A Romanian citizen has been charged with identity theft and bank fraud, which he conducted using card skimming at several large retail stores in Puerto Rico, the U.S. Attorney’s Office said Tuesday.
The accused, Vlad Terebes, was extradited on May 31 from the United Kingdom to Puerto Rico to face multiple charges related to identity theft and bank fraud.
A federal grand jury indicted Terebes on September 21, 2023, with a 12-count indictment including conspiracy to commit identity theft, aggravated identity theft, conspiracy to commit access device trafficking in counterfeit access devices, trafficking in device-making equipment, and bank fraud.
According to court documents, Terebes and his co-conspirators installed illicit card skimming equipment at various large retail stores in Manatí, Canóvanas, Caguas, and Carolina, Puerto Rico. The skimming equipment was used to steal credit and debit card information from unsuspecting customers.
In a five-day period beginning March 8, 2022, Terebes and his co-conspirators collected the card numbers, names, and personally identifying information of approximately 1,215 customers, the Justice Department said.
The scammers attempted to withdraw around $20,421 from these customers’ bank accounts, but whether they were successful remains unclear.
A local news agency in Puerto Rico, at the time, said the alleged group of hackers also installed card skimmers at Walmart stores and later fled the island.
One of them, identified as Terebes by the U.S. Secret Service, took a flight to Ft. Lauderdale, a preliminary investigation revealed.
Terebes and his co-conspirators are allegedly all from Europe and ran a racket of stealing credit and debit card data to sell it on the underground market or the dark web.
Terebes was arrested on February 2, 2024, in the UK at the request of U.S. law enforcement.
Terebes was presented in federal court on June 3 before U.S. Magistrate Judge Marcos López of the District of Puerto Rico. López ordered detention of Terebes. If convicted, Terebes faces a maximum penalty of 30 years in prison, plus a mandatory consecutive sentence of at least two years for each aggravated identity theft charge.
The final sentence will be determined by a federal district court judge, who will consider the U.S. Sentencing Guidelines and other statutory factors.
Financial fraud is one of the largest challenges facing American citizens and businesses today. Prevention and prosecution of crimes of this nature will remain a top priority for the U.S. Attorney’s Office, and we will not be deterred by individuals who attempt to flee from prosecution. In coordination with the Justice Department’s Office of International Affairs, we remain committed to the arrest and extradition of those who commit crimes in Puerto Rico,” said W. Stephen Muldrow, United States Attorney for the District of Puerto Rico.
Skimming involves installation of illegal hardware devices at ATMs, point-of-sale (POS) terminals, or fuel pumps. This hardware equipment captures data or records cardholders’ PINs based on its functionality. Criminals further use this data to create fake debit or credit cards and steal victims’ funds.
The FBI estimates that card skimming costs financial institutions and consumers more than $1 billion each year.
2023 saw a significant increase in compromised cards resulting from skimming activity, according to a report from business analytics company FICO. Total number of compromised debit cards were up 96% from 2022, with more than 315,000 impacted cards identified.
Although the card skimming activities have seen a sharp rise, law enforcement has also stepped up its game cracking down these criminals. In February, the U.S. arrested five individuals for engaging in ATM skimming schemes involving theft of account information and PIN numbers.
“The five defendants allegedly illegally obtained financial information using hidden devices implanted in ATMs to create counterfeit debit cards and steal thousands of dollars from over 600 unsuspecting victims,“ said FBI Assistant Director-in-Charge Smith. “The defendants’ concerted efforts to conceal this fraudulent activity allowed the scam to plague the community for almost a year, highlighting the pervasive nature of criminal financial schemes.“
This weekly roundup highlights top cybersecurity news: Hasbro attack, AI supply chain breaches, and rising ransomware threats worldwide.
PXA Stealer, deployed by Vietnam-linked actors, hijacks LinkedIn accounts and exfiltrates credentials, crypto wallets, and sensitive data worldwide.
The data security risks of foreign-developed mobile apps are not limited to what users see on the surface.
AVrecon spreads by scanning the internet for devices with exposed vulnerable services.
What stands out in this case is that even access involving politically exposed and high-profile individuals did not trigger alerts.
Hasbro cyberattack confirmed on March 28, taking systems offline and launching an investigation with third-party cybersecurity experts.
This website uses cookies. By continuing to use this website you are giving consent to cookies being used.
Read More