Federal authorities charged 38 individuals with the theft of personal and identifying information over the Internet as part of a phishing scam run by a global crime ring.
Members of the Romanian-based crime ring were accused of tricking thousands of Internet users into handing over personal information, such names, credit card data and Social Security information as well as other personally identifying information, which were then used in identity theft operations.
Federal authorities estimate that the attackers were able to steal millions of dollars from their victims as a result of their phishing operations.
More than half of the accused cyber criminals were from Romania, although the phishing operation was also run in Canada, the U.S., Portugal and Pakistan, federal officials said.
According to indictments recently unsealed in Los Angeles and New Haven, Conn., the scammers targeted thousands of consumers and hundreds of financial institutions with unsolicited spam e-mails. The spam messages attempted to lure victims to fraudulent Web sites that appeared to be from legitimate sources.
In remarks prepared from Bucharest, Romania, U.S. Department of Justice officials underscored that both the Los Angeles and Connecticut cases were emblematic of a growing worldwide threat created by highly organized, international criminal networks with millions of victims in the U.S. and abroad.
"The United States government takes the threat of international organized crime seriously, and the Romanian government does as well," said Deputy Attorney General Mark Filip in a written statement issued from Bucharest, Romania. "In recent years, we have seen an increase in the threat posed by international organized criminals who use cyberspace to target victims around the world. The anonymity of the Internet makes it an ideal tool for this kind of fraud, and law enforcement agencies in the United States have conducted several recent investigations in partnership with our Romanian colleagues. We are proud to do so, and we are learning from each other as we jointly help to protect our citizens and people in other countries from this sort of theft and crime."
Filip said that the users who visited the bogus sites were requested to provide passwords and personal, financial and identifying information. The information was harvested by "suppliers" who, in turn, sent the information to "cashiers" via real-time Internet chat sessions, which the attackers intended to use for financial gain.
In Los Angeles, federal officials handed down 65 counts to 33 people on charges that included racketeering, bank fraud and identity theft. The attackers allegedly stole thousands of credit and debit card accounts from individuals who submitted personal data when they responded to the spam e-mail. The data were then sent back to the U.S. from Romania and encoded on magnetic cards that could be used to withdraw money from bank accounts, according to an Associated Press report.
Meanwhile, in Connecticut, seven Romanians were accused of tricking consumers out of personal information by enticing them to visit a bogus site that appeared to be from the Web site of several legitimate financial institutions, including Citibank, Wells Fargo and PayPal. The seven Romanians -- two of which were involved in the Los Angeles scam -- were indicted in January with fraud and identity theft charges, which were released last week.
Federal officials said that the arrests and charges were the result of a joint operation by the FBI and the Romanian General Inspectorate of Police well as the U.S. Attorney's Offices in Los Angeles and Connecticut.
"This kind of coordinated response is absolutely vital to our fight," said Filip. "International organized criminals who exploit the power and convenience of the Internet do not recognize national borders. Our efforts to stop them cannot end at our borders either."