Business Email Compromise (BEC) , Email Threat Protection , Fraud Management & Cybercrime
Nigerian Gets 10-Year Sentence for BEC Scam
Prosecutors: Crime Operation Extorted $11 MillionA Nigerian national has been sentenced to 10 years in prison after pleading guilty to taking part in a business email compromise operation that extorted $11 million from its victims, according to the U.S. Department of Justice.
See Also: On Thin ICES: Augmenting Microsoft 365 with Integrated Cloud and Email Security
Obinwanne Okeke, 33, was an entrepreneur who ran a group of companies called Invictus Group. From 2015 to 2019, he and his co-conspirators obtained the credentials of hundreds of victims, prosecutors say.
One of the victims was Unatrac Holding Ltd., the U.K. affiliate of U.S. heavy equipment manufacturer Caterpillar, which was defrauded of almost $11 million, accounting for the bulk of the scheme's proceeds.
The investigation also found Okeke and other conspirators had swindled the Red Wing Shoes company out of about $108,000 in early 2018.
The FBI arrested Okeke in August 2019 on charges of conspiracy to commit computer and wire fraud. He pleaded guilty in June 2020 (see: Nigerian Entrepreneur Pleads Guilty in $11 Million BEC Scam).
Attack on Unatrac
On April 1, 2018, the CFO at Unatrac received a phishing email containing a link, which when clicked on, redirected him to a phishing site that was designed to look like a legitimate Microsoft Office365 login page. The CFO unknowingly entered his login credentials on the fake webpage, giving the criminals access to his credentials and, in turn, his entire account, according to an FBI affidavit.
Okeke and others accessed the CFO's Office365 account 464 times between April 6 and April 20, 2018, mostly from IP addresses located in Nigeria, the FBI says. They sent fraudulent wire transfer requests from the account to Unatrac's financial team. To add credibility to their requests, the cybercriminals sent fake invoices to the CFO's account from external accounts and forwarded them to the finance team.
To hide their activities from the CFO, the conspirators created or modified the email filter rules for the account, intercepted legitimate emails from the finance team, marked them as read and moved them to another folder outside the inbox, the FBI says.
The finance team at Unatrac processed 15 payments to overseas accounts, totaling almost $11 million, most of which could not be recovered by the time the company discovered the fraud, according to the affidavit.
FBI agents traced the email addresses used to conduct the scam to Okeke. The email account he used contained records of emails and chats that were related to creating spoofed websites aimed at tricking victims into sharing their credentials, according to court documents.
Okeke was a well-known businessman whose Invictus Group ran construction, agriculture, oil and gas, telecom and real estate operations. He was profiled in 2016 by Forbes as one of "Africa's most promising entrepreneurs," court documents show.
BEC Scams
Over the years, Nigerian BEC scams have evolved to become more sophisticated.
In November 2020, Interpol, along with Nigerian law enforcement agencies and security firm Group-IB, uncovered a massive Nigerian business email compromise gang that was active across more than 150 countries (see: Interpol Busts Massive Nigerian BEC Gang).
In July 2020, a Nigerian national allegedly laundered millions of dollars stolen in BEC scams, according to the Justice Department (see: Just How Lucrative Are BEC Scams?).
A security report that Palo Alto Network's Unit 42 released in April 2020 found cybercrime gangs operating out of Nigeria waged a combined total of 92,000 business email compromise attacks each month in 2019, a 172% increase from the previous year (see: Nigerian BEC Scammers Increase Proficiency: Report).