Justia White Collar Crime Opinion Summaries

Articles Posted in Internet Law
by
Agbi, born and raised in Nigeria but a resident of the U.S. since 2016, acted as a middleman in a scheme to use fake online dating accounts to solicit hundreds of thousands of dollars from unwitting elderly people. Agbi collected cash at his Indianapolis apartment, took his “cut,” and transferred the rest to accounts in Nigeria. More than 30 months after his arrest, Agbi’s counsel notified the government that Agbi intended to pursue a duress defense, claiming, for the first time, that members of the conspiracy located in Nigeria had threatened Agbi’s family. The district court granted a motion to preclude the defense. At trial, two of the scheme’s victims testified that they were deceived into believing that they were in relationships and sent “hundreds of thousands of dollars.” Secret Service agents described the details of a controlled delivery and Agbi’s subsequent interview.Agbi was convicted of mail fraud, 18 U.S.C. 1341; use of a fictitious name in furtherance of mail fraud, section 1342; conspiracy to commit mail fraud, 1341, 1349; and conspiracy to commit money laundering, 1956(a)(1), 1956(h) and was sentenced to 57 months’ imprisonment. The Seventh Circuit affirmed. The evidence supporting each count was legally sufficient to support a conviction. The district court appropriately employed the obstruction of justice enhancement based on its finding that Agbi knowingly submitted a “fake” police report concerning threats against his family. View "United States v. Agbi" on Justia Law

by
Ung stole cryptocurrencies from multiple victims in 2018, exploiting a common website security feature: A user can prompt a website hosting an account to send a text message to the user’s phone with a security code that temporarily allows access to the account. Ung employed “SIM swapping” in which the thief tricks the victim’s phone carrier into switching the victim’s phone number to a SIM card in the thief’s phone. The thief then prompts the website hosting the victim’s financial account to send a temporary security code to the hijacked phone; the thief accesses the account and transfers the assets.In 2021, Ung pleaded no contest to identity theft, attempted grand theft, and 10 counts of felony grand theft. He admitted a white-collar crime enhancement; he committed three offenses after his bail was revoked. The court imposed a 10-year prison term, entered a general restitution order, and later ordered Ung to make restitution by transferring cryptocurrencies to the victims in the same kinds and amounts he had stolen. Ung argued the order violated his due process rights to notice. He estimates the value of the cryptocurrencies was about $1.56 million when he stole them; the value was about $15.9 million by the time of the restitution hearing.The court of appeal affirmed. Under the statute, the value of stolen property is the replacement cost of like property. By stealing the victims’ cryptocurrency, Ung deprived them of the ability to sell it for a profit after its value increased; whatever profits they lost were a direct consequence of Ung’s conduct. View "People v. Ung" on Justia Law

by
A Romanian organization, the Alexandria Online Auction Fraud Network (AOAF), used fraudulent online advertisements on websites like eBay, Craigslist, and Amazon to convince unknowing U.S. purchasers to send payments for high-value items that did not actually exist. After receiving the payments through vehicles like gift cards and prepaid debit cards, AOAF money launderers in the U.S., including Brown, converted the payments into Bitcoin currency, which was then transferred back to Romania. Foreign Bitcoin exchange businesses including RG, Iossifov’s Bulgaria-based business, then transferred the Bitcoin balances to cash on behalf of AOAF fraudsters. About 900 victims never received the items for which they paid. The government learned about the scheme in 2014 when it discovered that an American citizen living in Kentucky was laundering funds on behalf of an online fraud organization; the individual became a confidential source.The Sixth Circuit affirmed Iossifov and Brown’s convictions and sentences under the Racketeer Influenced and Corrupt Organizations Act (RICO), 18 U.S.C. 1962(d), and Iossifov’s additional conviction for conspiring to launder money 18 U.S.C. 1956(h). The court rejected venue, jurisdiction, and Due Process claims, a contention that Bitcoin does not fall under the money laundering statute, and challenges to sentencing enhancements and evidentiary rulings. View "United States v. Iossifov" on Justia Law

