ALBUQUERQUE – A couple from Sheep Springs is facing federal charges related to an alleged assault and subsequent medical neglect of a minor.
According to court records, on September 9, 2024, Raeshawn Doctor, 24, an enrolled member of the Navajo Nation, allegedly assaulted Jane Doe, a minor, causing serious bodily injury. Additionally, between September 9, 2024, and January 31, 2025, Doctor and Harley Nelson, 45, an enrolled member of the Navajo Nation, are accused of knowingly and recklessly endangering Jane Doe’s life and health through medical neglect.
Doctor and Nelson will remain on conditions of release pending trial, which has not been set. If convicted, Doctor faces up to 10 years in prison and Nelson faces up to three years in prison.
Acting U.S. Attorney Holland S. Kastrin and Raul Bujanda, Special Agent in Charge of the Federal Bureau of Investigation’s Albuquerque Field Office, made the announcement today.
The Farmington Resident Agency of the Federal Bureau of Investigation’s Albuquerque Field Office investigated this case with assistance from the Navajo Nation Department of Investigation and Department of Criminal Investigations. Assistant U.S. Attorney Nicholas Marshall is prosecuting the case.
An indictment is merely an allegation. All defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.
Source: Federal Bureau of Investigation (FBI) State Crime Alerts (c)
WACO, Texas – A group of 20 federally indicted individuals were arrested Friday in Waco on criminal charges related to their alleged drug trafficking conspiracy that had been in operation since April 2024.
The following defendants are indicted for conspiracy to possess with intent to distribute at least 500 grams of methamphetamine and face 10 years to life in federal prison:
Osvaldo Vences
Brenda Lou Brasher
Juan Delgado
Anthony Mark Fimple
Brian Quinn Knox
Ronald Vincent Rodriguez, Jr.
James Holland Young
Tandy Jay Day
William Brett Lafferty
Michael Earl McDonald
The following defendants are indicted for conspiracy to possess with intent to distribute at least 1 kilogram of heroin and face 10 years to life in federal prison:
Arthur Lee Pimpton
Quincy Shun Cook
Osvaldo Vences
Reginald Dewayne Bible
Reginald Vernard Branch
Deordrick Derrion Brown
Direshia Marie McDaniel
Reginald Lionel Thornton
Kevin Eugene Hubby
Rockelle Lashan Parker
Marvin Lydell Starks
The following defendants are indicted for conspiracy to possess with intent to distribute at least 500 grams of cocaine and face five to 40 years in federal prison:
Juan Delgado
Anthony Mark Fimple
Ronald Vincent Rodriguez, Jr.
Fabian Angel Fabela
Acting U.S. Attorney Margaret Leachman for the Western District of Texas made the announcement.
The FBI, Waco Police Department, Drug Enforcement Administration, and McLennan County Sheriff’s Office are investigating the case.
Assistant U.S. Attorney Stephanie Smith-Burris is prosecuting the case.
An indictment is merely an allegation and all defendants are presumed innocent until proven guilty beyond a reasonable doubt in a court of law.
WILLIAMSPORT – The United States Attorney’s Office for the Middle District of Pennsylvania announced that Jamal Townsend, age 35, an inmate at FCI Schuylkill, was indicted on March 27, 2025, by a federal grand jury on a charge of possessing a weapon in prison.
According to Acting United States Attorney John C. Gurganus, the indictment alleges that on February 20, 2025, Townsend possessed a piece of plastic, approximately 7 inches in length, sharpened to a point at one end with a cloth handle.
This case was investigated by the Federal Bureau of Prisons and the Federal Bureau of Investigation. Assistant U.S. Attorney Robin Zenzinger is prosecuting the case.
The maximum penalty under federal law for this offense is 5 years and a fine. A sentence would also include a period of supervised release following imprisonment. A sentence following a finding of guilt is imposed by the Judge after consideration of the applicable federal sentencing statutes and the Federal Sentencing Guidelines.
Indictments are only allegations. All persons charged by indictment are presumed to be innocent unless and until found guilty in court.
Source: Federal Bureau of Investigation (FBI) State Crime News
Defendant Signed Medically Unnecessary Orders and Prescriptions Resulting in Over $41 Million in Fraudulent Claims
NASHVILLE – Dr. John R. Manning, 64, of Ashland City, Tennessee, was sentenced last week to three years in federal prison for his participation in a health care fraud conspiracy, announced Acting United States Attorney Robert E. McGuire for the Middle District of Tennessee
Manning, a licensed medical doctor, was indicted in July 2022, with one count of conspiracy to commit health care fraud and eight counts of health care fraud. In August 2023, Manning pled guilty to the conspiracy count. As part of his guilty plea, Manning admitted to allegations in the indictment, including that he worked for multiple “telemedicine” companies and signed doctor orders or prescriptions for durable medical equipment (DME), topical creams, and cancer genetic tests (CGx) based on only a brief conversation with a patient, or often no conversation at all. Manning signed those orders and prescriptions in exchange for illegal kickbacks and bribes.
From approximately June 2016 through April 2019, Manning signed orders and prescriptions that caused the submission of at least $41,083,490.62 in false and fraudulent claims to Medicare, and Medicare paid over $19 million of those claims. Manning accepted the payment of kickbacks in connection with these orders and prescriptions totaling over $812,000.
“This doctor ignored his oath to help people and bilked the taxpayers out of almost $20 million,” said Robert E. McGuire, Acting United States Attorney, “now he faces accountability for his actions and the taxpayers get some justice for being taken advantage of.”
“Health care providers that participate in the federal health care system are required to obey the laws and regulations meant to protect the integrity of the Medicare and Medicaid program,” said Special Agent in Charge Kelly Blackmon with the U.S. Department of Health and Human Services, Office of Inspector General (HHS-OIG). “HHS-OIG will continue to work with our law enforcement partners and hold providers accountable when they do not follow the law.”
“Health care fraud is a crime that hurts all of us and drives up health care costs,” said Special Agent in Charge Joseph E. Carrico of the Nashville Field Office of the Federal Bureau of Investigation. “The FBI is committed to fighting fraud and protecting taxpayer dollars, and with our law enforcement partners we will continue to identify, investigate and bring to justice the criminals who, driven by greed, manipulate the system for personal benefit.”
As part of the sentence, Manning was ordered to pay $19,780,565.44 in restitution to the Medicare program. Manning was also ordered to pay criminal forfeiture in the form of a money judgment totaling $812,303.41.
This case was investigated by the U.S. Department of Health & Human Services-Office of Inspector General and the Federal Bureau of Investigation, Nashville Field Office, with the assistance of the Cheatham County Sheriff’s Office. Assistant U.S. Attorney Robert S. Levine and Trial Attorney Kathryn Furtado of the Criminal Division’s Fraud Section prosecuted the case.
McALLEN, Texas – A 48-year-old Edinburg resident has been taken into custody on charges of health care fraud and aggravated identity theft in connection with a scheme to defraud the Texas Medicaid Program, announced U.S. Attorney Nicholas J. Ganjei.
Cynthia Ann Herrera is set to make her initial appearance before U.S. Magistrate Judge Juan Alanis at 9 a.m.
The indictment, returned April 15 and unsealed upon her arrest, alleges she submitted or caused the submission of fraudulent claims to Medicaid for prescriptions that a doctor had never prescribed. Between 2018 and 2024, the claims resulted in more than $2 million in Medicaid payments, according to the charges. Herrera allegedly used the personal information of doctors without their consent to bill Medicaid for the prescriptions.
Herrera is charged with six counts of health care fraud, each carrying a possible 10-year maximum sentence and up to a $250,000 fine. She is also facing six counts of aggravated identity theft. If convicted, she faces a mandatory two years which must be served consecutively to any other sentence imposed.
Department of Health and Human Services – Office of the Inspector General (OIG), FBI, Health and Human Services Commission – OIG, Texas Attorney General’s Medicaid Fraud Control Unit and Texas Department of Insurance conducted the investigation. Assistant U.S. Attorneys Sarina S. DiPiazza and Theodore Parran III are prosecuting the case.
An indictment is a formal accusation of criminal conduct, not evidence. A defendant is presumed innocent unless convicted through due process of law.
Ocala, Florida – United States Attorney Gregory W. Kehoe announces that Davonta McCrorey (25, Baltimore) has pleaded guilty to three counts of assaulting federal correctional officers. McCrorey faces up to eight years’ imprisonment on each count. A sentencing date has not yet been set.
According to court records, in March 2024, McCrorey was an inmate at the Coleman Federal Correctional Complex in Sumter County. On March 16, 2024, McCrorey aggressively charged out of his cell and struck two federal correctional officers in the face multiple times, causing injuries. McCrorey then resisted other correctional officers who attempted to restrain him by verbally threatening them with violence and biting one of them on the hand.
This case was investigated by the Federal Bureau of Investigation and the Federal Bureau of Prisons. It is being prosecuted by Assistant United States Attorney Hannah Nowalk Watson.
Source: Federal Bureau of Investigation (FBI) State Crime News
Matthew Podolsky, the Acting United States Attorney for the Southern District of New York, announced that GHISLAINE BARRIENTOS, a former corrections officer, was sentenced today to six months in prison, to be followed by six months of home detention, for her participation in a scheme to accept bribes in exchange for smuggling narcotics and other contraband into Rikers Island. BARRIENTOS previously pled guilty before U.S. District Judge Gregory H. Woods, who imposed today’s sentence.
Acting U.S. Attorney Matthew Podolsky said: “Ghislaine Barrientos smuggled drugs and other contraband into Rikers Island in exchange for more than ten thousand dollars in bribes. Barrientos not only abused her position of public trust as a corrections officer, she made Rikers Island less safe for inmates and officers alike. Corrupt corrections officers have no place in our jail facilities, and this Office will continue to work to rid our jails of those who take advantage of their positions to enrich themselves.”
As reflected in the Complaint, Information, and statements made in court:
BARRIENTOS, a former New York City Department of Correction (“DOC”) correction officer, conspired with others to smuggle contraband, including cocaine, smokeable synthetic cannabinoids (known as “K2”), and food to inmates housed at the Robert N. Davoren Complex on Rikers Island in exchange for thousands of dollars in bribe payments.
* * *
In addition to the prison sentence, BARRIENTOS, 37, of Mount Vernon, New York, was ordered to forfeit $11,866.
Mr. Podolsky praised the outstanding investigative work of the Federal Bureau of Investigation and the New York City Department of Investigation.
This case is being handled by the Office’s Public Corruption and Narcotics Units. Assistant U.S. Attorney Jeffrey Coyle is in charge of the prosecution.
Source: United States Senator Amy Klobuchar (D-Minn)
WASHINGTON – U.S. Senators Amy Klobuchar (D-MN) and Ted Budd (R-NC), co-chairs of the Next Generation 911 Caucus, introduced a bipartisan resolution designating April 13-19 as “National Public Safety Telecommunicators Week” to recognize 9-1-1 dispatchers for their dedication and service as first responders to emergencies across the country. A companion resolution was introduced in the House of Representatives by Representatives Norma J. Torres (D-CA) and Brian Fitzpatrick (R-PA).
