The biggest bummer to arise from the allegations that the revered and feared Wall Street puppet master Goldman Sachs had played us all for patsies is this: the dial on the Wall Street capital-formation machine, the engine that was supposed to be the driving force of the greatest economic system on earth, was purposely set to junk — worthless, synthetic junk.

The civil fraud case the Securities and Exchange Commission filed in mid-April against Goldman is based on a single deal, called Abacus 2007-ac1. The investment bank created it so hedge funder John Paulson could line his pockets with cash when the value of American families' most prized asset crashed. But on Wall Street in the late aughts, polyester financing was in fashion everywhere.  

Morgan Stanley had the so-called dead-Presidents deals, named Buchanan and Jackson. Another Morgan deal, one called Libertas, defrauded investors in the U.S. Virgin Islands, according to a lawsuit. JPMorgan Chase played procurer for Magnetar, a hedge fund so artful in profiting from the meltdown that Northwestern's Kellogg School of Management praised it last year in a case study. A firm run by Lewis Sachs, until recently a top Treasury Department adviser, and UBS, until recently a tax-cheat favorite, created junky bonds that investors who bought them now claim were going bad even before the deals were closed. Bank of America too is being sued for a deal that was set up by its Merrill Lynch subsidiary with a manager who is now under investigation by the SEC.

In the end, it was in fact all one big scam predicated on rising housing prices. Certainly, greedy consumers played a minor role in feeding the frenzy. But the Street made sure that those of us who are not members of its elite club remained the suckers.

Why didn't we find out about these deals sooner? Because they were encapsulated in one of Wall Street's most opaque investment creations ever: synthetic collateralized debt obligations, or CDOs. Synthetic CDOs are derived from mortgage bonds — hence they are derivatives — but they don't actually hold assets, although you can invest in them as you would in the real thing. And you can also short them, as you would a stock, using insurance contracts called credit-default swaps, or CDSs. In the Goldman case, the investment banks and hedge funds that concocted the CDOs allegedly loaded them with the equivalent of toxic bonds and then bought CDSs for themselves, figuring the CDOs would lose value. They did, which left the unsuspecting investors and counterparties who swallowed the CDOs — including supposedly sophisticated banks such as the Netherlands' ABN Amro Bank and Germany's IKB — wondering what happened to their money. 

On the surface, these deals look complicated. They are. But the alleged fraud at the heart of the case against Goldman and its CDO dealings is one of the simplest and oldest forms of deception: lying. According to the SEC, Goldman told one group of investors they were buying a AAA-rated (by lapdog ratings agencies, but that's another story) high-yield investment put together by an independent firm called ACA Management. But the SEC says the person really picking the collateral was Paulson, an investor whose only interest was: Paulson. What Goldman allegedly sold, like any good snake-oil salesman, was a worthless, well-packaged fake.

Only now, in the wake of the SEC suit against Goldman, are investors beginning to suspect they were hoodwinked. According to Thomson Reuters, Wall Street firms underwrote at least $119 billion worth of these deals as the housing market began to crumble, from 2006 until the music stopped. And this number could be low. Many of these deals never get counted, because they are private transactions and not traded on an exchange.

All the firms that set up these deals, and the hedge funds that bet against them, contend they did nothing wrong. A synthetic CDO is at its core a trade, meaning it has a long and short position, and grownup investors are free to take sides. In response to the SEC suit, Goldman says it didn't set up investments to fail and it didn't mislead its clients. It plans to fight the charges aggressively. Some have even argued that these synthetic deals were good for the economy, because they didn't boost lending at a time when the housing market was already overheated. 

The reality is that Wall Street's CDO synthesizer set one of the economy's largest sectors off in the direction of creating nothing but waste — pure economic waste. These CDOs didn't help anyone afford a house. No cars were purchased. No one got a loan to go to college. These CDOs were the last stop in a vast transfer of wealth from a large group of American mortgage holders to a much smaller group of already rich traders who profited as the CDOs failed.