by
Smith, a software engineer, obtained the coordinates of artificial fishing reefs in the Gulf of Mexico from a website owned by StrikeLines, a Florida business. Smith remained in Mobile, Alabama while posting information about the reef coordinates on Facebook. Smith initially agreed to remove the posts and to assist Strikelines with its security issues in exchange for additional coordinates but communications broke down. StrikeLines contacted law enforcement. Officers executed a search warrant and found StrikeLines’s coordinates and other customer and sales data on Smith’s devices. Smith was charged in the Northern District of Florida with violation of the Computer Fraud and Abuse Act, 18 U.S.C. 1030(a)(2)(C), (c)(2)(B)(iii), theft of trade secrets, and transmitting a threat through interstate commerce with intent to extort. Smith argued that venue was improper because all the prohibited conduct occurred in the Alabama and the data that was accessed and obtained was in the Middle District of Florida.Smith was convicted on the trade secrets and extortion counts in the Northern District of Florida. The Eleventh Circuit vacated Smith’s trade secrets conviction and related sentencing enhancements for lack of venue, affirmed the extortion conviction and related sentencing enhancements, and remanded. Smith never committed any essential conduct for the trade secrets conviction in the Northern District of Florida. Sufficient evidence supported the extortion conviction. View "United States v. Smith" on Justia Law

by
Nicolescu, Miclaus, and coconspirators posted fake eBay car auctions. Operating from Romania, they concealed their IP addresses, and employed US-based “money mules,” to collect payments from unsuspecting buyers, taking in $3.5-$4.5 million. In 2014, a virus created by Nicolescu was embedded in the eBay auctions and in spam emails to collect more than 70,000 account credentials, including 25,000 stolen credit-card numbers. Their network of virus-infected computers “mined” for cryptocurrency, reaping $10,000–$40,000 per month, 2014-2016. The FBI and Romanian police executed a search warrant on members’ residences and retrieved electronic devices. Nicolescu and Miclaus were convicted of conspiracy to commit wire fraud, 12 counts of wire fraud, conspiracy to commit computer fraud, conspiracy to traffic in counterfeit service marks, five counts of aggravated identity theft, and conspiracy to commit money laundering.The district court added 18 levels to their Guidelines calculation (U.S.S.G. 2B1.1(b)(1)(J)) for causing a loss of $3.5-$9.5 million, two levels (2B1.1(b)(4)) for being in the business of receiving and selling stolen property, two levels (2B1.1(b)(11)(B)(i)) for trafficking unauthorized access devices, four levels (2B1.1(b)(19)(A)(ii)) for being convicted under 18 U.S.C. 1030(a)(5)(A), and four levels (3B1.1(a)) for being an organizer or leader. They were sentenced to 216 and 240 months’ imprisonment.The Sixth Circuit affirmed the convictions, rejecting challenges to the sufficiency of the evidence and to jury instructions, but vacated the sentences. The court upheld the loss calculation and leadership enhancement. The court erred in applying the stolen property enhancement and in applying a 2B1.1(b)(19)(A)(ii) enhancement because the men were convicted of conspiracy, not a substantive section 1030(a)(5)(A) offense. View "United States v. Miclaus" on Justia Law

by
Jereno Kinslow's felony conviction for computer trespass was premised on evidence that Kinslow altered his employer’s computer network settings so that e-mail messages meant for Kinslow’s boss would also be copied and forwarded to Kinslow’s personal e-mail account. The Court of Appeals affirmed Kinslow’s conviction, and the Georgia Supreme Court granted Kinslow’s petition for certiorari, posing the question of whether Kinslow’s conduct constituted a violation of OCGA 16-9-93 (b)(2). The Court found that although the statute in general was extremely broad, the portion of (b)(2) on which the State exclusively relied did not reach Kinslow’s conduct. Accordingly, the Supreme Court concluded the evidence presented at Kinslow’s trial was insufficient to support his conviction under Jackson v. Virginia, 443 U.S. 307 (1979), and thus reversed. View "Kinslow v. Georgia" on Justia Law

by
Former Georgia police sergeant Van Buren used his credentials on a patrol-car computer to access a law enforcement database to retrieve license plate information in exchange for money. His conduct violated a department policy against obtaining database information for non-law-enforcement purposes. The Eleventh Circuit upheld Van Buren's conviction for a felony violation of the Computer Fraud and Abuse Act of 1986 (CFAA), which covers anyone who “intentionally accesses a computer without authorization or exceeds authorized access,” 18 U.S.C. 1030(a)(2), defined to mean “to access a computer with authorization and to use such access to obtain or alter information in the computer that the accesser is not entitled so to obtain or alter.”The Supreme Court reversed. An individual “exceeds authorized access” when he accesses a computer with authorization but then obtains information located in particular areas of the computer (files, folders, databases) that are off-limits to him. Van Buren “access[ed] a computer with authorization” and “obtain[ed] . . . information in the computer.” The phrase “is not entitled so to obtain” refers to information one is not allowed to obtain by using a computer that he is authorized to access.“Without authorization” protects computers themselves from outside hackers; the “exceeds authorized access” clause protects certain information within computers from "inside hackers." One either can or cannot access a computer system, and one either can or cannot access certain areas within the system. The Act’s precursor to the “exceeds authorized access” language covered any person who, “having accessed a computer with authorization, uses the opportunity such access provides for purposes to which such authorization does not extend.” Congress removed any reference to “purpose” in the CFAA. On the government’s reading, an employee who sends a personal e-mail or reads the news using a work computer may have violated the CFAA. View "Van Buren v. United States" on Justia Law

