U.S. DoJ Seizes Fraud Domain Behind $14.6 Million Bank Account Takeover Scheme

U.S. DoJ Seizes Fraud Domain Behind $14.6 Million Bank Account Takeover Scheme

Briefly

"The U.S. Justice Department (DoJ) on Monday announced the seizure of a web domain and database that it said was used to further a criminal scheme designed to target and defraud Americans by means of bank account takeover fraud. The domain in question, web3adspanels[.]org, was used as a backend web panel to host and manipulate illegally harvested bank login credentials. Users to the website are now greeted by a seizure banner that says the domain was taken down in an international law enforcement operation led by authorities from the U.S. and Estonia."

""The criminal group perpetrating the bank account takeover fraud delivered fraudulent advertisements through search engines, including Google and Bing," the DoJ said. "These fraudulent advertisements imitate the sponsored search engine advertisements used by legitimate banking entities." The ads served as a conduit to redirect unsuspecting users to fake bank websites operated by the threat actors, who harvested login credentials entered by victims through an unspecified malicious software program built into the sites. The stolen credentials were then used by the criminals to sign into legitimate bank websites to take over victims' accounts and drain their funds."

"The scheme is estimated to have claimed 19 victims across the U.S. to date, including two companies in the Northern District of Georgia, leading to attempted losses of approximately $28 million and actual losses of approximately $14.6 million. The DoJ said the confiscated domain stored the stolen login credentials of thousands of victims, in addition to hosting a backend server to facilitate takeover fraud as recently as last month."