The Securities and Exchange Commission charged a 19-year-old computer hacker with securities fraud Thursday for allegedly breaking into a brokerage account and making unauthorized trades. This is the first securities fraud case that the SEC will prosecute that includes computer hacking and identity theft allegations. "I've not seen a case like this before," said John Reed Stark, the SEC's Internet enforcement chief. Van Dinh, who held a large position in "out of the money" options on shares of Cisco Systems , broke into another person's computer and used the account to place an order for the very options he was disposing of, the SEC charged. According to the charges, Dinh disguised a keystroke-logging program as a new stock-charting tool to remotely monitor computer activity of users who downloaded it. He used the program to obtain the login and password of the victim's TD Waterhouse brokerage account and placed unauthorized orders for 7,200 Cisco option contracts, according to the SEC.
"I've never seen anyone use a keystroke-logging program in terms of securities fraud. This is a very sophisticated fraud scheme," Stark said. The SEC said Dinh, of Phoenixville, Pa., attempted to cover his tracks by using foreign Internet service providers, online aliases, multiple e-mail accounts and Web sites to conceal his identity. The SEC issued up to 30 subpoenas to trace the illegal activity allegedly committed by Dinh, who avoided $37,000 in losses by implementing the scheme. The SEC seeks disgorgement of illegal proceeds with interest and civil monetary penalties for Dinh's alleged violation of securities fraud. Separately, the U.S. Attorney in Massachusetts filed criminal charges against Dinh for securities fraud, mail and wire fraud and causing damage in connection with unauthorized access to a protected computer.