“As a former prosecutor, I know what an important role public safety telecommunications professionals play in times of crisis,” said Klobuchar. “Recognizing National Public Safety Telecommunicators Week will help raise awareness about the lifesaving work these professionals do each and every day, and how we need to ensure 9-1-1 dispatchers are classified as the first responders that they are.”
“Public safety telecommunicators are on the front lines of emergency response, and are the ones who answer the call for those in need of life-saving aid. I am deeply grateful for their service to our communities in North Carolina and across the country, and I am proud to recognize them during National Public Safety Telecommunicators Week,” said Budd.
“For 17 years, I was the voice on the other end of a 9-1-1 call—listening to people in their darkest moments, calming terrified parents, and guiding callers through life-or-death situations. Dispatchers are more than operators; they are lifelines, holding steady when everything else feels out of control,” said Rep. Torres. “Public safety telecommunicators give so much of themselves to protect others, and I urge my colleagues to stand with them and fight for the status and support they deserve.”
“When every second counts, it’s the voice of a public safety telecommunicator that begins the chain of survival. These professionals are more than a calm presence—they are highly trained experts who manage emergencies with speed, clarity, and composure under immense pressure. Having served as an FBI Special Agent, I know their decisions can mean the difference between life and death. Our resolution is about more than recognition—it’s a call to action. We must ensure these frontline heroes are properly classified, fully supported, and honored for the indispensable role they have in protecting our communities,”said Fitzpatrick.
Klobuchar has long been a leader in pushing to expand and improve emergency communications infrastructure and support first responders. In February, Klobuchar and Senator Marsha Blackburn (R-TN) introduced the Enhancing First Response Act, which would appropriately recognize 9-1-1 dispatchers for the lifesaving nature of their work, improve our 9-1-1 emergency reporting system during natural disasters and subsequent recovery efforts, and bolster compliance with Kari’s Law, which Senator Klobuchar worked to pass into law in 2018 and requires the manufacturers of multi-line telephone systems to create systems that allow callers to reach 9-1-1 without dialing a prefix or postfix.
Full text of the Senate resolution can be found here.
CAMDEN, N.J. – A Delaware woman admitted to conspiring to obtain more than $1 million of federal Paycheck Protection Program (PPP) loans and Economic Injury Disaster Loans (EIDL), U.S. Attorney Alina Habba announced.
Adrienne Ponzo, 50, of Bear, Delaware, pleaded guilty before U.S. District Judge Karen M. Williams to one count of wire fraud conspiracy.
According to documents filed in this case and statements made in court:
The Coronavirus Aid, Relief, and Economic Security (CARES) Act is a federal law enacted in March 2020 and was designed to provide emergency financial assistance to the millions of Americans who are suffering the economic effects caused by the COVID-19 pandemic. One source of relief provided by the CARES Act was the authorization of hundreds of billions of dollars in forgivable loans to small businesses for job retention and certain other expenses, through a program referred to as the Paycheck Protection Program (PPP). The CARES Act also authorized the U.S. Small Business Administration (SBA) to provide Economic Injury Disaster Loans (EIDLs) of up to $2 million to eligible small businesses that were experiencing substantial financial disruption due to the COVID-19 pandemic.
To obtain a PPP or EIDL loan, a qualifying small business was required to submit an application and provide information on its operations, including the number of employees and revenues or expenses. In addition, businesses generally had to provide supporting documentation such as tax returns and bank statements.
Adrienne Ponzo conspired with others to defraud the SBA and the PPP program. Ponzo’s co-conspirators recruited individuals who owned companies with little or no operations and introduced them to Ponzo. Ponzo prepared fraudulent PPP and EIDL applications for these businesses and caused them to be electronically submitted to the SBA and PPP lenders. Ponzo prepared fraudulent bank statements and tax returns for companies that did not have them. Ponzo received a portion of the loan proceeds for her role in the scheme. 14 loans totaling nearly $1,500,000 were part of the scheme.
The count of wire fraud conspiracy is punishable by a maximum of 20 years in prison and a $250,000 fine, or twice the gross gain or loss from the offense.
Sentencing is scheduled for August 26, 2025.
U.S. Attorney Habba credited special agents of the Federal Deposit Insurance Corporation – Office of the Inspector General, under the direction of Patricia Tarasca, Special Agent-in-Charge, New York Regional Office; special agents of the FBI’s South Jersey Resident Agency, under the direction of Special Agent in Charge Wayne Jacobs in Philadelphia; special agents of the Social Security Administration, Office of the Inspector General, Boston New York Field Division, under the direction of Special Agent in Charge Amy Connelly; and special agents of the U.S. Department of Labor, Office of Inspector General, Northeast Region, under the direction of Special Agent in Charge Jonathan Mellone, with the investigation leading to this guilty plea.
The government is represented by Assistant U.S. Attorneys Daniel A. Friedman and Attorney-in-Charge Jason M. Richardson of the U.S. Attorney’s Office’s Criminal Division in Camden.
The charges and allegations contained in the indictment are merely accusations, and the defendant is considered innocent unless proven guilty.
TRENTON, N.J. – An Ocean County, New Jersey, man was arrested and charged with traveling to a foreign place to engage in sexual conduct with a minor, U.S. Attorney Alina Habba announced.
Jacob Bauer, 28, of Toms River, is charged by complaint with one count of traveling with intent to engage in illicit sexual conduct and one count of engaging in illicit sexual conduct in a foreign place. He made his initial appearance on April 2, 2025, before U.S. Magistrate Judge Rukhsanah L. Singh in Trenton federal court.
According to documents filed in this case and statements made in court:
From December 1, 2023 through December 10, 2023, Bauer, then 27 years old, traveled from the United States to Norway to engage in sexual activity with a 14-year-old female. Once in Norway, Bauer, staying at a hotel, engaged in sexual activity with the victim on at least one occasion. After returning to the United States, Bauer communicated over social media platforms with the victim and others about his sexual activities with the victim. During those conversations, Bauer acknowledged the victim’s age and status as a minor. After members of an online community that Bauer was active in learned of his sexual activities with a minor, Bauer was “doxxed” (his public information published online) by members of that community.
“Public safety is my number one priority for New Jersey’s residents, and my office is laser focused on protecting children and ending their exploitation at the hands of abusers. The conduct here is as reprehensible as it is egregious: a then-27-year-old male took pains to plan international travel from New Jersey to Norway for the purpose of having sex with a 14-year-old girl. These charges underscore how we are standing up for the most vulnerable and will not tolerate the sexual abuse of children. I commend our partners at the Federal Bureau of Investigation, law enforcement members at the state and local levels, and our international partners who assisted with this investigation.”
U.S. Attorney Alina Habba
“We have federal laws protecting children because they cannot defend themselves,” said Newark FBI Special Agent in Charge Terence G. Reilly. Most of these investigations go unnoticed because we do all we can to protect the innocent victims. However, the work FBI Newark agents and task force officers are doing should be heralded by all of us. Day in and day out – they are saving children who shouldn’t have to experience unspeakable horrors and abuse perpetrated by child sexual predators.”
Each of the charges, traveling with intent to engage in illicit sexual conduct and engaging in illicit sexual conduct in a foreign place, carries a potential maximum penalty of 30 years in prison and a fine of up to $250,000.
U.S. Attorney Habba credited the special agents and task force officers of the Federal Bureau of Investigation, under the direction of Special Agent in Charge Terence G. Reilly in Newark, with the investigation leading to the charges. She also thanked the New Brunswick Police Department, under the direction of Chief of Police Vincent Sabo, the Manchester Township Police Department, under the direction of Chief of Police Antonio Ellis, the FBI Legal Attaché Office, U.S. Embassy, Copenhagen, Denmark, the FBI Legal Attaché Office, U.S. Embassy, Warsaw, Poland, the Jackson County, Georgia Sheriff’s Office, INTERPOL, the Norwegian Politiet, Troms District, the Norwegian Politiet, NC3 KRIPOS, and the Poland Policja CBZC, Central Cybercrime Bureau for their assistance in the investigation.
The government is represented by Special Assistant U.S. Attorney Jonathan S. Garelick of the U.S. Attorney’s Office’s Criminal Division in Trenton.
The charges and allegations contained in the complaint are merely accusations, and the defendant is presumed innocent unless and until proven guilty.
###
Defense counsel: Andrea Aldana, Esq., Assistant Federal Public Defender
According to court documents, the defendant has allegedly been victimizing teenage minors, paying them to travel and engage in sex acts with him
BOSTON – A 44-year-old Maryland man has been charged with allegedly coercing and enticing and 18-year-old to travel from Massachusetts to Maryland to engage in commercial sex. According to the detention brief filed today, the government allegedly also found evidence that the defendant has been victimizing minor males and young adults ranging in ages from 14–20 by paying the minors for Child Sexual Abuse Material (CSAM) and coercing and enticing some of them to travel to his penthouse condominium at the Four Seasons in Baltimore, and elsewhere, to engage in sex acts with him, which he videorecorded.
David Kaufman, 44, was indicted by a federal grand jury on two counts of knowingly persuading, inducing, enticing and coercing an individual to travel in interstate commerce to engage in prostitution, and aiding and abetting. Kaufman appeared in federal court in the District of Maryland today and was ordered detained pending a hearing scheduled for 3 p.m. tomorrow afternoon. He will appear in the District of Massachusetts at a later date.
According to public filings, Kaufman coerced a victim to travel from Massachusetts on two occasions to visit his penthouse condominium at the Four Seasons in Baltimore, paying for the plane tickets. While there, Kaufman allegedly provided the victim with alcohol and drugs, including cocaine, until the victim was intoxicated. It is alleged that Kaufman would then persuade the victim to engage in sex acts, which Kaufman videotaped so that he could watch them later in order to get pleasure for himself. In exchange for the sex acts, it is alleged that Kaufman paid the victim with cash, electronic money transfers and gifts. For example, after he engaged in sex acts in February 2024, Kaufman bought the victim a Louis Vuitton bag.
Government filings contain evidence that Kaufman has also been victimizing minors ranging in age from 14–17 by paying them for CSAM and enticing them to travel to Baltimore and elsewhere to engage in sex acts with him, which Kaufman videorecords. Kaufman typically provides his victims with gifts and money in exchange for CSAM and sex acts.
If you have information or questions about this investigation, or someone you know may be impacted or experiencing commercial sex trafficking or child exploitation, please contact USAMA.VictimAssistance@usdoj.gov.
The charges of coercing a person to travel for purposes of prostitution provide for a sentence of up to 20 years in prison, up to three of supervised release and a fine of up to $250,000. Sentences are imposed by a federal district court judge based upon the U.S. Sentencing Guidelines and statutes which govern the determination of a sentence in a criminal case.
United States Attorney Leah B. Foley and James Crowley, Acting Special Agent in Charge of the Federal Bureau of Investigation, Boston Division made the announcement today. Valuable assistance was provided by the U.S. Attorney’s Office in the District of Maryland; the Federal Bureau of Investigation, Baltimore Field Office; and the Baltimore Police Department. Assistant U.S. Attorney Torey B. Cummings and Craig E. Estes of the Human Trafficking & Civil Rights Unit are prosecuting the case.
