Police in the US and Romania have arrested 38 people accused of running one of the most sophisticated international phishing operations ever uncovered.
The gang’s alleged modus operandi was in many ways very standard, involving tricking US citizens into giving up details of their bank accounts, enabling criminals to empty accounts up to their credit limits using ATM withdrawals.
What marks this case out from the usual phishing busts, however, is the way criminals operated across several countries at the same time, in real time, exploiting a number of different technologies and mediums to pull off the frauds before victims had time to react.
According to the US Department of Justice (DOJ), the scam started in Romania where details from thousands of credit and ATM cards were phished – or ‘smished’ - from individuals who visited a fake website after being prompted to do so, by a text messages sent to their mobile phone.
"We're confirming that you've signed up for our service. You will be charged $2 per day unless you cancel your order on this URL: [omitted],” prospective victims were told.
The website was used to cull details, which were quickly passed to US-based criminals using instant messaging who, used the information to imprint the data on to the magnetic stripes of manufactured cards. “Runners” tested that the cards were working before using them at ATMs or point of sale terminals in shops.
The profits were banked by the US-based criminals, who make up most of the accused, but only after passing a portion back to their Romanian accomplices. Most of the names mentioned in the indictment were Romanian, but several Vietmanese, a Mexican, a Cambodian and a Pakistani were also referred to, underscoring the gang’s multi-national character.
The assumption is that using a Romanian-based SMS texting and fake server setup would have been designed to obscure the US-based involvement in the crime.
“Criminals who exploit the power and convenience of the Internet do not recognise national borders; therefore our efforts to prevent their attacks cannot end at our borders either,” commented DOJ deputy attorney general, Mark R. Filip.
“International organised crime poses a serious threat not only to the United States and Romania, but to all nations,” he said.
If convictions follow, this case will mark a major success for the US authorities, who will have grappled with the immense complexity of tracking down the accused across jurisdictions. The official release noted co-operation between the FBI, the Romanian Police, US Immigration, the US Postal Service, and several local police departments.
“One of the things that doesn't get mentioned much when charges like this are made public is the amount of work that goes on behind-the-scenes to gather evidence,” said Graham Cluley of Sophos.
“Investigations like this aren’t easy - there's a lot of evidence that needs to be gathered, surveillance, and working closely with the financial authorities as well as other police forces spread across the globe. Investigations like this also don’t come cheap, so it's good to see a high level of effort and resources being put into tracking down suspected criminals.”