MetaBlog

Stay informed about cyber awareness training topics and mitigate risk in your organisation.

Man Sentenced to Five Years in Prison for Stealing Nearly £1M Using Banking Malware

A man will spend the next five years three months in prison for using banking malware to steal almost a million pounds from victims.

On 19 December, the Croydon Crown Court passed down the sentence onto Tomasz Skowron, 29, of Meredith Road, Worthing after he pleaded guilty to charges of conspiracy to defraud, fraud, and money laundering.

Skowron’s crimes date back to at least December 2014, when officials learned of several fraudulent payments sent from the Commonwealth Bank of Australia to bank accounts in the UK. Investigators quickly determined many of these payments linked back to a single IP address: one registered to Skowron at his home address. This was sufficient evidence for authorities to arrest the Worthing man on 9 December.

Digging a little deeper, officials learned more about how Skowron had made the fraudulent transfers. Computers and phones seized from the suspect, for instance, revealed he had placed fraudulent payments to money mule accounts based in the UK. He had done so with the help of Piotr Ptach, who recruited money mules to help transfer the payments.

They also learned Skowron had successfully conducted two man-in-the-middle attacks in 2014 against two UK construction companies. Those attacks tricked employees into downloading banking malware onto their computers, programs which allowed Skowron to abuse their credentials for his conspiracy.

The two companies lost approximately £500K, £39,000 of which Skowron had transferred into one of his bank accounts.

In total, the scheme deprived victims of £840,000.

Tomasz-Skowron
Tomasz Skowron

Detective Constable Jody Stanger, from the Met’s Operation Falcon Cyber Crime Unit, is pleased by the outcome of the case. As quoted in a press release:

“Skowron played a significant part in a wider criminal network that was responsible for several high-value frauds using malware. The proceeds of this fraud were then laundered through an organised money mule network. This conviction and sentence is the culmination of a long and complex investigation and shows that we will relentlessly pursue criminals involved in serious and organised crime online.”

While law enforcement continues to track down computer criminals, users and organizations need to focus on protecting themselves against similar schemes. One way they can do this is for companies to educate their employees about the dangers of phishing attacks and how to spot a phish. They can use third-party security awareness software towards that end.

Does this kind of solution sound of interest to your organization?

If so, please contact Metacompliance and learn how its anti-phishing simulations can protect your company against banking malware and other digital threats.

about the author

sharing is caring

Share on linkedin
Share on twitter
Share on facebook

you might enjoy reading these

Request Demo

The personal information that you provide to us in this form will only ever be used by MetaCompliance (as the Data Controller) for the following specifically defined purposes:

  • email you content that you have requested from us
  • with your consent, occasionally email you with targeted information regarding our service offerings
  • continually honour any opt-out request you submit in the future
  • comply with any of our legal and/or regulatory obligations
  • All fields are required. No free emails.

  • This field is for validation purposes and should be left unchanged.