Mar 082019

ATLANTA – Robert Codrut Dumitrescu pleaded guilty to federal charges of wire fraud conspiracy, computer fraud and abuse, and aggravated identity theft in connection with a scheme, orchestrated from Romania, which resulted in the illegal intrusion into computer servers in the United States, deployment of phishing messages to thousands of victims, and subsequent theft of victims’ social security numbers and bank account information.  His conspirators, Teodor Laurentiu Costea and Cosmin Draghici, also pleaded guilty earlier this year to federal charges related to this scheme.

“These defendants thought they could hide behind their computers in Romania and defraud the citizens of the Northern District of Georgia and elsewhere across the United States,” said U.S. Attorney Byung J. “BJay” Pak.  “These guilty pleas resulted from a tireless investigative effort to locate these fraudsters and bring them to justice in our District.  We will continue to protect our citizens from cyber-criminals, no matter how far the investigation reaches.”

“Cyber criminals cannot hide in the shadows of the internet no matter where they are,” said Chris Hacker, Special Agent in Charge of FBI Atlanta. “The FBI won’t let geographic boundaries stop us from pursuing those persons who cause tremendous financial pain to U.S. citizens. To the victims of these three conspirators and other cyber criminals, we will continue to identify them and pursue justice.”

According to U.S. Attorney Pak, the charges, and other information presented in court: From approximately October 2011 through February 2014, Robert Codrut Dumitrescu, Teodor Laurentiu Costea and Cosmin Draghici conducted a “vishing” and “smishing” scheme from Romania.  “Vishing” is a type of phishing scheme that communicates a phishing message, that is, a message that purports to be from a legitimate source, in this case the victims’ banks, through a voice recording. “Smishing” is similar to “vishing,” but communicates a phishing message through text messages.

As part of the scheme, the defendants compromised computer servers located in the Northern District of Georgia, and elsewhere, and installed both interactive voice response and bulk emailing software which initiated thousands of telephone calls and text messages to victims in the Northern District of Georgia, and across the United States, tricking them into disclosing Personally Identifiable Information (PII) such as financial account numbers, PINs, and social security numbers.   When a victim received a telephone call, the recipient would be greeted by a recorded message falsely claiming to be a bank. The interactive voice response software would then prompt the victim to enter their PII.

When a victim received a text message, the message purported to be from a bank and directed the recipient to call a telephone number hosted by a compromised Voice Over Internet Protocol server. When the victim called the telephone number, they were prompted by the interactive voice response software to enter their PII. The stolen PII was stored on the compromised computer servers and accessed by Dumitrescu and Costea, who then sold or used the fraudulently obtained information with the assistance of Draghici.

At the time of their arrests in Romania, Dumitrescu possessed 3,278 financial account numbers, Costea possessed 36,050 financial account numbers, and Draghici possessed 3,465 financial account numbers – all fraudulently obtained through this scheme.   Based upon these numbers alone, the estimated loss amount is expected to exceed $21,000,000.

On August 16, 2017, a grand jury charged Robert Codrut Dumitrescu, 41, Teodor Laurentiu Costea, 42, and Cosmin Draghici, 29, all of Ploiesti, Romania, with multiple federal computer and fraud-related crimes in connection with this scheme.  Dumitrescu, Draghici, and Costea were extradited from Romania to Atlanta last year to face these charges.

Sentencing is scheduled for Costea on June 11, 2019 at 2:00 p.m., for Draghici on June 12, 2019 at 11:00 a.m., and for Dumitrescu on July 23, 2019 at 2:00 p.m., all before U.S. District Judge Thomas W. Thrash.

This case was investigated by the Federal Bureau of Investigation.

Assistant U.S. Attorney Michael Herskowitz, Chief of the Cyber and Intellectual Property Crime Section, is prosecuting the case.

Source: U.S. Attorney’s Office,  Northern District of Georgia

Feb 222019

Whitney Leggett reports:

A Winchester man charged in Singapore with leaking the confidential information of more than 14,000 HIV patients is facing new federal charges in Kentucky. 

Mikhy Farrera-Brochez, 34, was arrested in Clark County December and charged with third-degree criminal trespassing for allegedly refusing to leave his mother’s property. According to court documents, it was the second time Brochez had been asked to leave the property, and he was arrested for third-degree criminal trespassing.

According to a press release from the U.S. Attorney for the Eastern District of Kentucky, Farrera-Brochez was charged Friday with unlawful transfer of stolen identification documents and possession with intent to distribute those documents in violation of federal law. 

Read more on Winchester Sun.

Feb 212019

Jordan Berger reports:

At least 1 million children were impacted by identity theft in the past year.

A 2018 study conducted by Javelin found the identity fraud resulted in more than $2.6 billion in total losses, and over $540 million in out-of-pocket costs to families.

Jeff Pitts, a public information officer with the Columbia Police Department, said it’s a growing problem even in mid-Missouri.

Read more on KOMU.

Feb 112019

Stas Alforov writes:

  • Based on the proprietary Gemini Advisory telemetry data collected from various dark web sources over several years, we have determined that in 2018, nearly 1.4 million cards were compromised in the East Asia region, nearly a 100% increase from 2017.
  • Despite the overarching trend of increased fraud in East Asia, Japanese compromised card levels decreased by over 100% in 2018, largely due to what appears to have been a massive upload of 280,000 Japanese CNP payment records posted for sale in January of 2017.
  • Gemini Advisory identified an out-of-pattern spike in Japanese payment records added to the dark web in November and December of 2018; this spike of newly added records appeared to run parallel to a growing demand in Japanese-issued cards. Gemini Advisory identified that during this timeframe, a number of Japanese cardholders published various complaints regarding a newly released Japanese payment app called PayPay.
  • Cybercriminals likely utilized this app as a means of monetizing stolen Japanese payment cards, as well as compromising and monetizing the credentials of existing legitimate PayPay users. Based on the overlapping timeframes between PayPay fraud and the spike in Japanese payment cards added to dark web marketplaces between November and December 2018, Gemini Advisory assesses with moderate confidence that these two events are related

Read more about their findings on

Feb 052019

From the press release:

United States Attorney Peter G. Strasser announced that KENDRA GRAVES, age 31, was charged on January 31, 2019 in a two-count bill of information with theft of government funds, in violation of Title 18, United States Code, Section 641 and identity theft in violation of Title 18, United States Code, Section 1028(a)(7).

According to court documents, GRAVES falsified federal student loan applications and used the stolen student aid monies valued at approximately $200,000 for her own personal use.  As part of her scheme to defraud, GRAVES applied for federal financial aid at Delgado Community College in the name of 15 individuals without their knowledge or consent.

If convicted, GRAVES faces a maximum term of imprisonment of 10 years and a fine of $250,000 as to Count 1 and 15 years in prison and a fine of $250,000 as to Count 2. GRAVES also faces three (3) years of supervised release following any term of imprisonment and a $200 special assessment fee.

U.S. Attorney Strasser reiterated that a bill of information is merely a charge and that the guilt of the defendant must be proven beyond a reasonable doubt.

U.S. Attorney Strasser praised the work of the U.S. Department of Education, Office of Inspector General, the U.S. Department of Treasury, Internal Revenue Service, and the Federal Bureau of Investigation in investigating this matter.  Assistant United States Attorney Julia K. Evans is in charge of the prosecution.