DOJ seizes stolen database targeting Americans in multi-million dollar fraud ring

article

FILE-Federal Bureau of Investigation headquarters building in Washington D.C. (Photo by Celal GüneÅ/Anadolu Agency via Getty Images)

The Justice Department seized a web domain and database created to target and defraud Americans through bank account takeover fraud. 

DOJ officials said in a Dec. 22 release that the FBI identified 19 victims in the U.S. whose bank accounts were compromised through the false domain, resulting in "attempted losses" of $28 million and actual losses of $14.6 million. The confiscated web domain contained stolen login credentials for thousands of people. 

What database did the DOJ seize?

Dig deeper:

The domain called web3adspanels.org was designed to store and illegally obtain bank login credentials. 

Department of Justice officials announced in a Dec. 22 release that a criminal group involved in the use of the web domain distributed fraudulent advertisements through search engines like Google and Bing. The agency noted that these deceptive advertisements emulated search engine postings used by legitimate banking organizations. 

Meanwhile, the fake advertisements apparently directed users to the websites of legitimate banks, and unsuspecting people were redirected to the misleading bank websites managed by the criminal group. 

When an individual entered their login information to access their bank accounts, the criminal group would utilize those credentials through a software program ingrained in the false website. 

The DOJ noted that the criminal group then used the bank credentials on the legitimate bank website to access the person’s bank accounts and exhaust their funds. 

According to the release, since January 2025, the FBI Internet Crime Complaint Center (IC3) has received over 5,100 complaints reporting bank account takeover fraud, with reported losses eclipsing $262 million.