FBI: A Thief By Many Names: Atlanta Man Sentenced For Aggravated Identity Theft

The FBI released the below information:

The headquarters of a large national bank had detected fraud on an account and sent word to an Atlanta branch to be on alert: If an individual comes in to pick up the new debit card linked to that account, call the Atlanta Police Department.

An alert bank employee did just that when Khoi Nguyen, 43, came in to the branch to claim the debit card. Officers arrived quickly to ask Nguyen about his identity and the name on the bank account. Upon questioning, Nguyen produced a Department of Defense identification badge and claimed to be in law enforcement.

The police weren’t buying it, so they called the FBI to investigate Nguyen for impersonating a federal law enforcement officer. It was soon discovered that he was not only impersonating a government official but more than a dozen different people in a sophisticated identity theft scheme.

“In his bag at arrest were 20 cellular phones, 13 different identifications, a number of credit cards, and about $11,000 in cash,” said Special Agent Marcus Brackman, who worked the case out of the FBI’s Atlanta Field Office.

Brackman said that Nguyen had some technical skills and likely purchased the stolen personal information he used to create fake documents and open fraudulent financial accounts off encrypted websites. “Criminals can buy identities for 50 cents on the dark web,” Brackman explained.

Nguyen pleaded guilty to aggravated identity theft and was sentenced in October 2018 to two years in federal prison for his crime. He was also ordered to pay restitution to the financial institution and is facing additional state charges related to similar alleged activity in other areas of the country.

 “Identity theft is very prevalent,” said Brackman. According to the Bureau of Justice Statistics, an estimated 26 million people age 16 or older in the United States experienced some form of identity theft in 2016—with many of those cases involving the misuse of a credit card or bank account. Brackman said that it was gratifying to hold someone responsible for a crime that affects so many people and creates such a headache for victims.

Beyond the financial losses, the impact of identity theft extends to the time, stress, and worry involved in cleaning up the harm done to credit scores and financial standing. “It is just painful to do your job and raise your family while trying to deal with the aftereffects of someone stealing your identity,” Brackman sympathized.

While it is difficult to protect against all the ways a criminal can find your personal data, Backman said consumers should monitor accounts and credit reports regularly and safeguard all personal information by being diligent about online safety and security and ensuring mail and documents don’t fall into the wrong hands.

The FBI website has more information about identity theft and the tools it uses to investigate and prosecute the crime. The Federal Trade Commission website offers additional prevention tips and resources. 

New Hampshire Man Pleads Guilty To Computer Hacking And “Sextortion” Scheme Involving Multiple Female Victims

The U.S. Justice Department released the below information:

A New Hampshire man pleaded guilty today to remotely hacking into the online accounts of almost a dozen female victims and sending them threatening online communications, in some instances containing sexually explicit photos, in order to force the victims to send him sexually explicit photos of themselves. 

Assistant Attorney General Leslie R. Caldwell of the Justice Department’s Criminal Division, U.S. Attorney Emily Rice of the District of New Hampshire and Resident Agent in Charge Holly Fraumeni of the U.S. Secret Service’s Manchester, New Hampshire, Field Office made the announcement. 

Ryan J. Vallee, 22, formerly of Belmont and Franklin, New Hampshire, pleaded guilty to a 31-count superseding indictment charging him with 13 counts of making interstate threats, one count of computer hacking to steal information, eight counts of computer hacking to extort, eight counts of aggravated identity theft and one count of cyberstalking.  On March 16, 2016, while Vallee was awaiting trial, he was re-arrested on new criminal charges and has remained in custody since then.  He is scheduled to be sentenced on Dec. 1, 2016, in the U.S. District Court for the District of New Hampshire

According to admissions made in connection with his plea, from 2011 through March 2016, Vallee, using various aliases that included “Seth Williams” and “James McRow,” engaged in a computer hacking and “sextortion” campaign designed to force numerous victims to provide him with sexually explicit photographs of themselves and others.