The details contained in the charging documents are allegations. The defendant is presumed innocent unless and until proven guilty beyond a reasonable doubt in a court of law.
Yesterday, a district court judge convicted a Virginia man, who worked for the Department of Commerce, of possessing and receiving child sexual abuse material (CSAM).
According to court documents and evidence presented at trial, Rafferty Daniel Kelly, 40, of Alexandria, worked for the U.S. Patent and Trademark Office. In March 2022, a federal CSAM investigation involving an internet-based peer-to-peer file sharing service, a program used by the defendant to obtain CSAM, led federal agents to execute a search warrant at Kelly’s home, where they seized multiple devices. A review of those devices revealed that, over a period of at least two years, Kelly had downloaded and stored over 50,000 images of CSAM and child erotica, including images of infants and prepubescent children. Kelly also possessed a handbook on how to groom children.
At the end of the bench trial yesterday, the Honorable Michael S. Nachmanoff found Kelly guilty of one count of receipt of child pornography and one count of possession of child pornography. The defendant is scheduled to be sentenced on July 24 and faces a mandatory minimum penalty of five years in prison and a maximum penalty of 40 years in prison. Judge Nachmanoff will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.
Matthew R. Galeotti, Head of the Justice Department’s Criminal Division, United States Attorney Erik S. Siebert for the Eastern District of Virginia, and Special Agent in Charge Sean Ryan of the FBI Washington Field Office’s Criminal and Cyber Division made the announcement.
Trial Attorney Nadia Prinz of the Criminal Division’s Child Exploitation and Obscenity Section (CEOS) and Assistant U.S. Attorney Vanessa Strobbe for the Eastern District of Virginia are prosecuting the case.
This case was investigated by the FBI Washington Field Office’s Child Exploitation and Human Trafficking Task Force. The task force is composed of FBI agents, along with other federal agents and detectives from northern Virginia and the District of Columbia. The task force is charged with investigating and bringing federal charges against individuals engaged in the exploitation of children and those engaged in human trafficking.
This case was brought as part of Project Safe Childhood, a nationwide initiative to combat the epidemic of child sexual exploitation and abuse launched in May 2006 by the Department of Justice. Led by U.S. Attorneys’ Offices and CEOS, Project Safe Childhood marshals federal, state, and local resources to better locate, apprehend, and prosecute individuals who exploit children via the internet, as well as to identify and rescue victims. For more information about Project Safe Childhood, visit www.justice.gov/psc.
POCATELLO – Bruce Hauber, 72, of American Falls, was sentenced to five years of probation for federal program theft after embezzling $129,022.38 from a federally funded public housing authority, Acting U.S. Attorney Justin Whatcott announced today.
According to court records, the American Falls Housing Authority (AFHA) is a federally funded public housing authority that manages public housing in American Falls. Between 2019 and 2023, Hauber was employed as the Executive Director of AFHA and was tasked with paying bills, purchasing supplies, collecting rent, and managing bank accounts.
Beginning in spring 2019, Hauber began to make purchases on AFHA credit cards for unauthorized personal expenses, such as meals, airplane tickets, utilities for his home, medical expenses, and purchases at retailers. In total, between spring 2019 through 2023, Hauber made $129,022.38 in unauthorized personal expenses. Hauber used AFHA funds to make payments for those personal expenses. To conceal the embezzlement, Hauber wrote fictitious checks to venders and entered the checks into AFHA’s internal accounting system.
Chief U.S. District Judge David C. Nye also ordered Hauber to pay $79,022.38 in restitution and imposed eight months of home detention with location monitoring as a condition of probation.
“Our office will vigorously investigate and prosecute cases involving theft of public money,” said Acting U.S. Attorney Whatcott. “Bruce Hauber stole from the American taxpayer and deprived American Falls residents vital public housing funds.”
“Hauber deliberately orchestrated a fraudulent scheme to embezzle more than $125,000 in federal funds designated to provide housing assistance for elderly and disabled residents in American Falls, Idaho—a community of roughly, 4,500 people,” said Special Agent in Charge Machelle Jindra with the U.S. Department of Housing and Urban Development (HUD), Office of Inspector General (OIG). “The theft was especially harmful given the limited resources available to support the community. HUD OIG remains committed to working alongside our partners at the U.S. Attorney’s Office and our law enforcement and oversight partners to aggressively pursue individuals who compromise the integrity of HUD programs and exploit communities in need.”
Acting U.S. Attorney Whatcott commended the work of the U.S. Department of Housing and Urban Development, Office of Inspector General, and Federal Bureau of Investigation, which led to the charges. Assistant U.S. Attorneys Sean Mazorol and Jack Haycock prosecuted the case.
DENVER – The U.S. Attorney’s Office for the District of Colorado announces that defendant Carl Howard Payne, Jr., of Colorado Springs, was charged with Interstate Communication of Threats.
According to the criminal complaint, on or about March 20, 2025, threatening emails were sent from betweensaltandstart@proton.me to various news media outlets across state lines. The emails detailed a “Declaration of War” against the 47th Presidential Cabinet of the United States and further described how Tesla owners would be murdered on April 17, 2025, and thereafter, until the death of Elon Musk.
Also on March 20, 2025, Payne sent the same email to ProPublica and Thomson Reuters, both in New York, from Signal user “c”. And on or about April 2, 2025, Payne deposited or caused to be deposited similar threatening letters for delivery by the Postal Service to several insurance companies. The return address on the letters indicated they were from “The White House,” but the letters were postmarked in Denver.
A review of Internet Protocol (IP) address information from Proton Mail, along with other information, indicates that Payne is the user of the Proton Mail account and the Signal account from which the threatening emails originated.
The investigation is being handled by the Denver Field Office of the Federal Bureau of Investigation. The prosecution is being handled by Assistant United States Attorney Jasand Mock.
The charges in the complaint are allegations and the defendant is presumed innocent unless and until proven guilty beyond a reasonable doubt.
BUFFALO, N.Y.-U.S. Attorney Michael DiGiacomo announced today that Victor Francisco Lucas, 31, a citizen of Mexico, was arrested and charged by criminal complaint with production of child pornography and enticement of a minor, which carry a mandatory minimum penalty of 15 years in prison and a maximum of life in prison.
Assistant U.S. Attorney Evan K. Glaberson, who is handling the case, stated that according to the complaint, in January 2025, the mother of 12-year-old minor victim called the National Threat Operations Center to report online grooming of the victim, after looking through her daughter’s cellular phone and finding a number for an unknown individual, who had been communicating with the victim via social media and text message. The individual was later identified as Lucas, who worked on a dairy farm in Western New York. Lucas told the victim he was 12 or 13 years old and requested and induced the victim to send nude photos of herself to him. The victim could not send explicit photos to Lucas because parental controls installed on her device blocked the transmission. According to the complaint, Lucas then coerced the victim to participate in nude and sexually explicit Facetime video calls.
Lucas is a citizen of Mexico. He does not have legal status to be in the United States.
Lucas made an initial appearance this afternoon before U.S. Magistrate Judge Michael J. Roemer and was detained.
The complaint is the result of an investigation by the Federal Bureau of Investigation, under the direction of Special Agent-in-Charge Matthew Miraglia, and the Niagara County Sheriff’s Office, under the direction of Sheriff Michael Filicetti.
The fact that a defendant has been charged with a crime is merely an accusation and the defendant is presumed innocent until and unless proven guilty.
CHARLOTTE, N.C. – Three members of the La Mara Salvatrucha gang (known as MS-13) were sentenced in federal court today for engaging in violent criminal conduct, including murder, in support of the criminal organization, announced Russ Ferguson, U.S. Attorney for the Western District of North Carolina.
Cardell T. Morant, Special Agent in Charge of Homeland Security Investigations (HSI) in North Carolina and South Carolina, Robert M. DeWitt, Special Agent in Charge of the Federal Bureau of Investigation (FBI), Charlotte Division, and Chief Johnny Jennings of the Charlotte Mecklenburg Police Department join U.S. Attorney Ferguson in making today’s announcement.
Christian Alejandro Garcia Santa Cruz, a/k/a “Crimen,” 32, of El Salvador, and Aderly Jose Veliz-Ronquillo, a/k/a “Chanchin,” 30, of Guatemala, were each sentenced to 35 years in prison for using a firearm during a crime of violence resulting in death for the 2022 murder of W.G.M. in front of a Charlotte nightclub. Luis Fernando Guardardo Moreno, a/k/a “Fantasma” and “Scrappy,” 24, of El Salvador, was sentenced to 20 years in prison followed by three years of supervised release for racketeering (RICO) conspiracy.
Two additional MS-13 members who held leadership roles within the gang, Fredy Mauricio Buruca, a/k/a “Piranha,” “Machete,” and “Insoportable,” 27, and Santos Guillermo Ramirez Mancia, a/k/a “Azazel,” “Timido,” and “Johnny,” 33, both of El Salvador, have pleaded guilty to RICO conspiracy and are awaiting sentencing. Buruca has also pleaded guilty to kidnapping a minor. A sixth MS-13 member charged in this case, Juan Francisco Sanchez Estrada, a/k/a “Nene” and “Turbo,” 31, of El Salvador, has pleaded guilty to RICO conspiracy and will be sentenced at a later date in the Middle District of North Carolina, following a consolidation of federal cases against him in each district.
“MS-13 is one of the most violent and dangerous criminal gangs operating in the United States. MS-13 members use murder, robbery, kidnapping, drug trafficking, and extortion to support this criminal enterprise and tighten its grip on our communities,” said U.S. Attorney Ferguson. “But we are fighting back. This case has dismantled the local MS-13 clique, and we’re not done. Our goal is not just to prosecute violent gangs, but to eliminate them completely.”
“Today’s prison sentences should make it clear to MS-13 members and their associates, violence and senseless murder will not be tolerated in North Carolina. The FBI and our partners will use every tool available to disrupt and dismantle violent criminal terrorist organizations and bring offenders to justice,” said FBI Special Agent in Charge DeWitt.
According to filed court documents and court proceedings, the defendants were leaders and members of the MS-13 sub-unit, or clique, known as the Hollywood Locos Salvatrucha Clique (the HLS clique), which operated in and around the Western District of North Carolina and other areas in North Carolina, Virginia, Maryland, Washington, D.C., and elsewhere. From at least December 2018 and continuing through November 2022, as members of the HLS clique, the defendants engaged in a pattern of racketeering activity that consisted of multiple acts and threats involving murder, kidnapping, extortion, robbery, and drug trafficking.
The investigation into the gang’s criminal activity revealed that these criminal acts were sanctioned by MS-13 leadership and were committed to promote a climate a fear and intimidation within the gang; to maintain the gang’s control and to expand its territory; to enforce discipline within the gang and punish any acts of disrespect; to intimidate witnesses and discourage cooperation with law enforcement; and to retaliate against rivals, or “chavalas.”
