Three Romanian individuals have received jail time for perpetuating a multi-million dollar phishing scheme in the United States.

On 24 July, the U.S. Attorney’s Office for the Northern District of Georgia announced that Teodor Laurentiu Costea, Robert Codrut Dumitrescu and Cosmin Draghic will each spend several years in prison after they pleaded guilty to charges of wire fraud conspiracy, computer fraud and abuse and aggravated identity theft. These defendants received those charges as a result of their participation in a scheme that used both vishing an smishing, two common variants of phishing attacks, to target consumers in the United States.

The campaign took place between approximately October 2011 through February 2014, according to court documents. During that time, Costea, Dumitrescu and Draghic compromised computer servers in the Northern District of Georgia and elsewhere in the United States in order to install interactive voice response and bulk emailing software. They used both of those installations to send out thousands of voice and text messages to consumers in the United States masquerading as bank representatives. With these disguises, the attackers tricked consumers into handing over their personally identifiable information.

By the end of the phishing scheme, the defendants had collectively stolen more than 40,000 financial account numbers for the purpose of selling or using this information. These illicit activities ultimately amounted to $21 million in losses.

U.S. Attorney Byung J. “BJay” Pak affirmed the Department of Justice’s (DOJ) commitment to bringing individuals like Costea, Dumitrescu and Draghic to justice. As quoted in a (DOJ) statement:

These defendants sought to victimize citizens of the Northern District of Georgia and ultimately across the United States. We are warning cyber-criminals no matter where they reside, that this office and our law-enforcement partners are committed to finding you, extraditing you to this (Read more...)