The US Department of Justice claims that the gang sent more than 1.3 million spam emails in just one phishing attack.
Information stolen by the phishers was passed via internet chat messages to US-based cashiers who recorded the stolen data onto the magnetic strip on blank credit and debit cards.
Other criminals were then sent to test the cards at ATMs by making balance requests or withdrawing small amounts of money.
Once proven to work, the cards would be used to withdraw the maximum amount of money possible. A proportion of the stolen money was then wired back to Romania.
"This was a highly organised scheme using the internet to steal money from individuals and financial institutions across continents," said Graham Cluley, senior technology consultant at Sophos.
.jpg&h=140&w=231&c=1&s=0)
_(39).jpg&w=100&c=1&s=0)
iTnews Executive Retreat - Data & AI Edition
.png&w=120&c=1&s=0)
iTnews Cloud Covered Breakfast Summit
iTnews State of Security Breakfast
The 2026 iAwards
.jpg&w=120&c=1&s=0)
Integrate 2026
_(1).jpg&h=140&w=231&c=1&s=0)
