Protecting credit unions and members from fraudulent activity is our top priority. At the end of 2019, a card skimming scheme was discovered in Portland, Maine. The device found was very sophisticated. It utilized a SIM card to transmit payment data in real-time, including PIN information via a text message to the perpetrators. That feature provided the fraudsters the ability to generate counterfeit cards within one day from when the information was compromised. Ultimately, it was part of a larger fraud scheme. We are pleased to inform you that a federal grand jury has returned an indictment against a Florida man for his role in this activity.
Luis Angel Naranjo Rodriguez, 29, of Hialeah, Florida has been accused of installing card skimming devices at a fuel dispenser in Portland and at other gas stations across New England to obtain debit and credit card account numbers. He is charged with eight counts of wire fraud, four counts of bank fraud, four counts of aggravated identity theft, one count of possessing 15 or more counterfeit or unauthorized access devices, and one count of possessing device-making equipment.
Rebekah Higgins, Synergent Payment and Fraud Consultant, assisted law enforcement officers working the case. She provided transactional data to help them determine where the skimmer was located. After the skimmer was found, Higgins compiled a list of the fraudulent transactions to help prove the financial losses.
“Anytime we can assist credit unions and law enforcement in mitigating fraud, we are happy to offer our time, expertise, and resources,” said Higgins. “Synergent’s unique access to aggregate transaction data provides us with an advantage that allows us to quickly identify and report common points of compromise, including skimming devices.”
According to the Justice Department, the charging statute for using a counterfeit access device provides for a sentence of up to 10 years in prison, three years of supervised release, and a fine of up to $250,000. The charge of possessing device-making equipment provides for a sentence of up to 15 years in prison, three years of supervised release, and a fine of $250,000.
Nearly 5,700 credit and debit card accounts were compromised as part of this scheme.