More than a million consumers were hit with one-time charges of $10 or less, and their payments were routed through 16 dummy corporations in the US to bank accounts in Eastern Europe and Central Asia, alleges the FTC.

The scammers, using phony company names resembling real companies, and information taken from identity theft victims in the US, opened more than 100 merchant accounts with companies that process charges to consumers' credit and debit card accounts, according to the FTC complaint.

Most consumers either didn't notice the charges on their bills or didn't seek chargebacks because of the small amounts, which ranged from 20 cents to $10. Consumers who called the toll-free numbers that appeared on their bills either found them disconnected or heard recorded messages instructing them to leave a message, but no calls were returned.

The FTC believes the culprits behind the scam may have run credit checks on the identity theft victims first, to be sure they were creditworthy. They also cloaked each fake merchant with a virtual office address near a real merchant's location, a phone number, a home phone number for the "owner," a Web site pretending to sell products, a toll-free number consumers could call, and a real company's tax number found on the Internet.

The FTC has yet to identify the masterminds behind the scheme. Instead it has frozen the gang's US assets and shut down a network of 14 "money mules" who were recruited to form 16 dummy corporations, open associated bank accounts to receive the card payments, and transfer the money overseas. Debit cards linked to these bank accounts were used to set up telephone service, virtual addresses, and Web sites that helped deceive the card processors, according to the complaint.