A Colombian citizen pled guilty today to a 16-count indictment involving a complex computer fraud scheme victimizing over 600 people.
According to the indictment, Mario Simbaqueba Bonilla, 40, alone and in concert with a co-conspirator, engaged in a complex series of computer intrusions, aggravated identity thefts and credit card frauds designed to steal money from payroll, bank and other accounts of their victims. Much of the identity theft activity – initiated by Simbaqueba Bonilla from computers in Colombia – targeted individuals residing in the U.S., including Department of Defense personnel. Simbaqueba Bonilla used the money to buy expensive electronics and luxury travel and accommodations in various countries, including Hong Kong, Turks and Caicos, France, Jamaica, Italy, Chile, and the United States.
R. Alexander Acosta, U.S. Attorney for the SDFL, stated:
Unfortunately, this is not an isolated case. The Internet is an outstanding tool, but it is vulnerable. Criminals like Bonilla use the Internet to steal our banking and personal data, and then our money. When you travel, please think twice before entering personal or financial data on a public computer.
Simbaqueba Bonilla, as outlined in the indictment and the proffer of facts offered at his guilty plea hearing, engaged in a conspiracy that began with illegally installing keystroke logging software on computers located in hotel business centers and internet lounges around the world. This software would collect the personal information of those who used the computers, including passwords and other personal identifying information the victims used to access their bank, payroll, brokerage and other accounts online.
Simbaqueba Bonilla used the data he intercepted from his victims, who were typically guests at hotels throughout the country, to steal or divert money from their accounts into other accounts he had created in the names of other people he had victimized in the same way. Then, through a complex series of electronic transactions designed to cover his trail, Simbaqueba Bonilla would transfer the stolen money to credit, cash or debit cards and have the cards mailed to himself and others at Pak Mail and other commercial mailing addresses he opened across the country.
Richard D. Zott, Special Agent in Charge, DCIS, stated:
Investigating computer crimes that affect the integrity and security of the Department of Defense and its personnel is a priority for the Defense Criminal Investigative Service (DCIS). This case demonstrates that DCIS will expend the needed resources to investigate these types of allegations, regardless of where the subject is located.
Federal agents arrested Simbaqueba Bonilla when he flew into the United States last August. At the time of his arrest, Simbaqueba Bonilla was flying on an airline ticket purchased with stolen funds, and had in his possession a laptop also purchased with stolen funds. That laptop contained the names, passwords, and other personal and financial information of more than 600 people.
The case was prosecuted jointly by Senior Counsel William Yurek of the Computer Crime and Intellectual Section of the Criminal Division and Assistant U.S. Attorney Richard Domingues Boscovich of the U.S. Attorney’s Office in Miami, who serves as the coordinator for the office’s Computer Hacking and Intellectual Property Unit (CHIP). The criminal investigation was conducted by agents of the U.S. Department of Defense, Defense Criminal Investigative Service and the United States Postal Inspection Service.