Professional Documents
Culture Documents
: !.TJ j
i\\
ni
JUL H 2011
\YJj\
...J i cL^v"irs^iS'RiCTCOUn"
Crim.No. l:ll-MJ-556:
WILLIAM SAMUEL MARTIN, aka "Awbasa," aka "Brandon," aka "Brandon Arthur," USMAN MUHAMMED, aka "Ush," aka "Moe,"
Defendants.
UNDER SEAL
I, Morgan West, Special Agent of the United States Secret Service, being duly sworn,
state:
Introduction
1.
SAMUEL MARTIN and USMAN MUHAMMED with conspiracy to commit access device fraud
in violation of 18 USC 1029(b)(2). I also respectfully request that arrest warrants be issued for
MARTIN and MUHAMMED.
2.
I have been a Special Agent of the United States Secret Service since 2007. I am
currently assigned to the Washington Field Office in Washington, D.C. My duties as a Special
Agent include the investigation ofcounterfeiting and financial fraud. During the course ofmy law
enforcement career, I have investigated multiple cases of financial fraud. In addition, in
preparation for my duties as a Special Agent, I received extensive training in the investigation of
counterfeiting and financial institution fraud, including training in the investigation and
enforcement of criminal law at the Federal Law Enforcement Training Center. I am authorized to
investigate violationsof the laws of the United States. 3. I am currently assigned to investigate individuals who illegally use credit card
observations not personally made by me were related to me by the individualswho made them or
were conveyed to me by my review of records, documents, and other physical evidence obtained
duringthe courseof this investigation. This affidavit contains information necessary to support probable cause and is not intendedto include each and every fact and matter observed by me or
known to the Government.
Background
5.
Credit card re-encoding is a form of access device fraud, and it begins with stealing
a credit card number. Credit card numbers can be stolen in many ways. A common method of
stealing credit card numbers is by "skimming," whereby a victim's card is run through a small
electronic device that captures the number from the magnetic strip. Skimming can occur during
the course of a legitimate transaction, and the victim whose card has been skimmed gets their
credit card back (as opposed to having it stolen, as by a pickpocket). Another method of stealing
credit card numbers is through electronic means, such as using the Internet to hack into a retailer's
computer system and stealing credit card numbers used at the retailer. A common factor in
skimming cases and computer hacks is that the victim has possession of their card when its number is being used for unauthorized purchases. Once a credit card number has been stolen by
2
skimming or computer hacking, it is often re-encoded to a card with a magnetic strip that can
function as a credit card. The end result is a card whose number on the front does not match the
number encoded on the magnetic strip. A stolen credit card number can be re-encoded many
times on many different cards with magnetic stripes, and the stolen number can be used by a suspect until the victim or the victim's servicing financial institution detects the fraud and disables
the card number. Suspects sometimes use re-encoded cards to purchase merchandise that is later returned for cash. More frequently, suspects use re-encoded cards to purchase gift cards. The suspects then use the gift cards to purchase merchandise that is later returned for cash. Once a gift
card's value is exhausted, it is still useful to a criminal, who can re-encode it with a stolen credit
card number. Once the gift card is re-encoded with a stolen credit card number, a suspect can use it to purchase merchandise or more gift cards, and the cycle begins again. 6. MARTIN and MUHAMMED have been friends since they attended middle school
together in the late 1990s. They commit access device fraud both together and separately.
Details of the Scheme
7.
in Arlington, Virginia, using gift cards that had been re-encoded or purchased using a stolen credit card number. Due to his suspicious use of gift cards, a Macy's employee called the Arlington
County Police Department ("ACPD"). An ACPD officer located MARTIN and briefly detained
him for questioning. MARTIN was questioned by the officer inside the security officeat the
Macy's. MARTIN consented to a cursory search of his person, and the officer found several gift
cards. MARTIN voluntarily surrendered the cards to the officer. MARTIN said that he had obtained the gift cards from his roommate.
