Government prosecutors have resolved to file in court criminal charges against three more persons, one of them a Nigerian national, in the “hacking” of depositors’ accounts with Banco de Oro (BDO) last December.
Those to be charged were identified in the statement issued by the Department of Justice (DOJ) as Ronelyn Panaligan, Clay Revillosa and Nigerian national Ifesinachi Fountain Anaekwe alias “Daddy Champ.”
They would be charged with violations of Republic Act No. 8484, the Access Devices Regulation Act of 1998, and RA 10175, the Cybercrime Prevention Act of 2012.
In the case of Jheron Anthony Taupa, another alleged participant in the accounts ‘hacking,’ the DOJ said he was arrested last Jan. 18 in Palmayo, Florida Blanca, Pampanga, and has been charged before the regional trial court (RTC) in Guagua, Pampanga last Jan. 25 for misuse of devices under RA 10175.
In the case of another Nigerian national, Chukwuemeka Peter Nwadi, the complaints against him will be subjected to further investigation, the DOJ said.
All the suspects were arrested in separate entrapment operations conducted by the National Bureau of Investigation-Cybercrime Division (NBI-CCD) and were presented for inquest before the DOJ.
On the further investigation of Nwadi, the DOJ said: “Other than his presence during the entrapment operation, no other evidence was adduced by complainants as to his participation on the trafficking of unauthorized access devices. Thus, additional evidence must be presented to determine if there is probable cause for the indictment of Nwadi. Meanwhile, Nwadi will be released from detention.”
“A Motion for Issuance of Hold Departure Order will be filed against Anaekwe, and a Motion for Issuance of Precautionary Hold Departure Order against Nwadi,” it said.
The DOJ said the five individuals were “allegedly behind the Banco de Oro bank heist that happened sometime in December 2021.”
Detailing the “illegal operations” of the suspects, the DOJ said:
“According to the NBI-CCD, the tasks of these 5 individuals are compartmentalized – that is, their respective participations are vital, without which, fraudulent transfers or illegal access of online accounts would not be possible.
“The NBI-CCD explained that the acts are being compartmentalized to prevent the transfers from being traced to a particular person or a syndicate.
“The NBI-CCD likewise equated the modus operandi to money laundering - after hackers have illegally accessed the online banking account or banking system, they would transfer the money to a dummy bank account.
“Thereafter, another transfer would then be made either to another dummy bank account, Gcash or Paymaya account. Money mules are then engaged to personally withdraw or cash-out the stolen money, who would earn by getting commissions from the total amount of withdrawn money. It is only after a series of transfers would the stolen money be moved to the syndicate’s personal accounts.”
The DOJ said the Nigerians worked for the “Mark Nagoyo Group” and were “engaged in the business of providing access devices to anyone looking for options to cash out funds fraudulently obtained.”
It said the NBI-CCD also learned from a certain Mark Froilan, one of the leaders of the Mark Nagoyo group, that “’Daddy Champ’ was already getting mad as the money from BDO has yet to be cashed out” and prompted the group to look “for a money mule to assist them in cashing out the said money.”
“During the entrapment operation, ‘Daddy Champ’ offered different company accounts that can be used to transfer P10 million each. The company accounts serve as ‘dropping accounts’ and they were selling them for P2,000 each,” the DOJ said.
It said Taupa had been found selling for P2,000 “a ‘SCAMPAGE’ or a phishing website which is an imitation of the webpage of GCASH, a well-known electronic money issuer whose real site is hosted on https://www.gcash.com.”
“The scampage is used to harvest the login details, usernames, passwords and mobile personal identification numbers (MPINs) of unwitting victims who would access the scampage under the mistaken belief that they were accessing GCASH’s official portal,” it explained.
Panaligan and Revillosa were arrested in separate entrapment operations conducted by the NBI-CCD last Jan. 19 in Pasig City and Quezon City, respectively.
The DOJ said Panaligan has been described as “a known ‘verifier’ and seller of dummy accounts.”
“As a verifier, Panaligan pretends to conduct a survey in a market and asks the victims for their identification cards and takes their photograph. A fee of Fifty Pesos (P50.00), through telecommunication load, is then given to the owners of these cards for ‘participating in the survey’,” it said.
“Panaligan would then use the information and photograph of her victims, without their knowledge, to apply for verified Gcash or Paymaya accounts. After securing the debit cards, Panaligan would offer it for sale to ‘hackers’ looking to pseudonymously cash out funds from illegitimate sources,” it added.
The DOJ noted that Revillosa is a third-year college student and was found “selling 800,000 mailing lists (e-mail addresses) containing log-in credentials of online banking accounts for thirty thousand (P30,000.00) pesos.”