Enter multiple symbols separated by commas

Busted! Inside one massive cybercrime ring

Operating out of an apartment in Kiev, Ukraine, Egor Shevelev, aka "Eskalibur," advertised on multiple Internet forums devoted to cybercrime that he had "millions" of stolen credit card account numbers for sale. Five thousand miles away in Brooklyn, N.Y., Douglas Latta and Anna Ciano agreed to buy nearly 1,000 of those numbers and then proceeded to purchase laptops, Apple products, designer handbags, and video game consoles that they turned around and sold on EBay.

They also purchased stolen personal information, including names, birth dates, Social Security numbers, online usernames and passwords to set up additional bogus credit cards. Manhattan District Attorney Cyrus Vance prosecuted the case.

"That information is packaged and sold on the black market, which is sort of a dark, shadowy, international market of identity theft thieves who are scattered all over the world, who communicate in code and who buy and sell this for money," Vance said.

(Read more: Hunting for the real Pink Panther diamond thieves)

Hacker hacking computers cyber attack
Thomas Samson | AFP | Getty Images

Latta and Ciano didn't use cash to pay Shevelev. Instead they used something called egold—an online currency that's difficult to trace. And that's where Vadim Vassilenko and his company, Western Express International, comes in.

Vassilenko was the middleman or money launderer who exchanged the e-gold, which is tied to the value of an ounce of gold, for U.S. currency. "So what you really have is someone who steals the merchandise, sells it to people who can monetize it," said Vance. "They make their money in cash. They pay Shevelev in e-gold. And the person who is enabling e-gold to move around and cashing out the e-gold into money is Western Express," Vance added.

(Read more: Selling the American Dream)

Over a three-year period, Shevelev and his band of cybercriminals were responsible for more than $5 million in credit card theft and the group alluded authorities for years. Vance was able to bring charges against U.S.-based Latta and Ciano, but because there is no extradition agreement with Ukraine, Shevelev was much harder to catch.

But the moment Shevelev decided to leave Kiev for an island getaway, Vance found his opportunity. "He was put on a watch list, unbeknownst to him. So he goes from the Ukraine to Greece for a vacation. He's picked up in Greece, arrested, ultimately extradited back to the United States."

After an eight-year-long investigation and a ten-week trial, Vance and his team successfully brought to an end one of the biggest cybercrime rings in U.S. history. Shevelev, Latta and Ciano were convicted and received sentences ranging from thirteen to forty-seven years in prison. Vassilenko is also in prison and will be deported when he is paroled on his sentence. Two other members of the gang, Oleg Covelin and Dzmitry Burak remain fugitives.

Tips to avoid being the victim of cybercrime:

—Beware of public WiFi. You are particularly susceptible to cybercrimes if you log on in a coffee shop or cyber café. Hackers could be sitting right next to you and they can lock into your laptop or personal device in a matter of seconds.

(Read more: Crime & Punishment: Inside the SEC)

—Change your passwords every two weeks to 30 days. Very few people have encryption on our mobile devices so routinely changing your password is a good way to protect yourself.

—Renew your anti-virus software and never go into public with Wifi—turn your computer off when you're not using it.

Jeff Pohlman is a senior producer at CNBC. Andrea Day is a reporter at CNBC, covering crime and punishment.

  • Andrea Day

    Andrea Day covers Crime & Punishment for CNBC. She and her team have reported nearly $1 billion in fraud this year.

Inside the SEC

  • The Treasury estimates that $21 billion in potentially fraudulent refunds due to identity theft could be issued in the next five years.

  • A Rare Look Inside the SEC

    CNBC's Gary Kaminsky takes a look at the massive amount of digital data that pours into the SEC's enforcement division, which is in charge of investigating violations of securities laws.

  • SEC: Finding Where the Bodies are Buried

    CNBC's Gary Kaminsky spent time with SEC's Bruce Karpati to learn more about his division, which investigates allegations of fraud committed by investment advisers. Kaminsky reports that if you're breaking the law, the agency will find you.

Madoff Trustee: Investigations Inc

Selling the American Dream

Investigations Inc.: Cyber Espionage

  • When a person enters information on a website, like an email or credit card, it gets stored in that company’s data base. Those web-based forms are a simple tool for users, but they are also another way hackers can exploit a company’s system. Instead of inputting a name into the website, cyber spies can put in a specially crafted text that may cause the database to execute the code instead of simply storing it, Alperovitch said. The result is a “malicious takeover of the system,” he said.

    By attacking business computer networks, hackers are accessing company secrets and confidential strategies and creating huge losses for the overall economy.

  • lock_laptop.jpg

    China is working feverishly to counteract its slowest GDP growth in recent years, and one of the ways it’s doing so, say U.S. officials, is through the theft of American corporate secrets.

  • hacker_keyboard_200.jpg

    US businesses are enduring an unprecedented onslaught of cyber invasions from foreign governments, organized crime syndicates, and hacker collectives, all seeking to steal information and disrupt services, cybersecurity experts say.