A 23-year-old Romanian man has become the first foreigner to be convicted by a US court for phishing.
Ovidiu-Ionut Nicola-Roman, of Craiova, Romania, was sentenced to four years and two months in prison Monday for his role in an international phishing operation. Prosecutors had charged him with setting up fake banking sites and then sending out tens of thousands of fraudulent spam messages in hopes of tricking victims into giving up their account information.
Nicola-Roman was arrested in Bulgaria and extradited to the US in November 2007. He pleaded guilty last July to a fraud charge and had been facing a possible five years in prison. Additional charges that he faced in California were dropped because they were not listed in his extradition request.
He was charged as part of a larger phishing bust that also named six other Romanians, none of whom have been arrested.
Security experts say countries such as Russia, Romania and the Ukraine have become hotbeds of cybercrime, in part because local governments are slow to prosecute fraudsters who take money from victims in other countries such as the US.
The FBI said Monday that Internet fraud complaints had spiked 33 percent year-over-year in 2008.
In Nicola-Roman's case, prosecutors said they found 2,600 credit and debit card numbers in email accounts linked to him, and that he had probably harvested more information. He set up a fake phishing site to snare customers of People's Bank in October 2005, but also had tools that would have allowed him to phish customers of Wells Fargo, Suntrust, Amazon.com, PayPal and eBay, according to court documents.
He doesn't appear to have written software himself, but assembled a large collection of online fraud tools, including a program called Web Data Extractor, which harvested e-mail addresses. He sent spam to victims using a program called Email Sender Express, which could send 30,000 spam messages per hour, and created counterfeit cards using a program called T2Gen, prosecutors said. Another program, called WebZIP Unlimited, could be used to counterfeit legitimate websites.