Participation in criminal activity was also intended to increase respect and ranking of members within the gang and to open the door to promotion to a leadership position. Accordingly, Santa Cruz and Veliz-Ronquillo committed murder in aid of racketeering for the purpose of maintaining and increasing their position in the MS-13 enterprise.
According to court documents, on November 6, 2022, Santa Cruz, Mancia, and Veliz-Ronquillo were at a nightclub in Charlotte. Over the course of the evening, Santa Cruz, Mancia, and Veliz-Ronquillo got into an argument with several men at the parking lot of the nightclub. During the argument, Mancia identified himself as MS-13 to the other men. At some point, W.G.M. and Mancia shoved each other. Ronquillo then shot W.G.M. once and Santa-Cruz shot the victim three times, causing the victim to sustain fatal gunshot wounds. At today’s sentencing hearing, the government contended that through their involvement in W.G.M.’s murder, Santa Cruz and Veliz-Ronquillo demonstrated their full commitment to further the goals of MS-13 and to advance their reputation within the gang.
The defendants will remain in federal custody until they are transferred to the custody of the Federal Bureau of Prisons upon designation of a federal facility.
In making today’s announcement U.S. Attorney Ferguson commended the FBI, HSI, and the Charlotte Mecklenburg Police Department for their investigation of the case, and thanked the Davidson County Sheriff’s Office, the Kannapolis Police Department, the Monroe Police Department, the Prince William County (Virginia) Sheriff’s Office, and the Annapolis (Maryland) Police Department for their invaluable assistance.
Assistant U.S. Attorneys Erik Lindahl and David Kelly of the U.S. Attorney’s Office in Charlotte are prosecuting the case.
This effort is part of an Organized Crime Drug Enforcement Task Forces (OCDETF) operation. OCDETF identifies, disrupts, and dismantles the highest-level criminal organizations that threaten the United States using a prosecutor-led, intelligence-driven, multi-agency approach. Additional information about the OCDETF Program can be found at https://www.justice.gov/ocdetf.
Yesterday, a district court judge convicted a Virginia man, who worked for the Department of Commerce, of possessing and receiving child sexual abuse material (CSAM).
According to court documents and evidence presented at trial, Rafferty Daniel Kelly, 40, of Alexandria, worked for the U.S. Patent and Trademark Office. In March 2022, a federal CSAM investigation involving an internet-based peer-to-peer file sharing service, a program used by the defendant to obtain CSAM, led federal agents to execute a search warrant at Kelly’s home, where they seized multiple devices. A review of those devices revealed that, over a period of at least two years, Kelly had downloaded and stored over 50,000 images of CSAM and child erotica, including images of infants and prepubescent children. Kelly also possessed a handbook on how to groom children.
At the end of the bench trial yesterday, the Honorable Michael S. Nachmanoff found Kelly guilty of one count of receipt of child pornography and one count of possession of child pornography. The defendant is scheduled to be sentenced on July 24 and faces a mandatory minimum penalty of five years in prison and a maximum penalty of 40 years in prison. Judge Nachmanoff will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.
Matthew R. Galeotti, Head of the Justice Department’s Criminal Division, United States Attorney Erik S. Siebert for the Eastern District of Virginia, and Special Agent in Charge Sean Ryan of the FBI Washington Field Office’s Criminal and Cyber Division made the announcement.
Trial Attorney Nadia Prinz of the Criminal Division’s Child Exploitation and Obscenity Section (CEOS) and Assistant U.S. Attorney Vanessa Strobbe for the Eastern District of Virginia are prosecuting the case.
This case was investigated by the FBI Washington Field Office’s Child Exploitation and Human Trafficking Task Force. The task force is composed of FBI agents, along with other federal agents and detectives from northern Virginia and the District of Columbia. The task force is charged with investigating and bringing federal charges against individuals engaged in the exploitation of children and those engaged in human trafficking.
This case was brought as part of Project Safe Childhood, a nationwide initiative to combat the epidemic of child sexual exploitation and abuse launched in May 2006 by the Department of Justice. Led by U.S. Attorneys’ Offices and CEOS, Project Safe Childhood marshals federal, state, and local resources to better locate, apprehend, and prosecute individuals who exploit children via the internet, as well as to identify and rescue victims. For more information about Project Safe Childhood, visit www.justice.gov/psc.
GREAT FALLS – A Kalispell man who conspired to distribute drugs on the Blackfeet Indian Reservation was sentenced today to 128 months in prison to be followed by 5 years of supervised release, U.S. Attorney Kurt Alme said.
Cameron Lee Richard Carr, 34, pleaded guilty in September 2024 to possession with intent to distribute methamphetamine and fentanyl.
Chief U.S. District Judge Brian Morris presided.
The government alleged in court documents that in early November 2023, law enforcement received information Carr was trafficking illegal drugs from Kalispell, Montana to Browning, Montana. On November 28, 2023, Carr was observed leaving the Going to the Sun Inn in Browning. A Blackfeet Law Enforcement Services officer saw Carr run a stop sign and attempted to conduct a traffic stop. Carr fled before eventually stopping his vehicle and attempting to run away on foot. He was apprehended by the officer and arrested. The officer saw Carr reach for his waistband when he was arrested, so the officer searched him for weapons before placing him in a patrol vehicle. The officer recovered suspected meth and fentanyl from and noticed a 9 mm Ruger handgun on the ground near the area where Carr was apprehended.
Law enforcement searched Carr’s vehicle and seized 11 additional firearms, 500 grams of methamphetamine, 168 grams of fentanyl in pill and powder form, and small amounts of heroin, oxycodone, morphine, and cocaine. On December 1, 2023, during an interview with law enforcement, Carr admitted distributing drugs in Browning.
The U.S. Attorney’s Office prosecuted the case and the investigation was conducted by the FBI, DEA, Blackfeet Law Enforcement Services, and the Glacier County Sheriff’s Office.
The case was investigated under the Organized Crime Drug Enforcement Task Forces (OCDETF). OCDETF identifies, disrupts, and dismantles the highest-level criminal organizations that threaten the United States using a prosecutor-led, intelligence-driven, multi-agency approach. For more information about Organized Crime Drug Enforcement Task Forces, please visit Justice.gov/OCDETF.
DENVER — A former member of the Gambian military was convicted April 15 on torture charges, following his involvement in crimes committed while the West African country’s then-President, Yahya Jammeh, was still in power.
Michael Sang Correa, 46, was indicted in 2020 and is the first non-United States citizen to be convicted under the U.S. criminal torture law. He was found guilty of inflicting torture on specific individuals as well as conspiring to commit torture against suspected opponents of Jammeh’s while serving in a military unit within the Gambia Armed Forces known as the “Junglers.”
“Correa’s crimes caught up with him today,” said U.S. Immigration and Customs Enforcement Homeland Security Investigations Denver Special Agent in Charge Steve Cagen, who also oversees Colorado, Montana and Wyoming. “Correa chose the wrong country to try to escape from justice. HSI actively investigates and apprehends human rights violators who run from their criminal pasts and come here. We have a zero-tolerance policy for human rights violators.”
“Michael Sang Correa tried to evade responsibility for his crimes in The Gambia by coming to the United States and hiding his past,” said Matthew R. Galeotti, Head of the Justice Department’s Criminal Division. “But we found him, we investigated him, and we prosecuted him. The lesson is: if you commit violent crimes — let alone torture or other human rights violations — do not come to the United States. If you do, the Department of Justice, together with its law enforcement partners, will leave no stone unturned to see that your crimes are exposed and justice is served. I thank the jurors for their service and the witnesses for the courage to relive the horror they experienced at Correa’s hands.”
“The torture inflicted by Michael Sang Correa and his co-conspirators is abhorrent,” said acting U.S. Attorney J. Bishop Grewell for the District of Colorado. “Today’s verdict shows you can’t get away with coming to Colorado to hide from your past crimes. The jurors are to be commended for their service throughout this trial and the witnesses for traveling so far to serve the interests of justice.”
Evidence presented at trial proved that in March 2006, shortly after a failed coup attempt, Correa and his co-conspirators transported the victims to Gambia’s main prison, known as Mile 2 Prison, where they subjected the victims to severe physical and mental abuses.
For the rest of the month of March and well into April 2006, Correa and his co-conspirators beat, stabbed, burned and electrocuted the victims, among other horrific acts. One victim testified that he had his thigh burned by hot, molten plastic; the Junglers also placed the victim in a large bag, suspended him in the air, and dropped him to the ground. Another victim testified that Correa and his co-conspirators suffocated him with a plastic bag and put the barrel of a pistol in his mouth. In addition to suffocation from plastic bags, another victim testified that Correa and his co-conspirators electrocuted him on his body, including his genitals; hanged him upside down and beat him in that position; and stabbed him in the shoulder. A fourth victim endured electrocution and was hit in the head with a pistol. A fifth victim testified that he had cigarettes extinguished into his skin, experienced electrocution, and that he was struck in the face with a hammer.
Correa came to the U.S. in December 2016, eventually settling in Denver. Having overstayed his visa, ICE arrested Correa in 2019 and subsequently placed him in removal proceedings.
Correa faces a maximum penalty of 20 years in prison for each of the five torture counts and the count of conspiracy to commit torture. He will remain in U.S. custody pending his sentencing.
ICE HSI Denver investigated this case, with support from HSI agents in Dakar, Senegal, as well as personnel at the U.S. Embassy in Banjul and the FBI Legal Attaché in Dakar. The Human Rights Violators and War Crimes Center also provided significant support. Established in 2009, the HRVWCC leverages the expertise of criminal investigators, attorneys, historians, intelligence analysts and federal partners to provide a whole of government approach to prevent the U.S. from becoming a haven for individuals who commit war crimes, genocide, torture and other human rights abuses around the globe.
Currently, ICE has more than 180 active investigations into suspected human rights violators and is pursuing more than 1,945 leads and removals cases involving suspected human rights violators from 95 different countries. The center has issued more than 79,000 lookouts since 2003, for potential perpetrators of human rights abuses and stopped over 390 human rights violators and war crimes suspects from entering the U.S.
Members of the public who have information about foreign nationals suspected of engaging in human rights abuses or war crimes are urged to call the ICE Tip Line at 1-866-DHS-2-ICE (1-866-347-2423) or internationally at 001-1802-872-6199. You can also email HRV.ICE@ice.dhs.gov or complete the online tip form.
Microsoft maintains a continuous effort to protect its platforms and customers from fraud and abuse. From blocking imposters on Microsoft Azure and adding anti-scam features to Microsoft Edge, to fighting tech support fraud with new features in Windows Quick Assist, this edition of Cyber Signals takes you inside the work underway and important milestones achieved that protect customers.
Blocked about 1.6 million bot signup attempts per hour.
The evolution of AI-enhanced cyber scams
AI has started to lower the technical bar for fraud and cybercrime actors looking for their own productivity tools, making it easier and cheaper to generate believable content for cyberattacks at an increasingly rapid rate. AI software used in fraud attempts runs the gamut, from legitimate apps misused for malicious purposes to more fraud-oriented tools used by bad actors in the cybercrime underground.
