Criminals willing to travel thousands of miles are ensnaring hundreds of victims as they bring credit and debit card cloning schemes to the Twin Cities.
It’s evidence, police and cyber security consultants said, of the ongoing fallout from major retail data breaches.
Suburban police are alerting residents to a rise in such cases while businesses and law enforcement alike try to figure out why the area has seen so many unwelcome visitors lately — and how to stop them.
“They are kind of like ghosts. They’re in and they’re out,” said Eagan Police detective Desiree Schroepfer.
Police in Eagan have been able to arrest at least four pairs of suspects since April, tracing the cards they carried to more than 300 victims, according to charges. Investigators linked the biggest single case, with 180 suspected victims, to Home Depot’s 2014 breach.
Though this summer’s warnings have come from the south metro, authorities said that the area isn’t alone. Many Minnesotans are beginning to notice — through bank statements or calls from police — that they are among the millions whose financial card information can be bought online with a username and about $20.
“Everyone has this,” said Mark Lanterman, chief technology officer at Computer Forensic Services in Minnetonka. “Either law enforcement doesn’t realize it or they’re just beginning to understand the severity.”
‘Hackers are winning’
People using cloned cards often travel in pairs, flying in or driving rental cars and staying at hotels as they shuttle between cities, authorities said. Many go undetected because they use the duplicate cards near victims’ hometowns to avoid raising banks’ suspicions.
That’s what Detroit-area residents Marcus Hatch, 22, and Montel Roberts, 23, did — driving 10,600 miles in a rental car over six weeks before being caught at an Eagan hotel with more than 50 gift cards worth $4,775, all purchased with cloned cards. Both pleaded guilty in May to financial transaction card fraud and served 30 days in jail.
Dakota County Attorney James Backstrom, meanwhile, is seeking aggravated sentences for Sade Robinson, 21, of Eagan, and Emile Rey, 35, of Chicago, in connection to a monthslong scheme in which Rey allegedly flew to and from the Twin Cities using cloned cards with Robinson to buy gift cards at Target and Wal-Mart stores in Minneapolis, St. Paul and 13 suburban cities.
After Eagan police arrested the two, Robinson told investigators she had bought at least $10,000 worth of gift cards that she spent on food and clothing. Wells Fargo found that some of the roughly 180 victims’ credit cards had been compromised in the Home Depot data breach, according to charges.
Lanterman, a former member of the Secret Service Electronic Crimes Task Force, said millions of stolen credit and debit card numbers can be searched by ZIP code and bought on the website rescator.cc. Buyers use that data to create a duplication card.
A search for most metro ZIP codes — and even farther afield in Owatonna — turned up the maximum result of 1,650 card numbers per city. Lanterman suspects rescator.cc, a site believed to be run by a Ukrainian hacker, has even more. Code names let criminals know which data breach is responsible for a given group of cards, with as many as three dozen groups of cards tied to breaches as yet undiscovered.
Cards compromised during Target’s 2013 breach are still for sale, with a disclaimer that only a third are still valid.
“Right now the hackers are winning the battle,” said Apple Valley Police Sgt. James Gummert, whose department noticed a 42 percent rise in fraud cases in the first six months of the year.
‘What can we do?’
Each metro county reported a rise in total frauds last year. In Eagan, police said they already surpassed last year’s total by July, with more than a quarter of the cases involving financial card crimes.
Police also said most residents don’t realize they’ve been victimized until after the suspect has moved on.
“It’s so lucrative right now because you and I could go into business and within a week with an investment of $500 or $1,000, we could be knocking out cards left and right,” Eagan detective Paul Maier said.
Eagan Police Chief James McDonald said officers are most likely to arrest suspects while they are still inside a store or just leaving. Because of this, he said police rely on store employees. Law enforcement and business leaders recently formed the Twin Cities Organized Retail Crime Association to share such information. Its first conference starts Monday.
Lakeville Police Lt. Jason Polinski said a suspect recently told Lakeville investigators that Minnesota is a target because many stores don’t check IDs.
“It starts with the retailers,” Polinski said. “That’s where it occurs.”
Bruce Nustad, president of the Minnesota Retailers Association, believes an ongoing transition to embedding credit cards with microchips and requiring PIN numbers will be more effective.
“There’s just so many things that influence the verification of signatures — fraudulent IDs are not uncommon either,” Nustad said.
Still, Polinski said he now presents his ID at stores without being asked. His own bank alerted him three times in the past year that his card had been compromised.
“What can we do?” Polinski said. “There’s just too many victims.”