US Cyber Crime News


According to Assistant United States Attorney Matthew D. Segal, a prosecutor in the office’s Computer Hacking and Intellectual Property (CHIP) unit, who prosecuted the case, from November 2007 through May 2008, LARGENT wrote a computer program that allowed him to defraud E-Trade, Charles Schwab & Co., and Google by opening or attempting to open more than 58,000 brokerage accounts. He did this to steal the “micro-deposits.” A financial institution will make a micro-deposit when an account is opened to test the functionality of an account. The amounts deposited in this case ranged from $0.01 to $2.00.

LARGENT used false names, addresses, driver’s license numbers, and social security numbers, including the names of known cartoon and comic book characters to open the accounts. When the deposits occurred, he would transfer the funds into his own bank accounts or onto prepaid debit cards, without the authorization or knowledge of his victims. As a result, LARGENT fraudulently obtained or attempted to obtain tens of thousands of dollars, which he used for personal expenses.




The three-count information alleges that while employed as a U.S. Customs and Border Protection Officer, Ben-Shabat abused his official access to the Consular Consolidated Database (CCD) and Treasury Enforcement Communications System (TECS) database to obtain personal information
about a person he was suing in small claims court, and used the information to further his personal lawsuit. The information further alleges that Ben-Shabat induced other law enforcement officials, under the guise of official business, to access official records in the Arizona Criminal Justice Information System (ACJIS) database concerning the defendant in his personal lawsuit.



Computer Hacker Fugitive Extradited for Cybercrimes Relating to VOIP Telephone Services

Pena was indicted on fraud and computer hacking charges for his role in a scheme to defraud Voice Over Internet Protocol (VoIP) telephone service providers. Pena, who purported to be a legitimate wholesaler of these Internet-based phone services, allegedly sold discounted service plans to his unsuspecting customers. The Indictment alleges that Pena was able to offer such low prices because he would secretly hack into the computer networks of unsuspecting VoIP providers, including one Newark-based company, to route his customers’ calls.

Through this scheme, Pena is alleged to have sold more than 10 million minutes of Internet phone service to telecom businesses at deeply discounted rates, causing a loss of more than $1.4 million in less than a year. The victimized Newark-based company, which transmits VoIP services for other telecom businesses, was billed for more than 500,000 unauthorized telephone calls routed through its calling network that were “sold” to the defendant’s unwitting customers at those deeply discounted rates, according to the Indictment.



Computer Hacking Ring Charged by United States and Egypt in Operation Phish Phry

Operation Phish Phry commenced in 2007 when FBI agents, working with United States financial institutions, took proactive steps to identify and disrupt sophisticated criminal enterprises targeting the financial infrastructure in the United States. Intelligence developed during the initiative prompted the FBI and Egyptian authorities to agree to pursue a joint investigation into multiple subjects based in Egypt after investigators in both countries earlier this year uncovered an international conspiracy allegedly operating an elaborate scheme to steal identities through a method commonly called “phishing.” The group is accused of conspiring to target American-based financial institutions and victimize an unknown number of account holders by fraudulently using their personal
financial information.

According to the indictment that was unsealed this morning, Egyptian-based hackers obtained bank account numbers and related personal identification information from an unknown number of bank customers through phishing—a technique that involves sending e-mail messages that appear to be official correspondence from banks or credit card vendors. In illegal phishing schemes, bank customers are directed to fake websites purporting to be linked to financial institutions, where the customers are asked to enter their account numbers, passwords and other personal identification information. Because the websites appear to be legitimate—complete with bank logos and legal disclaimers—the customers do not realize that the websites do not belong to legitimate financial institutions.