$700,000 Romanian phisher pleads guilty

No fishing sign

Newspapers in Minneapolis are reporting that a 22-year-old Romanian national has admitted his involvement in a US-based phishing scheme that raked in $700,000.

Sergiu Daniel Popa, who was extradited to the USA from Spain in June, stole a total of approximately $700,000 from over 7000 people after spamming out emails pretending to come from financial institutions such as SunTrust, Citibank and PayPal.

By leading victims to bogus websites, Popa was able to steal PIN codes, names, addresses, bank account numbers, credit card and social security information from internet users.

Court documents showed that Popa had a high opinion of his position in the computer underworld. In an email to an associate in January 2005 he is said to have written:

“Listen up, I am a accredited [sic] vendor in underworld. I have many scams, shop admins, and many full info credit cards. I can also pull up credit reports and cash out ATMs. I charge for my services but I am a great provider of everything.”

According to an affidvait filed in the court, Popa also offered phishing kits for sale with instructions on how to counterfeit credit cards.

A date for Popa’s sentencing has not yet been scheduled, but he faces a possible maximum sentence of ten years in jail and a $500,000 fine.

The authorities should be applauded for pursuing this case, and forcing Popa to face his day in court. Sadly, thought, there are plenty of other criminals taking advantage of innocent internet users and stealing identities from the unwary.

* Image source: Jeffrey Simms Photography’s photostream (Creative Commons 2.0)