38 Charged in International Phishing Ring

The Department of Justice (DOJ) announced today that 38 people with ties to international organized crime have been charged in two separate indictments involving computer and credit card fraud schemes. Thirty-three people were charged by a grand jury for their participation in an international racketeering scheme. This scheme used the Internet to defraud thousands of victims and hundreds of financial institutions. Seven people were charged in a District of Connecticut indictment for their roles in an Internet phishing scheme, including two who were also charged in the Los Angeles case.

U.S. law enforcement authorities are executing nine arrest warrants in the Los Angeles area and Romanian law enforcement authorities are executing search warrants in Romania today in connection with the racketeering indictment.

"International organized crime poses a serious threat not only to the United States and Romania, but to all nations," said Deputy Attorney General Mark R. Filip. "Criminals who exploit the power and convenience of the Internet do not recognize national borders; therefore our efforts to prevent their attacks cannot end at our borders either. Through cooperation with our international partners, we can disrupt and dismantle these enterprises, just as we have done today with these indictments and arrests."

The Los Angeles indictment alleges a conspiracy to violate the RICO Act; conspiracy in connection with access devices; production, use and trafficking in counterfeit access devices; bank fraud; aggravated identity theft; unauthorized access to a protected computer; possession of device making equipment; and a forfeiture allegation.

According to the indictment, the Romania-based members of the enterprise obtained thousands of credit and debit card accounts and related personal information by phishing, with more than 1.3 million spam e-mails sent in one phishing attack. Once directed to a bogus site, victims were then prompted at those sites to enter access and personal information.

The Romanian "suppliers" collected the victims' information and sent the data to U.S.-based "cashiers" via Internet "chat" messages. The domestic cashiers used hardware called encoders to record the fraudulently obtained information onto the magnetic strips on the back of credit and debit cards, and similar cards such as hotel keys.

Cashiers then directed "runners" to test the fraudulent cards by checking balances or withdrawing small amounts of money at ATMs. The cards that were successfully tested, known as "cashable" cards, were used to withdraw money from ATMs or point of sale terminals that the cashiers had determined permitted the highest withdrawal limits. A portion of the proceeds was then wire transferred to the supplier who had provided the access device information.

"Partnerships and cooperation among all levels of law enforcement -- both domestic and foreign -- are the keys to tackling criminal activity that increasingly knows no borders," said U.S. Attorney for the Central District of California Thomas P. O'Brien. "Just as street gangs don't respect municipal borders, computer criminals can reach into other countries and prey upon unsuspecting victims who have no idea their identities and money are going to another country."

The District of Connecticut investigation resulted from a citizen's complaint concerning a fraudulent e-mail message made to appear as if it originated from Connecticut-based People's Bank. The e-mail message directed victims to a computer in Minnesota that had been compromised, or "hacked," and used to host a counterfeit People's Bank Internet site. During the course of the investigation, it was determined that the individuals had engaged in similar phishing schemes against many other financial institutions and companies, including Citibank, Capital One, JPMorgan Chase & Co., Comerica Bank, Wells Fargo & Co., eBay and PayPal.

"This case shows that Internet fraudsters cannot avoid prosecution just by launching their attacks against U.S. residents and U.S. companies from overseas," said Acting U.S. Attorney for the District of Connecticut Nora R. Dannehy. "With the help of our law enforcement partners around the world, we will investigate and prosecute fraudsters wherever they can be found."