8.
The ACPD officer who stopped MARTIN sent MARTIN on his way because there
was nothing obviously fraudulent about the gift cards, and MARTIN's purchases went through. Later, the officer gave the cards to an ACPD detective, who ran the cards through a Bank
Identification Number ("BIN") reader. A BIN reader visually displays the card number on the magnetic strip of a card. When the detective swiped the cards MARTIN had surrendered to police
through the BIN reader, it showed that all of the cards had been re-encoded.
9.
I researched the numbers that came up on the BIN reader and found that all of them
were issued to victims living outside of Virginia. Many charges were made using the card numbers after MARTIN voluntarily surrendered his re-encoded cards. The charges include
repeated purchases of gift cards at various merchants, many of them within several miles of
MARTIN's residence.
10. I have researched the stolen credit card numbers on the cards that MARTIN
8,2010, the fraudulent use of those card numbers caused approximately $5,875 in fraud loss, plus approximately $811 in attempted loss to four separate financial institutions.
11. MARTIN did not surrender all of the cards in his possession to ACPD when he was
detained. The receipt for MARTIN's purchase at Macy's shows that MARTIN made the purchase using a gift card. Bank and merchant records show that this gift card was purchased on January 16, 2010 in Temple Hills, Maryland using a stolen credit card number. The number on the gift
card, however, was not on any of the magnetic strips on any of the cards that MARTIN voluntarily surrendered. This indicates that MARTIN had at least one more re-encoded card on his person
when he was stopped by the ACPD officer.
12. On June 15, 2010,1 interviewed MARTIN. When asked about the cards MARTIN
surrendered to the ACPD officer on January 30,2010, MARTIN stated that he purchased the re4
encoded gift cards described above from a person MARTIN knew only as "Mike." MARTIN
stated that he had just graduated from Bowie State University ("BSU") in Bowie, Maryland and
that Mike hangs out on the BSU campus. MARTIN indicated that many students knew that Mike was dealingin fraudulent credit cards. MARTIN stated that he purchased the cards from Mike for
$250 each with the understanding that each card had a value of $500. MARTIN initially stated
that Mike claimed to have received the cards as gifts but later admitted that he knew there was
MUHAMMED led a criminal scheme where gift cards were purchased with forged access devices, and merchandise purchased with fraudulently obtained gift cards was returned for cash. 14. Confidential Informant 1 ("CI 1") is an associate of MUHAMMED's. I know CI1
to be credible from their track record, the fact that they have made statements against their own
interest, and my corroboration of CI1's statements. "Moves" is a term MUHAMMED and others use to collectively refer to the purchasing of gift cards with forged access devices and the return of merchandise purchased with fraudulently obtained gift cards. CI1 has worked as a "runner" for MUHAMMED many times. Runners help criminals conceal their activity. Runners fill many
roles in credit card fraud cases. Some runners will be given a forged access device and directed to
buy gift cards. Other runners will be directed to purchase merchandise with the gift cards. Still
other runners will be given the fraudulently obtained merchandise and directed to return it to a
retailer for cash. Nordstrom is particularly favored by criminals committing access device fraud because Nordstrom has a lenient return policy and will accept returns and give the customer cash. CI1's return history at Nordstrom totals approximately $24,774 and is mostly confined to returns made at stores in Fairfax County and Arlington, Virginia, within the Eastern District of Virginia.
5
15.
On or about February 21,2011, MUHAMMED called CI1 and asked that CI1 go
on "moves." MUHAMMED also told CIl that CIl would be returning a pair of expensive shoes
to a Nordstrom store.
16.
On or about February 22, 2011, law enforcement observed MUHAMMED pick CIl
17.