Certainly, the folks who lied to get mortgages, and the banks who helped them, deserve what they get. Still, as most of us worked hard to cobble together a down payment for a house in an ever rising market or put money into our still-damaged-from-the-dotcom-bust investment accounts in order to send our kids to college or retire, we assumed the financial system was working its invisible magic to help make all that possible. In fact, just the opposite was going on. Wall Street was busy chartering buses to nowhere, so our jobs and savings could be driven right out of town.

How the Culture Changed
It is easy to think that Wall Street has always been the place for the corrupt and the greedy and that this is nothing new. But that's not really accurate. Of all the causes of the financial crisis, one of the biggest was a power shift on Wall Street that left the traders in charge and the bankers who had traditionally run everything from Broad Street to Maiden Lane sidelined.

Years ago, the investment world and its professionals believed in long-term relationships. That meant nurturing the economy and the companies and people in it. Two decades of cheap money, though, helped turn the Street over to the traders. That led to a very different way of doing business. "With a trader, the goal of every minute of every day is to make money," says Philipp Meyer, who worked for UBS as a trader in the late 1990s and early 2000s before going on to write about his time there. "So if running the economy off the cliff makes you money, you will do it, and you will do it every day of every week."

The question is, now that we know what we know about what has become of Wall Street, what do we do about it? The SEC case against Goldman shows that the agency plans to do more to combat fraud. That's a big change. Under former commissioner Christopher Cox, Wall Street was basically self-regulating and the SEC hands-off, which helped enable the greatest Ponzi schemer of all time, Bernie Madoff. 

By picking a fight with Goldman — the "great white whale" of Wall Street, as Eliot Spitzer put it on Monday — the SEC is signaling that it has now adopted a feistier approach. "Goldman got picked out because of its stature. When you take on the biggest kid on the block, you are sending a message to everyone on Wall Street that we're not going to back down," says Peter Henning, a former SEC attorney and a professor at Wayne State University Law School. "It's a very aggressive tactic, and in some ways it breaks with past practice."

So, in fact, does the way Goldman is being run. Perhaps the best illustration of the shift on the Street is the career of Goldman's chief executive, Lloyd Blankfein. Back in 1982, when Blankfein, now 55, joined Goldman with a law degree from Harvard and a few years' experience as a tax attorney, the firm was run by two investment bankers, John Whitehead and John Weinberg. Blankfein landed a job in the firm's commodities-trading unit, which Goldman had acquired less than a year before.

Goldman was pretty typical of Wall Street in the 1980s. Investment bankers ran the business and brought in most of the bucks. Salesmen and brokers did pretty well too, buying and selling stocks for clients. Traders, who placed bets with the bank's money, were generally the low men on the totem pole. The one exception was Salomon Brothers, where a band of traders led by Lewis Ranieri — who were raking in money trading Treasury and mortgage bonds — were quickly making Solly the beast on the Street. At Lehman Brothers too, trader Lewis Glucksman forced out investment banker Pete Peterson, who had been running the firm. But a scandal caused Salomon to flame out in the early 1990s. Trading losses at Lehman nearly bankrupted the firm and pushed it into the arms of American Express. Then Long-Term Capital Management nearly brought down the financial system in 1998 when some of its highly leveraged trades collapsed. After an all-hands rescue, the order of Wall Street was restored, temporarily. 

At Goldman, Blankfein was rising rapidly by taking more and more risks in its commodities- and currency-trading businesses. In 1995, shortly after he was named head of the firm's commodities business, he reportedly left a meeting of Goldman partners after complaining the firm was not taking enough risks and immediately bet multimillions of Goldman's capital that the dollar would rise. It did, and Blankfein and Goldman made a bundle.

Yet during the 1990s, trading remained a side business for Wall Street. The cash cow was equities and, in particular, initial public offerings (IPOs), for which bankers were paid a sweet 7% of the deal for little more than ushering new companies into the market and at very little risk. In 1998, the year before Goldman went public, just 28% of its revenue came from trading and principal investments. By 2009, it was 76%.

