updated 5/8/2012 2:53:07 PM ET 2012-05-08T18:53:07

An online criminal pleaded guilty last week to participating in a cybercrime ring that deployed fake bank and payroll processing websites to steal more than $1.3 million.

Armed with phishing emails and Web pages spoofing payroll company ADP and Chase Bank, Bank of American and Branch Bank & Trust Co., Waya Nwaki, 31, of Atlanta admitted May 2 to swiping victims' birth dates, Social Security numbers, mothers' maiden names and user names and passwords, the United States Department of Justice press release  said.

Nwaki, who went by several aliases including "Shawn Conley," "USAprince12k," and "Prince Abuja," told the district judge in New Jersey he provided his accomplices with the stolen data, and also used the victims' bank and payment credentials  to make unauthorized withdrawals from their accounts.

Nwaki's phishing ring covered all the bases: Not only did they tap into the victims' bank accounts, but the group's members, hired by Nwaki and known as "soldiers," made fake driver's licenses so they could impersonate the victims at bank branches. Nwaki also confessed to using the stolen credentials to intercept and respond to emails sent by the victims' banks to notify them that an unauthorized party had accessed their account.

Nwaki was arrested in Atlanta Dec. 29. Six others have been implicated as accomplices in the cybercrime ring, four of whom have been arrested. Outside of the Atlanta-area criminals, the co-conspirators are from the United Kingdom, Nigeria and Latvia, according to the grand jury indictment.

Nwaki pleaded guilty to wire fraud conspiracy, wire fraud, aggravated identity theft and computer fraud conspiracy. He faces up to 47 years in prison and a maximum fine of $250,000 for each count. 

© 2012 SecurityNewsDaily. All rights reserved


Discussion comments


Most active discussions

  1. votes comments
  2. votes comments
  3. votes comments
  4. votes comments