CIl told me that when they arrived at the Target, MUHAMMED gave CIl several
gift cards, which CIl understood had been re-encoded with stolen credit card numbers. CIl
entered the Target store and used the cards MUHAMMED had provided to purchase
approximately $2,500 of gift cards. While CIl was inside the Target making the purchases,
Komolafe was also inside, watching CIl and conducting counter-surveillance. When CIl returned to the car, CIl gave the gift cards to MUHAMMED.
18.
Maryland. Along the way, Komolafe made comments to MUHAMMED about how relaxed CIl
seemed.
19.
When the car arrived at the Wheaton Target store, CIl observed MUHAMMED
operate a laptop computer. CIl told me later that they watched MUHAMMED type a few
keystrokes into a program, and then a name wouldappear with a long string of numbers.
MUHAMMED would delete the name, and then swipe a credit card through a piece of electronic hardware attached to the computer. CIl said that this was MUHAMMED's process to re-encode
cards. CIl said that MUHAMMED would delete the name from the screen because that prevented
the name from being printed on any receipts. A printed name on a receipt might arouse the
suspicions ofa store clerk ifthe name did not appear to match the customer making the purchase (e.g., a woman's name and a male customer). I know from training and experience that CIl's description ofMUHAMMED's swiping ofcards isan accurate description ofthe process by
which access devices are re-encoded with stolen credit card numbers.
20.
forged access devices to CIl. The re-encoded access devices were to beused for purchasing gift
cards.
21.
MUHAMMED put an object in thetrunk of thecar, which CIl told me later was theelectronic
device that MUHAMMED was using to re-encode cards.
22.
Law enforcement watched all three people as they entered the Wheaton Target
store. Inside, CIl purchased approximately $1,750 of gift cards. When CIl returned to the car,
CIl gave the gift cards to MUHAMMED.
23.
In the Wheaton Target, MUHAMMED became suspicious that store personnel had
caught on to CIl. MUHAMMED told CIl that MUHAMMED was going to leave Komolafe, and
that MUHAMMED and CIl would continue on. MUHAMMED then drove CIl on Interstate 495
across the Maryland-Virginia state line. Once MUHAMMED had crossed into Virignia, he drove
to the Nordstrom at the Tyson's Corner Mall. CIl entered the Nordstrom with a shoebox, but CIl
was unable to make a return for cash.
24.
MUHAMMED paid CIl in gift cards for CIl's work as a runner. CIl gave those
gift cards to me, along with a number of receipts from both the Lanham and Wheaton Target
stores. I researched some of the credit card numbers associated with the receipts and found that
they were used without the authorization of the genuine cardholder, and that the genuine
cardholder still had the card in their possession when the unauthorized purchases were made.
7
Skimming
25.
through a contact I found on two phones, both belonging to MARTIN, incident to an arrest in
November 2010. MARTIN sometimes uses the aliases "Brandon Arthur" or "Brandon" when
engaging in criminal activity. The contact was named "[CI2's name] Ms Grill" onMARTIN's
primary phone and "[CI2'sname] msgrill" on"Brandon's" phone. There were text messages on "Brandon's" phone that showed that CI2 may have been involved in access device fraud. I learned through investigation, thata person with CI2's name was working at the McCormick &
Schmick's restaurant in Oxon Hill, Maryland. 26. CI2 told me that in or about October 2010, CI2 was working as a server at the
McCormick& Schmick's restaurant in Oxon Hill when a couple was seated at one of CI2's tables.
The male in the couple identified himselfas "Moe." At the conclusion of theirmeal, "Moe" asked
CI2 if CI2 was interested in makingmore money. CI2 told "Moe" "yes." "Moe" paid for the
meal with a credit card and had CI2 put CI2's phone number on the receipt so that "Moe" could
contact CI2 later about making more money. "Moe" contacted CI2 the following day, eitherby
phone call or text message. "Moe" told CI2 that"Brandon" would be contacting CI2 on"Moe's"
behalf about making more money.
27.
