Two Men Charged in a Case of Phishing NFL and NBA Players

nfl nba phishing attack social engineeringThe US Department of Justice has charged two men for allegedly hacking social media and other accounts belonging to NFL and NBA players, Mashable reports. Trevontae Washington, 21, of Thibodaux, Louisiana, and Ronnie Magrehbi, 20, of Orlando, Florida, are each charged with one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer fraud and abuse.

The indictment alleges that Washington set up phishing sites that spoofed the login portals of social media sites, then messaged athletes on those platforms with a link to the phishing sites.

“Washington is alleged to have compromised accounts belonging to multiple NFL and NBA athletes,” the indictment states. “Washington phished for the athletes’ credentials, messaging them on platforms like Instagram with embedded links to what appeared to be legitimate social media log-in sites, but which, in fact, were used to steal the athletes’ user names and passwords. Once the athletes entered their credentials, Washington and others locked the athletes out of their accounts and used them to gain access to other accounts. Washington then sold access to the compromised accounts to others for amounts ranging from $500 to $1,000.”

Magrehbi, on the other hand, is accused of hacking a football player’s online accounts and then extorting the victim.

“Magrehbi is alleged to have obtained access to accounts belonging to a professional football player, including an Instagram account and personal email account,” the DOJ says. “Magrehbi extorted the player, demanding payment in return for restoring access to the accounts. The player sent funds on at least one occasion, portions of which were transferred to a personal bank account controlled by Magrehbi, but never regained access to his online accounts.”

The men could face up to twenty years in prison and a fine of up to $250,000 for wire fraud, and up to five years in prison and another fine of up to $250,000 for computer fraud conspiracy.

Unfortunately, most cybercriminals won’t be deterred by such news, especially those living abroad. New-school security awareness training can help your employees defend themselves against phishing and other social engineering attacks.

Mashable has the story.

Free Phishing Security Test

Would your users fall for convincing phishing attacks? Take the first step now and find out before the bad guys do. Plus, see how you stack up against your peers with phishing Industry Benchmarks. The Phish-prone percentage is usually higher than you expect and is great ammo to get budget.

PST ResultsHere's how it works:

  • Immediately start your test for up to 100 users (no need to talk to anyone)
  • Select from 20+ languages and customize the phishing test template based on your environment
  • Choose the landing page your users see after they click
  • Show users which red flags they missed, or a 404 page
  • Get a PDF emailed to you in 24 hours with your Phish-prone % and charts to share with management
  • See how your organization compares to others in your industry

Go Phishing Now!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

Subscribe To Our Blog

Ransomware Hostage Rescue Manual

Get the latest about social engineering

Subscribe to CyberheistNews