This guy made credit card crime look so easy that it can tempt a financially strapped, law-abiding citizen into repeating the same kind of crimes -- if he had the intelligence to do so. But too bad for cyber crook Albert Gonzalez, because despite his technical wizardry, he wasn't bright enough to look unsuspicious one late night when he decided to rip off scads of bank accounts by using fraudulent debit cards.
His suspicious appearance caught the attention of a plainclothes detective one July night in 2003. Really now, if Gonzalez had simply done a better job looking like a woman, maybe he wouldn't have caught the NYPD detective's attention with his wig and nose ring.
The detective pretended to be a common customer as he observed Gonzalez making withdrawals at an ATM with one card after another. The blank cards had been doctored up with stolen card numbers, and the crime of using them is called "cashing out," draining one account after another.
Gonzales was approached by the detective and actually revealed his real name, despite having many aliases. There had been a rash of cash-out crimes in the New Jersey area, and the thief or thieves had eluded the Secret Service's Electronic Crimes Task Force. The arrest of Gonzales sure got their attention, plus the attention of the New Jersey U.S. attorney's office.
It turned out that Gonzales had a computer at his New Jersey home full of data on millions of card accounts. In addition, he was a moderator for Shadowcrew.com, a pro-cybercrime site that provides information on how to commit cybercrime, including various tips such as which banks are vulnerable.
Gonzalez, only 22 at the time, agreed to trade in his knowledge and smarts to the government for prosecution (talk about a lucky break). He could have faced 20 years in the slammer. This cyber thug was actually a well-mannered, polite and articulate young man, who came to trust the Secret Service -- which was not surprising, considering that the agency paid his living expenses as part of the deal that he'd help them out.
Despite his intelligence and cooperativeness, Gonzales was a drug addict, very thin and disheveled. However, this genius of social engineering got off the drugs, gained weight and became clean shaven.
His assistance helped the agency catch over a dozen Shadowcrew members. The agency urged Gonzales to move back to Miami, his hometown, as his switch to the good guys' side possibly put his life in danger. After all, Shadowcrew users could easily surmise that he was likely the unnamed informant in court documents, being that he had not been arrested along with the other members.
In 2006, Gonzalez became a paid informant for the agency's office in Miami. Gonzalez's work was so impressive that he spoke at seminars and conferences, delighting in shaking hands with the head of the Secret Service.
But this sly devil of deception had tricks up his sleeve all along. Alongside his work for the Secret Service, Gonzalez and his criminal team infiltrated 180 million payment-card accounts that were from major corporate databases such as TJ Maxx and OfficeMax. He and his hackers got into JCPenney, Target, Boston Market and Barnes & Noble, among others.
What -- the U.S. government didn't pay him well enough? Or maybe Gonzalez was addicted to taking risks and leading life on the edge. Of course, there are legal ways to do this, like taking up base jumping off cliffs? Well, at least with cybercrime you won't risk falling to your death.
"The sheer extent of the human victimization caused by Gonzalez and his organization is unparalleled," his chief prosecutor said.
Gonzalez was sentenced to two concurrent 20-year terms, a record-breaking sentence for a U.S. cybercriminal. Certainly, not a day goes by that Gonzalez doesn't wish he had gotten his thrills from base jumping.