Vallee admitted that he employed a variety of techniques to force his victims to cede to his “sextortionate” demands.  For example, according to the plea agreement, he repeatedly hacked into and took control over the victims’ online accounts, including their email, Facebook and Instagram accounts.  Once he had control of these accounts, Vallee locked the victims out of their own accounts and, in some cases, defaced the contents of the accounts, he admitted.  According to the plea, in at least one instance, Vallee hacked into a victim’s Amazon.com account, which stored her payment information and shipping address, then ordered items of a sexual nature and had them shipped to the victim’s home.  Vallee also admitted that in some instances, he obtained sexually explicit photos of the victims and their friends and distributed them to the victims, their friends and their family members.  With at least one victim, Vallee created a Facebook page using an account name that was virtually identical to the victim’s real Facebook account name, with one letter misspelled, he admitted.  He then posted sexually explicit photos of the victim on this fake Facebook page and issued “friend requests” to the victim, her friends and her family members, according to the plea agreement.

Vallee admitted that he repeatedly sent threatening electronic communications to his victims, usually by using spoofing or anonymizing text message services, in which he threatened his victims that unless they gave him sexually explicit photographs of themselves, he would continue with the above-described conduct.  According to the admissions in the plea agreement, when most of the victims refused to comply with Vallee’s demands and begged him to leave them alone, Vallee responded with threats to inflict additional harm.

The U.S. Secret Service investigated the case with substantial assistance from the Belmont Police Department.  Senior Trial Attorney Mona Sedky of the Criminal Division’s Computer Crime and Intellectual Property Section and Assistant U.S. Attorney Arnold H. Huftalen of the District of New Hampshire are prosecuting the case.

Victims of “sextortion” schemes such as this often may be hesitant to come forward.  The Justice Department encourages individuals who may be the victims of similar schemes to contact their local law enforcement agencies to report this conduct. 

Russian Cyber-Criminal Convicted Of 38 Counts Related To Hacking Businesses And Stealing More Than Two Million Credit Card Numbers

The U.S. Justice Department released the below information:

A federal jury today convicted a Vladivostok, Russia, man of 38 counts related to his scheme to hack into point-of-sale computers to steal and sell credit card numbers to the criminal underworld, announced Assistant Attorney General Leslie R. Caldwell of the Justice Department’s Criminal Division and U.S. Attorney Annette L. Hayes of the Western District of Washington.  

Roman Valerevich Seleznev, aka Track2, 32, was convicted after an eight-day trial of 10 counts of wire fraud, eight counts of intentional damage to a protected computer, nine counts of obtaining information from a protected computer, nine counts of possession of 15 or more unauthorized access devices and two counts of aggravated identity theft.  U.S. District Judge Richard A. Jones of the Western District of Washington scheduled sentencing for Dec. 2, 2016.

According to testimony at trial and court documents, between October 2009 and October 2013, Seleznev hacked into retail point-of-sale systems and installed malicious software (malware) to steal credit card numbers from various businesses from a server he operated in Russia.  Many of the businesses were small businesses, some of which were restaurants in Western Washington, including the Broadway Grill in Seattle, which was forced into bankruptcy following the cyber assault.

Evidence presented at trial demonstrated that the malware would steal the credit card data from the point-of-sale systems and send it to other servers that Seleznev controlled in Russia, the Ukraine or in McLean, Virginia.  Seleznev then bundled the credit card information into groups called “bases” and sold the information on various “carding” websites to buyers who would then use the credit card numbers for fraudulent purchases, according to the trial evidence.  Testimony at trial revealed that Seleznev’s scheme caused 3,700 financial institutions more than $169 million in losses.

When Seleznev was taken into custody in July 2014 in the Maldives, his laptop contained more than 1.7 million stolen credit card numbers, some of which were stolen from businesses in Western Washington.  The laptop also contained additional evidence linking Seleznev to the servers, email accounts and financial transactions involved in the scheme.

