Five individuals have been charged by US federal prosecutors for their involvement in a large-scale phishing and hacking operation targeting employees at various companies across the country. The scheme, which lasted almost two years from September 2021 to April 2023, resulted in the theft of intellectual property, sensitive corporate data, and millions of dollars in cryptocurrency, including $6.3 million from a single victim.
The defendants allegedly used mass text messages to deceive victims, sending phishing messages that appeared to be urgent alerts from the companies or service providers. These messages warned that recipients’ accounts were at risk of deactivation, directing them to fake websites designed to resemble legitimate corporate portals.
Unsuspecting employees who entered their credentials on these websites provided the hackers with the information needed to breach internal systems. The stolen data, which included intellectual property and personal identifying information such as account credentials and email addresses, was then used to access crypto accounts and steal millions in virtual assets.
The defendants, identified as Ahmed Hossam Eldin Elbadawy, Noah Michael Urban, Evans Onyeaka Osiebo, Joel Martin Evans, and Tyler Robert Buchanan, face several charges, including conspiracy to commit wire fraud, conspiracy, wire fraud, and aggravated identity theft. If convicted, they could face up to 20 years in federal prison for conspiracy and wire fraud charges and a mandatory two-year sentence for identity theft.
US Attorney Martin Estrada described the group of cybercriminals as executing a sophisticated scheme to steal intellectual property and personal data worth tens of millions. He urged the public to remain cautious, warning that phishing and hacking tactics are becoming increasingly sophisticated. FBI Assistant Director Akil Davis emphasized the scale of the crime, noting that the defendants preyed on victims’ trust to steal sensitive data and cryptocurrency.
Phishing schemes in the crypto world have become increasingly common, with many individuals falling victim this year. Scam Sniffer’s February report highlighted that many of these exploits originated on X, where impersonated accounts posted deceptive comments to lure users to fake sites. In one notable case from October, a crypto investor lost $36 million in cryptocurrency after falling victim to a “permit phishing scam,” in which the attacker tricked the victim into signing a malicious signature, granting them full access to the investor’s funds.
Source
<p>The post Phishing Scammers Steal Millions in Cryptocurrency Through Deceptive Tactics first appeared on CoinBuzzFeed.</p>