Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
Three Romanian citizens plead guilty to participating in a multi-million dollar "vishing and smishin
https://www.justice.gov/usao-ndga/pr/three-romanian-citizens-plead-guilty-participating-multi-million-dollar-vishing-andDepartment of Justice
U.S. Attorney’s Office
Northern District of Georgia
FOR IMMEDIATE RELEASE
Friday, March 8, 2019
Three Romanian citizens plead guilty to participating in a multi-million dollar “vishing and smishing” scheme
ATLANTA - Robert Codrut Dumitrescu pleaded guilty to federal charges of wire fraud conspiracy, computer fraud and abuse, and aggravated identity theft in connection with a scheme, orchestrated from Romania, which resulted in the illegal intrusion into computer servers in the United States, deployment of phishing messages to thousands of victims, and subsequent theft of victims’ social security numbers and bank account information. His conspirators, Teodor Laurentiu Costea and Cosmin Draghici, also pleaded guilty earlier this year to federal charges related to this scheme.
(snip)
According to U.S. Attorney Pak, the charges, and other information presented in court: From approximately October 2011 through February 2014, Robert Codrut Dumitrescu, Teodor Laurentiu Costea and Cosmin Draghici conducted a “vishing” and “smishing” scheme from Romania. “Vishing” is a type of phishing scheme that communicates a phishing message, that is, a message that purports to be from a legitimate source, in this case the victims’ banks, through a voice recording. “Smishing” is similar to “vishing,” but communicates a phishing message through text messages.
As part of the scheme, the defendants compromised computer servers located in the Northern District of Georgia, and elsewhere, and installed both interactive voice response and bulk emailing software which initiated thousands of telephone calls and text messages to victims in the Northern District of Georgia, and across the United States, tricking them into disclosing Personally Identifiable Information (PII) such as financial account numbers, PINs, and social security numbers. When a victim received a telephone call, the recipient would be greeted by a recorded message falsely claiming to be a bank. The interactive voice response software would then prompt the victim to enter their PII.
When a victim received a text message, the message purported to be from a bank and directed the recipient to call a telephone number hosted by a compromised Voice Over Internet Protocol server. When the victim called the telephone number, they were prompted by the interactive voice response software to enter their PII. The stolen PII was stored on the compromised computer servers and accessed by Dumitrescu and Costea, who then sold or used the fraudulently obtained information with the assistance of Draghici.
At the time of their arrests in Romania, Dumitrescu possessed 3,278 financial account numbers, Costea possessed 36,050 financial account numbers, and Draghici possessed 3,465 financial account numbers – all fraudulently obtained through this scheme. Based upon these numbers alone, the estimated loss amount is expected to exceed $21,000,000.
(snip)
