Security Experts:

Connect with us

Hi, what are you looking for?



California Man Convicted for Stealing Millions From DoD via Phishing Scheme

A California man was convicted last week for his role in a multi-million dollar phishing scheme targeting the US Department of Defense (DoD).

A California man was convicted last week for his role in a multi-million dollar phishing scheme targeting the US Department of Defense (DoD).

The man, Sercan Oyuntur, 40, of Northridge, California, was convicted on six counts, including conspiracy to commit wire, mail and bank fraud, the use of an unauthorized access device to commit fraud, and aggravated identity theft.

Documents presented in court show that, from June to September 2018, Oyuntur and conspirators abroad targeted various DoD vendors to trick them into accessing phishing pages.

The emails masqueraded as legitimate communications from the US government and directed the targeted individuals to webpages resembling the official website of the General Services Administration (GSA), where they were prompted to supply their login credentials.

The perpetrators were looking to harvest these credentials and then use them to “make changes in the government systems and ultimately divert money to the conspirators,” the US Department of Justice (DoJ) says.

One of Oyuntur’s targets was a corporation that DoD had contracted to supply jet fuel to troops in southeast Asia, and which employed an individual in New Jersey to handle communication with the government.

[ READ: Third Member of FIN7 Cybercrime Gang Sentenced to US Prison ]

Oyuntur worked with Hurriyet Arslan, the owner of a used car dealership in Florence, New Jersey, who opened a shell company for use in the scheme, and also opened a bank account for the shell company.

In October 2018, Oyuntur convinced the DoD to transfer $23.5 million into Arslan’s Deal Automotive bank account. Arslan was able to access only some of the money, but one of the miscreants altered a government contract to falsely indicate that the DoD was working with Deal Automotive.

The court documents state that Oyuntur told Arslan to take the fake contract and use it at the bank to explain the provenance of the money, to convince the bank to release the remaining funds.

Oyuntur, who will be sentenced at a later date, faces up to 30 years in prison for the conspiracy and bank fraud counts he was convicted of, up to 10 years imprisonment for the use of an unauthorized access device to commit fraud, and a statutory mandatory consecutive term of two years in prison for aggravated identity theft. He may also have to pay more than $1 million in fines.

Arslan, who pleaded guilty in January 2020, is scheduled for sentencing on June 21, 2022.

Related: Estonian Ransomware Operator Sentenced to Prison in US

Related: Two Bulletproof Hosting Administrators Sentenced to Prison in U.S.

Related: ‘Money Mule’ Operator Gets Seven-Year Prison Sentence

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join this webinar to learn best practices that organizations can use to improve both their resilience to new threats and their response times to incidents.


Join this live webinar as we explore the potential security threats that can arise when third parties are granted access to a sensitive data or systems.


Expert Insights

Related Content


Zendesk is informing customers about a data breach that started with an SMS phishing campaign targeting the company’s employees.


Satellite TV giant Dish Network confirmed that a recent outage was the result of a cyberattack and admitted that data was stolen.


The release of OpenAI’s ChatGPT in late 2022 has demonstrated the potential of AI for both good and bad.


The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.


No one combatting cybercrime knows everything, but everyone in the battle has some intelligence to contribute to the larger knowledge base.


As it evolves, web3 will contain and increase all the security issues of web2 – and perhaps add a few more.


A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...