Data Breach Prevention and Response Summit , Events

Russian Sentenced in $1.5 Million Cyber Tax Fraud Scheme

Anton Bogdanov Admitted to Filing False U.S. Tax Returns Using Stolen PII
Russian Sentenced in $1.5 Million Cyber Tax Fraud Scheme
Anton Bogdanov being arrested at Phuket International Airport in Thailand on Nov. 29, 2018 (Photo: Thai police)

A Russian man was sentenced Wednesday to five years in federal prison for his role in a $1.5 million scheme that used personally identifiable information stolen online to file false tax returns with the U.S. Department of Treasury to fraudulently receive refunds, the Internal Revenue Service reports.

See Also: Rethinking Cybersecurity by Managing Complexity

Anton Bogdanov, who was arrested in Thailand in November 2018 and extradited to the U.S. in March 2019, pleaded guilty to federal wire fraud conspiracy and computer intrusions charges, according to U.S. Attorney's Office for the Eastern District of New York.

In addition to the 60-month federal prison sentence, Bogdanov, who used the online name "Kusok," must repay more than $476,000, according to federal prosecutors. He has remained in custody since his arrest in 2018.

When Bogdanov pleaded guilty in January 2020, he admitted to working with a group of co-conspirators to steal the personally identifiable information of American citizens, including Social Security numbers and dates of birth, and then using that data to pose as U.S. taxpayers and file fake tax returns to receive fraudulent refunds, according to court documents.

"Bogdanov utilized sophisticated means to steal two valuable commodities - peoples' personally identifiable information and funds belonging to the American taxpayer, says IRS-Criminal Investigation Special Agent-in-Charge Jonathan Larsen.

Tax Scheme

The scheme took place from 2014 to 2016, according to federal prosecutors and the IRS.

During this time, Bogdanov and others targeted U.S. tax preparation firms to steal the personal information of clients, taking advantage of vulnerabilities in remote desktop protocols to access the devices and networks of these tax firms, prosecutors say.

Once Bogdanov and other members of the gang stole Social Security numbers and other personal data, they filed tax returns with the Treasury Department and changed some information to ensure that the refunds were paid to prepaid debit cards that the group controlled, according to federal prosecutors.

The conspirators also used the stolen personal information to obtain prior tax filings of victims from the IRS Transcript System website. From there, Bogdanov and others filed new tax returns - purportedly on behalf of the victims - and collected fraudulent refunds through prepaid debit cards, the IRS notes. Once these cards were issued, they were cashed out in the U.S. and a percentage was wired to Bogdanov in Russia.

Federal prosecutors say that Bogdanov and others stole about $1.5 million through the fraudulent refunds.

The Justice Department unsealed its indictment against Bogdanov in April 2018, and he was arrested a few months later by local police in Phuket, Thailand. Under the original charges, the Russian national could have faced more than 27 years in federal prison.

In an FBI affidavit filed in the case, an agent wrote that the bureau tied the Kusok online name to Bogdanov after tracing the Kusok username on a cybercrime forum. Prosecutors also noted in court documents that they had obtained communications between various gang members that offered details about how the scheme worked.


About the Author

Scott Ferguson

Scott Ferguson

Managing Editor, GovInfoSecurity, ISMG

Ferguson is the managing editor for the GovInfoSecurity.com media website at Information Security Media Group. He's been covering the IT industry for more than 13 years. Before joining ISMG, Ferguson was editor-in-chief at eWEEK and director of audience development for InformationWeek. He's also written and edited for Light Reading, Security Now, Enterprise Cloud News, TU-Automotive, Dice Insights and DevOps.com.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing inforisktoday.co.uk, you agree to our use of cookies.