As a firm that specializes in asset recovery for victims of cybercrime when the assets or scammers are in Bulgaria, we’ve seen that, in the last few years, cyber crimes are increasing worldwide. The fraudsters use similar techniques to mislead their victims: through numerous hacking attacks, they send emails on behalf of and/or to the victims or persons related to them using fake email addresses very similar to the originals. The aim of the fraudsters is to trick the victims to transfer substantial amounts of money to the fraudster’s bank accounts in Bulgaria. Then, the fraudsters usually move the received sum to a bank account in another country or to a bank account of a related company in Bulgaria. These money transfers are in breach of Bulgarian and international AML Law.
One of our clients, one of the biggest multinational companies, became a victim of the abovementioned scheme/cybercrime and possible AML infringement. The fraudsters represented themselves as the supplier with whom our client had a long-term business relationship. Through hacking attacks, the fraudsters sent emails to both our client on the supplier’s behalf and to the supplier on the client’s behalf, using fake email addresses similar to the originals. Probably, the electronic correspondence, exchanged between our client and its supplier regarding the deliveries and their respective payments, was monitored by the fraudsters over a long period of time. The fraudsters deceived our client to transfer a significant amount of money to two bank accounts, one of which was in Bulgaria. The recipient of the amount, a Bulgarian company, was registered shortly before the abovementioned email correspondence and according to publicly available information, the manager and sole owner of the capital of this company had a dubious reputation.
We understood that our client became a victim of a complicated ongoing criminal scheme involving an unknown number of organized participants. We immediately notified the competent authorities and the involved bank in Bulgaria. Thanks to our long-term collaboration with the public authorities and local banks, we promptly succeeded to freeze the fraudsters' assets and, later, to recover our client’s stolen funds. The whole asset recovery procedure continued for one year approximately. However, our experience shows that such a recovery procedure may take several years.
We expect that the number of cases related to cybercrimes will increase significantly in the next years due to the limited powers of authorities on monitoring and preventing cyberattacks, as this kind of crime is carried out in the virtual online world.
By Konstantin Mikov, Attorney at Law, Mikov & Attorneys