Authorities in the US and Romania have arrested and charged 38
people suspected of running an international phishing gang that
attempted to steal from
thousands of consumers and
targeted hundreds of
financial
institutions.
According to reports,
the gang sought
personal information through phishing e-mails and
sending SMS text
messages on mobile phones, or "smishing".
Computer users who clicked on links in spam emails were taken to
a fraudulent website posing as a legitimate online bank, where they
were tricked into entering their passwords and banking details.
According to the US Department of Justice, the gang sent more
than 1.3m spam emails in one phishing attack.
The stolen information was passed to US-based cashiers, who
recorded the data onto blank credit and debit cards.
Other criminals tested the cards at ATMs by making balance
requests or withdrawing small amounts of money.
Once proven, the cards were used to withdraw the maximum amount
of money possible. A proportion of the stolen money was wired back
to Romania.
"This was a highly organised scheme using the internet to steal
money from individuals and financial institutions across
continents," said Graham Cluley, senior technology consultant at
web security software firm Sophos.
"The authorities in the US and Romania should be applauded for
their investigation, which hopefully will result in the dismantling
of a major cybercrime ring."
More than half of the people charged are Romanian, although the
scams also operated from the US, Canada, Pakistan and Portugal.
Read more about phishing:
Anti-phishing network relaunched>>
90% of online adults worried about phishing>>
UK brands trashed by phishing attacks>>