Man in Florida Arrested for Account Takeover
Table of Contents
- By Dawna M. Roberts
- Published: Nov 26, 2020
- Last Updated: Mar 18, 2022
A man in Florida received a 3-year prison sentence for a bank account takeover scam where he stole and laundered $9 million. The man, Igor Buzyukov, pleaded guilty in a Florida court last week.
What Happened?
The accused, Igor Buzyukov, a resident of Weston, Florida, pleaded guilty to money laundering and account takeover targeting a slew of clients of a San Jose, California financial tech firm.
The court ordered Buzyukov to pay a fine of $160,000 restitution along with his 3-year prison term.
According to the Justice Department, the account takeover scheme was perpetrated from February 2018 until July. Buzyukov was one of a group of criminals who posed as employees from the client’s companies. They contacted the San Jose firm asking them to add authorized access to accounts so they could receive e-payments.
As an authorized user, Buzyukov monitored the accounts, and when deposits were made, he transferred the money out to other bank accounts. He used the corporate identity of Vigor Green LLC. to perpetuate the fraud. Most of the funds ended up in bank accounts located in Russia, Turkey, and Ukraine.
Along with the bank work, Buzyukov admitted to creating phony invoices to back up the wire transfers to authenticate the fraud and avoid suspicion.
One of the victims was an auto parts retailer, and on June 8, 2018, they contacted the U.S. Secret Service to report the fraud and theft. Shockingly, they lost about $8.5 million in the account takeover.
DataBreach Today reports that court documents stated, “The amount of business conducted through the Company-2 (New Jersey-based company) account at Company-I (California-based fintech company) averaged between $150,000 and $300,000 per day at the time of the account takeover. Due to the monetary amount of transactions being processed, Company-2 was provided with a Company-I account manager who was responsible for servicing the Company-2 account.”
What is an Account Takeover and How to Stay Safe
Account takeover fraud is when someone accesses your bank or credit card accounts, controls funds, changes access passwords, and locks the victim out of their own financial accounts.
Researchers have found that from late 2019 to mid-2020, account takeovers have increased by 280% due to COVID-19.
An account takeover is a scary thing. It can happen to anyone if you are not careful. Thieves get their hands on account numbers and personal details through stealing mail, social engineering, data breaches, and information sold on the dark web and through phishing tactics.
Some ways to avoid account takeover fraud are:
- Sign up for two-factor authentication so that no one can access your accounts without entering a code that is texted or emailed to you.
- Change your passwords for bank and credit card accounts often.
- Turn on multi-factor authentication (FaceID and TouchID) on devices.
- Never use public Wi-Fi when accessing bank accounts. Public Wi-Fi is used for man-in-the-middle attacks.
- Never reuse the same passwords on multiple accounts.
- Monitor your bank, credit card, and credit reports regularly, watching for suspicious activity.
- Never share your passwords or logins with anyone.
- Do not give out your social security number, credit card info, or other personal details when asked for it unsolicited.
- Collect your mail as soon as it arrives or put a lock on your mailbox.
- Shred any documents with PII on them.
- Do not carry your social security card in your purse or wallet.
- Install anti-virus/anti-malware software on all your devices.
- Keep all your computers and mobile phones updated with the latest security patches.
- Watch out for phishing emails.
- Never click a link in an email.
If you become a victim of an account takeover, contact your bank immediately and explain what has happened. Also, contact the FTC and file a complaint there. Sign up for identity theft monitoring and consider freezing your credit reports for a while.