The big change on Wall Street and at Goldman came with the collapse of the dotcom bubble in early 2000. The underwriting and mergers-advisory businesses on which the investment banks had minted money dried up completely. It would be years before the M&A market came back. IPOs never really did. Where was money being made? In trading. Low interest rates following the early-2000s recession made borrowing cheap. That pushed profits in trading, a capital-intensive business, to take off. Firms began shifting more capital to their trading desks. In the first half of the decade, Goldman's so-called value at risk, which measured how much the firm was risking in the market each day, zoomed from an average of $28 million in 2000 to $70 million in 2005.

Traders, aided by a new generation of Ph.D.-type rocket scientists trained in the complex math of higher finance, began refocusing their firms on the products that would make them the most money. One of the most popular of the new bunch was the CDO. As with everything else on Wall Street, the rise of the CDO had to do with bonus checks. Traders' pay was based not just on how much money they made for the firm but on the size of the bet. Turn in a $10 million gain on AAA Treasurys and you got paid a lot more than if you made the same amount trading lower-rated, much riskier junk bonds. The problem was that making big bucks in the well-established Treasury market was nearly impossible. It's too transparent.

As a trader, what you needed was to take a market in which bonds were thinly traded and magically fill it with more-tradeable highly rated AAA material. By the magic of CDOs you could do just that. CDOs are often created out of the lowest-rated, seldom-traded portions of other bond offerings. And by the mid-2000s most of those bonds were backed by home loans to borrowers with poor credit ratings — toxic waste, in the parlance. Subprime-mortgage bonds went into the CDO blender BBB and came out AAA. All of a sudden, traders were making big money.

With the money came promotions. In 2005, bond salesman John Mack took the reins of Morgan Stanley, promising to boost the firm's profits by allowing its traders to dial up risk. At Lehman Brothers, Dick Fuld, who had climbed that firm's bond-trading ranks, was firmly in place as CEO. And in 2006, when Goldman's CEO, Hank Paulson, a classic investment banker, was tapped by President Bush to be the Treasury Secretary, Blankfein was named as his replacement. The traders had won. "The industry became so heavily weighted toward risk, it just made sense to let the traders run things," says top Wall Street recruiter Gary Goldstein, who heads up the Whitney Group.

Or so it seemed. Traders got Wall Street firms deeper and deeper into more and more complicated products. Complexity, of course, can beget chicanery. Traders were too often in it to make a killing and an exit and cared little about the hazards they might be creating down the road. The term IBG, YBG became popular on the Street. It stands for "I'll be gone, you'll be gone"; someone else will have to clean up the mess. 

Goldman boss Blankfein is an alpha dog in this pack. He hails from Wall Street's roughest neighborhood, the commodities-trading market, which lacks insider-trading rules and many of the other investor protections of other markets. "In the commodities-trading market, when someone is stupid, that's something to be taken advantage of," says Susan Webber, who under the name Yves Smith is the author of ECONned, a book about the financial crisis. "That's the world Blankfein grew up in."

Goldman's Alleged Duplicity
The idea that a 20-something trader with too much power could torpedo the biggest, most profitable firm in finance seems like a plot for a Wall Street parody. But it appears to be exactly what is happening to Goldman, and it is perhaps the logical end of a culture that anointed traders king. In late 2006, Fabrice Tourre, a then 27-year-old Frenchman with an engineering degree from Stanford, got an assignment to help John Paulson place bets against the housing market. 

Tourre, known to refer to himself as the "fabulous Fab," figured out how to structure an investment that was sure to suck the last bit of blood out of the few mortgage investors willing to buy into a market that he believed was due to crater. As Tourre was assembling Paulson's CDO in January 2007, he wrote in an e-mail to a buddy: "The whole building is about to collapse anytime now ... Only potential survivor, the fabulous Fab ... standing in the middle of all these complex, highly leveraged, exotic trades he created without necessarily understanding all of the implications of those monstruosities [sic] !!!"

