Phishing & Account Takeover Recovery in Bulgaria
Lost money to phishing & account takeover in Bulgaria? TrustUs Recovery Ltd helps victims pursue recovery through the correct legal and financial channels for Bulgaria — honestly, and with no guarantee dressed up as a promise.
Start your free case assessmentHow phishing & account takeover works
Phishing and account takeover use fake emails, texts ('smishing') or calls impersonating your bank to harvest credentials or one-time codes — or to push you into authorising a payment yourself (authorised push payment fraud). Funds are then moved out rapidly through mule accounts.
Warning signs
- Urgent links to 'verify' or 'secure' your account
- Callers who already know some of your details
- Requests to read out one-time passcodes
- Being told to move money to a 'safe account'
- Slightly-wrong sender addresses or numbers
The recovery framework in Bulgaria
In Bulgaria, the bodies and rules most relevant to your case are:
| Financial regulator | Financial Supervision Commission (FSC) |
|---|---|
| Banking / payments supervisor | Bulgarian National Bank (BNB) |
| Dispute resolution / ombudsman | Conciliation Commission for Payment Disputes |
| Currency | EUR |
| SEPA zone | yes |
Visa/Mastercard chargebacks within scheme limits. Bulgaria adopted the euro on 1 Jan 2026 (fixed BGN 1.95583 = EUR 1) and is in the eurozone/SEPA — euro transfers with SEPA recall. PSD2 unauthorised-transaction refund applies.
If you paid a bank in Bulgaria — for example United Bulgarian Bank (UBB), DSK Bank or UniCredit Bulbank — contact its fraud team as soon as possible, as a recall is far more likely while the money is still there.
Can you get your money back?
For phishing & account takeover cases in Bulgaria, the primary route is usually card chargeback (visa / mastercard). A chargeback reverses a card payment by raising a dispute through the Visa or Mastercard scheme via your issuing bank, which claws the funds back from the merchant's acquirer under defined dispute reason codes.
Where the facts allow, we also pursue regulator & ombudsman complaint as a secondary route.
Report to your bank immediately to trigger a recall and fraud investigation. Unauthorised transactions are reimbursable under PSD2 across the EEA, and unresolved complaints can be escalated to the ombudsman.
Evidence to gather now
The stronger your evidence, the better your prospects. For phishing & account takeover, gather:
- The phishing message, number or email header
- Date and detail of the unauthorised or pushed payments
- Your report reference from the bank
- Any login alerts or device notifications
- Recipient account details, if known
The recovery process
- Free assessment. We review how, when and to whom the funds were sent.
- Evidence pack. We assemble transaction records, communications and platform details.
- Action. We initiate the relevant route — card chargeback (visa / mastercard) or regulator & ombudsman complaint — and engage the bank, provider or exchange.
- Escalation. Where needed, we escalate to Conciliation Commission for Payment Disputes or Financial Supervision Commission (FSC).
Why acting fast matters
Usually must be raised within about 120 days of the transaction or expected delivery date, though exact windows vary by scheme and reason code. Recovery prospects fall sharply once funds are withdrawn or moved across borders, so the sooner you start, the stronger your position. Even older cases can be worth assessing — but do not wait to find out.
Frequently asked questions
Can I recover money lost to phishing & account takeover in Bulgaria?
Report to your bank immediately to trigger a recall and fraud investigation. Unauthorised transactions are reimbursable under PSD2 across the EEA, and unresolved complaints can be escalated to the ombudsman. In Bulgaria, support can also come from a complaint to Conciliation Commission for Payment Disputes where a regulated entity is involved. TrustUs Recovery Ltd assesses your case for free and explains the realistic routes.
Do you guarantee recovery, and what does it cost?
No. TrustUs Recovery Ltd never guarantees recovery and never asks for an upfront fee to 'release' funds — that is a hallmark of a recovery scam. We give a free, honest assessment first and are transparent about any costs.
How quickly should I act?
As soon as possible. Usually must be raised within about 120 days of the transaction or expected delivery date, though exact windows vary by scheme and reason code.
What evidence do I need for a phishing & account takeover case?
Useful evidence includes: The phishing message, number or email header; Date and detail of the unauthorised or pushed payments; Your report reference from the bank; Any login alerts or device notifications; Recipient account details, if known.
Who regulates financial services in Bulgaria?
Financial Supervision Commission (FSC) is the relevant financial regulator in Bulgaria, and consumer disputes can be taken to Conciliation Commission for Payment Disputes.
Lost money to phishing & account takeover in Bulgaria?
Get a free, confidential assessment of your case from a licensed recovery firm.
Request a free recovery assessment