Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity NewswireTechnologies & SolutionsCybersecurity News

DOJ charges two men for involvement in hacking of NFL and NBA players social media accounts

cybersecurity and phishing
October 2, 2020

Two men will appear in federal court to face charges that they were involved in the unauthorized takeover of social media and other personal online accounts belonging to professional and semi-professional athletes, U.S. Attorney Craig Carpenito announced.

Trevontae Washington, 21, of Thibodaux, Louisiana, and Ronnie Magrehbi, 20, of Orlando, Florida, are each charged in separate criminal complaints with one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer fraud and abuse. 

According to documents filed in this case and statements made in courts:

At various times between December 2017 and April 2019, Washington and Magrehbi took part in illegal schemes to gain access to social media and other personal online accounts belonging to professional and semi-professional athletes, including athletes employed by the National Football League (NFL) and the National Basketball Association (NBA).

Washington is alleged to have compromised accounts belonging to multiple NFL and NBA athletes. According to the DOJ, Washington phished for the athletes credentials, messaging them on platforms like Instagram with embedded links to what appeared to be legitimate social media log-in sites, but which, in fact, were used to steal the athletes’ user names and passwords. Once the athletes entered their credentials, Washington and others locked the athletes out of their accounts and used them to gain access to other accounts. Washington then sold access to the compromised accounts to others for amounts ranging from $500 to $1,000.

Hank Schless, Senior Manager, Security Solutions at Lookout, a San Francisco, Calif.-based provider of mobile phishing solutions, says, “Account Takeover (ATO) is oftentimes the goal for malicious actors because they can access personal data of the account owner, move laterally in corporate infrastructure if it’s a work account, or pose as the account owner to influence others. In this case, the attackers used mobile social media platforms to socially engineer targets and phish their login credentials. Social engineering is a common tactic used to increase the likelihood of a successful attack. The goal of it is almost always credential phishing."

Ray Kelly, principal security engineer at WhiteHat Security, a San Jose, Calif.-based provider of application security, says, “Social engineering remains a common method for attackers to gain access to internal systems. We have seen that humans are often the weakest link in the security chain. Appropriate training and employing services that test human exposure to social engineering attacks can be key to helping prevent an individual from becoming a security gap in any organization.”

Magrehbi is alleged to have obtained access to accounts belonging to a professional football player, including an Instagram account and personal email account. Magrehbi extorted the player, demanding payment in return for restoring access to the accounts. The player sent funds on at least one occasion, portions of which were transferred to a personal bank account controlled by Magrehbi, but never regained access to his online accounts.

Schless explains, "Instagram is built as a mobile-first experience, which means that these attackers knew they could build a mobile-specific phishing campaign to increase the likelihood of success. Since we carry our mobile devices with us all the time, we trust them to be inherently secure. Threat actors know this and socially engineer targets through SMS, social media, and 3rd party messaging apps and convince them to click a malicious link. It’s more difficult to spot phishing targets on mobile. Smaller screens, a simplified user experience, and shortened URLs make it difficult to tell if a site is legitimate or not. It’s also much easier to create a legitimate-looking account or phone number that could convince a target that the communication is real. "

Lookout, for instance, discovered a mobile-specific phishing campaign earlier this year that intended to phish individual mobile banking login credentials through SMS. "While we think of mobile devices as extensions of ourselves, we need to exercise the same level of caution on them as we do on our computers. At both a personal and professional level, we need to recognize that smartphones and tablets hold just as much valuable data as our laptops and desktops. Everyone has anti-virus and phishing protection software on their computers, so why should our smartphones and tablets be any different?” Schless adds. 

Kacey Clark, Threat Researcher at Digital Shadows, a San Francisco-based provider of digital risk protection solutions, notes, “While email phishing remains one of the most prominent attack vectors for compromise, mobile devices are front-and-center in the lives of just about everyone. This ever-increasing adoption of mobile devices has provided attackers with a large attack surface that could only be dreamed about a decade ago. The threat of mobile device targeting will only increase moving forward as handheld devices continue to be prominent in our lives. Many cybercriminals have also translated tactics and techniques commonly used in email phishing to phishing on mobile devices.”

Shahrokh Shahidzadeh, CEO at Acceptto, a Portland, Oregon-based provider of Continuous Behavioral Authentication, explains, “Often times, folks are not as aware that malicious attempts can be made via text – most assume it is solely through email. Because of this, the cyberattackers rely on unsuspecting people to click on a text more readily than an email link. More often than not, individuals will likely click on the text link if it comes from a phone number they somewhat recognize, or contains colloquial language that makes the end-user feel , for example, that “oh, ok – this is a normal human on the other end sharing something with me that I’ve forgotten about.”

First and foremost, be aware, says Shahidzadeh. "Do not click on texts or respond to texts if you are not sure who they’re coming from. Even if it does come from a reputable source, but still seems off, consider checking in with them to make sure it was meant to be sent to you before clicking. Companies and end-users that are relying solely on binary authentication tactics, such as two-factor authentication (2FA) or multifactor authentication (MFA) via SMS, need to understand that these items are static and stored somewhere, waiting to be compromised time and time again. The best way to avoid these scams is to assume all credentials, even those yet to be created have been compromised and instill a technology solution that continuously monitors authentication that employs artificial intelligence and machine learning, along with behavioral modeling. Doing so allows for the smartest, most risk-based authentication and life cycle management available,” Shahidzadeh says. 

KEYWORDS: cyber security fraud hackers risk management social engineering

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Enterprise Services
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Enterprise Services
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity Education & Training
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

blurry multicolored text on black screen

PowerSchool Education Technology Company Announces Data Breach

Events

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

August 27, 2025

Risk Mitigation as a Competitive Edge

In today’s volatile environment, a robust risk management strategy isn’t just a requirement—it’s a foundation for organizational resilience. From cyber threats to climate disruptions, the ability to anticipate, withstand, and adapt to disruption is becoming a hallmark of industry leaders.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Nearly Two-Thirds of U.S. Adults' Social Media Accounts Have Been Hacked

    See More
  • U.S. Bank Stadium provides several unique features compared to all other NFL stadiums

    NFL Social Media Accounts Hacked by OurMine Crew

    See More
  • Security Newswire

    Two Men Charged Over iPad Hacking

    See More

Related Products

See More Products
  • Whitepaper-Social-Media-3.gif

    Optimizing Social Media from a B2B Perspective

  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

  • 9781138378339.jpg

    Surveillance, Crime and Social Control

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!