Man faces charges for computer ‘scareware’ scheme

A 35-year-old citizen of Belarus appeared on Friday in U.S. District Court in Seattle following his arrest last year in Vienna, Austria and extradition to the Western District of Washington

Alexander Mihailovski indicted in August 2012 for conspiracy to commit wire fraud, accessing a protected computer in furtherance of fraud, and intentional damage to a protected computer. Mihailovski made his initial appearance before U.S. Magistrate Judge John L. Weinberg.

“This defendant has now learned the hard lesson that so many other cyber criminals have had to confront: engaging in cybercrime from another country is not an effective shield from being held to account,” said U.S. Attorney Annette L. Hayes in a media release. “This defendant made his initial appearance today because we worked diligently with our law enforcement partners around the world to identify and extradite him. Like others who have committed crimes in our district, this defendant will have his day in court subject to all the protections our criminal justice system provides. But if found guilty, he will be held responsible for the very real harm he caused to the victims of his scam.”

An estimated 960,000 computer users were victimized by this scareware scheme, leading to $71 million in actual losses.

According to the indictment, Mihailovski operated a credit card payment processing company called Mystique Enterprises LTD, doing business as PSBILL. Mihailovski and his company were part of an international cybercrime ring that netted $71 million by infecting victims’ computers with “scareware” and selling rogue antivirus software that was supposed to secure victims’ computers but was, in fact, useless.

The prosecution of Mihailovski is part of Operation Trident Tribunal, a coordinated enforcement action targeting international cybercrime rings that caused more than $71 million in total losses to more than one million computer users through the sale of fraudulent computer security software known as “scareware.”  Scareware is malicious software that poses as legitimate computer security software and purports to detect a variety of threats on the affected computer that do not actually exist. Users are then informed they must purchase what they are told is anti-virus software in order to repair their computers. The users are then barraged with aggressive and disruptive notifications until they supply their credit card number and pay for the “anti-virus” product, which is, in fact, fake.

The scareware scheme used a variety of ruses to trick consumers into unknowingly infecting their computers with the malicious scareware products, including web pages featuring fake computer scans. Once the scareware was downloaded, victims were notified that their computers were infected with a range of malicious software, such as viruses and Trojans and badgered into purchasing the fake antivirus software to resolve the non-existent problem at a cost of up to $129.

Mihailovski is the second foreign national prosecuted in the scheme. In December 2012, Mikael Patrick Sallnert, 40, a citizen of Sweden, was sentenced to four years in prison and was ordered to pay $650,000 in forfeiture. Sallnert also served as a credit card payment processor for the crime ring.

This case is being investigated by the FBI Seattle Division Cyber Task Force and other FBI entities. Substantial assistance was provided by the Criminal Division’s Office of International Affairs and the Computer Crime and Intellectual Property Section.

Critical assistance in the investigation was provided by the Security Service of Ukraine, German Federal Criminal Police, Netherlands National High-Tech Crime Unit, London Metropolitan Police, Latvian State Police, Lithuanian Criminal Police Bureau, Swedish National Police Cyber Unit, French Police Judiciare, Royal Canadian Mounted Police, Romania’s Directorate for Combating Organized Crime, Cyprus National Police in cooperation with the Unit for Combating Money Laundering, the Danish National Police and the Austrian Federal Ministry of Justice.

To avoid falling victim to a scareware scheme, computer users should avoid purchasing computer security products that use unsolicited “free computer scans” to sell their products.  It is also important for users to protect their computers by maintaining an updated operating system and using legitimate, up-to-date antivirus software, which can detect and remove fraudulent scareware products.

Computer users who think they have been victimized by scareware should file a complaint online with the FBI’s Internet Crime Complaint Center, at ic3.gov.