AI tools can scan and scrape the web for company information, helping cyberattackers build detailed profiles of employees or other targets to create highly convincing social engineering lures. In some cases, bad actors are luring victims into increasingly complex fraud schemes using fake AI-enhanced product reviews and AI-generated storefronts, where scammers create entire websites and e-commerce brands, complete with fake business histories and customer testimonials. By using deepfakes, voice cloning, phishing emails, and authentic-looking fake websites, threat actors seek to appear legitimate at wider scale.
According to the Microsoft Anti-Fraud Team, AI-powered fraud attacks are happening globally, with much of the activity coming from China and Europe, specifically Germany due in part to Germany’s status as one of the largest e-commerce and online services markets in the European Union (EU). The larger a digital marketplace in any region, the more likely a proportional degree of attempted fraud will take place.
E-commerce fraud
Fraudulent e-commerce websites can be set up in minutes using AI and other tools requiring minimal technical knowledge. Previously, it would take threat actors days or weeks to stand up convincing websites. These fraudulent websites often mimic legitimate sites, making it challenging for consumers to identify them as fake.
Using AI-generated product descriptions, images, and customer reviews, customers are duped into believing they are interacting with a genuine merchant, exploiting consumer trust in familiar brands.
AI-powered customer service chatbots add another layer of deception by convincingly interacting with customers. These bots can delay chargebacks by stalling customers with scripted excuses and manipulating complaints with AI-generated responses that make scam sites appear professional.
In a multipronged approach, Microsoft has implemented robust defenses across our products and services to protect customers from AI-powered fraud. Microsoft Defender for Cloud provides comprehensive threat protection for Azure resources, including vulnerability assessments and threat detection for virtual machines, container images, and endpoints.
Microsoft Edge features website typo protection and domain impersonation protection using deep learning technology to help users avoid fraudulent websites. Edge has also implemented a machine learning-based Scareware Blocker to identify and block potential scam pages and deceptive pop-up screens with alarming warnings claiming a computer has been compromised. These attacks try to frighten users into calling fraudulent support numbers or downloading harmful software.
Job and employment fraud
The rapid advancement of generative AI has made it easier for scammers to create fake listings on various job platforms. They generate fake profiles with stolen credentials, fake job postings with auto-generated descriptions, and AI-powered email campaigns to phish job seekers. AI-powered interviews and automated emails enhance the credibility of job scams, making it harder for job seekers to identify fraudulent offers.
To prevent this, job platforms should introduce multifactor authentication for employer accounts to make it harder for bad actors to take over legitimate hirers’ listings and use available fraud-detection technologies to catch suspicious content.
Fraudsters often ask for personal information, such as resumes or even bank account details, under the guise of verifying the applicant’s information. Unsolicited text and email messages offering employment opportunities that promise high pay for minimal qualifications are typically an indicator of fraud.
Employment offers that include requests for payment, offers that seem too good to be true, unsolicited offers or interview requests over text message, and a lack of formal communication platforms can all be indicators of fraud.
Tech support scams
Tech support scams are a type of fraud where scammers trick victims into unnecessary technical support services to fix a device or software problems that don’t exist. The scammers may then gain remote access to a computer—which lets them access all information stored on it, and on any network connected to it or install malware that gives them access to the computer and sensitive data.
Tech support scams are a case where elevated fraud risks exist, even if AI does not play a role. For example, in mid-April 2024, Microsoft Threat Intelligence observed the financially motivated and ransomware-focused cybercriminal group Storm-1811 abusing Windows Quick Assist software by posing as IT support. Microsoft did not observe AI used in these attacks; Storm-1811 instead impersonated legitimate organizations through voice phishing (vishing) as a form of social engineering, convincing victims to grant them device access through Quick Assist.
Quick Assist is a tool that enables users to share their Windows or macOS device with another person over a remote connection. Tech support scammers often pretend to be legitimate IT support from well-known companies and use social engineering tactics to gain the trust of their targets. They then attempt to employ tools like Quick Assist to connect to the target’s device.
Quick Assist and Microsoft are not compromised in these cyberattack scenarios; however, the abuse of legitimate software presents risk Microsoft is focused on mitigating. Informed by Microsoft’s understanding of evolving cyberattack techniques, the company’s anti-fraud and product teams work closely together to improve transparency for users and enhance fraud detection techniques.
The Storm-1811 cyberattacks highlight the capability of social engineering to circumvent security defenses. Social engineering involves collecting relevant information about targeted victims and arranging it into credible lures delivered through phone, email, text, or other mediums. Various AI tools can quickly find, organize, and generate information, thus acting as productivity tools for cyberattackers. Although AI is a new development, enduring measures to counter social engineering attacks remain highly effective. These include increasing employee awareness of legitimate helpdesk contact and support procedures, and applying Zero Trust principles to enforce least privilege across employee accounts and devices, thereby limiting the impact of any compromised assets while they are being addressed.
Microsoft has taken action to mitigate attacks by Storm-1811 and other groups by suspending identified accounts and tenants associated with inauthentic behavior. If you receive an unsolicited tech support offer, it is likely a scam. Always reach out to trusted sources for tech support. If scammers claim to be from Microsoft, we encourage you to report it directly to us at https://www.microsoft.com/reportascam.
Building on the Secure Future Initiative (SFI), Microsoft is taking a proactive approach to ensuring our products and services are “Fraud-resistant by Design.” In January 2025, a new fraud prevention policy was introduced: Microsoft product teams must now perform fraud prevention assessments and implement fraud controls as part of their design process.
Recommendations
Strengthen employer authentication: Fraudsters often hijack legitimate company profiles or create fake recruiters to deceive job seekers. To prevent this, job platforms should introduce multifactor authentication and Verified ID as part of Microsoft Entra ID for employer accounts, making it harder for unauthorized users to gain control.
Monitor for AI-based recruitment scams: Companies should deploy deepfake detection algorithms to identify AI-generated interviews where facial expressions and speech patterns may not align naturally.
Be cautious of websites and job listings that seem too good to be true: Verify the legitimacy of websites by checking for secure connections (https) and using tools like Microsoft Edge’s typo protection.
Avoid providing personal information or payment details to unverified sources: Look for red flags in job listings, such as requests for payment or communication through informal platforms like text messages, WhatsApp, nonbusiness Gmail accounts, or requests to contact someone on a personal device for more information.
Using Microsoft’s security signal to combat fraud
Microsoft is actively working to stop fraud attempts using AI and other technologies by evolving large-scale detection models based on AI, such as machine learning, to play defense by learning from and mitigating fraud attempts. Machine learning is the process that helps a computer learn without direct instruction using algorithms to discover patterns in large datasets. Those patterns are then used to create a comprehensive AI model, allowing for predictions with high accuracy.
We have developed in-product safety controls that warn users about potential malicious activity and integrate rapid detection and prevention of new types of attacks.
Our fraud team has developed domain impersonation protection using deep-learning technology at the domain creation stage, to help protect against fraudulent e-commerce websites and fake job listings. Microsoft Edge has incorporated website typo protection, and we have developed AI-powered fake job detection systems for LinkedIn.
Microsoft Defender Smartscreen is a cloud-based security feature that aims to prevent unsafe browsing habits by analyzing websites, files, and applications based on their reputation and behavior. It is integrated into Windows and the Edge browser to help protect users from phishing attacks, malicious websites, and potentially harmful downloads.
Furthermore, Microsoft’s Digital Crimes Unit (DCU) partners with others in the private and public sector to disrupt the malicious infrastructure used by criminals perpetuating cyber-enabled fraud. The team’s longstanding collaboration with law enforcement around the world to respond to tech support fraud has resulted in hundreds of arrests and increasingly severe prison sentences worldwide. The DCU is applying key learnings from past actions to disrupt those who seek to abuse generative AI technology for malicious or fraudulent purposes.
Quick Assist features and remote help combat tech support fraud
To help combat tech support fraud, we have incorporated warning messages to alert users about possible tech support scams in Quick Assist before they grant access to someone approaching them purporting to be an authorized IT department or other support resource.
Windows users must read and click the box to acknowledge the security risk of granting remote access to the device.
Microsoft has significantly enhanced Quick Assist protection for Windows users by leveraging its security signal. In response to tech support scams and other threats, Microsoft now blocks an average of 4,415 suspicious Quick Assist connection attempts daily, accounting for approximately 5.46% of global connection attempts. These blocks target connections exhibiting suspicious attributes, such as associations with malicious actors or unverified connections.
Microsoft’s continual focus on advancing Quick Assist safeguards seeks to counter adaptive cybercriminals, who previously targeted individuals opportunistically with fraudulent connection attempts, but more recently have sought to target enterprises with more organized cybercrime campaigns that Microsoft’s actions have helped disrupt.
Our Digital Fingerprinting capability, which leverages AI and machine learning, drives these safeguards by providing fraud and risk signals to detect fraudulent activity. If our risk signals detect a possible scam, the Quick Assist session is automatically ended. Digital Fingerprinting works by collecting various signals to detect and prevent fraud.
For enterprises combating tech support fraud, Remote Help is another valuable resource for employees. Remote Help is designed for internal use within an organization and includes features that make it ideal for enterprises.
By reducing scams and fraud, Microsoft aims to enhance the overall security of its products and protect its users from malicious activities.
Consumer protection tips
Fraudsters exploit psychological triggers such as urgency, scarcity, and trust in social proof. Consumers should be cautious of:
Impulse buying—Scammers create a sense of urgency with “limited-time” deals and countdown timers.
Trusting fake social proof—AI generates fake reviews, influencer endorsements, and testimonials to appear legitimate.
Clicking on ads without verification—Many scam sites spread through AI-optimized social media ads. Consumers should cross-check domain names and reviews before purchasing.
Ignoring payment security—Avoid direct bank transfers or cryptocurrency payments, which lack fraud protections.
Job seekers should verify employer legitimacy, be on the lookout for common job scam red flags, and avoid sharing personal or financial information with unverified employers.
Verify employer legitimacy—Cross-check company details on LinkedIn, Glassdoor, and official websites to verify legitimacy.
Notice common job scam red flags—If a job requires upfront payments for training materials, certifications, or background checks, it is likely a scam. Unrealistic salaries or no-experience-required remote positions should be approached with skepticism. Emails from free domains (such as johndoehr@gmail.com instead of hr@company.com) are also typically indicators of fraudulent activity.
Be cautious of AI-generated interviews and communications—If a video interview seems unnatural, with lip-syncing delays, robotic speech, or odd facial expressions, it could be deepfake technology at work. Job seekers should always verify recruiter credentials through the company’s official website before engaging in any further discussions.
Avoid sharing personal or financial information—Under no circumstances should you provide a Social Security number, banking details, or passwords to an unverified employer.
Microsoft is also a member of the Global Anti-Scam Alliance (GASA), which aims to bring governments, law enforcement, consumer protection organizations, financial authorities and providers, brand protection agencies, social media, internet service providers, and cybersecurity companies together to share knowledge and protect consumers from getting scammed.