Seleznev is charged in a separate indictment in the District of Nevada with participating in a racketeer influenced corrupt organization (RICO) and conspiracy to engage in a RICO, as well as two counts of possession of 15 or more counterfeit and unauthorized access devices.  Seleznev is also charged in the Northern District of Georgia with conspiracy to commit bank fraud, one count of bank fraud and four counts of wire fraud.  An indictment is merely an allegation, and the defendant is presumed innocent unless and until proven guilty beyond a reasonable doubt in a court of law.

The U.S. Secret Service Electronic Crimes Task Force investigated the case.  The task force includes detectives from the Seattle Police Department and the U.S. Secret Service Cyber Intelligence Section in Washington, D.C.   Trial Attorney Harold Chun of the Criminal Division’s Computer Crime and Intellectual Property Section (CCIPS) and Assistant U.S. Attorneys Norman M. Barbosa and Seth Wilkinson of the Western District of Washington are prosecuting the case.   The CCIPS Cyber Crime Lab and its Director, Ovie Carroll, provided substantial support for the prosecution.  The Office of International Affairs and the U.S. Attorney’s Office of the District of Guam also provided assistance in this case.

Chicago-Area Resident Indicted In Stolen Identity Refund Fraud Scheme Involving Victims From The U.S. Air Force

The U.S. Justice Department released the below information:

A federal grand jury sitting in Chicago, Illinois returned an indictment on Feb. 11 against a resident of a Chicago suburb, charging him with 10 counts of wire fraud, 10 counts of aggravated identity theft and one count of access device fraud, announced Acting Assistant Attorney General Caroline D. Ciraolo of the Justice Department’s Tax Division and U.S. Attorney Zachary T. Fardon of the Northern District of Illinois. The defendant had his initial court appearance earlier today.

Jonathan Herring aka Byron Taylor, Marco Brown and Quang Dang of Harvey, Illinois, participated in a stolen identity refund fraud scheme, according to allegations in the indictment.  Herring obtained the means of identification of actual individuals, including their names and social security numbers and used this information to prepare false tax returns.  Herring is alleged to have obtained stolen identities of members of the U.S. Air Force, among others.  Herring used the stolen identities to electronically file false income tax returns seeking tax refunds with the Internal Revenue Service (IRS).  Herring is alleged to have received the fraudulently obtained tax refunds in the form of direct deposits into various bank accounts that he controlled. 

If convicted, Herring faces a statutory maximum sentence of 20 years in prison for each count of wire fraud, 10 years in prison for one count of access device fraud and a mandatory sentence of two years in prison for aggravated identity theft, which will run consecutive to any other prison term he receives.  Herring also faces substantial monetary penalties, supervised release, and restitution.

An indictment merely alleges that crimes have been committed.  A defendant is presumed innocent until proven guilty beyond a reasonable doubt.

Acting Assistant Attorney General Ciraolo commended special agents of IRS Criminal Investigation, who investigated the case and Trial Attorneys Michael C. Boteler and Timothy M. Russo of the Tax Division, who are prosecuting this case. 

Cyberstalker Sentenced To 10 Years in Prison

The U.S. Justice Department released the below information:

Michael Daniel Rubens, 31, formerly of Tallahassee, Florida, was sentenced today to 10 years in prison, a $15,000 fine and $1,550 in restitution for cyberstalking, unauthorized access to a protected computer and aggravated identity theft.  The sentence was announced by Acting U.S. Attorney Christopher P. Canova for the Northern District of Florida.

During his guilty plea on Dec. 3, 2015, Rubens admitted that, between January 2012 and January 2015, he publicly humiliated dozens of young women by hacking into their online accounts, including e-mail and social media, stealing photographs and other personal information, using the photographs to create pornography and posting the pornographic images on social media websites and on a revenge pornography website that was recently shut down by the FBI.  Rubens engaged in most of the conduct from his residence in Tallahassee.  He used software to conceal his IP address.

