A joint phishing investigation between United States and Romanian governments appears to have paid off. The U.S. government announced Monday the indictment of 38 individuals for phishing-related offenses in California and Connecticut federal District Courts. Of the 38, 33 of the accusations came from a federal grand jury in Los Angeles, and two of the individuals named face charges in both courts.
Federal authorities said the phishers participated in a trans-Atlantic scheme that targeted large number of individuals and financial institution. Unsealed on Monday, the 65-count indictment includes accusations of conspiracy to violate the Racketeer Influenced and Corrupt Organizations (RICO) Act, conspiracy to connection with access devices, aggravated identity theft, unauthorized access to a protected computer, bank fraud, and possessing equipment for manufacturing identity theft equipment.
According to IDG News, Romanian scammers sent phishing emails to millions of individuals in the U.S., impersonating esteemed financial institutions like PayPal, Citibank, and Capital One. ATM and credit card numbers of recipients who took the bait were then sent to “cashiers” in the U.S. via chat rooms, who then used the information to generate fake bank cards. The bank cards were then tested at ATMs; cashiers frequently did this by making a simple balance inquiry, or withdrawing a small, unnoticeable amount. Cards shown to work were immediately used to withdraw large amounts of money, usually equal to banks’ allowed maximums – with a portion sent back to the cashiers’ Romanian masters.
Los Angeles police are already acting on nine of the area arrest warrants, authorities said Monday, and Romanian police are acting as well. It is unknown how many arrests have been made thus far. Seuong Wook Lee, a cashier arrested previously, pleaded guilty last Thursday in a Los Angeles district court.
Despite a variety of innovations to designed to protect unsuspecting internet users, which include central phishing databases used by both Firefox and Internet Explorer, as well as physical safeguards like the PayPal key fob, analysts from research firm Gartner say an estimated 3.6 million adults lost $3.2 billion to fishing scams in a one-year period ending August 2007.
U.S. Deputy Attorney General Mark Filip used the indictments to call on increased international cooperation.
“Criminals who exploit the power and convenience of the Internet do not recognize national borders; therefore our efforts to prevent their attacks cannot end at our borders either,” he said in a statement. “Through cooperation with our international partners, we can disrupt and dismantle these enterprises, just as we have done today with these indictments and arrests.”