Three Romanian citizens plead guilty to participating in a multi-million dollar “vishing and smishing” scheme
ATLANTA – Robert Codrut Dumitrescu pleaded guilty to federal charges of wire fraud conspiracy, computer fraud and abuse, and aggravated identity theft in connection with a scheme, orchestrated from Romania, which resulted in the illegal intrusion into computer servers in the United States, deployment of phishing messages to thousands of victims, and subsequent theft of victims’ social security numbers and bank account information. His conspirators, Teodor Laurentiu Costea and Cosmin Draghici, also pleaded guilty earlier this year to federal charges related to this scheme.
“These defendants thought they could hide behind their computers in Romania and defraud the citizens of the Northern District of Georgia and elsewhere across the United States,” said U.S. Attorney Byung J. “BJay” Pak. “These guilty pleas resulted from a tireless investigative effort to locate these fraudsters and bring them to justice in our District. We will continue to protect our citizens from cyber-criminals, no matter how far the investigation reaches.”
“Cyber criminals cannot hide in the shadows of the internet no matter where they are,” said Chris Hacker, Special Agent in Charge of FBI Atlanta. “The FBI won’t let geographic boundaries stop us from pursuing those persons who cause tremendous financial pain to U.S. citizens. To the victims of these three conspirators and other cyber criminals, we will continue to identify them and pursue justice.”
According to U.S. Attorney Pak, the charges, and other information presented in court: From approximately October 2011 through February 2014, Robert Codrut Dumitrescu, Teodor Laurentiu Costea and Cosmin Draghici conducted a “vishing” and “smishing” scheme from Romania. “Vishing” is a type of phishing scheme that communicates a phishing message, that is, a message that purports to be from a legitimate source, in this case the victims’ banks, through a voice recording. “Smishing” is similar to “vishing,” but communicates a phishing message through text messages.
As part of the scheme, the defendants compromised computer servers located in the Northern District of Georgia, and elsewhere, and installed both interactive voice response and bulk emailing software which initiated thousands of telephone calls and text messages to victims in the Northern District of Georgia, and across the United States, tricking them into disclosing Personally Identifiable Information (PII) such as financial account numbers, PINs, and social security numbers. When a victim received a telephone call, the recipient would be greeted by a recorded message falsely claiming to be a bank. The interactive voice response software would then prompt the victim to enter their PII.
When a victim received a text message, the message purported to be from a bank and directed the recipient to call a telephone number hosted by a compromised Voice Over Internet Protocol server. When the victim called the telephone number, they were prompted by the interactive voice response software to enter their PII. The stolen PII was stored on the compromised computer servers and accessed by Dumitrescu and Costea, who then sold or used the fraudulently obtained information with the assistance of Draghici.
At the time of their arrests in Romania, Dumitrescu possessed 3,278 financial account numbers, Costea possessed 36,050 financial account numbers, and Draghici possessed 3,465 financial account numbers – all fraudulently obtained through this scheme. Based upon these numbers alone, the estimated loss amount is expected to exceed $21,000,000.
On August 16, 2017, a grand jury charged Robert Codrut Dumitrescu, 41, Teodor Laurentiu Costea, 42, and Cosmin Draghici, 29, all of Ploiesti, Romania, with multiple federal computer and fraud-related crimes in connection with this scheme. Dumitrescu, Draghici, and Costea were extradited from Romania to Atlanta last year to face these charges.
Sentencing is scheduled for Costea on June 11, 2019 at 2:00 p.m., for Draghici on June 12, 2019 at 11:00 a.m., and for Dumitrescu on July 23, 2019 at 2:00 p.m., all before U.S. District Judge Thomas W. Thrash.
This case was investigated by the Federal Bureau of Investigation.
Assistant U.S. Attorney Michael Herskowitz, Chief of the Cyber and Intellectual Property Crime Section, is prosecuting the case.
For further information please contact the U.S. Attorney’s Public Affairs Office at USAGAN.PressEmails@usdoj.gov or (404) 581-6016. The Internet address for the U.S. Attorney’s Office for the Northern District of Georgia is http://www.justice.gov/usao-ndga.