Rubens’ victims included an employee of a local restaurant he frequented, an out-of-town colleague, an acquaintance in his office building, clients of the defendant’s employer, a former girlfriend and her colleagues, high school classmates and the victims’ relatives or friends.  For one particular woman, Rubens’ laptop contained 470 files with more than 5,000 references to the victim.  Rubens’ computer searches focused on finding the victims’ personal identifying information, such as past addresses, family information and other personal data that could be used to answer security questions.  As a result of Rubens’ conduct, the victims became afraid to conduct any online activities and often deleted their social media presence entirely.  In some instances, the conduct also damaged the victims’ personal relationships.

Urging leniency, Ruben’s counsel argued that, unlike bank robbery or drug dealing, cyberstalking was not something people thought of as a serious crime.  U.S. District Judge Robert L. Hinkle for the Northern District of Florida responded, “Perhaps it’s time they learned.”

“This sentence sends an unequivocal message to anyone tempted to use a computer as a weapon to victimize and steal the identities of others: Expect to be prosecuted.  And expect to go to prison,” said Acting U.S. Attorney Canova.

“This criminal hacked into social media accounts and tormented women with blackmail and harassment,” said Special Agent in Charge Susan L. McCormick of Homeland Security Investigations’ (HSI) Tampa Field Office.  “His crimes demonstrate how predators use the Internet to target innocent victims and ruin lives.  With the help of victims and our law enforcement partners, like the Florida State University Police and the Leon County Sheriff’s Office, HSI will find these predators and hold them accountable.”

This case resulted from investigations by the United States Immigration and Customs Enforcement Homeland Security Investigations, the Florida State University Police Department, and the Leon County Sheriff’s Office.  It is being prosecuted by Assistant U.S. Attorney Jason S. Beaton.

The U.S. Attorney’s Office for the Northern District of Florida is one of 94 offices that serve as the nation’s principal litigators under the direction of the Attorney General.  The office strives to protect and serve the citizens of the Northern District of Florida through the ethical, vigorous and impartial enforcement of the laws of the United States, to defend the national security, to improve the safety and quality of life in our communities through the protection of civil rights and to protect the public funds and financial assets of the United States.  To access public court documents online, please visit the U.S. District Court for the Northern District of Florida website.  For more information about the United States Attorney’s Office, Northern District of Florida, visit http://www.justice.gov/usao/fln/index.html.

Alleged Russian Cyber-Criminal Now Charged In 40-Count Superseding Indictment

The U.S. Justice Department released the below information:

A federal grand jury in Seattle returned a second superseding indictment late yesterday charging a Russian national with 11 additional counts and further detailing his alleged scheme to hack into businesses and steal credit card information for later sale over the Internet on “carding” websites.

The now 40-count indictment alleges that Roman Valerevich Seleznev, aka “Track2,” 30, of Vladivostok, Russia, was involved in the theft and sale of more than 2 million credit card numbers.
Assistant Attorney General Leslie R. Caldwell of the Justice Department’s Criminal Division and Acting U.S. Attorney Annette L. Hayes of the Western District of Washington made the announcement.

“The additions in this superseding indictment show how cybercriminals use the Internet not only to infiltrate and steal sensitive data, but also to teach other criminals how to navigate the credit-card selling underworld and get equipment that can be used to defraud U.S. citizens,” said Assistant Attorney General Caldwell.  “The Criminal Division is committed to investigating these thefts and uncovering the methods of computer hackers to stay one step ahead of them and bring them to face justice.”

“The charges returned by the grand jury detail a criminal scheme that continued right up until Mr. Seleznev’s arrest in July,” said Acting U.S. Attorney Hayes.  “As set forth in the indictment, the government expects to prove at trial that Seleznev was a leader in the marketplace for stolen credit card numbers, and even created a website offering a tutorial on how to use stolen credit card numbers to commit crime.”