Recommendations
Remote Help: Microsoft recommends using Remote Help instead of Quick Assist for internal tech support. Remote Help is designed for internal use within an organization and incorporates several features designed to enhance security and minimize the risk of tech support hacks. It is engineered to be used only within an organization’s tenant, providing a safer alternative to Quick Assist.
Digital Fingerprinting: This identifies malicious behaviors and ties them back to specific individuals. This helps in monitoring and preventing unauthorized access.
Blocking full control requests: Quick Assist now includes warnings and requires users to check a box acknowledging the security implications of sharing their screen. This adds a layer of helpful “security friction” by prompting users who may be multitasking or preoccupied to pause to complete an authorization step.
Kelly Bissell: A cybersecurity pioneer combating fraud in the new era of AI
Kelly Bissell’s journey into cybersecurity began unexpectedly in 1990. Initially working in computer science, Kelly was involved in building software for healthcare patient accounting and operating systems at Medaphis and Bellsouth, now AT&T.
His interest in cybersecurity was sparked when he noticed someone logged into a phone switch attempting to get free long-distance calls and traced the intruder back to Romania. This incident marked the beginning of Kelly’s career in cybersecurity.
“I stayed in cybersecurity hunting for bad actors, integrating security controls for hundreds of companies, and helping shape the NIST security frameworks and regulations such as FFIEC, PCI, NERC-CIP,” he explains.
Currently, Kelly is Corporate Vice President of Anti-Fraud and Product Abuse within Microsoft Security. Microsoft’s fraud team employs machine learning and AI to build better detection code and understand fraud operations. They use AI-powered solutions to detect and prevent cyberthreats, leveraging advanced fraud detection frameworks that continuously learn and evolve.
“Cybercrime is a trillion-dollar problem, and it’s been going up every year for the past 30 years. I think we have an opportunity today to adopt AI faster so we can detect and close the gap of exposure quickly. Now we have AI that can make a difference at scale and help us build security and fraud protections into our products much faster.”
Previously Kelly managed the Microsoft Detection and Response Team (DART) and created the Global Hunting, Oversight, and Strategic Triage (GHOST) team that detected and responded to attackers such as Storm-0558 and Midnight Blizzard.
Prior to Microsoft, during his time at Accenture and Deloitte, Kelly collaborated with companies and worked extensively with government agencies like the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation, where he helped build security systems inside their operations.
His time as Chief Information Security Officer (CISO) at a bank exposed him to addressing both cybersecurity and fraud, leading to his involvement in shaping regulatory guidelines to protect banks and eventually Microsoft.
Kelly has also played a significant role in shaping regulations around the National Institute of Standards and Technology (NIST) and Payment Card Industry (PCI) compliance, which helps ensure the security of businesses’ credit card transactions, among others.
Internationally, Kelly played a crucial role in helping establish agencies and improve cybersecurity measures. As a consultant in London, he helped stand up the United Kingdom’s National Cyber Security Centre (NCSC), which is part of the Government Communications Headquarters (GCHQ), the equivalent of CISA. Kelly’s efforts in content moderation with several social media companies, including YouTube, were instrumental in removing harmful content.
That’s why he’s excited about Microsoft’s partnership with GASA. GASA brings together governments, law enforcement, consumer protection organizations, financial authorities, internet service providers, cybersecurity companies, and others to share knowledge and define joint actions to protect consumers from getting scammed.
“If I protect Microsoft, that’s good, but it’s not sufficient. In the same way, if Apple does their thing, and Google does their thing, but if we’re not working together, we’ve all missed the bigger opportunity. We must share cybercrime information with each other and educate the public. If we can have a three-pronged approach of tech companies building security and fraud protection into their products, public awareness, and sharing cybercrime and fraudster information with law enforcement, I think we can make a big difference,” he says.
Next steps with Microsoft Security
To learn more about Microsoft Security solutions, visit our website. Bookmark the Security blog to keep up with our expert coverage on security matters. Also, follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.
Methodology: Microsoft platforms and services, including Azure, Microsoft Defender for Office, Microsoft Threat Intelligence, and Microsoft Digital Crimes Unit (DCU), provided anonymized data on threat actor activity and trends. Additionally, Microsoft Entra ID provided anonymized data on threat activity, such as malicious email accounts, phishing emails, and attacker movement within networks. Additional insights are from the daily security signals gained across Microsoft, including the cloud, endpoints, the intelligent edge, and telemetry from Microsoft platforms and services. The $4 billion figure represents an aggregated total of fraud and scam attempts against Microsoft and our customers in consumer and enterprise segments (in 12 months).
Source: Federal Bureau of Investigation FBI Crime News (b)
GALVESTON, Texas – A 46-year-old Texas City resident has been ordered to federal prison for possession with intent to distribute fentanyl, announced U.S. Attorney Nicholas J. Ganjei.
John Earl Edwards pleaded guilty Sept. 24, 2024.
U.S. District Judge Jeffrey V. Brown has now ordered Edwards to serve 156 months to be immediately followed by three years of supervised release.
“Taking fentanyl off the street is good, but taking a fentanyl dealer off the street is even better,” said Ganjei. “This is one less person who makes their living off of the misery of their fellow citizens.”
On July 22, 2021, Edwards negotiated the sale of a small amount of fentanyl and arranged to have it delivered on July 22, 2021.
The investigation revealed Edwards’ drug distribution also included cocaine, cocaine base and methamphetamine.
He was permitted to remain on bond and voluntarily surrender to a Federal Bureau of Prisons facility to be determined in the near future.
The FBI’s Safe Streets and Violent Crimes Task Force and the La Marque Police Department conducted the investigation. Assistant U.S. Attorney Kenneth A. Cusick prosecuted the case.
Michael McMahon, a Retired New York City Police Department (NYPD) Sergeant, and Two Co-Conspirators Were First Defendants Convicted After a U.S. Trial in Connection with Repatriation Program ‘Operation Fox Hunt’
Today, in federal court in Brooklyn, New York, Michael McMahon, 57, of Mahwah, New Jersey, was sentenced to 18 months in prison and ordered to pay an $11,000 fine for acting as an illegal agent of the government of the People’s Republic of China (PRC) and interstate stalking and conspiracy to commit the same, for his participation in a scheme to coerce repatriation of a U.S. resident to the PRC as part of its international repatriation effort known as “Operation Fox Hunt.” McMahon and co-defendants Zhu Yong, 68, of East Elmhurst, New York, and Congying Zheng, 29, of Brooklyn, were convicted by a federal jury in June 2023 following a three-week trial. In January 2025, Zhu and Zheng were sentenced respectively to 24 months and 16 months in prison.
As proven at trial, between approximately 2016 and 2019, the defendants and their co-conspirators participated in an international campaign to threaten, harass, surveil, and intimidate John Doe #1 and his family in order to force him and his wife, Jane Doe #1, to return to the PRC to face purported corruption charges. Beginning in 2012, John Doe #1 and Jane Doe #1 had been targeted for repatriation as part of the PRC’s transnational repression programs known as “Operation Fox Hunt” and “Operation Sky Net.” John Doe #1 and his family had accordingly sought to keep their address out of public records.
Zhu hired McMahon, a retired NYPD sergeant working as a private investigator, to locate John Doe #1. McMahon obtained sensitive information about John Doe #1, which he then reported back to Zhu and others, including a PRC police officer. McMahon also conducted surveillance outside the New Jersey home of John Doe #1’s relative and provided Zhu and PRC officials with detailed reports of what he observed. The operation was supervised and directed by several PRC officials, including a PRC police officer and a PRC prosecutor.
As McMahon knew, the operation was intended not only to locate John Doe #1, but to coerce him to return to the PRC by exerting pressure on his family members. In April 2017, PRC officials threatened to jail John Doe #1’s sister, who lived in the PRC, in order to coerce John Doe #1’s then-82-year-old father to travel from the PRC to their relative’s home in New Jersey. John Doe #1’s father, who had recently suffered a brain hemorrhage, was so frail that a doctor accompanied him for the trip. McMahon followed John Doe #1’s father from the relative’s New Jersey home, and, by doing so, was able to learn John Doe #1’s address. McMahon immediately provided this information to a PRC operative.
On Sept. 4, 2018, Zheng and another co-conspirator drove to the New Jersey residence of John Doe #1 and Jane Doe #1 – at the address that McMahon had provided – where they pounded on the front door, attempted to enter the house, and then peered through the windows in the back of the home. They left a note on the front door informing John Doe #1 that his “wife and children will be okay” if John Doe #1 surrendered himself to face a ten-year prison term in the PRC.
McMahon knew that the subjects of his investigation were wanted by the PRC government, a fact that he texted about with another investigator he contracted to help him. Following his arrest, McMahon acknowledged knowing that his employers wanted to get the victim back to China “so they could prosecute him.” After providing the victims’ address, McMahon told his surveillance partner that he was “waiting for a call” to find out what to do next. McMahon’s partner responded, “Yeah. From NJ State Police about an abduction,” to which McMahon responded “Lol.” McMahon later suggested to a PRC co-conspirator that they “harass” John Doe #1 by “[p]ark[ing] outside his home and let[ting] him know we are there.” McMahon took other investigative steps designed to harass the victims, such as researching their daughter’s university residence and college major. McMahon was paid more than $19,000 in total for his role in the illegal repatriation scheme. In an apparent attempt to conceal the source, McMahon deposited payments from his PRC clients into his son’s bank account, the only time he had done so with client payments.
Previously, three co-defendants pleaded guilty in connection with their roles in the PRC-directed harassment and intimidation campaign. They are awaiting sentencing.
Sue J. Bai, head of the Justice Department’s National Security Division, U.S. Attorney John J. Durham for the Eastern District of New York, and Assistant Director Roman Rozhavsky of the FBI’s Counterintelligence Division made the announcement.
The FBI New York Field Office investigated the case, with valuable assistance provided by the Department of State’s Diplomatic Security Service.
Assistant U.S. Attorneys Meredith A. Arfa and Irisa Chen for the Eastern District of New York and Trial Attorney Christine A. Bonomo of the National Security Division’s Counterintelligence and Export Control Section are prosecuting the case. Paralegal Specialist Rebecca Roth for the Eastern District of New York provided valuable assistance.
The FBI has created a website for victims to report efforts by foreign governments to stalk, intimidate, or assault people in the United States. If you believe that you are or have been a victim of transnational repression, please visit the FBI’s website.
Former Federal Aviation Administration (FAA) contractor Abouzar Rahmati, 42, a naturalized U.S. citizen and resident of Great Falls, Virginia, pleaded guilty today to conspiring to act and acting as an agent of the Iranian government in the United States without prior notification to the Attorney General.
According to court documents, from at least December 2017 through June 2024, Rahmati worked with Iranian government officials and intelligence operatives to act on their behalf in the United States, including by meeting with Iranian intelligence officers in Iran, communicating with Iranian intelligence officers and government officials using a cover story to hide his conduct, obtaining employment with an FAA contractor with access to sensitive non-public information about the U.S. aviation sector, and obtaining open-source and non-public materials about the U.S. solar energy industry and providing it to Iranian intelligence officers.
