Operating out of an apartment in Kiev, Ukraine, Egor Shevelev, aka "Eskalibur," advertised on multiple Internet forums devoted to cybercrime that he had "millions" of stolen credit card account numbers for sale. Five thousand miles away in Brooklyn, N.Y., Douglas Latta and Anna Ciano agreed to buy nearly 1,000 of those numbers and then proceeded to purchase laptops, Apple products, designer handbags, and video game consoles that they turned around and sold on EBay.
They also purchased stolen personal information, including names, birth dates, Social Security numbers, online usernames and passwords to set up additional bogus credit cards. Manhattan District Attorney Cyrus Vance prosecuted the case.
"That information is packaged and sold on the black market, which is sort of a dark, shadowy, international market of identity theft thieves who are scattered all over the world, who communicate in code and who buy and sell this for money," Vance said.
(Read more: Hunting for the real Pink Panther diamond thieves)
Latta and Ciano didn't use cash to pay Shevelev. Instead they used something called egold—an online currency that's difficult to trace. And that's where Vadim Vassilenko and his company, Western Express International, comes in.
Vassilenko was the middleman or money launderer who exchanged the e-gold, which is tied to the value of an ounce of gold, for U.S. currency. "So what you really have is someone who steals the merchandise, sells it to people who can monetize it," said Vance. "They make their money in cash. They pay Shevelev in e-gold. And the person who is enabling e-gold to move around and cashing out the e-gold into money is Western Express," Vance added.
(Read more: Selling the American Dream)
Over a three-year period, Shevelev and his band of cybercriminals were responsible for more than $5 million in credit card theft and the group alluded authorities for years. Vance was able to bring charges against U.S.-based Latta and Ciano, but because there is no extradition agreement with Ukraine, Shevelev was much harder to catch.
But the moment Shevelev decided to leave Kiev for an island getaway, Vance found his opportunity. "He was put on a watch list, unbeknownst to him. So he goes from the Ukraine to Greece for a vacation. He's picked up in Greece, arrested, ultimately extradited back to the United States."
After an eight-year-long investigation and a ten-week trial, Vance and his team successfully brought to an end one of the biggest cybercrime rings in U.S. history. Shevelev, Latta and Ciano were convicted and received sentences ranging from thirteen to forty-seven years in prison. Vassilenko is also in prison and will be deported when he is paroled on his sentence. Two other members of the gang, Oleg Covelin and Dzmitry Burak remain fugitives.
Tips to avoid being the victim of cybercrime:
—Beware of public WiFi. You are particularly susceptible to cybercrimes if you log on in a coffee shop or cyber café. Hackers could be sitting right next to you and they can lock into your laptop or personal device in a matter of seconds.
(Read more: Crime & Punishment: Inside the SEC)
—Change your passwords every two weeks to 30 days. Very few people have encryption on our mobile devices so routinely changing your password is a good way to protect yourself.
—Renew your anti-virus software and never go into public with Wifi—turn your computer off when you're not using it.
—Jeff Pohlman is a senior producer at CNBC. Andrea Day is a reporter at CNBC, covering crime and punishment.