In Los Angeles, 33 people were charged in a 65-count indictment in their roles in the Internet schemes. Seven more were indicted in a District of Connecticut indictment, which included two also named in the LA-based charges. According to indictment details, gang members in Romania got their mitts on thousands of credit- and debit-card accounts by massive phishing efforts—including one attack that involved 1.3 millions spams.
The Romanian gangs handed off the data to their U.S. contacts through Internet chat messages, who then used encoders to transpose the information onto credit and debit cards. Cards that proved successful in small-sum “test” runs on ATM machines or POS terminals were then used for large-scale withdrawals. A portion of the illegal gains was then wired back to the Romanian sources.