- The LG C4 OLED is over 50% off right now - and trust me, it's worth every penny
- You can win $250K from OpenAI if you help solve archaeological mysteries with AI
- Red Hat releases tool to manage edge devices at scale... and to drive cars
- New open-source framework could solve quantum computing’s calibration challenge
- Tenable Reveals 2025 Global Partner Award Winners
Californian Phished $23.5m from DoD
A Californian man who used a phishing scam to steal millions of dollars from the United States Department of Defense (DoD) could spend the rest of his life behind bars.
Sercan Oyuntur, of Northridge, was found guilty of six counts related to the 2018 theft of more than $23m of DoD money that was supposed to go to one of the Department’s jet fuel suppliers. The 40-year-old was convicted on Thursday following an eight-day trial before US district judge Joseph Rodriguez in Camden federal court.
The court heard that Oyuntur and criminal conspirators in Germany, Turkey and New Jersey created fake email accounts and fake webpages that spoofed the General Services Administration’s (GSA) public-facing website.
From June to September 2018, the criminals sent a phishing email to a slew of DoD vendors, including a corporation that had a contract with the DoD to supply Aviation JA1 Turbine fuel to troops operating in southeast Asia. An employee of that corporation, believing the email to be a genuine communication from the US government, followed a link contained within it.
The duped employee was directed to a malicious phishing page where they were prompted to enter confidential login credentials. These details were then stolen by the conspirators, who used them to make changes in government systems that ultimately diverted a DoD payment of $23.5m away from the targeted corporation and into the bank account of a shell company created and controlled by the conspirators.
Oyuntur was convicted of one count of conspiracy to commit wire, mail and bank fraud; two counts of bank fraud; one count of using an unauthorized access device to commit fraud; one count of aggravated identity theft; and one count of making false statements to federal law enforcement officers.
The conspiracy and bank fraud counts each carry a maximum penalty of 30 years in prison, and the count of using an unauthorized access device to commit fraud carries a maximum penalty of 10 years in prison. For the offenses of making a false statement and aggravated identity theft, Oyuntur could be sentenced to five years and two years, respectively.
