Two Foreign exchange students from Vietnam are accused of being mules for an international identity theft ring believed to have stolen millions of dollars from online merchants, according to an affidavit filed by federal investigators in Minnesota district court.
The affidavit sought a search warrant to raid the home of two Vietnamese exchange students attending Minnesota’s Winona State University. During the resulting raid, federal agents from the Department of Homeland Security’s Immigration and Customs Enforcement unit seized documents and computer equipment, according to the Minnesota Star Tribune.
DHS’s Cyber Crimes Center was already investigating the “underground economy” involving criminal rings based in Vietnam that were committing Internet financial fraud, said Schwarz. The amount of money stolen in this criminal enterprise is “estimated to exceed hundreds of millions of dollars,” Schwarz said in the filing.
Agents have been investigating the online scam, dubbed “Operation eMule” since September 2009, according to the affidavit. The swindle involved criminals setting up eBay and PayPal accounts under other people’s names and offering popular, expensive products at discounted prices, such as $400 Rosetta Stone software and iTunes gift cards.
When legitimate buyers bought the products using PayPal, the scammers ordered the items using the stolen credit card numbers directly from the manufacturer and shipped them. By the time the original credit card owner finds and reports the fraudulent transactions, it is already too late as the money has already left PayPal and moved into another bank account, and then sent offshore to Canada or Vietnam.
“The criminal ring makes online purchases from e-commerce merchants using stolen credit card information and then utilises an elaborate network of mules based in the United States,” wrote Schwarz.
The legitimate buyer received the product they ordered, but online merchants lose the money and the credit card owner is left to resolve the credit card fraud and accounts at eBay and PayPal, according to the document. The affidavit named several major companies that have been hit by this scam, including eBay, PayPal, Amazon, Apple, Dell and Verizon Wireless.
The cyber-criminals relied heavily on the Internet to perpetuate this fraud, said Schwarz, noting that all the accounts were opened online, often using proxy IP addresses to hide the user’s origin. The personal information used to open up the accounts were obtained by hacking into people’s computers or merchant databases, he said. In some cases, the credit card numbers were purchased from underground online marketplaces.
Investigators found 56 PayPal accounts that were opened under various individuals’ names located through the US with Vo’s name and address listed, and 24 eBay accounts linked to those accounts, the affidavit said. Over $247,000 passed through those accounts. PayPal records also linked Van to 310 accounts that handled approximately $1 million and were linked to 157 eBay accounts. They were also linked to bank accounts at Wells Fargo, Capital One, Eastwood, and HSBC with deposits totalling approximately $900,000, of which approximately $680,000 was wired overseas, the investigators found.
When PayPal froze some accounts “due to suspected fraudulent activity,” Vo and Van generated copies of fake passports, utility bills, and bank statements using a software called GFI FAXmaker, to get the funds released, according to the affidavit.
Targetting AWS, Microsoft? British competition regulator soon to announce “behavioural” remedies for cloud sector
Move to Elon Musk rival. Former senior executive at X joins Sam Altman's venture formerly…
Bitcoin price rises towards $100,000, amid investor optimism of friendlier US regulatory landscape under Donald…
Judge Kaplan praises former FTX CTO Gary Wang for his co-operation against Sam Bankman-Fried during…
Explore the future of work with the Silicon In Focus Podcast. Discover how AI is…
Executive hits out at the DoJ's “staggering proposal” to force Google to sell off its…