In August 2017, Rahmati offered his services to the Iranian government through a senior Iranian government official who previously worked in Iran’s Ministry of Intelligence and Security and with whom Rahmati had previously attended university. Four months later, in December 2017, Rahmati traveled to Iran, where he met with Iranian intelligence operatives and government officials and agreed to obtain information about the U.S. solar energy industry, to provide that information to Iranian officials, and to conduct future communications under a cover story based on purported discussions about research with fellow academics.
Upon returning to the United States in early 2018, Rahmati obtained various private and open-source materials related to the U.S. solar energy industry and provided them to an official from the office of Iran’s Vice President for Science and Technology in response to tasking from Iranian government officials.
In response to tasking from Iranian officials, and in furtherance of his role as an agent of the Government of Iran, Rahmati exploited his employment as an FAA contractor, working for U.S. COMPANY 1, by downloading at least 172 GB of U.S. COMPANY 1 files, which included sensitive access-controlled FAA documents related to the National Aerospace System (NAS), NAS Airport Surveillance Radar systems, and radio frequency data. Rahmati stored those files on removable media, which he took to Iran, where he provided sensitive documents to the Government of Iran in April 2022.
Also in April 2022, in response to tasking from Iranian government officials, Rahmati sent additional information relating to solar energy, solar panels, the FAA, U.S. airports, and U.S. air traffic control towers to his brother, who lived in Iran, so that he would provide those files to Iranian intelligence on Rahmati’s behalf.
Sentencing is scheduled for Aug. 26. Rahmati faces a maximum statutory penalty of 10 years in prison for acting as an agent of a foreign government without prior notification to the Attorney General, and up to five years in prison for conspiracy. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.
Sue Bai, head of the Justice Department’s National Security Division, U.S. Attorney Edward R. Martin Jr. for the District of Columbia, and Assistant Director Roman Rozhavsky of the FBI’s Counterintelligence Division made the announcement.
The FBI’s Washington Field Office is investigating the case, with significant assistance from the FAA’s Office of Counterintelligence and Technical Operations.
Assistant U.S. Attorneys Christopher Tortorice and Kimberly Paschall for the District of Columbia and Trial Attorneys Beau Barnes and Alexander Wharton of the National Security Division’s Counterintelligence and Export Control Section are prosecuting the case, with significant assistance from the U.S. Attorney’s Office for the Eastern District of Virginia.
Former Federal Aviation Administration (FAA) contractor Abouzar Rahmati, 42, a naturalized U.S. citizen and resident of Great Falls, Virginia, pleaded guilty today to conspiring to act and acting as an agent of the Iranian government in the United States without prior notification to the Attorney General.
According to court documents, from at least December 2017 through June 2024, Rahmati worked with Iranian government officials and intelligence operatives to act on their behalf in the United States, including by meeting with Iranian intelligence officers in Iran, communicating with Iranian intelligence officers and government officials using a cover story to hide his conduct, obtaining employment with an FAA contractor with access to sensitive non-public information about the U.S. aviation sector, and obtaining open-source and non-public materials about the U.S. solar energy industry and providing it to Iranian intelligence officers.
In August 2017, Rahmati offered his services to the Iranian government through a senior Iranian government official who previously worked in Iran’s Ministry of Intelligence and Security and with whom Rahmati had previously attended university. Four months later, in December 2017, Rahmati traveled to Iran, where he met with Iranian intelligence operatives and government officials and agreed to obtain information about the U.S. solar energy industry, to provide that information to Iranian officials, and to conduct future communications under a cover story based on purported discussions about research with fellow academics.
Upon returning to the United States in early 2018, Rahmati obtained various private and open-source materials related to the U.S. solar energy industry and provided them to an official from the office of Iran’s Vice President for Science and Technology in response to tasking from Iranian government officials.
In response to tasking from Iranian officials, and in furtherance of his role as an agent of the Government of Iran, Rahmati exploited his employment as an FAA contractor, working for U.S. COMPANY 1, by downloading at least 172 GB of U.S. COMPANY 1 files, which included sensitive access-controlled FAA documents related to the National Aerospace System (NAS), NAS Airport Surveillance Radar systems, and radio frequency data. Rahmati stored those files on removable media, which he took to Iran, where he provided sensitive documents to the Government of Iran in April 2022.
Also in April 2022, in response to tasking from Iranian government officials, Rahmati sent additional information relating to solar energy, solar panels, the FAA, U.S. airports, and U.S. air traffic control towers to his brother, who lived in Iran, so that he would provide those files to Iranian intelligence on Rahmati’s behalf.
Sentencing is scheduled for Aug. 26. Rahmati faces a maximum statutory penalty of 10 years in prison for acting as an agent of a foreign government without prior notification to the Attorney General, and up to five years in prison for conspiracy. A federal district court judge will determine any sentence after considering the U.S. Sentencing Guidelines and other statutory factors.
Sue Bai, head of the Justice Department’s National Security Division, U.S. Attorney Edward R. Martin Jr. for the District of Columbia, and Assistant Director Roman Rozhavsky of the FBI’s Counterintelligence Division made the announcement.
The FBI’s Washington Field Office is investigating the case, with significant assistance from the FAA’s Office of Counterintelligence and Technical Operations.
Assistant U.S. Attorneys Christopher Tortorice and Kimberly Paschall for the District of Columbia and Trial Attorneys Beau Barnes and Alexander Wharton of the National Security Division’s Counterintelligence and Export Control Section are prosecuting the case, with significant assistance from the U.S. Attorney’s Office for the Eastern District of Virginia.
Tampa, Florida – U.S. District Judge Thomas Barber has sentenced Randall Alderman (61, Lakeland) to 18 years in federal prison, followed by a lifetime of supervised release, for production and receipt of child sexual abuse material. Alderman pled guilty on September 16, 2024.
According to court documents, beginning in 2021, Alderman engaged in sexually explicit communications with a 13-year-old victim through a social media application. Alderman requested and received child sexual abuse material from the victim. During an interview with the FBI, Alderman admitted to communicating with and receiving sexual abuse material from the victim. The FBI located 10 videos and 7 images of child sexual abuse involving the victim on Alderman’s phone.
This case was investigated by the Federal Bureau of Investigation. It was prosecuted by Assistant United States Attorney Courtney Derry.
This case was brought as part of Project Safe Childhood, a nationwide initiative launched in May 2006 by the Department of Justice to combat the growing epidemic of child sexual exploitation and abuse. Led by United States Attorneys’ Offices and the Criminal Division’s Child Exploitation and Obscenity Section (CEOS), Project Safe Childhood marshals federal, state, and local resources to locate, apprehend, and prosecute individuals who sexually exploit children, and to identify and rescue victims. For more information about Project Safe Childhood, please visit www.justice.gov/psc.
Source: Federal Bureau of Investigation (FBI) State Crime Alerts (b)
CONCORD – A Florida woman pleaded guilty today in federal court in Concord in connection with her role in a conspiracy to defraud Medicare of $3.3 million, Acting U.S. Attorney Jay McCormack announces.
Yolanda Dupont, 38, of New Port Richey, Florida, pleaded guilty to one count of conspiracy to commit health care fraud. U.S. District Court Judge Paul Barbadoro scheduled sentencing for July 22, 2025.
According to court documents, Dupont and her co-conspirators owned and operated Allstar Medical Supply Corp., a purported durable medical equipment business in New Hampshire selling orthotic braces. As part of the conspiracy, Dupont served as the nominee owner of the business to conceal the identities of the true owners. Dupont certified that neither she nor Allstar would not submit false claims to Medicare. However, during the conspiracy, Dupont and her co-conspirators submitted, or caused the submission of, approximately $3.3 million in false and fraudulent claims for orthotic braces to Medicare. Medicare paid at least $1.6 million to Dupont and her co-conspirators for these claims. Ultimately, Medicare beneficiaries received orthotic braces that were medically unnecessary, ineligible for reimbursement, and often not wanted or needed.
The charging statute provides a sentence of no greater than 10 years in prison, 3 years of supervised release, and a fine of $250,000 or twice the pecuniary gain. Sentences are imposed by a federal district court judge based upon the U.S. Sentencing Guidelines and statutes which govern the determination of a sentence in a criminal case.
The Federal Bureau of Investigation and the Department of Health and Human Services Office of Inspector General led the investigation. Assistant U.S. Attorney Geoffrey Ward is prosecuting the case.
Source: Federal Bureau of Investigation (FBI) State Crime Alerts (b)
CONCORD – An indictment has been unsealed charging eight defendants in connection with an international scheme to bill $10 million in fraudulent market survey data, Acting U.S. Attorney Jay McCormack announces.
Each of the following defendants has been indicted on one count of Conspiracy to Commit Wire Fraud:
Frank Hayden, 57, of Evanston, Illinois.
Daniel Harriman, 38, of Huntsville, Alabama.
Frank Nappo, 55, of Rye, New Hampshire.
Ryan Stoudt, 38, of Dallas, Texas.
Katarina Grubljesic, 46, of Belgrade, Serbia.
Strahinja Grubljesic, 38, of Rio de Janeiro, Brazil.
Archie Ignacio, 46, of Verona, New Jersey.
Arvind Iyer, a/k/a S. Aravindan, of Delhi, India.
According to the indictment, Op4G and Slice were market research companies based in the United States. Clients would hire the companies to conduct market research surveys. As part of their business model, Op4G and Slice maintained “panels” consisting of individuals potentially eligible to take surveys. In 2014, Hayden, Harriman, and Nappo, who were senior leaders at Op4G, decided to increase company revenues by generating fabricated survey data. To execute the scheme, some of the defendants recruited “ants”, who pretended to be legitimate survey takers but instead were paid a nominal fee for completing surveys that produced fraudulent market research data. Some of the defendants even served as “ants” and fraudulently took large quantities of surveys themselves and received significant payment for their “ant” work.
In or around 2018, Nappo, Hayden and others, decided that Op4G should move the fraudulent survey operation to a new company, which became Slice. By 2019, Op4G and Slice began conspiring with Iyer, a senior leader at an international company, SNWare. By 2021, Katarina Grublijesic left Op4G, but she continued to conspire with the defendants using her international company, Bright Analytic Consulting.
To evade detection, the defendants, including Stoudt and Ignacio, exchanged instructions with each other and the “ants.” These instructions included directions on how to answer survey screener questions, provided parameters on how long “ants” should remain on surveys, and encouraged the use of virtual private network (VPN) services to conceal real IP addresses.
Hayden, Harriman, Nappo, Stoudt, and Ignacio will appear in federal court at a later date.
The charging statute provides a sentence of no greater than 20 years in prison, up to three (3) years of supervised release, and a maximum fine of $250,000 or twice the gross gain or loss, whichever is greater. Sentences are imposed by a federal district court judge based upon the U.S. Sentencing Guidelines and statutes which govern the determination of a sentence in a criminal case.
The FBI led the investigation. Assistant U.S. Attorney Alexander S. Chen is prosecuting the case.
Companies that purchased survey data from Op4G or Slice between 2014-2024 are encouraged to contact the U.S. Attorney’s office at usanh.webmail@usdoj.gov with the subject line “Slice”.
