Investigators take down mass phishing ring

Share this article:
Thirty-eight people, including a host of U.S. residents and foreign nationals, were indicted on Monday in connection to two international phishing operations that preyed on unsuspecting bank customers.

The individuals were charged with masterminding a sophisticated Romanian-based scam that delivered hundreds of thousands of bogus emails, usually claiming to be from banks or other financial institutions, that sought to obtain users' personal information, the U.S. Department of Justice announced on Monday.

The cybercrooks used this data, including bank account and Social Security numbers, to create counterfeit credit and debit cards.

A Los Angeles federal grand jury on Monday returned a 65-count indictment, which charged 33 people with defrauding thousands of victims and hundreds of financial institutions, prosecutors said.

Seven others were indicted last week in Connecticut in connection to a related phishing scam that sent emails claiming to be from People' Bank, prosecutors announced Monday.

Two people were involved in both rings.

U.S. authorities, in conjunction with Romanian investigators, arrested nine people living in the Los Angeles area and many others living in Romania. The individuals were charged with a slew of offenses, including racketeering, trafficking counterfeit access devices, aggravated identity theft and bank fraud.

"International organized crime poses a serious threat not only to the United States and Romania, but to all nations," Deputy U.S. Attorney General Mark Flip said. "Criminals who exploit the power and convenience of the internet do not recognize national borders. Therefore, our efforts to prevent these attacks can't end at our borders either."

Sven Krasser, director of data mining research at enterprise security firm Secure Computing, told SCMagazineUS.com on Monday that the offenders likely leveraged botnets and proxy computers to shield themselves from law enforcement during the attacks but blew their cover when they tried to steal the money.

"It's not a common thing to actually get caught," he said. "They're quite into globalization."

Krasser said tracking down cybercriminals across borders is a difficult task because it requires cooperation, gathering evidence in multiple countries and accessing information not under a specific law enforcement body's authority.

"Partnerships and cooperation among all levels of law enforcement - both domestic and foreign - are the keys to tackling criminal activity that increasingly knows no borders," said U.S. Attorney Thomas O'Brien of the Central District of California.

Each charge ranges in penalty from five to 30 years in prison.
Share this article:
You must be a registered member of SC Magazine to post a comment.

Sign up to our newsletters

TOP COMMENTS

More in News

Email promises free pizza, ensnares victims in Asprox botnet instead

Email promises free pizza, ensnares victims in Asprox ...

Cloudmark came upon an email that offers free pizza, but clicking on the link to get the coupon ends with victims being ensnared in a botnet.

Report: most orgs lacking in response team, policies to address cyber incidents

In its Q3 threat intelligence report, Solutionary learned that 75 percent of organizations it assisted had no response team or policies and procedures to address cyber incidents.

Flash redirect campaign impacts Carnegie Mellon page, leads to Angler EK

Flash redirect campaign impacts Carnegie Mellon page, leads ...

Malwarebytes found that, since early July, thousands of sites had been targeted in the campaign.