A former U.S. State Department employee got four years and nine months in prison for perpetrating a widespread, international email phishing, computer hacking and cyberstalking scheme against hundreds of victims in the U.S. and abroad.
Michael C. Ford admitted between January 2013 and May 2015, while employed by the U.S. Embassy in London, he used various aliases to commit a widespread, international computer hacking, cyberstalking and “sextortion” campaign designed to force victims to provide Ford with personal information as well as sexually explicit videos of others. Ford targeted young females, some of whom were students at U.S. colleges and universities, with a particular focus on members of sororities and aspiring models.
While this case was not focused on the industrial environment, it is another example of law enforcement cracking down on cyber crime.
“Michael Ford hacked hundreds of email accounts, particularly targeting young women so he could extort them into sending him sexually explicit images,” said Assistant Attorney General Caldwell. “He preyed on vulnerable victims, leaving them with indelible emotional scars. His sentence is a necessary step in holding him to account for his crimes and helping his victims move forward with their lives.”
Posing as a member of the fictitious “account deletion team” for a well-known email service provider, Ford sent thousands of phishing emails to thousands of potential victims, warning them that their email accounts would end up deleted if they did not provide their passwords.
He admitted he then used the passwords to hack into at least 450 email and social media accounts belonging to at least 200 victims, where he searched for sexually explicit photographs and for victims’ personal identifying information (PII), including their home and work addresses, school and employment information, and names and contact information of family members, among other things.
Using the photos and PII, Ford admitted he emailed at least 75 victims, threatening to release those photos unless they took and sent him sexually explicit videos of “sexy girls” undressing in changing rooms at pools, gyms and clothing stores.
When the victims refused to comply, threatened to go to the police or begged Ford to leave them alone, Ford escalated his threats.
In one case, Ford said he wrote in one email “don’t worry, it’s not like I know where you live,” followed by another email with her home address and threatened to post her photographs to an “escort/hooker website” along with her phone number and home address. On several occasions, Ford followed through with his threats, sending his victims’ sexually explicit photographs to family members and friends, according to the plea.
Additionally, at sentencing, the government presented evidence Ford engaged in a related scheme targeting aspiring models beginning in 2009. Posing as a model scout, he convinced young women to send their personal information, to include dates of birth and measurements, as well as topless photos for consideration for fictitious modeling opportunities. During this ruse, he obtained topless and partially nude photos from hundreds of women, including several minors. He also attempted to entice a minor to take voyeuristic videos of her peers in her school locker room. Some of his early model-scout victims became the first victims of his charged cyberstalking scheme.
He received his sentence from U.S. District Judge Eleanor L. Ross of the Northern District of Georgia, to four years and nine months in federal prison and then three years of supervised release.
The Diplomatic Security Service and the FBI investigated the case.