The indictment charges Seleznev with 11 counts of wire fraud, nine counts of intentional damage to a protected computer, nine counts of obtaining information from a protected computer, nine counts of possession of 15 or more unauthorized access devices and two counts of aggravated identity theft.  Seleznev is currently scheduled for trial on Nov. 3, 2014, and will be arraigned on the new charges sometime next week.

According to court documents, between October 2009 and October 2013, Seleznev allegedly hacked into retail point of sale systems and installed malicious software to steal credit card numbers from various businesses.  Seleznev allegedly created and operated the infrastructure to facilitate the theft and sale of credit card data, used servers located all over the world to facilitate his operation, and sold stolen credit card data on a website known as “2pac.cc.”

Seleznev is also charged in a separate indictment in the District of Nevada with participating in a racketeer influenced corrupt organization (RICO) and conspiracy to engage in a racketeer influenced corrupt organization, as well as two counts of possession of 15 or more counterfeit and unauthorized access devices. 

The charges contained in the indictments are only allegations.  A person is presumed innocent unless and until he or she is proven guilty beyond a reasonable doubt in a court of law.

The case is being investigated by the U.S. Secret Service Electronic Crimes Task Force, which includes detectives from the Seattle Police Department.  The case is being prosecuted by Trial Attorney Ethan Arenson of the Criminal Division’s Computer Crime and Intellectual Property Section and Assistant U.S. Attorneys Norman M. Barbosa and Seth Wilkinson of the Western District of Washington.  The Office of International Affairs and the U.S. Attorney’s Office for the District of Guam provided substantial assistance in this case.

Leader of Identity Theft Ring Sentenced for Stealing More Than 600 Identities and Causing More Than $1 Million in Losses

The U.S. Justice Department released the below information today:

The leader of an identity theft ring that stole more than 600 identities from U.S. government employees and others was sentenced today to serve 12 years in prison, followed by three years of supervised release.

Acting Assistant Attorney General Mythili Raman of the Justice Department’s Criminal Division, Acting United States Attorney Dana J. Boente of the Eastern District of Virginia, Special Agent in Charge Kathy A. Michalko of the United States Secret Service’s Washington Field Office and Chief Edwin C. Roessler Jr. of the Fairfax County Police Department made the announcement.

Jenaro Blalock, 31, of Clinton, Md., pleaded guilty on Oct. 29, 2013, to access device fraud and aggravated identity theft and was sentenced by United States District Judge Claude M. Hilton.   Blalock was also ordered to pay full restitution to victims.

According to court documents, between June 2011 and July 2013, Blalock and co-leader Christopher Bush recruited women with access to identity information through their employers to steal more than 600 identities, primarily belonging to employees of the U.S. Department of State, the U.S. Department of Defense and the U.S. Agency for International Development.   

Blalock provided blank driver’s licenses so that Bush could make fraudulent driver’s licenses bearing the victims’ real names, addresses and dates of birth.   Blalock also made fraudulent credit cards bearing victims’ names.   Members of the identity theft ring, including Blalock, used those fraudulent driver’s licenses and victims’ social security numbers to open instant credit lines at retailers and obtain rental cars, which were frequently sold on the black market with altered vehicle identification numbers.   

According to information provided at sentencing, the identity theft ring caused victim losses of between $1 million and $2.5 million.

On Jan. 17, 2014, Bush was sentenced to serve 10 years in prison for his role in the scheme.

This case was investigated by the United States Secret Service and the Fairfax County Police Department, with assistance from the City of Fairfax Police Department, Prince George’s County Washington Area Vehicle Enforcement, Prince George’s County Financial Crimes Section, the Metropolitan Washington Airport Authority, the Delaware State Police, the Maryland State Police, the D.C. Metropolitan Police Department, the U.S. Postal Inspection Service, the Office of the Inspector General of the U.S. Department of Agriculture and the Office of the Inspector General of the U.S. Department of State .
The case was prosecuted by Trial Attorney Peter Roman of the Criminal Division’s Computer Crime and Intellectual Property Section and Assistant U.S. Attorney Lindsay Kelly of the Eastern District of Virginia.