A Bulgarian phishing criminal who created fake versions of legitimate companies' websites as part of a £40m fraud has been jailed.
Svetoslav Donchev, 37, was extradited to stand trial at Southwark Crown Court in London, where he pleaded guilty to five counts of fraud. He was sentenced this afternoon.
Donchev, originally from the city of Pleven, created what prosecutors described as "phishing protection scripts" to be embedded on cloned websites of legitimate companies. The clones were then hosted on a server controlled by other criminals who would lure victims in by sending phishing emails.
"Donchev would not steal the bank details himself," said specialist prosecutor Sarah Jennings. "He would supply the tools for others to do so. He may have felt removed from the scams themselves, but the thorough police investigation and this successful prosecution shows that we will track down all those involved in online scams, extradite them if they are abroad, and put them before the UK courts."
The phishing emails included common lures such as suggesting that accounts needed to be verified or that victims were due a refund.
"When the victim then completed the forms [on the cloned website] by inputting their personal financial information, the details were either logged or sent by email to the cybercriminal," the Crown Prosecution Service said in a statement. They were then used or resold, allegedly on the dark web.
Donchev was also said to have provided counter-detection software intended to help cloned websites evade common browser-based fraud detection systems.
Police were led to Donchev when they discovered an email address among files from recently convicted hacker Grant West. When Donchev was arrested at home in Pleven, where he lived with his parents, investigators from the UK and Bulgaria found folders on his computer revealing the extent of his criminal activities.
They established that he had created website scripts for up to 53 UK-based companies, or companies with a UK footprint. Cops estimated there were a potential half-a-million victims as a result of his criminal activity, with the fraud totalling £41.6m.
Donchev pleaded guilty to: making articles for use in fraud; supplying articles for use in fraud; encouraging the commission of an offence; concealing/disguising/transferring/removing criminal property (in that he received Bitcoin as payment for his criminal deeds); and acquiring criminal property, namely 1.5257417 Bitcoin. His sentence was a mixture of concurrent and consecutive prison terms totalling nine years.
Under current sentencing laws Donchev will spend a maximum of four-and-a-half years in prison. He is likely to be released on licence after around three years. ®