Investigators take down mass phishing ring

Share this article:
Thirty-eight people, including a host of U.S. residents and foreign nationals, were indicted on Monday in connection to two international phishing operations that preyed on unsuspecting bank customers.

The individuals were charged with masterminding a sophisticated Romanian-based scam that delivered hundreds of thousands of bogus emails, usually claiming to be from banks or other financial institutions, that sought to obtain users' personal information, the U.S. Department of Justice announced on Monday.

The cybercrooks used this data, including bank account and Social Security numbers, to create counterfeit credit and debit cards.

A Los Angeles federal grand jury on Monday returned a 65-count indictment, which charged 33 people with defrauding thousands of victims and hundreds of financial institutions, prosecutors said.

Seven others were indicted last week in Connecticut in connection to a related phishing scam that sent emails claiming to be from People' Bank, prosecutors announced Monday.

Two people were involved in both rings.

U.S. authorities, in conjunction with Romanian investigators, arrested nine people living in the Los Angeles area and many others living in Romania. The individuals were charged with a slew of offenses, including racketeering, trafficking counterfeit access devices, aggravated identity theft and bank fraud.

"International organized crime poses a serious threat not only to the United States and Romania, but to all nations," Deputy U.S. Attorney General Mark Flip said. "Criminals who exploit the power and convenience of the internet do not recognize national borders. Therefore, our efforts to prevent these attacks can't end at our borders either."

Sven Krasser, director of data mining research at enterprise security firm Secure Computing, told SCMagazineUS.com on Monday that the offenders likely leveraged botnets and proxy computers to shield themselves from law enforcement during the attacks but blew their cover when they tried to steal the money.

"It's not a common thing to actually get caught," he said. "They're quite into globalization."

Krasser said tracking down cybercriminals across borders is a difficult task because it requires cooperation, gathering evidence in multiple countries and accessing information not under a specific law enforcement body's authority.

"Partnerships and cooperation among all levels of law enforcement - both domestic and foreign - are the keys to tackling criminal activity that increasingly knows no borders," said U.S. Attorney Thomas O'Brien of the Central District of California.

Each charge ranges in penalty from five to 30 years in prison.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

ISSA tackles workforce gap with career lifecycle program

ISSA tackles workforce gap with career lifecycle program ...

On Thursday, the group launched its Cybersecurity Career Lifecycle (CSCL) program.

Amplification DDoS attacks most popular, according to Symantec

Amplification DDoS attacks most popular, according to Symantec

The company noted in a whitepaper released on Tuesday that Domain Name Server amplification attacks have increased 183 percent between January and August.

Court shutters NY co. selling security software with "no value"

A federal court shut down Pairsys at the request of the Federal Trade Commission.