DoD Scammed Out of $23M in Phishing Attack on Jet-Fuel Vendors

A California man faces prison time and steep fines stemming from cybertheft of US military funds intended to pay jet-fuel suppliers.

Dark Reading Staff, Dark Reading

May 2, 2022

1 Min Read
fishing hook stuck through tags labeled with username and password to illustrate a phishing cyberattack
Source: Natchapon Nilsonti via Alamy

The Department of Justice has announced a conviction on six counts against a California man who stole more than $23 million from the Department of Defense with a phishing scam. 

Northridge, Calif.-based cybercriminal Sercan Oyuntur, along with co-conspirators from Germany, Turkey, and New Jersey, targeted suppliers of jet fuel to US troops in Southeast Asia. The goal was to intercept payments from the DoD, according to the the US Attorney's Office in the District of New Jersey.

It said in an announcement about the court win that after creating email accounts and standing up a spoofed General Services Administration website, the threat actors sent phishing emails to try and trick vendors into giving up their login credentials. The cyber crooks then used those to divert payments to their own accounts. 

Oyuntur pleaded guilty and will be sentenced on June 21. The two conspiracy and bank fraud counts could come with a sentence of up to 30 years, along with steep fines, the DoJ said. 

About the Author

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights