Skip to content

How can victims of cyber fraud fight back?

28 September 2018

Judgment given in ground-breaking litigation involving the first worldwide freezing order against ‘persons unknown’


The Commercial Court has recently issued its judgment in CMOC Sales and Marketing Ltd v Persons Unknown & 30 Ors1 The Claimant’s proprietary claims, as well as claims for unlawful means conspiracy, dishonest assistance, knowing receipt and unjust enrichment (in part) succeeded. The case has garnered significant attention as it involved the granting of the first worldwide freezing order (WFO) against ‘persons unknown’.

The ruling appears to have considerably expanded the interim remedies available to claimants in fraud cases and, it is hoped, will assist claimants in securing stolen monies, and in obtaining information about those monies’ whereabouts without having to individually identify defendants.


The London subsidiary of a global mining company suffered a sophisticated cyber fraud in which unknown perpetrators infiltrated a senior manager’s email account. The hackers used their access to send payment instructions to the Bank of China, under the guise of the manager’s stolen identity. The instructions brought about the illicit transfer of US$6,913,503.90 and €1,270,679.30 from the Claimant’s bank accounts to numerous banks in a number of jurisdictions.

The Claimant sought to recover its stolen funds from the unidentified fraudsters. In order to trace and secure the stolen monies, the Claimant filed an application for the WFO against ‘persons unknown’. 2 It also sought disclosure orders under the principles set out in Norwich Pharmacal / Bankers Trust initially against 35, and rising to 50, international banks across 19 jurisdictions, through which the perpetrators had diverted the misappropriated monies.3

What are the key points?

The granting of the WFO in circumstances where defendants were not individually named in the order is a significant development in the law concerning the tracing and securing of the proceeds of fraud.

The ordering of a WFO in this way will help claimants where there are difficulties in identifying unknown cyber criminals. Here the court held that a description of the suspected perpetrators was precise enough for the fraudsters to identify themselves as being caught by the order and, in particular, that it was sufficient for the Claimant to simply refer to the relevant transfers between their bank account and the recipient banks for these purposes.

Once granted, the WFO was regarded by the court as a ‘springboard for the grant of ancillary relief’, resulting in the Claimant being able to freeze relevant bank accounts and obtain orders for the banks in question to provide information which was crucial to the identification of the perpetrators. The court also took into account national laws relating to client confidentiality and foreign banking secrecy.

The case is also notable for clarifying the legal position with respect to whether or not a defendant must know the precise identity of a claimant to be liable for damages in unlawful means conspiracy. The Claimant successfully argued that Lord Bridge’s finding in Lonrho plc v Fayed4, namely that the defendant should have knowledge that “the conspiracy is aimed or directed at the plaintiff, and it can be reasonably foreseen it may injure him” should be interpreted as meaning that it will be sufficient in establishing an intention to injure if a defendant knows there is a victim of that conspiracy, even if the defendant does not know the victim’s identity. HHJ Waksman QC noted that there was no reason why the specific identity of a victim should be part of the legal test, “particularly in the age of cyber-fraud”.

HFW Perspective

We are increasingly seeing the use of social media being ordered as a means of alternative service. In this case, the court helped to counter the difficulties faced by the Claimant in serving anonymous fraudsters by permitting service of the order by way of Facebook and WhatsApp messenger, and the even more novel approach to alternative service via an encrypted online data room, to which access was given by way of published log-in details. These innovative methods provide significant benefits over conventional methods of service and provide a time and cost efficient means of communicating with numerous parties around the world.
In the supplementary remarks to his judgment, HHJ Waksman QC remarked that banks joined as no cause of action defendants found the online data rooms to be a “most useful facility” and did not require service of the underlying documents by hard copy or email.

Rapidly developing technology is leading to increasingly sophisticated cyber attacks and fraud, often conducted in foreign jurisdictions and behind a veil of anonymity. The innovative orders granted by the English courts demonstrate a willingness on the part of the courts to create innovative solutions to  combat fraud in a modern society. Fraud cases, in particular, often require access to significant resources in order deal with issues relating to the identification of defendants and the location of assets. The combined remedies of the WFO and disclosure orders will go some way to reducing the burden faced by claimants.

The judgment can be accessed here.

If you have any queries regarding this update, please contact the authors for more information.


  1. [2018] EWHC 2230.
  2. [2017] EWHC 3599 (Comm).
  3. [1974] A.C. 133; [1980] 1 W.L.R. 1274.
  4. [1992] 1 A.C. 448.