The details contained in the indictment are allegations. The defendants are presumed innocent unless and until proven guilty beyond a reasonable doubt in a court of law.
Source: Federal Bureau of Investigation (FBI) State Crime Alerts (c)
LAREDO, Texas – Three men are in custody on charges related to the discovery of various weapons and ammunition at a Laredo residence linked to another crime, announced U.S. Attorney Nicholas J. Ganjei.
Erick Lopez-Rivera Sr., 37, and Marcos Lora-Morales, 24, both illegal aliens unlawfully residing in Laredo, and Erick Lopez Jr., 18, Laredo, are expected to make their appearances before a U.S. magistrate judge in the near future.
The investigation began March 21 when law enforcement discovered the location of a firearm allegedly used in a crime, according to the charges. During execution of search warrant at the residence, authorities allegedly discovered two machine gun conversion devices (MCDs) and a backpack that contained magazines and ammunition that Lopez had been storing.
MCDs convert semi-automatic handguns into fully automatic weapons.
According to the complaint, authorities also located .38 special and .22LR ammunition linked to Lopez-Rivera Sr.
Upon further investigation, they allegedly found a grey backpack containing a 9mm S&W handgun Lora-Morales had purchased and a Mexican passport that belonged to him in a detached structure on the property. According to the complaint, Lora-Morales had overstayed his visa and was unlawfully present in the United States.
Lopez-Rivera Jr. is charged with possession of a machine gun, while Lopez-Rivera Sr. and Lora-Morales are facing charges of alien in possession of ammunition and alien in possession of a firearm and ammunition, respectively. Lopez-Rivera Sr. is also charged with felony reentry of an alien.
Possession of a machine gun carries a possible 10-year prison sentence, while alien in possession of ammunition and alien in possession of a firearm and ammunition have maximum penalties of 15 years. Illegal reentry after removal has a maximum 20-year-term of imprisonment. All three men could also be ordered to pay up to $250,000 in fines, upon each count of conviction.
Immigration and Customs Enforcement – Homeland Security Investigations, FBI and Laredo Police Department conducted the investigation. Assistant U.S. Attorney Andrew P. Hakala-Finch is prosecuting the case.
An indictment is a formal accusation of criminal conduct, not evidence. A defendant is presumed innocent unless convicted through due process of law.
Today, in federal court in Brooklyn, New York, Michael McMahon, 57, of Mahwah, New Jersey, was sentenced to 18 months in prison and ordered to pay an $11,000 fine for acting as an illegal agent of the government of the People’s Republic of China (PRC) and interstate stalking and conspiracy to commit the same, for his participation in a scheme to coerce repatriation of a U.S. resident to the PRC as part of its international repatriation effort known as “Operation Fox Hunt.” McMahon and co-defendants Zhu Yong, 68, of East Elmhurst, New York, and Congying Zheng, 29, of Brooklyn, were convicted by a federal jury in June 2023 following a three-week trial. In January 2025, Zhu and Zheng were sentenced respectively to 24 months and 16 months in prison.
As proven at trial, between approximately 2016 and 2019, the defendants and their co-conspirators participated in an international campaign to threaten, harass, surveil, and intimidate John Doe #1 and his family in order to force him and his wife, Jane Doe #1, to return to the PRC to face purported corruption charges. Beginning in 2012, John Doe #1 and Jane Doe #1 had been targeted for repatriation as part of the PRC’s transnational repression programs known as “Operation Fox Hunt” and “Operation Sky Net.” John Doe #1 and his family had accordingly sought to keep their address out of public records.
Zhu hired McMahon, a retired NYPD sergeant working as a private investigator, to locate John Doe #1. McMahon obtained sensitive information about John Doe #1, which he then reported back to Zhu and others, including a PRC police officer. McMahon also conducted surveillance outside the New Jersey home of John Doe #1’s relative and provided Zhu and PRC officials with detailed reports of what he observed. The operation was supervised and directed by several PRC officials, including a PRC police officer and a PRC prosecutor.
As McMahon knew, the operation was intended not only to locate John Doe #1, but to coerce him to return to the PRC by exerting pressure on his family members. In April 2017, PRC officials threatened to jail John Doe #1’s sister, who lived in the PRC, in order to coerce John Doe #1’s then-82-year-old father to travel from the PRC to their relative’s home in New Jersey. John Doe #1’s father, who had recently suffered a brain hemorrhage, was so frail that a doctor accompanied him for the trip. McMahon followed John Doe #1’s father from the relative’s New Jersey home, and, by doing so, was able to learn John Doe #1’s address. McMahon immediately provided this information to a PRC operative.
On Sept. 4, 2018, Zheng and another co-conspirator drove to the New Jersey residence of John Doe #1 and Jane Doe #1 – at the address that McMahon had provided – where they pounded on the front door, attempted to enter the house, and then peered through the windows in the back of the home. They left a note on the front door informing John Doe #1 that his “wife and children will be okay” if John Doe #1 surrendered himself to face a ten-year prison term in the PRC.
McMahon knew that the subjects of his investigation were wanted by the PRC government, a fact that he texted about with another investigator he contracted to help him. Following his arrest, McMahon acknowledged knowing that his employers wanted to get the victim back to China “so they could prosecute him.” After providing the victims’ address, McMahon told his surveillance partner that he was “waiting for a call” to find out what to do next. McMahon’s partner responded, “Yeah. From NJ State Police about an abduction,” to which McMahon responded “Lol.” McMahon later suggested to a PRC co-conspirator that they “harass” John Doe #1 by “[p]ark[ing] outside his home and let[ting] him know we are there.” McMahon took other investigative steps designed to harass the victims, such as researching their daughter’s university residence and college major. McMahon was paid more than $19,000 in total for his role in the illegal repatriation scheme. In an apparent attempt to conceal the source, McMahon deposited payments from his PRC clients into his son’s bank account, the only time he had done so with client payments.
Previously, three co-defendants pleaded guilty in connection with their roles in the PRC-directed harassment and intimidation campaign. They are awaiting sentencing.
Sue J. Bai, head of the Justice Department’s National Security Division, U.S. Attorney John J. Durham for the Eastern District of New York, and Assistant Director Roman Rozhavsky of the FBI’s Counterintelligence Division made the announcement.
The FBI New York Field Office investigated the case, with valuable assistance provided by the Department of State’s Diplomatic Security Service.
Assistant U.S. Attorneys Meredith A. Arfa and Irisa Chen for the Eastern District of New York are in charge of the prosecution, with assistance from Trial Attorneys Christine A. Bonomo and Scott A. Claffee of the National Security Division’s Counterintelligence and Export Control Section. Paralegal Specialist Rebecca Roth for the Eastern District of New York provided valuable assistance.
The FBI has created a website for victims to report efforts by foreign governments to stalk, intimidate, or assault people in the United States. If you believe that you are or have been a victim of transnational repression, please visit the FBI’s website.
DENVER — A former member of the Gambian military was convicted April 15 on torture charges, following his involvement in crimes committed while the West African country’s then-President, Yahya Jammeh, was still in power.
Michael Sang Correa, 46, was indicted in 2020 and is the first non-United States citizen to be convicted under the U.S. criminal torture law. He was found guilty of inflicting torture on specific individuals as well as conspiring to commit torture against suspected opponents of Jammeh’s while serving in a military unit within the Gambia Armed Forces known as the “Junglers.”
“Correa’s crimes caught up with him today,” said U.S. Immigration and Customs Enforcement Homeland Security Investigations Denver Special Agent in Charge Steve Cagen, who also oversees Colorado, Montana and Wyoming. “Correa chose the wrong country to try to escape from justice. HSI actively investigates and apprehends human rights violators who run from their criminal pasts and come here. We have a zero-tolerance policy for human rights violators.”
“Michael Sang Correa tried to evade responsibility for his crimes in The Gambia by coming to the United States and hiding his past,” said Matthew R. Galeotti, Head of the Justice Department’s Criminal Division. “But we found him, we investigated him, and we prosecuted him. The lesson is: if you commit violent crimes — let alone torture or other human rights violations — do not come to the United States. If you do, the Department of Justice, together with its law enforcement partners, will leave no stone unturned to see that your crimes are exposed and justice is served. I thank the jurors for their service and the witnesses for the courage to relive the horror they experienced at Correa’s hands.”
“The torture inflicted by Michael Sang Correa and his co-conspirators is abhorrent,” said acting U.S. Attorney J. Bishop Grewell for the District of Colorado. “Today’s verdict shows you can’t get away with coming to Colorado to hide from your past crimes. The jurors are to be commended for their service throughout this trial and the witnesses for traveling so far to serve the interests of justice.”
Evidence presented at trial proved that in March 2006, shortly after a failed coup attempt, Correa and his co-conspirators transported the victims to Gambia’s main prison, known as Mile 2 Prison, where they subjected the victims to severe physical and mental abuses.
For the rest of the month of March and well into April 2006, Correa and his co-conspirators beat, stabbed, burned and electrocuted the victims, among other horrific acts. One victim testified that he had his thigh burned by hot, molten plastic; the Junglers also placed the victim in a large bag, suspended him in the air, and dropped him to the ground. Another victim testified that Correa and his co-conspirators suffocated him with a plastic bag and put the barrel of a pistol in his mouth. In addition to suffocation from plastic bags, another victim testified that Correa and his co-conspirators electrocuted him on his body, including his genitals; hanged him upside down and beat him in that position; and stabbed him in the shoulder. A fourth victim endured electrocution and was hit in the head with a pistol. A fifth victim testified that he had cigarettes extinguished into his skin, experienced electrocution, and that he was struck in the face with a hammer.
Correa came to the U.S. in December 2016, eventually settling in Denver. Having overstayed his visa, ICE arrested Correa in 2019 and subsequently placed him in removal proceedings.
Correa faces a maximum penalty of 20 years in prison for each of the five torture counts and the count of conspiracy to commit torture. He will remain in U.S. custody pending his sentencing.
ICE HSI Denver investigated this case, with support from HSI agents in Dakar, Senegal, as well as personnel at the U.S. Embassy in Banjul and the FBI Legal Attaché in Dakar. The Human Rights Violators and War Crimes Center also provided significant support. Established in 2009, the HRVWCC leverages the expertise of criminal investigators, attorneys, historians, intelligence analysts and federal partners to provide a whole of government approach to prevent the U.S. from becoming a haven for individuals who commit war crimes, genocide, torture and other human rights abuses around the globe.
Currently, ICE has more than 180 active investigations into suspected human rights violators and is pursuing more than 1,945 leads and removals cases involving suspected human rights violators from 95 different countries. The center has issued more than 79,000 lookouts since 2003, for potential perpetrators of human rights abuses and stopped over 390 human rights violators and war crimes suspects from entering the U.S.
Members of the public who have information about foreign nationals suspected of engaging in human rights abuses or war crimes are urged to call the ICE Tip Line at 1-866-DHS-2-ICE (1-866-347-2423) or internationally at 001-1802-872-6199. You can also email HRV.ICE@ice.dhs.gov or complete the online tip form.