1. Stolen Credit Cards: Fraudster buys a new phone using a stolen credit card. Then uses the phones for 30-45 +/- days until the victim spots the fraudulent purchase on their bank statement.
2. Account-Takeover: Fraudsters “hacks” the victims phone account online (phish username::password) so and provisions addition phones on the victims “family” plan. They then use these phones for 30 +/- days until the victim spots the fraud on their cell-phone statement.
3. Corporate Accounts: Same scenario as #2 only this is within corporate accounts, not personal accounts.