"Brandon" contacted CI2 and they arranged to meet in the parking lot of a
McDonald's in Maryland. "Brandon" arrived in a white BMW. "Brandon" got into CI2's vehicle
and provided CI2 with a black box. "Brandon" told CI2 to swipe CI2's customer's credit cards
through the black box when they paid for their meal. "Brandon" said he would collect the box at
the end of the week and pay CI2 based on the number of credit cards found on the black box.
"Brandon" offered to pay CI2 $20 per card number found on the black box. "Brandon" claimed
that he sends the black box overseas and also gets paid for each card number that he provides.
8
28.
CI2's description of the small black box described above is consistent with what I
know from training and experience to be a credit card "skimmer." A skimmer is a small electronic
device that a suspect uses to swipe and store victims' credit card numbers.
29.
"Moe" followed-up with CI2 by text message to see if CI2 was using the black box.
CI2 told "Moe" that CI2 was not using it and that CI2 did not want to be involved. "Brandon" met CI2 in the same McDonald's parking lot and collected the black box back from CI2. CI2 said
Brandon acted indifferent when he took the black box back and acted as though he had another server to give it to. "Moe" contacted CI2 again a few days later to make sure CI2 was not interested in participating, and CI2 again declined.
30. CI2 identified a photo of MUHAMMED as the man she knows as "Moe" in an
individual photo. CI2 also identified a photo of MARTIN as the man she knows as "Brandon" in
a photo line-up.
31.
I have reviewed text messages sent between MARTIN and MUHAMMED dating
from October 2010. I also reviewed text messages from CI2's phone. I found text messages that
corroborated CI2's recollection and showthat MARTIN and MUHAMMED conspired together to provide CI2 with a skimmer. Some of the text messages are excerpted here:
MUHAMMED to CI2
10/25/1001:15:20
(GMT)
10/25/10 03:53:13 (GMT)
MUHAMMED to CI2
CI2 to MUHAMMED
10/25/10 03:54:16
(GMT)
MUHAMMED to CI2
10/25/10 04:51:55
(GMT)
CI2 to MUHAMMED
10/25/10 04:52:33
Yea how?
(GMT)
MUHAMMED to CI2
10/25/10 04:53:48
(GMT)
CI2 to MUHAMMED
10/25/10 04:55:42
I'm listening?
(GMT)
MUHAMMED to CI2
10/26/10 01:43:12
(GMT)
MUHAMMED to
MARTIN
10/26/10 03:01:26
(GMT)
10/26/10 03:12:27
MUHAMMED to
MARTIN MARTIN to MUHAMMED
(GMT)
10/26/10 03:13:00
Ok
(GMT)
10/26/10 03:21:56
MUHAMMED to MARTIN
(GMT)
Fuck son my phone about to die. I will have to charge it tommorow. Email me her
response
MARTIN to
10/26/10 03:33:58
Ok
MUHAMMED
MARTIN to
(GMT)
10/26/10 04:26:44
MUHAMMED
MARTIN to CI2
(GMT)
10/26/10 04:29:07
(GMT)
Its arena dr if u aint figure it out yet. Coming from 495 u gon make a right by the applebees
Everything good on ur end???
MUHAMMED to CI2
10/26/10 22:17:54
(GMT)
MUHAMMED to CI2 10/27/10 16:30:03
(GMT)
MUHAMMED to CI2
10/27/10 23:30:55
(GMT)
MUHAMMED to CI2 10/28/10 01:58:57
(GMT)
CI2 to MUHAMMED
10/28/10 02:07:19
(GMT)
10
"Brandon" to CI2
Ima come get that thing from u tomm. What time r u free? This brandon,3
Conclusion
32.
believe that in or about January 2010, through February 2011, in the Eastern District of Virginia and elsewhere, WILLIAM SAMUEL MARTIN and USMAN MUHAMMED, conspired to
commit access device fraud in violation of 18 U.S.C. 1029(b)(2).
/
k-
11