FBI Takes Down Massive Phishing Operations

phishing

The FBI sting, known as Operation Phish Phry, is heralded by officials as one of the largest cyber fraud phishing cases in history.

Individuals charged in Phish Phry were accused of targeting U.S. bank customers by stealing their financial information and then transferring funds to bogus accounts under their control in the U.S. Altogether, losses totaled $1.5 million.

Each of the 53 U.S.-based individuals named in the 51-counted indictment were charged with numerous crimes, including computer fraud, conspiracy to commit bank fraud, money laundering, and aggravated identity theft. U.S. defendants were arrested in California, Nevada and North Carolina.

The phishing operation was allegedly spearheaded by defendants Kenneth Lucas, Nichole Merzi and Jonathan Clark of California, who were accused of directing trusted associates to recruit "runners" to set up bank accounts where the stolen funds from compromised accounts could be deposited and withdrawn. A portion of the funds were then transferred to counterparts in Egypt. If convicted, most of the defendants face up to 20 years in prison, while some would face additional time.

The sting was the culmination of a two year investigation, conducted jointly by law enforcement officials in Egypt and the FBI Los Angeles Field Office. Operation Phish Phry marks the first time law enforcement agencies from both countries have partnered to investigate cyber crime. The FBI also collaborated with the Secret Service and the Electronic Crimes Task Force in Los Angeles.

FBI Director Robert Mueller said that the effort by law enforcement to stay ahead of cyber criminals constituted a "cyber arms race."

"The FBI is both a law enforcement and national security agency, which means we can and must address every angle of a cyber case," Mueller said in a statement. "This is critical, because what may start as a criminal investigation may lead to a national security threat…At the start of a cyber investigation we don't know whether we are dealing with a spy, a company insider or an organized criminal group."

According to the indictment, Egyptian hackers obtained victims' bank account numbers and personal identifying information from thousands of accounts through phishing schemes. The victims were directed toward fake—but legitimate looking--banking Web sites appearing to be from Wells Fargo and Bank of America. Victims then unknowingly submitted their bank account numbers, login credentials and other personal information to the phony sites. The information was used by the phishers to infiltrate their actual bank accounts and steal funds. Once they accessed the accounts, they communicated with co-conspirators in the U.S. via text messages, telephone calls and Internet chat groups, before transferring the money to accounts based in the U.S.

FBI officials maintained that Operation Phish Phry appeared to be financially motivated, but warned that cyber crime could lead to other criminal activities that threaten the U.S. "Something that looks like an ordinary phishing scam may be an attempt by a terrorist group to raise funding for an operation," Mueller said.