View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. News
May 1, 2008updated 04 Apr 2017 4:18pm

Global phishing gang lands in the dock

A US federal grand jury in Los Angeles has charged 33 individuals in a 65-count indictment for their alleged participation in an international scheme that used e-mail phishing to defraud thousands of individual victims and hundreds of financial institutions.

By EPI editorial

A US federal grand jury in Los Angeles has charged 33 individuals in a 65-count indictment for their alleged participation in an international scheme that used e-mail phishing to defraud thousands of individual victims and hundreds of financial institutions. Those indicted have been linked to criminals operating in Romania.
According to the indictment, the Romania-based gang members obtained thousands of credit and debit card accounts and related personal information by sending emails that appeared as if they originated from legitimate banks and other financial institutions. On one day alone more than 1.3 million of these phishing emails were sent. Once directed to a bogus website, victims were then prompted at those sites to enter access device and personal information.
What the indictment termed “the Romanian suppliers” collected the victims’ information and sent the data to US-based “cashiers” via internet chat messages. The US cashiers used encoders to record the fraudulently obtained information onto the magnetic strips on payment cards. Cashiers then directed accomplices to test the fraudulent cards by checking balances or withdrawing small amounts of money at ATMs. Cards that were successfully tested, known as cashable cards, were used to withdraw money from ATMs or POS terminals that the cashiers had determined permitted the highest withdrawal limits. A portion of the proceeds was then wire transferred to the Romanian supplier who had provided the information.
During the course of the investigation, it was determined that the indicted individuals had engaged in phishing schemes against many financial institutions and companies, including Citibank, Capital One, JPMorgan Chase, Comerica Bank, Wells Fargo, eBay and PayPal.
Indictment of the 33 accused followed a joint investigation involving the Federal Bureau of Investigation, US Immigration and Customs, the US Postal Service, the Internal Revenue Service, local law enforcement agencies and Romanian police.
If convicted the accused face daunting maximum sentences. These include 20 years for racketeering, seven and a half years for access device fraud, 10 years for production, use and trafficking in counterfeit access devices, 15 years for possession of device making equipment, and 30 years for bank fraud.

NEWSLETTER Sign up Tick the boxes of the newsletters you would like to receive. A weekly roundup of the latest news and analysis, sent every Wednesday.
I consent to GlobalData UK Limited collecting my details provided via this form in accordance with the Privacy Policy
SUBSCRIBED

THANK YOU

Thank you for subscribing to Electronic Payments International