GULFPORT -- An Iranian national whose cybercrime victims include three South Mississippi banks and thousands of its customers flew to New York after winning a lottery that allowed him to obtain a U.S. permanent resident visa, a federal agent's affidavit said.
Milad Rezaei Kalantari, 30, is suspected of operating websites known as carding forums, members-only sites that sell stolen financial information. He also is accused of sending and receiving emails with thousands of bank customers' debit card numbers and their three-digit security numbers, addresses and telephone numbers. Those who used the stolen data made unauthorized purchases on the cardholders' accounts.
Kalantari came under investigation in a probe of the Yahoo Boys, a West African criminal organization, a Homeland Security Investigations agent in Gulfport said in an affidavit. The Yahoo Boys use international hackers and underground Iranian, Russian and Vietnamese groups to conduct financial fraud schemes, the agent said.
Kalantari pleaded not guilty to a 16-count indictment Wednesday in U.S. District Court in Gulfport.
He is held with no bond and is set for trial on a court calendar that starts April 4.
How he got a visa
A federal agent in May had a Yahoo chat session with one of Kalantari's co-conspirators and learned Kalantari planned to move to the U.S. because he had won the United States Diversified State Lottery, an affidavit said.
The free lottery, known as "the green card lottery," was mandated by Congress in 1990. The lottery allows up to 50,000 immigrants a year to receive a permanent resident visa through a diversity program.
Those eligible are immigrants with family members or jobs in the U.S. Refugees and asylum seekers aren't eligible. Immigrants whose countries have sent more than 50,000 people to the U.S. in the past five years aren't eligible, according to the U.S. State Department.
Applicants must be born in an eligible country or have a spouse born there, or have at least 12 years of education or two years of recent work experience in an occupation requiring at least two years of training or experience.
A federal agent contacted the State Department and the U.S. Embassy in Ankara, Turkey, and learned Kalantari had indeed won the lottery; he was scheduled for an interview Dec. 2, a court document said.
The agent obtained an arrest warrant for Kalantari on a charge of bank fraud.
Federal agents from Gulfport, Tampa and New York City arrested him Dec. 21 at the John F. Kennedy International Airport in Queens, New York.
Kalantari made his first court appearance in Queens and was arraigned Wednesday in Gulfport.
How was he linked?
HSI identified Kalantari through a search of his email accounts, the agent said, and learned his websites use stolen card data belonging to residents of the U.S., the United Kingdom, Australia, New Zealand, Italy, France and other countries.
He had communicated via email with his sister, attending an Oklahoma university on a student visa, a document said. An email attachment identified his bank in Iran and his address in Sari, Mazandaran.
The victims include Hancock Bank, Keesler Federal Credit Union and Coastal Bank and Trust and thousands of customers, the agent said.
An undercover agent bought stolen data from one of Kalantari's websites three times in December and received the stolen card information of 68 Mississippians, the indictment said.
$400 in donuts
Victims identified by initials only include two Gulfport women who noticed unauthorized purchases on their accounts last March and June. One woman's card number was used four times for $100 each at a Dunkin Donuts.
Bank card information for Team One Communications in Pascagoula appeared in one email of 651 stolen card numbers, the indictment said. The business canceled its credit card after someone tried to use it three times in October 2014 for transactions totalling $120. Their bank declined the transactions.