Two Romanian Citizens Extradited to the United States to Face Charges Related to Alleged Phishing Scheme

Nora R. Dannehy, United States Attorney for the District of Connecticut, and Kimberly K. Mertz, Special Agent in Charge of the Federal Bureau of Investigation, today announced that two Romanian citizens have been extradited to the United States to face charges stemming from an alleged Internet “phishing” scheme that victimized individuals, financial institutions and companies. PETRU BOGDAN BELBITA, 25, of Craiova, Romania, and CORNEL IONUT TONITA, 28, of Galati, Romania, each have been charged with one count of conspiracy to commit fraud in connection with access devices, one count of conspiracy to commit bank fraud, and one count of aggravated identity theft.

A phishing scheme uses the Internet to target large numbers of unwary individuals, using fraud and deceit to obtain private personal and financial information such as names, addresses, bank account numbers, credit card numbers, and Social Security numbers. Phishing schemes often work by sending out large numbers of counterfeit e-mail messages, which are made to appear as if they originated from legitimate banks, financial institutions, or other companies.

On January 18, 2007, a federal grand jury in New Haven returned an indictment charging BELBITA, TONITA, and five other Romanian citizens for their alleged participation in the phishing scheme.

BELBITA was arrested on an Interpol warrant in Montreal, Canada, on January 24, 2009, and he was extradited to the United States on September 25. Today, BELBITA appeared before U.S. Magistrate Judge Holly B. Fitzsimmons in Bridgeport, Connecticut, and entered a plea of not guilty to the charges.

On July 18, 2009, TONITA was arrested on an Interpol warrant at the sea border crossing in Dubrovnik, Croatia. He was extradited to the U.S. on September 4 and, on September 10, he appeared before U.S. Magistrate Judge Fitzsimmons and entered a plea of not guilty to the charges.

The investigation leading to the indictment stemmed from a citizen’s complaint concerning a fraudulent e-mail message made to appear as if it originated from Connecticut-based People’s Bank. In fact, the e-mail message directed victims to a computer in Minnesota that had been compromised, or “hacked,” and used to host a counterfeit People’s Bank Internet site. During the course of the investigation, it was determined that the defendants had allegedly engaged in similar phishing schemes against many other financial institutions and companies, including Citibank, Capital One, JPMorgan Chase & Co., Comerica Bank, Wells Fargo & Co., eBay, and PayPal.

The charge of conspiracy to commit fraud in connection with access devices carries a maximum term of imprisonment of five years and a fine of up to $250,000. The charge of conspiracy to commit bank fraud carries a maximum term of imprisonment of 30 years and a fine of up to $1 million. The charge of aggravated identity theft carries a mandatory two-year term of imprisonment, consecutive to any other imposed term of imprisonment, and a fine of up to $250,000.

U.S. Attorney Dannehy stressed that an indictment is only a charge and is not evidence of guilt. The defendants are entitled to a fair trial at which it is the government’s burden to prove guilt beyond a reasonable doubt.

This matter has been investigated by the Federal Bureau of Investigation in New Haven, Connecticut and the Connecticut Computer Crimes Task Force.

U.S. Attorney Dannehy and Special Agent in Charge Mertz also acknowledged the critical assistance provided by the FBI Legal Attachés in Vienna, Bucharest, and Ottawa; Interpol in Zagreb and Washington, D.C.; the Romanian National Police; the Croatian Criminal Police Directorate and Croatian General Police Directorate; the U.S. Embassy in Sarajevo; the Royal Canadian Mounted Police; Canada Border Services Agency in Montreal; and the United States Marshals Service.

The case is being prosecuted by Assistant U.S. Attorney Edward Chang of the U.S. Attorney Offices Computer Hacking and Intellectual Property Unit.