Feds Indict Nigerian Nationals for Series of BEC ScamsDefendants Allegedly Oversaw Schemes for Years, Causing Millions in Losses
Several Nigerian nationals have been indicted for their alleged involvement in business email compromise campaigns from 2015 to 2017 that targeted U.S. businesses.
Indictments unsealed this week by the U.S. Department of Justice reveal that those charged in connection with BEC scams include Richard Izuchukwu Uzuh, Alex Afolabi Ogunshaki and Felix Osilama Okpoh. Plus, Michael Olorunyomi was charged in connection with a romance scam. The charges, which include conspiracy to commit wire fraud, wire fraud, identity theft and access device fraud, carry prison sentences of between 10 and 20 years as well as fines ranging up to $250,000, according to the Justice Department.
None of these six defendants have been arrested, according to the DOJ.
Two additional defendants in the fraud cases previously pleaded guilty. Adewale Aniyeloye was sentenced to 96 months' imprisonment for wire fraud. Onome Ijomone received a 60-month sentence for conspiracy to commit wire fraud, prosecutors say.
Over the last two years, law enforcement officials have warned about an increase in BEC schemes. In April, for example, the FBI warned businesses about ongoing BEC scams using two popular cloud-based email systems. The bureau also noted that its Internet Crime Complaint Center had received complaints totaling more than $2.1 billion in losses from such scams from 2014 to 2019.
How Scams Worked
Ogunshakin, Okpoh, Kayode and Benson were charged conspiracy to commit wire fraud, according to an indictment unsealed Tuesday. The Justice Department states their activities allegedly started about January 2015 and continued until about September 2016.
Their alleged scam involved posing as business executives and using spoofed e-mail accounts to "request and receive wire transfers of funds from the businesses' accounts," the indictment states. Victims wired money to accounts specified by the defendants, prosecutors says.
The scheme allegedly included having co-conspirators using compromised email accounts send spoofed emails to thousands of business employees who handled accounting for their firms and were authorized to send wire transfers. Each email, portrayed as coming from the company CEO or another executive, would direct the employee to make a wire transfer, the court documents say.
In one incident cited, "the defendants and co-conspirators caused and attempted to cause losses in excess of $6 million."
Another indictment charges Aniyeloye and Uzuh each with four counts of wire fraud for a series of schemes that allegedly took place between 2015 and September 2016, resulting in losses of more than $1 million, according to the indictment.
One incident in February 2015 allegedly involved Uzuh posing as a CEO and requesting that the CFO transfer $74,000 to a bank account, the indictment states.
In another indictment unsealed Tuesday, prosecutors charged Ijomone and Olorunyomi with conspiracy to commit wire fraud, identity theft and access device fraud while allegedly operating romance scams from 2015 to 2017.
In these complicated schemes, the defendants allegedly created fake online dating profiles to develop online relationships. The defendants either persuaded the victims to wire them money directly or would trick them into allowing their bank account to be used to launder stolen money, according to the indictment.
"In some cases, the individual using the fictitious dating profile provided the romance scam victim with the name and contact information of a financial adviser who would further help convince the romance scam victim about the legitimacy of the proposed transactions," the court document states. The supposed financial adviser was part of the scam.
In addition to the criminal indictments, the Treasury Department's Office of Foreign Asset Control has imposed financial sanctions on each of the fugitives.
"As a result of the sanctions, all property and interests in property held by these individuals and subject to U.S. jurisdiction are blocked and other persons are blocked from engaging in financial transactions with these fugitives," the DOJ states.
BEC Scams Persist
BEC campaigns have conned large sums of money from a wide variety of organizations.
For example, in April, fraudsters tricked the Oslo-based private equity firm Norfund out of more than $10 million (see: Investment Firm Hit by BEC Scam).
Other cybercriminals are using the COVID-19 pandemic as a cover for BEC scams targeting municipalities. In these cases, the scammers posing as government agencies ask suppliers and vendors to send a payment to a different bank account citing "corona virus audits," according to the FBI (see: FBI: COVID-19-Themed Business Email Compromise Scams Surge ).