The Minneapolis Star Tribune is reporting that a U.S. Department of Homeland Security investigation of money mules (Operation eMule) has been led to two Vietnamese students at Winona State University. They said the pair had used stolen identities to set up 180 eBay and 360 PayPal accounts that were allegedly used to defraud merchants out of more than $1.25 million.
The two, Tram Vo and Khoi Van, are in the U.S. on F1 visas, according to a request for a search warrant filed by DHS investigators Dec. 29 in federal court in St. Paul. Neither man has been charged with a crime.
Companies that were victims of the thefts including eBay, PayPal, Amazon, Apple, Dell and Verizon Wireless, investigators said.
According to the papers filed in the case, investigators from the National Cyber Crimes Center (part of U.S. Immigration and Customs Enforcement) and the Department of Homeland Security Investigations are working on the case. They said in the court papers that the money was wired to accounts in Canada and Vietnam.
It has been no surprise to me that it has taken most of a decade for law enforcement agencies to get up to speed in their Internet crime investigations. If you’ve ever sat through a trial in which a chain of evidence was presented by the prosecution and cross examined by defense you can appreciate the enormity of the learning curve that law enforcement has faced.
In these cyber-crime investigations, the chain it isn’t a matter of defendants’ links to physical items, but rather a trail of recorded computer connections and money transfers. Thieves’ use of proxy servers make those trails pretty faint.