Michael Richo, 34, of Wallingford, Connecticut, is accused of posting links to fake darknet marketplaces to various online forums. Like any other phishing scheme, the links take the victim to a login page similar to the intended destination. The pages may be indistinguishable from the original marketplace login.
The FBI began looking into the man regarding his involvement in a darknet marketplace. During the course of the investigation, FBI agents discovered Richo was running a phishing scheme. No connection has been made between the initial investigation and the subsequent phishing investigation.
The cybercrime squad of the New Haven Division of the FBI conducted the investigation and interviewed Richo. According to the complaint, Richo admitted to the entire phishing scheme. He admitted posting the links, harvesting logins, and depositing money.
He started by posting the phishing links on unnamed forums.
After a user clicked a phishing link and entered their credentials, Richo harvested the username and password. Richo then checked the accounts for a Bitcoin balance; any bitcoins held in the account would be drained. The accounts were monitored over a period of time as well. If any incoming deposits were detected, Richo