UA Student Charged with Unauthorized Access to University Computer
BIRMINGHAM—The U.S. Attorney’s Office has charged a Childersburg woman with unauthorized access to a University of Alabama computer to steal student loan funds from fellow students, announced U.S. Attorney Joyce White Vance, FBI Special Agent in Charge Roger C. Stanton and University of Alabama Police Chief Tim Summerlin.
Federal prosecutors on Friday filed a one-count information in U.S. District Court charging BRIANA JACKSON, 22, with one count of unauthorized access to a protected computer. The government, today, filed a plea agreement with Jackson in which she acknowledges the criminal activity and agrees to plead guilty to the charge and to pay $9,598 in restitution.
“Breaches in computer security are a fact of life in today’s Internet world and quick response to an intrusion is imperative to minimize the damage,” Vance said. “An alert and committed investigator in the University of Alabama Police Department, working with the FBI, prevented large financial loss in this case and led to the charges and plea agreement with the defendant,” she said.
“Cybercrime is a top priority for the FBI, and everyone needs to understand that if they have a computer that is connected to the Internet, that computer is, at some point, going to be under attack,” Stanton said. “This case highlights the need to always be wary of e-mails and attachments—even from people you think you know, as it may be a phishing scheme or contain malicious code.”
The FBI offers tips to protect against computer intrusions at: http://www.fbi.gov/scams-safety/computer_protect.
“The successful outcome in this case is a direct result of the diligent and tenacious efforts of UA and federal law enforcement personnel working collaboratively to solve this crime and limit the loss to the victims,” Summerlin said. “It highlights the strength of the relationships that exist between UA, the FBI, and the U.S. Attorney’s Office.”
According to Jackson’s plea agreement, she conducted the intrusion into the university’s computers as follows:
On April 15, 2011, Jackson created the e-mail address, firstname.lastname@example.org, and began using that account and others to send e-mails to Alabama students, falsely claiming the message was from the University of Alabama Housing Department. She sent the e-mails to about 60 students, many of them her friends or acquaintances, asking that they reply with their “My Bama” university account username and password. More than 40 students responded with that information.
Jackson used the information she collected with her phishing e-mails to access at least 25 user accounts between July 27, 2013, and Aug. 13, 2013. In doing so, Jackson obtained information from a protected computer in order to illegally obtain money from others’ federal and state student loan funds.
Jackson tried to get the money by changing direct bank deposit information for seven accounts and reroute those students’ loan funds to Green Dot reloadable money cards she controlled. Two of her attempts were successful and she transferred $9,598 to a Green Dot card she registered in the name of another student whose personal identifying information she had obtained without permission. Jackson used that same student’s information to establish a Western Union account.
Jackson got $1,001 in cash from the Green Dot card through an ATM withdrawal and a Western Union transfer. The University of Alabama was able to freeze the account before more was removed.
The maximum sentence for accessing a protected computer is five years in prison and a $250,000 fine.
The FBI and UA Police investigated the case, which Assistant U.S. Attorney Erica Williamson Barnes is prosecuting.