The individuals were charged with masterminding a sophisticated Romanian-based scam that delivered hundreds of thousands of bogus emails, usually claiming to be from banks or other financial institutions, that sought to obtain users' personal information, the U.S. Department of Justice announced on Monday.
The cybercrooks used this data, including bank account and Social Security numbers, to create counterfeit credit and debit cards.
A Los Angeles federal grand jury on Monday returned a 65-count indictment, which charged 33 people with defrauding thousands of victims and hundreds of financial institutions, prosecutors said.
Seven others were indicted last week in Connecticut in connection to a related phishing scam that sent emails claiming to be from People' Bank, prosecutors announced Monday.
Two people were involved in both rings.
U.S. authorities, in conjunction with Romanian investigators, arrested nine people living in the Los Angeles area and many others living in Romania. The individuals were charged with a slew of offenses, including racketeering, trafficking counterfeit access devices, aggravated identity theft and bank fraud.
"International organised crime poses a serious threat not only to the United States and Romania, but to all nations," Deputy U.S. Attorney General Mark Flip said. "Criminals who exploit the power and convenience of the internet do not recognize national borders. Therefore, our efforts to prevent these attacks can't end at our borders either."
Sven Krasser, director of data mining research at enterprise security firm Secure Computing, told SCMagazineUS.com on Monday that the offenders likely leveraged botnets and proxy computers to shield themselves from law enforcement during the attacks but blew their cover when they tried to steal the money.
"It's not a common thing to actually get caught," he said. "They're quite into globalisation."
Krasser said tracking down cybercriminals across borders is a difficult task because it requires cooperation, gathering evidence in multiple countries and accessing information not under a specific law enforcement body's authority.
"Partnerships and cooperation among all levels of law enforcement - both domestic and foreign - are the keys to tackling criminal activity that increasingly knows no borders," said U.S. Attorney Thomas O'Brien of the Central District of California.
Each charge ranges in penalty from five to 30 years in prison.
See original article on scmagazineus.com
Investigators take down mass phishing ring
By Dan Kaplan on May 20, 2008 1:43PM