potential victims while “in character” as the given persona. Laziness or mental error may cause them to reveal genuine personal details, which investigators can then search for across platforms. It may prove possible to connect the fake profiles to a real one, or failing that the combination of personal details and location data culled from the telephone numbers may combine to suggest a person of interest.
SOCMINT and Law Enforcement
Social media is unlikely to be supplanted at any time in the near future, and while it retains its dominance it will continue to provide unique investigative opportunities to law enforcement agencies. This includes card cracking cases, missing persons, intelligence-gathering, and many other forms of investigation which are difficult to bring to a successful conclusion through other avenues.
For further information on the use of Spokeo for Business as a SOCMINT tool in law enforcement, or to arrange a demonstration of the product or a free trial for your agency, reach out to our team through the contact information on our Law Enforcement page.
Disclaimer: This blog post is not intended as legal advice. Consult your legal and/or compliance department before making any changes to your operations.
Sources
American Bankers Association: “Card Cracking” Schemes
US Attorney’s Office, District of Rhode Island: Seven Indicted in “Card Cracking” Scheme
US Attorney’s Office, Northern District of Illinois: Six Defendants Charged in “Card Cracking” Scheme Targeting Military Members