A cyber-criminal who defrauded American telecommunications giant AT&T out of more than $200m through a phone-unlocking bribery scheme has been sentenced to prison.
Muhammad Fahd, a 35-year-old citizen of Pakistan and Grenada, led a seven-year conspiracy in which AT&T employees were bribed to unlawfully unlock nearly two million customers’ cell phones for profit.
The plot began in 2012 when Fahd colluded with others to recruit AT&T staff working at a call center in Bothell, Washington. The employees were bribed to use their AT&T credentials to unlock cell phones for ineligible customers.
“Unlocking a phone effectively removes it from AT&T’s network, thereby allowing the account holder to avoid having to pay AT&T for service or to make any payments for purchase of the phone,” said the Department of Justice’s Office of Public Affairs in a statement released September 16.
Fahd used the alias Frank Zhang to contact an AT&T employee through Facebook and offer them large sums of money to secretly unlock phones’ International Mobile Equipment Identity numbers (IMEIs). Fahd also asked the employee to enlist other AT&T staff in the scheme.
The recruited employees were instructed by Fahd to establish fake businesses and set up bank accounts for those businesses. These accounts were used to give the illusion that the fraudulent payments and fictitious invoices that formed part of the scheme were genuine.
“AT&T’s forensic analysis shows the total number of cellular telephones fraudulently unlocked by members of the scheme was 1,900,033 phones,” said the Office of Public Affairs.
“AT&T has further determined that the loss it suffered because customers, whose cellular phones were illegally unlocked, failed to complete payments for their cellular telephones was $201,497,430.94.”
When AT&T implemented a new unlocking system in 2013 that made unlocking the IMEIs harder, Fahd hired a software developer to design malware to unlock phones more efficiently and in larger numbers. Fahd then had AT&T employees install the malware on AT&T’s computer system.
Fahd was indicted in 2017 and arrested in Hong Kong in 2018. After being extradited to the US in 2019, in September 2020 Fahd pleaded guilty to conspiracy to commit wire fraud. On September 16, he was sentenced to 12 years in prison and ordered to pay restitution of $200,620,698.