FBI Tightens Net Around Identity Theft Operations

By Brian Krebs
Washingtonpost.com Staff Writer
Friday, November 3, 2006

The FBI is cracking down on an international identity theft operation that involves the trading of social security numbers; the sale of stolen credit card account information; and phishing, the practice of using e-mail to trick consumers into handing over personal information, authorities said yesterday.

Called Operation Cardkeeper, the investigation has brought about the arrests of more than a dozen people in the United States and other countries who are members of online communities that specialize in "carding," the trafficking of stolen identities and credit card and bank account information.

"We are sharing evidence and using sophisticated techniques like never before," said James E. Finch, assistant director of the FBI's Cyber Division. "Cyber criminals will no longer be able to hide behind borders to conduct their illicit business."

Investigators said some members of the criminal rings purchased data that was electronically copied from the magnetic strip on the back of credit or debit cards and used the information to create counterfeit cards for cash withdrawals and retail purchases. Others sold Social Security numbers and other personal data through online carder forums. That data was later used to obtain credit cards in the victims' names, investigators said.

Facing charges in the United States are Frederick T. Hale, 27, and Zanadu Lyons, 24, both of Columbus, Ohio, and Dana Carlotta Warren, 29, of Ellenwood, Ga. Authorities have also served search warrants in Albany, N.Y.; Atlanta; Dallas; Knoxville, Tenn.; Memphis; and Omaha.

Working with international authorities, the FBI also assisted in the arrests of 11 people in Poland believed to be connected to a network of online fraud forums. The FBI said it had traced a series of phishing attacks from late 2004 back to members of the Polish ring.

Phishing involves the use of e-mail messages that impersonate those from a financial institution and urge recipients to update their account information. Recipients who comply typically are directed to bogus look-alike bank sites designed to steal customer information.

The Anti-Phishing Working Group, an industry consortium, said more than 10,000 phishing Web sites were active on the Internet in August, about double the number of sites in January.

In 2004, the FBI and U.S. Secret Service infiltrated and dismantled the Shadowcrew and Carderplanet fraud forums, arresting 28 individuals who collectively traded more than 1.7 million stolen credit card numbers.

View all comments that have been posted about this article.

© 2006 The Washington Post Company