By Andy Thibault
@cooljustice on Twitter
Elvis Rafael Rodriguez is in the building, but, it’s not the building of his choice.
A smiling Rodriguez and his friend Emir Yasser Yeje were photographed in what appears to be a posed shot with a large pile of cash between them. They certainly were not the brains of the international operation in what is being billed as a $45 million bank cyber theft.
Brooklyn U.S. Attorney Loretta Lynch announced the arrest of the pair along with five others who allegedly were part of just one local cell in the worldwide heist. The series of arrests took place throughout April. The leader of their Yonkers, NY cell was found murdered in the Dominican Republic late last month, authorities said.
“When the street crews get pinched, it’s probably good business to kill the intermediaries,” said electronic evidence expert Bill Murray http://billmcanhelp.com/ of West Hartford.
Murray and I collaborated on a series of columns last year about ATM skimming http://tinyurl.com/c8j824a and other http://tinyurl.com/82a2o4a on-line scams. To get the lowdown on the sophisticated international enterprise, I sought out Murray and several other experts.
A Westchester, NY private investigator who deals every day with the full range of digital data for background checks and other research told me he was amazed that the guys “pulling off heists in these dollar amounts follow the same pattern as a common New York City street punk.”
“Working stolen credit card cases in the past, the MO is typically to gain quick access to the cards, rack up the limits up as much as possible – going from store to store, sometimes even purchasing a bunch of gift cards, train tickets, and Metro Cards – and then disposing of the physical evidence,” the investigator said. “I have to admire the coordination of this effort, especially since it involved some pretty low-level street guys.”
The New York crew alone made off with $400,000 in just two and a half hours work last December, using 140 ATMs to make about 750 transactions, according to the indictment. The December operation involved street crews in about 20 countries who used more than 4,500 ATM transactions for a total haul of about $5 million, the indictment said.
In February, the New York cell allegedly stepped it up, netting about $2.4 million from nearly 3,000 ATM withdrawals in about 10½ hours. The February operation reflected a similar upsurge internationally and involved street crews in 24 countries who made about 36,000 transactions for a total of about $40 million.
Robert Strang, a former FBI and DEA agent who has run several boutique investigative firms http://investigativemanagement.com/ in Manhattan, said a higher value might emerge as the case unfolds. Strang said he was confident many more arrests would follow, given the quality of video and electronic surveillance employed by criminal investigators.
“It has some elements of a drug case,” Strang said. “Many won’t want to go to jail [and will talk].”
Strang said he anticipated many subpoenas will be generated for people and documents inside and outside the banks.
Some of the stolen money was deposited in a Miami bank and cash was also used to buy expensive cars and watches.
Murray explained that the street crews used magnetic strip cards – even hotel or gift cards – to fabricate the ATM cards. This followed the invasion by hackers into the databases of banks in the United Arab Emirates and Oman. The hackers created account numbers and pin codes and changed the credit limits.
Hackers routinely try to overwhelm bank websites by issuing huge amounts of requests, according to Rich Bolstridge, chief strategist for Akamai Technologies http://www.akamai.com/ of Cambridge, MA.
“The bad guys,” Bolstridge said, “use denial of service attacks to mask fraudulent money movement. We provide security for that – our web servers absorb the heavy traffic. When a request comes to bank, we look at it to make sure it’s legitimate.”
Bolstridge advises consumers to make sure they have proper security and anti-virus protection for their home computers to avoid public WiFi for financial transactions. He said they should understand no system is foolproof.
“Consumers should demand that their local banks constantly update their security,” Bolstridge said. “It’s getting worse every week.”
As for nailing the higher-ups in the $45 million heist, Murray was skeptical: “I think they’re going to have a few dead ends. These are big boys operating this enterprise.”
Andy Thibault is a contributing editor for Journal Register Co.’s Connecticut publications and the author of Law & Justice In Everyday Life. He formerly served as a commissioner for Connecticut’s Freedom of Information Commission. Reach Thibault by email at firstname.lastname@example.org. Follow him on Twitter @cooljustice.