What Tourre did understand, according to the SEC, was how to trick investors. The SEC case against Tourre and Goldman hinges on the investment bank's omission of the fact that Paulson was selecting most of the assets for Abacus. Tourre got the CDO manager, ACA Management, to claim in the offering statement that it had picked the assets for Abacus. ACA was getting paid to act as independent manager of the deal. The SEC alleges that while ACA understood that Paulson would have sway over asset selection, Tourre maneuvered ACA into thinking that Paulson planned to invest in Abacus, not bet against it. Paulson was never mentioned in the information sent to Abacus investors and Goldman's counterparties, who ended up losing $1 billion on the deal.

For its part, Goldman vigorously denies the charges, arguing it did not structure the portfolio to lose money — in fact, the firm says it lost more than $90 million through its long position — nor did it misrepresent Paulson's short position. "The SEC's complaint accuses the firm of fraud because it didn't disclose to one party of the transaction who was on the other side of that transaction," Goldman said in a press release. "As normal business practice, market makers do not disclose the identities of a buyer to a seller and vice versa. Goldman Sachs never represented to ACA that Paulson was going to be a long investor."

In a sense, Goldman is relying on the so-called big-boy defense: There are no victims on Wall Street, just fools. "This is no slam dunk for the SEC," says Henning. "We want every transaction to be fair, but these aren't babes in the woods that got taken. These are two banks [that] invested in a very risky area and got very badly burned ... That's how free markets work. You take your chances."

Making the Case for Regulation
The Goldman case may be the opening salvo as a suddenly muscular SEC takes a gander at other Abacus-like deals. Like Goldman, Deutsche Bank struck deals with Paulson, according to the Wall Street Journal, that were structured to bet against the housing market. Magnetar and Tricadia are also in the spotlight, but even if the two hedge funds played their deals to fail, the investment banks that set them up at least disclosed the role of the hedge funds and the fact that they could take a short position.

Beyond any legal issues, the Goldman case has become the battering ram for financial-reform legislation that congressional Democrats have been looking for. Democrats say it underscores the need to reregulate an industry gone wild. Republicans retort that the reforms on the table would have done little to stop the Goldman trade. The latter point is probably right, at least in part. The bill sponsored by Democratic Senator Christopher Dodd would require transactions like Abacus to be traded on an exchange. Such transparency would give the SEC and other regulators more access to monitor these deals and potentially catch material misstatements. The SEC might have noticed earlier the obvious conflicts of interest inherent in the Abacus-like deals. But there still would have been no way for the SEC, without an investigation, to have known that Goldman was omitting any mention of Paulson's involvement.

Nonetheless, the Goldman case does get the Obama Administration back on its best talking points for financial reform: The lack of regulation has morphed Wall Street into a place that regularly trades against our economy. It's our jobs vs. their bonuses on every trade. And if you think Wall Street is going to protect your interests, then I've got a AAA-rated, subprime-mortgage-based CDO to sell you.

Americans do not often hear that someone has found a way to overcome U.S. defenses, but military and intelligence officials have been sounding downright alarmist lately with their warnings that the country is ill-prepared to deal with a cyberattack.

Director of National Intelligence Dennis Blair opened his annual survey of security threats in February by advising Congress that "malicious cyberactivity is growing at an unprecedented rate," and that the country's efforts to defend against cyberattacks "are not strong enough."

Blair's predecessor as intelligence chief, Mike McConnell, was even more candid in a Washington Post commentary later that month.

"The United States is fighting a cyberwar today," McConnell wrote, "and we are losing."

No country in the world is more dependent on its computers than the United States. Data networks now underlie the U.S. power grid, its military operations and the telecommunications, banking and transportation systems. That means the U.S. is uniquely vulnerable to sophisticated computer hackers.

'Explosion' Of Computer Attacks

The Pentagon's Quadrennial Defense Review, released in February, reported that the department's computer networks "are infiltrated daily by myriad of sources, ranging from small groups of individuals to some of the largest countries in the world." A senior defense official who follows the cyberthreat closely tells NPR that in the past two years, the Pentagon has experienced an "explosion" of computer attacks, currently averaging about 5,000 each day.

One of the biggest was in 2007, when hackers targeted the Pentagon, NASA and the departments of Energy, Commerce and State. The origin of the attack was unknown, but U.S. officials suspect it came from China. Among the victims was Defense Secretary Robert Gates, whose unclassified e-mail account was penetrated.

