Network News

X My Profile
View More Activity

14 Arrested for Credit Card, Phishing Scams

The Washington Post today ran a story I wrote on the first phase of "Operation Cardkeeper," an international investigation by the FBI into scammers who are using online fraud forums to traffic in stolen credit cards and identities. From the story:

"Facing charges in the U.S. are Frederick T. Hale, 27, and Zanadau Lyons, 24, both of Columbus, Ohio, and Dana Carlotta Warren, 29, of Ellenwood, Georgia. Authorities have also served search warrants in Albany, N.Y., Atlanta, Dallas, Knoxville, Memphis and Omaha.

"Working with international authorities, the FBI also assisted in the arrests of 11 people in Poland believed to be connected to a network of online fraud forums. The FBI said it has traced a series of 'phishing' attacks from late 2004 back to members of the Polish ring."

The piece was trimmed fairly heavily because the paper was tight on space, and I thought some of the details that got cut were interesting enough to include them here:

"The 21-count arrest warrant against Lyons and her accomplice charges that between Dec. 2005 and Sept. 2006, the two repeatedly used online fraud forums to trade or purchase Social Security numbers and bank account information on at least seven victims.

"The government also alleges that the duo purchased 'dumps,' or data electronically copied from the magnetic stripe on the back of credit or debit cards, data they allegedly then imprinted onto counterfeit cards and used in tandem with victims' stolen 4-digit PINs to withdrawal thousands of dollars from automated teller machines (ATMs) in Ohio and Virginia.

"According to the indictment against Warren, between February and September of 2006, she sold Social Security numbers and other personal data via online carder forums, data that was then used to establish credit cards in the victims' names. Prosecutors say Warren, who used the hacker alias 'Sysco,' also withdrew tens of thousands of dollars using counterfeit credit cards. In addition, Warren is accused of using stolen credit cards to buy laptop computers and other electronic goods online that were then resold or shipped abroad.

"None of those arrested could be immediately reached for comment. But Steven Nolder, Lyons's appointed public defender, said the government wants her to plead guilty and cooperate in turning evidence against Hale's brother - who he said also happens to be the father of Lyons's two children.

"'The [FBI] is of the mind that Hale's brother is also involved here, and that [the brother] has evidence that shows there are more people involved in this than just those who were indicted,' Nolder said. 'I think the government sees her case as likely to have the cement needed to put all the pieces together.'

"According to U.S. investigators, the suspects arrested in Poland were connected to a network of online fraud forums with names such as Theftservices.com, Darkmarket.org, TheGrifters.net, and CCPowerForums.com. The FBI alleges said it traced a series of phishing attacks from late 2004 back to members of the Polish ring. The man described as the ringleader of the Polish group -- Mateusz Rymksi, also known online as 'Blindroot,' -- was an active member of CCPowerfurms who allegedly sold access to hacked computers for helping criminals maintain anonymity online.

"Phishing and carding have become a multi-million dollar business for hackers and identity thieves, thanks in large part to the emergence of shadowy online forums where would-be criminals can learn the tricks of the trade, buy, sell and trade stolen sensitive and financial data. The crime forums also aid in the spread of phishing Web sites by selling pre-built kits scammers can use to set up bogus bank Web sites within minutes. According to a recent report from the Anti-Phishing Working Group, and industry consortium, more than 10,000 phishing Web sites were reported in August alone, roughly double the number found in January.

"In 2004's 'Operation Firewall,' the FBI and U.S. Secret Service infiltrated and dismantled the Shadowcrew and Carderplanet fraud forums, arresting 28 individuals who collectively traded more than 1.7 million stolen credit card numbers.

"CCPowerforums and several other popular online fraud bazaars also appear to have been taken offline recently, yet the FBI would neither confirm nor deny whether it had sought to shutter them. But experts say that while similar crackdowns may help bring some fraudsters to justice, the scammers who remain behind will most likely just set up shop at another online fraud community.

"'These guys need these types of forums to build the relationships necessary to perpetuate very complex types of fraud,' said Ken Dunham, director of rapid response for iDefense, a Verisign company. 'Unfortunately, the shutdowns in [Operation Firewall] only resulted in the scattering of people in the forums who popped up elsewhere and learned to be a lot more wary of law enforcement.'"

Security Fix Live

I'll be online at 11 a.m. ET this morning to answer your questions about this story and any other security topic on your mind. Submit a question here.

By Brian Krebs  |  November 3, 2006; 7:53 AM ET
Categories:  Fraud  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   Del.icio.us   StumbleUpon   Technorati   Google Buzz   Previous: Exploit Released for Unpatched Apple Wi-Fi Flaw
Next: 180Solutions/Zango to Pay $3M to Settle FTC Suit

No comments have been posted to this entry.

The comments to this entry are closed.

 
 
RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company