Business Email Compromise (BEC) , Fraud Management & Cybercrime

Alleged Business Email Compromise Fraudsters Extradited

Schemers Spoofed Construction Companies to Bilk Universities
Alleged Business Email Compromise Fraudsters Extradited

Three Nigerian nationals accused of participating in multimillion-dollar business email compromise fraud with a fixation on universities arrived in the United States after extradition from the United Kingdom.

See Also: OnDemand | Combatting Rogue URL Tricks: How You Can Quickly Identify and Investigate the Latest Phishing Attacks

The men faces charges in federal courts in North Carolina, Texas and Virginia for offenses that include conspiracy to commit wire fraud and money laundering conspiracy. They allegedly attempted to steal more than $5 million.

All three were arrested on April 23, 2020, by British authorities at the request of the United States and ordered extradited on Sept. 3, 2021. Their appeal to the U.K. High Court failed on July 12.

Total losses tied to business email compromise theft domestically and internationally totaled $43.3 billion from June 2016 through December 2021, according to the most recent FBI Internet Crime Complaint Center annual report. The FBI warned earlier this year that business email compromise scams are on the rise, with real and actual losses increasing by 65% in the 14-month period ending last December. In part, it attributed the increase to the novel coronavirus pandemic and its knock-on effect of shifting more work online.

Court documents show the alleged fraudsters used spoofing techniques to convince victims to make payments into bank accounts purportedly controlled by legitimate contractors.

Oludayo Kolawole John Adeagbo, 43, a Nigerian citizen, and Donald Ikenna Echeazu, 40, a dual U.K. and Nigerian citizen, allegedly bilked Appalachian State University out of nearly $2 million by appearing to be employees of a construction company hired to build a new health sciences building.

The conspirators sent emails coming from rogersbuildersinc.com, which was not the domain used by the legitimate contractor, rogersbuilders.com. Adeagbo also allegedly used domain spoofing to commit business email compromise in Texas.

Prosecutors say victims include local government entities, construction companies and a Houston-area college.

A third man, Olabanji Egbinola, 42, faces charges of conspiracy to commit wire fraud and money laundering for allegedly also posing as an employee of a construction company doing work for an unnamed university in Virginia. He sent emails from kjellstromleegroup.com, which is not the legitimate domain of the Richmond-based firm Kjellstom & Lee. Its domain is khellstromandlee.com. He allegedly defrauded the university of $469,819.49.

Prosecutors say Egbinola took steps to hide his identity, including by paying for domain hosting using Bitcoin and using a virtual private network to obscure his real IP address. FBI agents were able to identify his real IP address by sending him an email containing what the agency dubs a "network investigative technique," which is malware that sends agents details about computer users. Once the FBI had Egbinola's real IP address, British law enforcement agents were able to identify him.


About the Author

Prajeet Nair

Prajeet Nair

Assistant Editor, Global News Desk, ISMG

Nair previously worked at TechCircle, IDG, Times Group and other publications, where he reported on developments in enterprise technology, digital transformation and other issues.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.com, you agree to our use of cookies.