James Lewis, a cyber-expert at the Center for Strategic and International Studies, says the 2007 hackers gained access to massive amounts of U.S. government data — some of it important, some of it worthless.

"In fact, I felt sorry [for them]," Lewis says. "Some guy, probably in Beijing, is having to sit there and translate state dinner menus from 1994. He's probably going nuts."

A 2003 computer attack so impressed the FBI that agents gave it a code name: Titan Rain. The hackers managed to penetrate a variety of military networks without being detected.

"There's still some debate about who did it and why they did it," says Richard Clarke, who was a top cybersecurity adviser to Presidents Bill Clinton and George W. Bush. "But it proved that it is possible to get into even well-defended networks and exfiltrate terabytes of information — and nothing can be done about it."

U.S. officials estimate that the 2007 attacks and Titan Rain each resulted in the loss of as much as 10 terabytes of data, an amount roughly comparable to the contents of the entire Library of Congress. There have been other large, and possibly related, attacks as well.

"Some people say there's really been only one event, ongoing for years, and it's just that we occasionally stumble on it," says Lewis, who served as the project director of the center's Commission on Cybersecurity for the 44th Presidency.

A New Crime Category Emerging?

The cyberattacks are also becoming more sophisticated and harder to trace. Hackers in China, for example, are now able to take control of thousands of personal computers in the United States simultaneously, and remotely command them to send out bogus e-mails or viruses. Such robot computer networks, called Bot Nets, can do great damage when directed by malicious hackers.

"People who have computers and no [anti-virus] protection are susceptible to being captured, unknown to them," says Harry Raduege, a retired Air Force lieutenant general and former commander of the Pentagon's Joint Task Force for Global Network Operations. "They could then become part of a Bot Net army that could be used to attack an organization, a nation or an industry."

Up to now, most computer attacks have fallen under the category "cybercrime." There have not yet been any significant acts of cyberterrorism, though U.S. intelligence officials say al-Qaida and other terrorist groups are committed to developing a cyber capability.

Goals Change, Threat Stays The Same

Attacks traceable to foreign governments and corporations, according to cyber-experts, have largely been for espionage purposes — at least until now. The December 2009 attack on Google and other companies operating in China was apparently an effort to steal industrial secrets, according to U.S. and company officials.

Still, the danger of an all-out cyberwar remains pressing.

"The difference between cybercrime, cyber-espionage, and cyberwar is a couple of keystrokes," says Clarke, who authored a forthcoming book on cyberthreats. "The same technique that gets you in to steal money, patented blueprint information or chemical formulas is the same technique that a nation-state would use to get in and destroy things."

The big fear is that an adversary, in the heat of a cyberwar, might try to take down the U.S. power grid, telephone network or transportation system.

"My guess is that it's only a few advanced militaries that could damage the electrical grid or damage some other networks," Lewis says. "But they have that capability. They have probably done the reconnaissance necessary to use it, and if we got into a fight, we could expect some kind of cyberattack."

Covering A Vast Space

Asked about the U.S. capability to defend itself from such an attack, Lewis, the cyber-expert with CSIS, feigns a shocked look.

"I didn't realize we had defensive capabilities," he says.

He adds, laughing, "No, that's not fair. How can I say that?"

Raduege, who is now directing the Deloitte Center for Cyber Innovation, argues that some attacks on the Pentagon have been countered relatively well, such as the 2007 incident that resulted in the penetration of Gates' personal e-mail account.

"When the secretary was attacked, of course someone got in. But somebody also noticed it right away, was able to isolate those attackers, clean up the system, and then put the users back online immediately," Raduege says. "So I think that's a real tribute to the people who are really fighting the network, as we say. It's a real battle space."

The problem for U.S. cyberwarriors is that the "battle space" is so vast.

"The government has its hands full defending the Defense Department and the intelligence community," says Clarke. "And, really, about the only parts of the U.S. government that are moderately well-defended [are] the Pentagon and the CIA."

