Turkish national Onur Kopçak will likely spend the rest of his life behind bars for dabbling in credit card seizure and phishing campaign promotion, having landed a record 334-year prison sentence.
The 26-year-old was part of a group of cybercriminals who developed and ran websites for use in phishing campaigns designed to steal bank credentials, and now is paying heavily for his crimes.
The threat of data theft has risen significantly in the past few years. Hardly a week goes by when we do not hear of another high-profile hack or data breach — such as those experienced by Ashley Madison and TalkTalk — but there are also more subtle ways criminals employ to steal data belonging to the general public.
As reported by local media, Kopçak was arrested in 2013 for operating phishing websites which impersonated banks in order to seize customer credit card information and bank details.
Alongside 11 other cybercriminals, these websites were developed and used to dupe visitors into believing they were visiting their bank’s legitimate Web domains and trustingly submit their account information, which was later sold in underground markets.
This is a common method used in phishing campaigns. You receive an email which appears to be from your bank, warning you of unauthorized transactions, out-of-date details or fraud — leading victims to click on links provided. These links will often lead to websites which impersonate legitimate domains, enticing users to input their details, which are then sent to the controllers.
In total, 43 people complained to law enforcement over the websites and their stolen data, gaining the Turkish police forces’ interest and the arrest of Kopçak.
The criminal court ascertained the hacker had stolen data belonging to the 43 victims, resulting in a sentence of 199 years, 7 months and 10 days. Following this ruling, Kopçak protested his innocence, but the sentence was upheld by the Turkish Criminal Court of Appeals.
On top of the 2013 ruling, another case was opened and judged by the Mersin third Criminal Court of General Jurisdiction, concerning the theft of another 11 customer accounts by the hacker. This time, Kopçak did not appeal — landing him a total of 334 years in prison for his deeds.
Kopçak was accused and found guilty of a range of cybercrimes including hacking and identity fraud.
Whether or not you believe 334 years is excessive, it sends a strong message to those in the country who consider cybercrime to make a quick buck — the consequences can be extreme.
Read on: Top picks