14 DAY TRIAL // 26-year-old Romanian national Laurentiu Cristian Busca was sentenced on Tuesday to 5 years in prison for participating in a phishing scam that targeted customers of various US companies, particularly financial institutions.
According to the US Department of Justice, Busca and his co-conspirators sent out emails replicating notifications from companies such as PayPal, eBay, Comerica Bank, Regions Bank, LaSalle Bank, U.S. Bank, Wells Fargo, Citibank, Capital One, Bank of America and JP Morgan Chase.
The malicious emails informed recipients about account issues and urged them to visit a site on which they were instructed to enter some personal and financial information, including payment card numbers, their expiration dates and CVV codes, PINs, names, addresses, phone numbers, and social security numbers.
The harvested information was later used to access bank accounts and withdraw funds, in many cases from ATMs located in Romania.
“The investigation revealed that BUSCA was heavily involved in the phishing conspiracy between 2004 and 2006, and analysis of his email accounts revealed that BUSCA possessed more than 10,000 stolen debit or credit card account numbers,” the DOJ reports.
“In addition to trafficking the stolen information, BUSCA possessed and shared various tools used for phishing, including files used to create counterfeit Internet sites and software needed to produce counterfeit credit and debit cards.”
In addition to Busca, 18 other Romanian citizens have been charged in this case. However, there are still nine defendants that haven’t been apprehended.
The others have been extradited from Romania, Croatia, Canada and Bulgaria.
Busca was extradited from Romania in December 2011. In November 2012, he pleaded guilty to conspiracy to commit access device fraud.
Other eight suspects have also pleaded guilty, and one has been convicted after a trial.