Improving Overall Quality

Cyberdefense efforts at other government departments are spotty at best. The Treasury Department is doing "a relatively good job," Lewis says. But he adds that other agencies are doing "a relatively dreadful job."

"They may as well just change their passwords to 'Welcome, Chinese Friends,' " he says.

As for the critical civilian infrastructure, including the power, telecommunication and transportation grids, it is largely in private hands, meaning the U.S. military is not authorized to protect it.

In recognition of the country's vulnerability to computer attacks, the Pentagon has established a new U.S. Cyber Command, due to be directed by a four-star general, and the Obama administration has designated a cybersecurity coordinator, with responsibilities that extend across all U.S. government agencies. Still, critics say more must be done.

"Right now, the government is saying that Cyber Command will defend the military and the intelligence community. Homeland Security Department will defend the rest of the federal government," says Clarke. "The rest of us are on our own."

Authorities have smashed one of the world's biggest networks of virus-infected computers, a data vacuum that stole credit cards and online banking credentials from as many as 12.7 million poisoned PCs.

The "botnet" of infected computers included PCs inside more than half of the Fortune 1,000 companies and more than 40 major banks, according to investigators.

Spanish investigators, working with private computer-security firms, have arrested the three alleged ringleaders of the so-called Mariposa botnet, which appeared in December 2008 and grew into one of the biggest weapons of cybercrime. More arrests are expected soon in other countries.

Spanish authorities have planned a news conference for Wednesday in Madrid.

The arrests are significant because the masterminds behind the biggest botnets aren't often taken down. And the story of investigators' hunt for them offers a rare glimpse at the tactics used to trace the origin of computer crimes.

Also, the suspects go against the stereotype of genius programmers often associated with cyber crime. The suspects weren't brilliant hackers but had underworld contacts who helped them build and operate the botnet, Cesar Lorenza, a captain with Spain's Guardia Civil, which is investigating the case, told The Associated Press.

Investigators were examining bank records and seized computers to determine how much money the criminals made.

"They're not like these people from the Russian mafia or Eastern European mafia who like to have sports cars and good watches and good suits — the most frightening thing is they are normal people who are earning a lot of money with cybercrime," Lorenza said.

The three suspects were described as Spanish citizens with no criminal records. They weren't named and their mug shots weren't released, which Lorenza said is standard in Spain to protect the privacy of defendants. They face up to six years in prison if convicted of hacking charges.

Authorities identified them by their Internet handles and their ages: "netkairo," 31; "jonyloleante," 30; and "ostiator," 25.

Botnets are networks of infected PCs that have been hijacked from their owners, often without their knowledge, and put into the control of criminals. Linked together, the machines supply an enormous amount of computing power to spammers, identity thieves, and Internet attackers.

The Mariposa botnet, which has been dismantled, was easily one of the world's biggest. It spread to more than 190 countries, according to researchers. It also appears to be far more sophisticated than the botnet that was used to hack into Google Inc. and other companies in the attack that led Google to threaten to pull out of China.

The researchers that helped take down Mariposa first started looking at it in the spring of 2009.

Chris Davis, CEO of Ottawa-based Defence Intelligence, said he noticed the infections when they appeared on networks of some of his firm's clients, including pharmaceutical companies and banks.

It wasn't until several months later that he realized the infections were part of something much bigger.

After seeing that some of the servers used to control computers in the botnet were located in Spain, Davis and researchers from the Georgia Tech Information Security Center joined with software firm Panda Security, which is headquartered in Bilbao, Spain.

The investigators caught a few lucky breaks. For one, the suspects used Internet services that wound up cooperating with investigators. That isn't always the case.

Critically, one suspect also made direct connections from his own computer to try and reclaim control of his botnet after authorities took it down around Christmas. Investigators were able to identify him based on that traffic. They were able to back up their claims with records from domains he registered where he would eventually host malicious content.

It turned out that the botnet runners had infected computers by instant-messaging malicious links to contacts on infected computers. They also got viruses onto removable thumb drives and through peer-to-peer networks. The program used to create the botnet was known as Mariposa, from the Spanish word for "butterfly."

