Threat Management, Incident Response, Malware, TDR, Threat Management

N.Y. man gets 37 months for defrauding Schwab clients

A New York man has been sentenced to 37 months in prison for participating in a scheme to defraud Charles Schwab customers.

Aleksey Volynskiy, who was sentenced last week in Manhattan federal court, was part of a group of cybercriminals from the United States and Russia that stole more than $246,000 from Charles Schwab banking and brokerage customers. According to federal prosecutors, Volynskiy's Russian co-conspirators perpetrated the scam by installing malware that was crafted to steal personal account information as individuals accessed their Charles Schwab accounts. Fraudsters then used the stolen credentials to initiate unauthorized transactions.

Volynskiy and co-conspirator Alexey Mineev of Hampton, N.H. were responsible for setting up several “drop” accounts used to receive stolen funds from victims' accounts. Volynskiy and Mineev were also responsible for sending a portion of the stolen funds to their cohorts in Russia.

The scam lasted for approximately 15 months, from September 2006 until December 2007. Mineev was sentenced in November to 18 months in prison.

According to prosecutors, Volynskiy also participated in a separate scheme to withdraw money from victims' bank accounts at ATM machines by using stolen credit card numbers. Volynskiy, on three separate occasions, provided 180 stolen credit card numbers to a witness that was cooperating with federal authorities and directed the numbers be fabricated into credit cards.

Volynskiy was arrested in December 2008 and pleaded guilty in August 2009 to charges of conspiracy, money laundering and access device fraud for his role in the scams. He was sentenced last week in Manhattan federal court and also ordered to pay $30,000 in restitution.

Sarah Bulgatz, spokeswoman at Charles Schwab, told in an email Monday that the brokerage firm worked with law enforcement to help identify Volynskiy. Charles Schwab is “satisfied with the outcome” of the prosecution, she said.

Charles Schwab's systems were not compromised during the incident, Bulgatz added.

“It was malware downloaded onto a client's PC that led to the compromise of personal account information,” she said.

A third suspect, Alexander Bobnev, has not yet been apprehended, authorities said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.