Account Takeover Fraud , Fraud Management & Cybercrime

Florida Man Gets 3-Year Prison Term for Account Takeover Scam

Igor Buzyukov Pleaded Guilty to Money Laundering Charges in $9 Million Scheme
Florida Man Gets 3-Year Prison Term for Account Takeover Scam
The U.S. Secret Service investigated the case.

A Florida man has been sentenced to 37 months in prison after pleading guilty to a federal laundering money charge stemming from a $9 million business account takeover scheme, according to the U.S. Justice Department.

See Also: OnDemand | Combatting Rogue URL Tricks: How You Can Quickly Identify and Investigate the Latest Phishing Attacks

Igor Buzyukov, of Weston, Florida, pleaded guilty to conspiracy to commit money laundering charge in December 2019, admitting to his role in the account takeover scheme that targeted several clients of a San Jose, California-based fintech company, the Justice Department notes.

In addition to the federal prison term, Judge Anne E. Thompson of the U.S. District Court for the District of New Jersey sentenced Buzyukov to three years of supervised release and ordered that he pay $160,000 in restitution, according to federal prosecutors.

Account Takeover Scheme

The account takeover scheme took place between February and July 2018, according to the court documents.

Buzyukov and his unnamed co-conspirators posed as members of the client companies and called the fintech firm. The fraudsters then requested that the company add an unauthorized account to their already existing accounts designated to receive payments from e-commerce customers.

The companies that were targeted by fraudsters included a New Jersey-based online automotive parts and accessories retailer as well as an adoption service provider located in Arizona, according to court documents.

All the un-authorized accounts were monitored and controlled by Buzyukov, who used the corporate name Vigor Green LLC. The amounts deposited in these accounts were then transferred to other bank accounts controlled by Buzyukov.

The Justice Department also states the majority of the funds were laundered through bank accounts controlled by individuals from Russia, Turkey and Ukraine. Buzyukov also admitted that he generated phony invoices for the amount used in wire transfers to make it appear authentic.

The Timeline

The scheme was brought to law enforcement's attention on June 8, 2018, when the auto parts retailer contacted the U.S. Secret Service to report that it might have been victimized by a fraudulent business account takeover scheme and had lost about $8.5 million, according to court documents.

The documents suggest that on about April 26, 2018, scammers posed as the CEO of the victimized company and contacted the account manager at the California fintech firm by phone. Through follow-up calls, fraudsters requested the manager add a Bank of America account as well as additional accounts to receive payments.

"The amount of business conducted through the Company-2 (New Jersey-based company) account at Company-I (California-based fintech company) averaged between $150,000 and $300,000 per day at the time of the account takeover. Due to the monetary amount of transactions being processed, Company-2 was provided with a Company-I account manager who was responsible for servicing the Company-2 account," according to the court document.

When the authorities conducted an audit of Buzyukov's Bank of America account, they also found that about $22,000 had been received from the Arizona-based adoption service. The investigation also found Buzyukov had transferred more than $6 million to three bank accounts in Eastern Europe.

Account Takeover Fraud

In October, security firm Sift released its 2020 Digital Trust & Safety Index report that found these types of account takeover attacks have increased by over 280% between the second quarter 2019 and the second quarter of 2020 due to increases in online shopping and other changes since the COVID-19 pandemic.

The report also estimated that losses from account takeover attacks totaled more than $16 billion in 2019.


About the Author

Chinmay Rautmare

Chinmay Rautmare

Senior Correspondent

Rautmare is senior correspondent on Information Security Media Group's Global News Desk. He previously worked with Reuters News, as a correspondent for the North America Headline News operations and reported on companies in the technology, media and telecom sectors. Before Reuters he put in a stint in broadcast journalism with a business channel, where he helped produced multimedia content and daily market shows. Rautmare is a keen follower of geo-political news and defense technology in his free time.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing databreachtoday.co.uk, you agree to our use of cookies.