Original post of this article
26 August 2021 at 18:00 UTC
Updated: 26 August 2021 at 18:14 UTC
Romanian national sent down after admitting vishing, phishing, and money laundering rackets
A Romanian national has been jailed in the US for 140 months following his conviction for involvement in a trio of online scams.
Adrian Mitan, 36, previously pleaded guilty in January 2020 to three forms of cybercrime, namely an auction fraud scheme (targeting listings on Craigslist), a credit card phishing and brute-force attack scheme, and a vishing* scheme.
The credit card fraud scheme involved phishing for credit card information from victims and then “brute force attacking point of sale systems to obtain all necessary data to create new cloned credit or debit cards”.
Counterfeit cards using compromised account information were used to fraudulently withdraw funds from victims’ account using ATMs by Mitan and his co-conspirators.
The vishing scheme was the most complex of the three scams in play.
The technique involved “hacking into small businesses’ Voice over Internet Protocol systems and then deploying a script to contact financial institution customers to defraud them in providing their personal debit and credit card codes,” according to a US Department of Justice statement on the case.
Mitan admitted that he and his co-conspirators obtained codes for roughly 2,130 access devices, targeting more than 10 financial institutions’ customers, according to prosecutors.
The total amount Mitan illicitly earned through his cybercrime triathlon was not specified by the DoJ but can reasonably be assumed to be high given the severity of the sentence he received.
*Vishing is commonly applied to the techniques of tricking prospective marks into handing over sensitive information through voice communication rather than (as with phishing) a counterfeit or otherwise fraudulent website. Mitan and his cronies appear to have extended this approach beyond the bounds of the current law enforcement/cybercrime lexicon.