Henderson, who at the time of the arrest was pursuing a Bachelor of Sciences degree in Information Security and Forensics at the Rochester Institute of Technology, admitted to having created and shared - both directly to other individuals and on the Internet - counterfeited coupons for different goods that range from Tide detergent to Sony PlayStation.
He also shared advice on how to redeem them and instructions on how to create them on 4chan and Zoklet.
He tried to do it anonymously, by using different online handles and and from anonymous IP addresses by using the Tor Network. It was initially impossible to identify who was doing it, but all it took was a one-time slip when he used an IP address given to and associated with him by the Rochester Institute of Technology, and the federal agents finally had a real-world name to go with the fake handles.
When they searched Henderson's residence, they recovered a number of different counterfeited coupons. According to the affidavit filed by the federal agent in charge, he was also interrogated on site, and he admitted to using Tor, visiting and posting on 4chan, writing the tutorial on creating counterfeit coupons, and occasionally using the various aforementioned online handles.
The NY Daily News reports that it is estimated that Henderson caused losses of hundreds of thousands of dollars to the retailers and manufacturers for whose products he created the counterfeit print-at-home coupons.
Still, it is unknown whether he earned something from the scheme. He obviously used the coupons himself, but it seems that he didn't ask payment for making them available online for other people to use.
Henderson currently works in a McDonald's and is no longer a student at RIT. If convicted, he could end up imprisoned for up to three years.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.