A Romanian hacker involved in a sophisticated phishing scam defrauding customers of big-name companies including PayPal, Citibank, eBay and Bank of America has been sentenced to 45 months in jail.
The US Attorney for the District of Connecticut sentenced Iulian Schiopu, 34, for his role in the scam earlier in July, the FBI reported.
The scam saw Schiopu and his group of co-conspirators target customers of numerous well-known financial institutions with malicious email messages.
The messages masqueraded as legitimate alerts from banks telling customers their accounts had been locked. They then instructed the victims to “unlock” their accounts using a bogus URL contained in the message.
The URL took the unsuspecting bank customer to a page owned by the hackers, which took their banking details and emailed them to a central collector account or specific hacker involved in the scam. The hackers then took money from the accounts at various ATMs.
The sting operation against Schiopu began in 2013 when Swedish authorities arrested and extradited him to the US. He is one of 19 Romanian citizens arrested for suspected involvement in the scam.
The arrest has been heralded as a key victory in ongoing efforts to combat cyber crime. This year has seen law enforcement agencies across the globe work together to combat key cyber threats.
Numerous agencies including the US FBI and UK National Crime Agency (NCA) co-ordinated a global sting operation against the Gameover Zeus botnet in June. The operation knocked the botnet offline for several weeks and was designed to give victims the chance to purge their systems of the malware.
The NCA announced its participation in a fresh European campaign to combat the Shylock malware on 10 July.