by
In 2012, Rad and others were charged with acquiring penny stocks, “pumping” the prices of those stocks by bombarding investors with misleading spam emails, and then “dumping” their shares at a profit. Rad was convicted of conspiring to commit false header spamming and false domain name spamming under the Controlling the Assault of Non-Solicited Pornography And Marketing Act (CAN-SPAM), 15 U.S.C. 7701(a)(2), which addresses unsolicited commercial email. The PSR recommended raising Rad’s offense level to reflect the losses inflicted on investors, estimating that Rad realized about $2.9 million in “illicit gains” while acknowledging that because “countless victims” purchased stocks, the losses stemming from Rad’s conduct could not “reasonabl[y] be determined.” Rad emphasized the absence of evidence that any person lost anything. Rad was sentenced to 71 months’ imprisonment. The record is silent as to how the court analyzed the victim loss issue. The Third Circuit affirmed. DHS initiated removal proceedings under 8 U.S.C. 1227(a)(2)(A)(iii), which renders an alien removable for any crime that “involves fraud or deceit” “in which the loss to the victim or victims exceeds $10,000.” The IJ and the BIA found Rad removable.The Third Circuit remanded. Rad’s convictions for CAN-SPAM conspiracy necessarily entail deceit under 8 U.S.C. 1101(a)(43)(M)(i). The second element, requiring victim losses over $10,000, however, was not adequately addressed. The court noted that intended losses, not just actual ones, may meet the requirement. View "Rad v. Attorney General United States" on Justia Law

by
Starting in 2008, Sunmola carried out an online romance scheme from South Africa, targeting middle-aged women in Georgia and Illinois. Sunmola often used pictures of men in U.S. military uniforms in his online profile to gain the victims' trust; they made electronic fund transfers after his false claims of financial distress. Sunmola secretly recorded some victims in sexually suggestive positions, then sent extortion demands. Authorities also discovered evidence of credit card fraud affecting businesses. He was charged with conspiracy, mail fraud, wire fraud, and interstate extortion. Authorities arrested Sunmola in London and transferred him to U.S. custody. Three days into his trial, Sunmola openly pleaded guilty to all counts, admitting to the essential elements of each offense. The judge accepted the pleas without a plea agreement. Applying several enhancements and considering other section 3553(a) factors, the district court sentenced Sunmola to 324 months in jail with an adjusted restitution payment of $1,669,050.98. The Seventh Circuit affirmed, rejecting challenges to a four-level “substantial financial hardship” sentencing enhancement, a two-level “vulnerable victim” adjustment, a two-level enhancement for acting on behalf of a government agency, and a four-level adjustment for acting as the organizer or leader. The court upheld the restitution calculation and application of general deterrence in his final sentencing. View "United States v. Sunmola" on Justia Law

by
Musacchio resigned as president of ETS in 2004, but with help from the former head of ETS’s information-technology department, he accessed ETS’s computer system without authorization through early 2006. In 2010, Musacchio was indicted under 18 U.S.C. 1030(a)(2)(C), which makes it a crime if a person “intentionally accesses a computer without authorization or exceeds authorized access” and thereby “obtains . . . information from any protected computer.” A 2012 superseding indictment changed the access date to “[o]n or about” November 23–25, 2005. Musacchio never raised the 5-year statute of limitations. The government did not object to jury instructions referring to: “intentionally access a computer without authorization and exceed authorized access” although the conjunction “and” added an additional element. The jury found Musacchio guilty. In affirming his conviction, the Fifth Circuit assessed Musacchio’s sufficiency challenge against the charged elements of the conspiracy count rather than against the heightened jury instruction, and concluded that he had waived his statute-of-limitations defense. The Supreme Court affirmed. A sufficiency challenge should be assessed against the elements of the charged crime, not against the elements set forth in an erroneous jury instruction. Sufficiency review essentially addresses whether the case was strong enough to reach the jury. Musacchio did not dispute that he was properly charged with conspiracy to obtain unauthorized access or that the evidence was sufficient to convict him of the charged crime. A defendant cannot successfully raise section 3282(a)’s statute-of-limitations bar for the first time on appeal. The history of section 3282(a)’s limitations bar confirms that the provision does not impose a jurisdictional limit. View "Musacchio v. United States" on Justia Law