Police in the U.S. and Romania last week arrested 38 people accused of running one of the most sophisticated international phishing operations ever uncovered.
The gang's alleged modus operandi was in many ways very standard, involving tricking U.S. citizens into giving up details of their bank accounts, enabling criminals to empty accounts up to their credit limits using ATM withdrawals.
What marks this case out from the usual phishing busts, however, is the way criminals operated across several countries at the same time, in real time, exploiting a number of different technologies and mediums to pull off the frauds before victims had time to react.
According to the U.S. Department of Justice (DOJ), the scam started in Romania where details from thousands of credit and ATM cards were phished -- or 'smished' - from individuals who visited a fake website after being prompted to do so, by a text messages sent to their mobile phone.
"We're confirming that you've signed up for our service. You will be charged $2 per day unless you cancel your order on this URL: [omitted]," prospective victims were told.
The website was used to cull details, which were quickly passed to U.S.-based criminals using instant messaging who, used the information to imprint the data on to the magnetic stripes of manufactured cards. "Runners" tested that the cards were working before using them at ATMs or point of sale terminals in shops.
The profits were banked by the U.S.-based criminals, who make up most of the accused, but only after passing a portion back to their Romanian accomplices. Most of the names mentioned in the indictment were Romanian, but several Vietmanese, a Mexican, a Cambodian and a Pakistani were also referred to, underscoring the gang's multi-national character.
The assumption is that using a Romanian-based SMS texting and fake server setup would have been designed to obscure the U.S.-based involvement in the crime.
"Criminals who exploit the power and convenience of the Internet do not recognize national borders; therefore our efforts to prevent their attacks cannot end at our borders either," commented DOJ deputy attorney general, Mark R. Filip.
"International organized crime poses a serious threat not only to the United States and Romania, but to all nations," he said.
If convictions follow, this case will mark a major success for the U.S. authorities, who will have grappled with the immense complexity of tracking down the accused across jurisdictions. The official release noted cooperation between the FBI, the Romanian Police, U.S. Immigration, the U.S. Postal Service, and several local police departments.
"One of the things that doesn't get mentioned much when charges like this are made public is the amount of work that goes on behind-the-scenes to gather evidence," said Graham Cluley of Sophos.
"Investigations like this aren't easy - there's a lot of evidence that needs to be gathered, surveillance, and working closely with the financial authorities as well as other police forces spread across the globe. Investigations like this also don't come cheap, so it's good to see a high level of effort and resources being put into tracking down suspected criminals."