AT&T call center employee sentenced for phone-unlocking scheme

A former employee of AT&T was sentenced to 12 years in prison for a phone-unlocking scheme that cost the company roughly $200 million. The defendant is Muhammed Fahd, a Pakistani and Grenadian national, who was found guilty of unlocking phones for profit. The presiding judge, U.S. District Judge Robert S. Lasnik for Washington state, commented that the defendant had engaged in a “terrible cybercrime over an extended period.”

According to the U.S. Department of Justice, Fahd concocted the scheme while he was working for a call center in Bothell, Wash. Along with co-conspirators, the guilty parties (using aliases) sought to unlock numerous AT&T phones with their credentials. By unlocking the phones, they were removed from the AT&T network, and users were able to skirt by the normally applicable fees. Clients would pay Fahd or his partners for the scheme.

The DOJ describes the scheme in more detail as follows:

According to records filed in the case, in approximately June or July of 2012, using the alias “Frank Zhang,” Fahd contacted an AT&T employee through Facebook. Fahd offered the employee significant sums of money if the employee would help Fahd secretly unlock phones at AT&T. Fahd also asked the employee to recruit other AT&T employees to help with the unauthorized unlocks.


Fahd instructed the recruited employees to set up fake businesses and bank accounts for those businesses, to receive payments and to create fictitious invoices for every deposit made into the fake businesses’ bank accounts to create the appearance that the money was payment for genuine services.

In total of 1,900,033 phones were unlocked over the years that this scheme was active. Muhammed Fahd was indicted following an extensive investigation in 2017 and arrested in Hong Kong. Following extradition, the first court proceedings took place in August 2019. Fahd pleaded guilty to conspiracy to commit wire fraud in September 2020.

Featured image: Shutterstock

Derek Kortepeter

Derek Kortepeter is a graduate of UCLA and tech journalist that is committed to creating an informed society with regards to Information Security. Kortepeter specializes in areas such as penetration testing, cryptography, cyber warfare, and governmental InfoSec policy.

Published by
Derek Kortepeter

Recent Posts

Low-code/no-code: Benefits, differences, drawbacks, and the future

Low-code/no-code provides a modular approach for developers — and even non-developers — to produce apps…

1 day ago

Are you human or robot? How CAPTCHAs know

CAPTCHAs may be an annoying part of web surfing, but they serve a purpose for…

2 days ago

Pixel 6 unveiled: Finally, a smartphone winner for Google

Google hasn’t had a lot of success with its past smartphones, but the Pixel 6…

2 days ago

Cross-account container takeover: All about this little-known cloud threat

Palo Alto Networks uncovered a cross-account container takeover exploit that could threaten users of the…

2 days ago

IgniteTech adds IT management software to enterprise portfolio

Software maker IgniteTech has added 12 products to its enterprise portfolio, including several focused on…

3 days ago

Olympus Global issues warning about potential cyberattack

Medical systems maker Olympus Global, out of an abundance of caution, is warning the public…

3 days ago