Six in California indicted for online bank fraud

Criminal enterprise allegedly earned $383,000 in 8 months

By Dan Goodin in San Francisco • Get more from this author

Posted in Crime, 9th May 2007 17:45 GMT

Free whitepaper – The shortcut guide to managing certificate lifecycles

Six California men accused of breaking in to online bank accounts and funneling out the proceeds have been indicted for bank and wire fraud and money laundering. The 53-count indictment could carry a sentence of as much as 30 years in prison and a fine of $1m.

The defendants, all from Fresno, allegedly netted $383,000 in the scheme, which ran from November 2003 to July 2004, according to the indictment, which is surprisingly vague on some key details about how they pulled it off. Two of them "acquired a software program from a free online source which allowed them to scan/surf the Internet for shared resources on other computers and which allowed the defendants to access those computers for its program backup files."

(Sounds like we're talking about a publicly available bot like rxbot, but we can't be sure. We also aren't told how many accounts they compromised.)

The defendants were then able to glean login credentials for online banks by rummaging through backup files related to Quicken, Quickbooks and Microsoft Money on the machines they illegally accessed. With this important information, the defendants then transferred money out of victims' online accounts. In addition to funneling money into an account established under a sham company called West Coast Data Systems, the defendants also used a service called Qchex, which allows the secure sending of printable checks over the net.

The men were also accused of depositing bad checks into the compromised accounts and then withdrawing the funds before the transactions had closed. ®

Free whitepaper – Avoiding 7 common mistakes of IT security compliance