Dive Brief:
-
A 24-year-old Florida man allegedly got away with stealing $309,768 worth of goods, mostly electronics, from Apple stores before he was caught.
-
According to court records, the man pretended to call his bank after his credit or debit card was declined at checkout, and gave a made-up number to override the decline.
-
The alleged scam worked because such codes given out by banks must be a certain length, but are random and have no other authentication.
Dive Insight:
Unlike most credit-card scams, this one has left the targeted Apple stores holding the bag, because the banks in every case declined the sale. In an era of malware and large-scale credit-card breaches, this maneuver was surprisingly elegant. Here’s hoping that banks and retailers call this a lesson learned, and add a layer of authentication to these types of transactions.