How Michael Richo Stole Bitcoins via Imposter Exchange Sites and Dark Web Phishing Schemes

in aircrypto •  7 years ago 

https://news.bitcoin.com/how-michael-richo-stole-bitcoins-via-imposter-exchange-sites-and-dark-web-phishing-schemes/?utm_source=OneSignal%20Push&utm_medium=notification&utm_campaign=Push%20Notifications

Michael Richo waived his right to be indicted and pleaded guilty in a Connecticut courthouse on June 27 for charges related to operating a dark web phishing scheme. He pleaded guilty to money laundering charges and charges of fraud. Richo was originally arrested on October 5, 2016, in connection with the crimes. In the scheme, Richo stole user logon credentials and siphoned bitcoin from multiple dark web accounts. The amount was estimated to be worth about $365,000 in bitcoin.

Richo conducted the scheme via the tor network, and created Man Pleads Guilty to Stealing Bitcoin on the Dark Web Via Phishing Schemefraudulent business pages similar to known ones, where he would incite victims to sign up to those pages with a name and password. Then he would lay in wait until users logged in so he could steal their credentials.

He would slyly watch accounts for newly deposited bitcoin. Once the unsuspecting victims deposited some amount, he would drain it into his own account. The Connecticut court documents detailed what he did with the stolen bitcoin:

“If the individual later also deposited bitcoins with the real marketplace, Richo withdrew the bitcoins before the individual could spend them and caused the stolen bitcoins to be deposited into his own bitcoin wallet. Richo then sold the stolen bitcoins to others in exchange for U.S. currency, which was deposited into bank accounts that Richo controlled or was provided to him through Green Dot Cards, Western Union transfers, and MoneyGram transfers.”

In the end, Richo pleaded guilty to one count of access device fraud and one count of money laundering. According to the court affiliated page, the fraud charge carries a minimum sentence of 10 years, and the money laundering charge carries a minimum of 20 years in prison. Documents stated Richo obtained more than 10,000 user credentials during the time of the phishing operation.

Rise in Bitcoin-Targeted Phishing Attacks

Man Pleads Guilty to Stealing Bitcoin on the Dark Web Via Phishing Scheme
Paxful Page Fidelity warning
However, this type of phishing scheme does not only target users on the dark web to steal their bitcoin. Clearnet users also have to be wary of phishing schemes.

For instance, a recent article from Cisco Umbrella declared bitcoin wallet providers and other services are now the focal point of many fraud-based schemes. The article mentioned Kraken and Paxful users have already been targeted. Paxful even has a fidelity warning message to signal users that they are on the correct page. Luckily, most nefarious domains are suspended when the host realizes no name is registered or they receive complaints of phishing.

According to Cisco Umbrella, growth in these phishing schemes have risen in lockstep with the growth of bitcoin. The website even provided a pdf file with information regarding current phishing domains, which users should be aware of lest they have their bitcoin pick-pocketed. The Cisco blog explained,

We can also see that the amount of phishing attacks against bitcoin users keeps increasing. […] By pivoting around detected infrastructure, we found that it is not only used to host fraudulent Bitcoin domains, but a whole range of other nefarious ones as well.
Have you ever been the victim of a phishing attack geared to steal your bitcoin? Share your thoughts below!

Authors get paid when people like you upvote their post.
If you enjoyed what you read here, create your account today and start earning FREE STEEM!
Sort Order:  

Copying/Pasting full texts is frowned upon by the community.

Some tips to share content and add value:

  • Using a few sentences from your source in “quotes.” Use HTML tags or Markdown.
  • Linking to your source
  • Include your own original thoughts and ideas on what you have shared.

Repeated copy/paste posts could be considered spam. Spam is discouraged by the community, and may result in action from the cheetah bot.

Creative Commons: If you are posting content under a Creative Commons license, please attribute and link according to the specific license. If you are posting content under CC0 or Public Domain please consider noting that at the end of your post.

If you are actually the original author, please do reply to let us know!

Thank You!