The U.S. Justice Department says it is bringing charges against 38 individuals with alleged ties to international organized crime on charges of running computer and credit card fraud schemes targeting U.S. citizens. The U.S. said it worked with authorities in Romania to make the arrests.
"International organized crime poses a serious threat not only to the United States and Romania, but to all nations," said Deputy Attorney General Mark R. Filip. "Criminals who exploit the power and convenience of the Internet do not recognize national borders; therefore our efforts to prevent their attacks cannot end at our borders either."
A federal grand jury in Los Angeles charged 33 individuals in a 65-count indictment for their alleged participation in an international racketeering scheme that used the Internet to defraud thousands of individual victims and hundreds of financial institutions.
Seven individuals were charged in a District of Connecticut indictment for their roles in an Internet phishing scheme, including two who were also charged in the Los Angeles case.U.S. law enforcement authorities are executing nine arrest warrants in the Los Angeles area and Romanian law enforcement authorities are executing search warrants in Romania today in connection with the racketeering indictment.
The "phishing" schemes used the Internet to target large numbers of unwary individuals, using fraud and deceit to obtain private personal and financial information such as names, addresses, bank account numbers, credit card numbers and Social Security numbers.
Phishing schemes often work by sending out large numbers of counterfeit e-mail messages, which are made to appear as if they originated from legitimate banks, financial institutions or other companies.
The Los Angeles indictment alleges a conspiracy to violate the RICO Act; conspiracy in connection with access devices; production, use and trafficking in counterfeit access devices; bank fraud; aggravated identity theft; unauthorized access to a protected computer; possession of device making equipment; and a forfeiture allegation.
According to the indictment, the Romania-based members of the enterprise obtained thousands of credit and debit card accounts and related personal information by phishing, with more than 1.3 million spam emails sent in one phishing attack. Once directed to a bogus site, victims were then prompted at those sites to enter access device and personal information.
Authorities say the Romanian "suppliers" collected the victims' information and sent the data to U.S.-based cashiers via Internet chat messages. The domestic cashiers used hardware called encoders to record the fraudulently obtained information onto the magnetic strips on the back of credit and debit cards, and similar cards such as hotel keys.
Cashiers then reportedly directed "runners" to test the fraudulent cards by checking balances or withdrawing small amounts of money at ATMs. The cards that were successfully tested, known as "cashable" cards, were used to withdraw money from ATMs or point of sale terminals that the cashiers had determined permitted the highest withdrawal limits. A portion of the proceeds was then wire transferred to the supplier who had provided the access device information.
"Partnerships and cooperation among all levels of law enforcement both domestic and foreign are the keys to tackling criminal activity that increasingly knows no borders," said U.S. Attorney for the Central District of California Thomas P. O'Brien. "Just as street gangs don't respect municipal borders, computer criminals can reach into other countries and prey upon unsuspecting victims who have no idea their identities and money are going to another country."
