U.S. DHS Goes After Vietnamese Hackers, Identity Thieves

The U.S. Department of Homeland Security is cracking down on a international criminal ring, based in Vietnam, that is thought to have stolen hundreds of millions of dollars from online merchants using hacking and identity theft.

Last month, agents from the DHS's Immigration and Customs Enforcement (ICE) investigations unit raided the home of two Vietnamese exchange students at Minnesota's Winona State University, seizing documents and computer equipment.

According to an affidavit filed in support of the search warrant in this case, the students, Tram Vo and Khoi Van, made more than $1.2 million selling software, videogames and Apple gift cards on eBay, and then shipping buyers products that they'd purchased with stolen credit card numbers.

The scam that Vo and Van are accused of has become a big problem for U.S. merchants, according to the affidavit, which was unsealed last week.

Here's how it works. Using stolen information the criminals set up eBay and PayPal accounts in other people's names and start selling products -- $400 Rosetta Stone software or iTunes gift cards, for example. When legitimate buyers purchase these products using PayPal, the scammers then order them direct from the manufacturer, using stolen credit card numbers. By the time the credit card user reports the fraud, the scammers have already moved their money from PayPal to another bank account. Then they move it offshore to accounts in Canada or Vietnam.

The online merchant is the big loser in the deal, but the consumers whose information was stolen also take a hit, as they have to untangle themselves from the fraudulent credit card transactions and fake eBay and PayPal accounts.

One victim, Susan Higginbotham, of Bemidji, Minnesota, got as many as eight letters a day from banks telling her she'd just signed up as a customer. She also got bills from eBay for the fraudulent transactions, according to the Minnesota Star Tribune, which first reported the investigation on Saturday.

In November, Louisiana authorities working with ICE arrested three students in connection with a similar scam.

The law enforcement operation, run out of ICE's Cyber Crimes Center in Washington, D.C., has been investigating the Vietnamese crime ring since Sept. 2009 in an action called Operation eMule, according to the affidavit, which is signed by DHS Special Agent Daniel Schwarz. "The criminal ring makes online purchases from e-commerce merchants using stolen credit card information and then utilizes an elaborate network of mules based in the United States," he wrote. The criminals get stolen credit or bank card numbers by hacking PCs or databases. In some cases, they simply buy the stolen personal information from underground online marketplaces.

The criminals involved in this operation get their orders via a secured Web site that is available only to "vetted members,' Schwartz said. The money at play in this criminal enterprise is "estimated to exceed hundreds of millions of dollars," he said.

ICE and the Computer Crimes Center did not respond to calls Monday. PayPal and eBay were unable to comment immediately.

Criminals are finding plenty of ways to steal money in the U.S. The hard part, though, is getting the cash out of the country. That's where money mule networks come in. In October, authorities arrested more than 100 people in the U.S. and U.K. in connection with another money mule operation -- this one thought to be operated out of Ukraine. Scammers were hacking into bank accounts, transferring money around, and then using mules to move the money offshore using services such as Western Union.

Robert McMillan covers computer security and general technology breaking news for The IDG News Service. Follow Robert on Twitter at @bobmcmillan. Robert's e-mail address is robert_mcmillan@idg.com

Subscribe to the Security Watch Newsletter

Comments