According to Reuters, a British man has been charged in New York for hacking into email servers and computers belonging to U.S. banks and brokerages in order to access investors’ accounts, causing more than $5 million of losses.
Idris Dayo Mustapha, 32 and others are accused of using phishing and other means to obtain user names and passwords and access online bank and brokerage accounts from January 2011 to March 2018. Prosecutors said the Lagos, Nigeria native and his co-conspirators at first transferred victims’ money to their own accounts. They said once banks began blocking the transfers, the conspirators would make unauthorized stock trades in hacked accounts, while simultaneously making profitable trades in the same stocks in their own accounts.
Is phishing one of the most lucrative options for cybercriminals? Does targeting large banks and stealing such high sums of money through this method make criminals more likely to get caught than aiming for smaller fish in the pond?