Brooklyn man Jason Mickel Elcock was today convicted to 57 months imprisonment for a series of account hijacking assaults that spans over a decade and used stolen private and economic data to plunder banks and online retailers for over 1,1 million dollars.
Account removal is a well-known strategy in identity theft systems, which allows attackers to take advantage of stolen victim’s account data to carry out unlawful operations.
In that event, the hijacking of accounts was the consequence of tens of thousands of companies and people stolen from accounts, which permitted Elcock and his co-conspirators to defraud their victims.
On 12 March this year, Elcock (also known as Prezzi) was imprisoned after earlier pleading guilty to money laundering conspiracies and wire fraud.
Over 10 years of hacking bank accounts
“Between 2008 and 2018, ELCOCK, co-defendant Shoshana Marie McGill, and other co-conspirators participated in a scheme to defraud banks and e-commerce retailers by using stolen personal identifying information (‘PII’), bank account information, and credit and debit card data from tens of thousands of individuals and businesses for personal financial gain,” says the Department of Justice press release.
Elcock and his co-conspirators, among them Shoshana Marie McGill, also convicted on 13 June to money laundering conspiracy, obtained from their criminal websites portion of the information used for their fraud.
They have also been permitted to hack into email accounts, internet bank accounts and password valves of some of their victims, enabling them to obtain more private information, credentials and copies of the checks.
They would later be used in many respects, including as part of their fraud systems:
• opening new lines of credit in victims’ names without their permission using stolen PII data
• transferring money electronically out of victims’ bank accounts
• creating and cashing fraudulent checks issued against victims’ bank accounts
• and using stolen credit card info to buy various items and services from e-commerce retailers, either for personal use or for resale
In addition, “Elcock sold a portion of the bank account data stolen, together with check-making supplies, in exchange for a reduction in the value of the checks successful cashed bythese co-conspirators,” as the investigators found.
Emails manipulated to conceal illegal activities
Elcock also transmitted his and his co-conspirators’ accounts and telephone numbers to his own, in order to gain control of their shopping and banking accounts.
They also altered some of the passwords and activity notifications of hacked accounts in order to conceal their criminal operations.
This allowed Elcock and its co-conspirators to prevent being found by the victims after their accounts were hijacking, thus preventing them’ from getting text and email notifications concerning unlawful transactions, making the criminal arrangement more difficult to identify.’ District judge Victor Marrero has ordered the surrender of his interest in two account banks for three years and forfeited $1,111,893 in money.
“The theft and exploitation of our online data by perpetrators hiding in the weeds of the Internet is becoming all too common. This Office is committed to identifying, exposing and prosecuting cyber thieves wherever they may be found,” U.S. Attorney Geoffrey S. Berman said.