A Texas man has been sentenced to 12 years in federal prison, after hacking into the Los Angeles Superior Court (LASC) computer system.
Oriyomi Sadiq Aloba had gained unauthorised access to the LASC computer system, and used its servers to send around 2 million malicious phishing emails, obtaining hundreds of credit card numbers.
During the attack, an email account belonging to one court employee was compromised and used in a spear-phishing attack, targeting thousands of LASC employees.
The employees received phishing emails that contained a fake Dropbox notification asking them to send their user credentials, to which hundreds disclosed their information. This then allowed Aloba to obtain the passwords and email addresses of hundreds of employees.
By using these credentials, Aloba was able to log into the LASC servers and send “test emails to himself to the security features and ensure that he had full access to the accounts,” according to the initial indictment from February 2018.
Subsequently, Aloba sent more phishing emails through the compromised email accounts, impersonating companies such as Wells Fargo and American Express.
The Department of Justice said:
“Hyperlinks in the fraudulent emails led victims to a webpage that asked for their banking login credentials, personal identifying information, and credit card information.”
“The link for the fake American Express website used source code that designated Aloba’s email account as the delivery address for the information that the victims input into the fake website.”
Aloba was found guilty of “one count of conspiracy to commit wire fraud, 15 counts of wire fraud, one count of attempted wire fraud, one count of unauthorized impairment of a protected computer, five counts of unauthorized access to a protected computer to obtain information, and four counts of aggravated identity theft.”
Initially, Aloba was charged by the Los Angeles County District Attorney, however the matter was referred to the United States Attorney’s Office for federal prosecution.
One of Aloba’s co-conspirators, 28-year-old Robert Charles Nicholson pleaded guilty to one count of conspiracy to commit wire fraud in June.
The post #Privacy: Man gets 12 years for Los Angeles Superior Court phishing scam appeared first on PrivSec Report.