2 min read

Huge 20-year prison sentence for US cyber-crook


May 19, 2014

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Huge 20-year prison sentence for US cyber-crook

Does cybercrime pay? Do you think the rewards of ID theft, computer malware and online fraud are worth the risk of capture?

Well, if you do, consider the case of David Ray Camez, who has been sentenced to a 20 year prison sentence and ordered to pay $20 million restitution for his involvement with the Carder.su organized crime website.

22-year-old Camez, who called himself “Bad man” and “doctorsex” online, was just one of over 5500 members of the Carder.su which is said to have been responsible for criminal losses of approximately $50 million.

Carder.su’s business was the large-scale traffic of compromised credit card data, as well as money laundering and share knowledge of various types of cybercrime. If identity theft and cybercrime was your thing, Carder.su was a one-stop-shop.

What the participants of Carder.su didn’t realise, however, is that the authorities hadn’t turned a blind eye, and an undercover special agent had assumed the identity of a member of the criminal outfit when it was in its infancy.

Calling himself “Bad man” and “doctorsex” when participating on the organised crime website Carder.su, Camez was in the business of buying and selling counterfeit Nevada and Arizona driver’s licences – little realising that one of the people he was dealing with was secretly working for the authorities.

During a subsequent search, the authorities discovered counterfeit credit cards, equipment used to manufacture counterfeit credit cards, counterfeit US currency and counterfeit identification documents. In addition, Camez’s computer contained software used to encode counterfeit credit cards and stolen identity information.

Fascinatingly, Camez was technically found guilty of participating in a racketeer influenced corrupt organization (RICO), the same legislation that has previously been the downfall of the likes of the Gambino Mafia crime family.

As The Verge explained at the time of Camez’s conviction last December:

With RICO, law enforcement can prosecute members of an organized crime organization, even if they aren’t found to have directly committed a crime. In this case, prosecutors argued that members of the web forum “Carder.su” were part of a type of organized crime group, as they were required to go through a vetting process and to meet a number of security standards that would protect the forum from law enforcement.

In other words, it doesn’t matter anymore if you’re just a small part of a much larger criminal community – the US authorities are prepared to throw the book at you.

Camez is 22 years old. He has now been sentenced to spend 20 years in prison for his part in Carder.su. I don’t think I have ever heard of a cybercriminal receiving a tougher punishment.

You have to wonder – was it really worth it?

And Camez is not the last in the sights of the US crime-fighting authorities. He was just one of 39 charged in an indictment in January 2012. Seven others have already pleaded guilty, and two are scheduled for trial in June, and the rest are fugitives.

A further sixteen defendants have also been charged in the scheme, and 14 have pleaded guilty to date.

Cybercrime doesn’t pay folks. If you have any brains you will direct your skills, talent and entrepreneurial spirit to positive ends rather than risk spending the best part of your life behind bars.




Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s.

View all posts

You might also like