Advertisement

Analysis: Feds bust Romanian cyber-ring

By SHAUN WATERMAN, UPI Homeland and National Security Editor

WASHINGTON, May 23 (UPI) -- U.S. indictments unsealed this week charge 38 people with being part of a multinational cybercrime ring that fooled thousands of Americans into giving up credit card and bank information through spam "phishing" e-mails and used it to steal millions of dollars.

The charges, filed in courts in California and Connecticut, were announced Monday in Romania, where most of those charged live. Others accused in the two indictments live in the United States, Mexico, Vietnam and Cambodia, and some are identified only by their Internet screen names.

Advertisement

The indictments charge an international conspiracy, in which Romanian spammers sent millions of so-called phishing e-mails -- purporting to come from banks or other financial services companies. The e-mails asked the recipients to visit a bogus Web site to "confirm" their card details, ATM personal identification numbers and other information.

Advertisement

In one instance, a distributed denial of service attack was used to disable the real Web site of the bank from which the fake e-mails claimed to come, so customers would not be able check there.

The bogus Web sites, generally hosted on a server that had been hacked without its owner's knowledge, collected the card details and sent them to e-mail addresses the spammers had set up.

The spammers then sent the details to so-called cashiers in the United States, using Internet "instant chat" services.

The cashiers used the data, and special encoding equipment, to make clones of the cards using hotel room key cards or other cards with a magnetic strip. The cloned cards were tested by making small withdrawals from ATMs, and those that worked were then used to withdraw cash from the victims' accounts. Finally, the cashiers wired a portion of the proceeds back to the spammers.

"We believe these criminals defrauded literally thousands of individual victims out of several million dollars," Deputy Attorney General Mark Filip said Monday in Bucharest, as nine people were arrested in California and the Romanian General Inspectorate of Police served a number of search warrants.

Filip said the case was the result of a joint investigation by U.S. and Romanian authorities and "demonstrate(s) the close cooperation our two countries have developed to fight international organized crime," adding, "We are very proud of the success of this joint operation."

Advertisement

"International organized criminals who exploit the power and convenience of the Internet do not recognize national borders. Our efforts to stop them cannot end at our borders either."

In the California case, one cashier in the scheme -- Seuong Wook Lee -- plead guilty last week in U.S. District Court in Los Angeles to racketeering conspiracy, bank fraud, access device fraud and unauthorized access of a protected computer.

Last month Attorney General Michael Mukasey rolled out a new U.S. government strategy against international organized crime, saying it was "a growing threat to U.S. security and stability."

The strategy, Mukasey's first major law enforcement initiative since taking office last year, promised to get prosecutors working more closely with U.S. intelligence agencies to identify, track and disrupt the operations of major global crime figures who are taking advantage of technological innovations like the Internet to target wealthy nations like the United States while remaining outside the country.

It also expanded the use of executive branch tactics already employed against known and suspected terrorists, such as watch-listing and asset-freezing.

The strategy envisages U.S. law enforcement agencies working more closely together, and the California case was the result of a joint investigation involving the FBI, the U.S. Postal Service, the Internal Revenue Service and local police forces, who worked with assistance from the U.S. Secret Service.

Advertisement

Latest Headlines