A Swedish credit card payment processor was sentenced today to 48 months in prison for his role in an international cybercrime ring that netted $71 million by infecting victims’ computers with “scareware” and selling rogue antivirus software that was supposed to secure victims’ computers but was, in fact, useless.
Mikael Patrick Sallnert, 37, a citizen of Sweden, was sentenced by Chief U.S. District Judge Marsha J. Pechman in the Western District of Washington. In addition to his prison term, Sallnert was ordered to pay $650,000 in forfeiture.
Sallnert was arrested in Denmark on Jan. 19, 2012, and extradited to the United States in March 2012. He pleaded guilty on Aug. 17, 2012, to one count of conspiracy to commit wire fraud and one count of accessing a protected computer in furtherance of fraud.
The prosecution of Sallnert is part of Operation Trident Tribunal, an ongoing, coordinated enforcement action targeting international cybercrime. The operation targeted international cybercrime rings that caused more than $71 million in total losses to more than one million computer users through the sale of fraudulent computer security software known as “scareware.” Scareware is malicious software that poses as legitimate computer security software and purports to detect a variety of threats on the affected computer that do not actually exist. Users are then informed they must purchase what they are told is anti-virus software in order to repair their computers. The users are then barraged with aggressive and disruptive notifications until they supply their credit card number and pay for the “anti-virus” product, which is, in fact, fake.
According to Sallnert’s plea agreement, he agreed to establish and operate credit card payment processing services for the scareware ring, knowing that his co-conspirators were intentionally causing fake and fraudulent messages to display on victims’ computers that would fraudulently induce the victims into purchasing the rogue security software. According to court documents, between approximately August 2008 and October 2009, the payment processing mechanisms established by Sallnert processed approximately $5 million in credit card payments on behalf of the scheme.
Computer users who think they have been victimized by scareware should file a complaint with the FBI’s Internet Crime Complaint Center, www.ic3.gov.