In May of 2018, we reported on three Romanian threat actors who were extradited to the U.S. for their involvement in a SMiShing and Vishing fraud scheme. At the time of reporting, the expected losses were listed around $18 million but have since risen to more than $21 million.
Between July 12 and October 31, 2011, PhishLabs’ analysts detected a number of telephone phishing (known as vishing) attacks against one of our clients, a well known financial institution. This data was then conveyed to the FBI.
According to the U.S. Department of Justice, starting in October of 2011 and through to February 2014, Robert Codrut Dumitrescu, Teodor Laurentiu Costea, and Cosmin Draghici developed a scheme targeting Americans that involved SMS text and voice-based phishing attacks. In these messages, the threat actors posed as the victim's bank.
In a new report, the Department of Justice stated that all three parties that were indicted in this matter have “pleaded guilty to federal charges of wire fraud conspiracy, computer fraud and abuse, and aggravated identity theft in connection with a scheme, orchestrated from Romania, which resulted in the illegal intrusion into computer servers in the United States, deployment of phishing messages to thousands of victims, and subsequent theft of victims’ social security numbers and bank account information.”
When arrested, the threat actors had just under a combined 43,000 financial account numbers from their victims of these attacks. More specifically, Dumitrescu possessed 3,278 financial account numbers, Costea possessed 36,050 numbers, and Draghici possessed 3,465 numbers. Based on these findings prosecutors have estimated the initial $18 million in losses increased to around $21 million.
All three parties are set to be sentenced in either June or July of this year, with all three now having plead guilty for their involvement.
“Cyber criminals cannot hide in the shadows of the internet no matter where they are,” said Chris Hacker, Special Agent in Charge of FBI Atlanta. “The FBI won’t let geographic boundaries stop us from pursuing those persons who cause tremendous financial pain to U.S. citizens. To the victims of these three conspirators and other cyber criminals, we will continue to identify them and pursue justice.”