"I don't think there's anything about this guy that makes him smarter than any of the other botnet guys, but the (Mariposa) software, it's very professional, it's very effective," said Pedro Bustamante, senior research adviser with Panda Security. "It came alive and started spreading and it got bigger than him."

While arrests of people accused of running smaller botnets are fairly common, the biggest botnet leaders are rarely nabbed. That's partly because it's easy for criminals to hide their identities by disguising the source of their Internet traffic. Often, every computing resource they use is stolen.

For instance, there have been no busts yet in the spread of the Conficker worm, which infected 3 million to 12 million PCs running Microsoft Corp.'s Windows operating system and caused widespread fear that it could be used as a kind of Internet super weapon. The Conficker botnet is still active, but is closely watched by security researchers. The infected computers have so far been used to make money in ordinary ways, pumping out spam and spreading fake antivirus software.

Keith B. Bolcar, acting chief of the F.B.I.’s Los Angeles bureau, announcing arrests on Wednesday.

In what it is calling Operation Phish Phry, the F.B.I. began arresting 53 people on Wednesday on charges of conducting a vast financial fraud based on phishing — the act of tricking Internet users into revealing their passwords and other information.

The arrests were in Southern California, Nevada and North Carolina, while the authorities in Egypt sought to arrest 47 people whom the F.B.I. said were co-conspirators.

An 86-page indictment, filed in the United States District Court for the Central District of California in Los Angeles, accuses the defendants of tricking people into giving up their bank account information. The F.B.I. said that this was the largest number of defendants ever charged in a cybercrime case, and that they had stolen at least $2 million from 2007 to last month.

The scams victimized people with accounts at Bank of America and Wells Fargo, two of the nation’s largest banks. The online component of the fraud was perpetrated in Egypt, Keith B. Bolcar, the acting chief of the F.B.I.’s Los Angeles bureau, said. The defendants there sent mass e-mail messages that appeared to be authentic communication from the banks, the F.B.I. said.

The people who clicked on those e-mail messages were sent to fake Web sites made to look identical to the real banking sites, where they were asked to enter personal information like their bank account numbers, passwords, Social Security numbers and drivers’ license numbers.

The co-conspirators in the United States took over from there, transferring funds into their own accounts and remitting some money back to their accomplices in Egypt, according to the indictment.

“It was very well done, it was very organized and everybody got paid,” Mr. Bolcar said.

The F.B.I. said the mastermind of the operation in the United States was Kenneth Joseph Lucas, 25, who had help from John Clarke, a friend, and Nichole Merzi, Mr. Lucas’s former girlfriend. A public defender for Mr. Lucas did not immediately return a call seeking comment.

According to the indictment, the trio would ask other conspirators, some down on their luck, to open accounts and then withdraw money that had been transferred from victims’ accounts. They would then send some money to participants in Egypt.

The investigation began in early 2007, when the banks alerted the F.B.I. to the fraud. Tara Burke, a spokeswoman for Bank of America, would not comment specifically on this case but said the bank “monitors for fraudulent sites and works to shut them down as quickly as possible.”

Each of the 53 defendants named in the indictment is charged with conspiracy to commit bank fraud and wire fraud, which carries a maximum penalty of 20 years in prison. Some defendants face other charges.

The case highlights the pernicious problem of phishing, in which online scammers send e-mail messages and build Web sites that look authentic, then make off with sensitive information. Early this week, more than 10,000 addresses and passwords for customer accounts on Hotmail, one of Microsoft’s Web-based e-mail services, appeared online, apparently after being stolen via phishing.

In what appeared to be a separate incident, a list of more than 20,000 addresses and passwords for accounts on Hotmail, Gmail, Yahoo and AOL were posted to a Web site. The Internet companies said they were working with affected customers to help them recover their accounts.

Chet Wisniewski, senior security adviser at Sophos, a Web security firm, doubted the arrests would have an effect on the number of online banking scams. “I would imagine there are many different groups doing similar things,” he said. “You squash one bug and another one emerges. If there’s an opportunity to make money, someone will be there to collect the bill.”