Federal Authorities in Ohio Charge 28 With Bilking Fleets in Truck-Stop Scheme

By Eric Miller, Staff Reporter

This story appears in the April 8 print edition of Transport Topics.

Federal authorities in Ohio have charged 28 individuals with stealing a total of $1.7 million from U.S. trucking companies in a sophisticated money-wiring scheme pulled off at truck stops.

The 97-count indictment, the culmination of a two-year federal investigation, alleges that the suspects worked in concert to obtain account numbers and codes used by motor carriers to transfer electronic checks to truck drivers who pick them up at truck stops.

“Criminal enterprises are constantly coming up with new ways to rip off companies, consumers and customers,” Steven Dettelbach, U.S. attorney for the Northern District of Ohio, said in a recent statement. “This group tried to turn truck stops into their own personal ATMs.”



The scam is believed to be one of the largest cases of its kind in the trucking industry, said Kellie Jones, vice president of marketing for Electronic Funds Source, an Ogden, Utah-based financial services firm.

EFS is one of the companies that unknowingly authorized fund transfers to the alleged scammers, according to the federal indictment.

The names of the trucking companies victimized by the alleged scam were not released in the indictment because the case is still under investigation, a spokesman for the U.S. Immigration and Customs Enforcement’s Homeland Security Investigations, the investigating agency, told Transport Topics.

The 28 defendants have been accused of varying federal crimes including wire fraud, conspiracy to commit wire fraud and money laundering. They potentially face large fines and up to 20 years in prison if convicted.

The scheme, according to the indictment, took advantage of the manner in which trucking companies typically use electronic funds transfer through such financial services firms as EFS, Fleet One and Comdata to accommodate drivers’ gas purchases and emergency needs.

Drivers typically obtain the money by providing information to a company’s customer service representative at a participating truck stop, information that often is then relayed via wire to an electronic funds processing center. Once the company authorizes the money request, the truck stop will issue a check to the driver.

The indictment alleges that members of the group stole account numbers and codes used to issue the checks electronically and, posing as truck drivers, presented the stolen account numbers and codes and requested checks ranging from $200 to $999.99.

The transactions listed in the indictment occurred between February 2011 and November 2012.

Members of the group, operating mostly from New York, then moved large sums of the illegally obtained money from New York to individuals and banks in Russia, Uzbekistan and Ukraine, the indictment said.

Some of the money then was moved back to “known and unknown individuals” in other U.S. cities in an attempt to launder the funds, according to the indictment.

The indictment did not indicate how the group obtained the account numbers and codes.

However, Jones, from EFS, said she didn’t believe the scheme involved any inside information intentionally provided to the group by trucking company employees.

“We believe that most of these are related to ‘phishing’ scams, where fraudsters are literally getting access to company employees by sending them e-mails,” Jones said. “Unfortunately, by responding or clicking on an e-mail coming from a phishing scheme, that opens up viruses and malware and all kinds of potential entry into systems.”

The malware, a variation of the prolific and highly destructive “Zeus” Trojan, was downloaded from computers in the Ukraine by programmers with sophisticated computer skills, said Freddy Ramirez, vice president of risk and compliance for Comdata, who worked with federal investigators on the case.

“This whole investigation got started because Homeland Security and ICE captured a couple of undocumented aliens in the Ohio area who were actually cashing some checks,” Ramirez told TT. “Basically, what these guys did was send fake e-mails . . . that appear to be genuine e-mails and invite our customers to click on a link that automatically downloads malware,” he said.

The malware allowed the scammers to follow all of an employee’s keystrokes, Ramirez said.

“Unfortunately, it’s not anybody’s fault; they’re just smart,” Jones added.

Ramirez said one way to mitigate risk of malware scams is to isolate one company computer solely for financial transactions and use other computers to receive routine company and personal e-mail.