Nigerian Entrepreneur Pleads Guilty in $11 Million BEC Scam

Business Email Compromise (BEC)
Fraud Management & Cybercrime

Obinwanne Okeke Targeted UK Affiliate of Caterpillar, Prosecutors Say

Nigerian Entrepreneur Pleads Guilty in $11 Million BEC Scam

A Nigerian entrepreneur has pleaded guilty to charges stemming from an $11 million business email compromise scheme that targeted a U.K. affiliate of U.S. heavy equipment manufacturer Caterpillar, according to the U.S. Department of Justice.

See Also: Live Webinar | 2021: A Cybersecurity Odyssey

Obinwanne Okeke, 32, defrauded Unatrac Holding Ltd., the U.K.-based export sales office for Caterpillar, by stealing login credentials and sending illegal wire-transfer requests, according to the U.S. Attorney’s Office in the Eastern District of Virginia on Thursday.

Okeke was arrested by the Federal Bureau of Investigation in August 2019 on charges of conspiracy to commit computer and wire fraud, according to an FBI affidavit and other court documents (see: FBI Arrests Nigerian Suspect in $11 Million BEC Scheme). He pleaded guilty to conspiracy to commit wire fraud, which carries a maximum penalty of 20 years in prison. Sentencing is set for Oct. 22.

Carrying Out the Scheme

Okeke, along with other unnamed conspirators, carried out fraudulent activities from 2015 to 2019, when they obtained the credentials of hundreds of victims, including some located in the eastern district of Virginia, prosecutors say.

On April 1, 2018, the CFO at Unatrac received a phishing email containing a link, which when clicked on, redirected the CFO to a phishing site that was designed to look like a legitimate Microsoft Office365 login page. The CFO unknowingly entered his login credentials on the fake web page, giving the criminals access to his credentials and, in turn, his entire account, according to the FBI affidavit.

Okeke and others accessed the CFO’s Office365 account 464 times between April 6 and April 20, 2018, mostly from IP addresses located in Nigeria, the FBI says. They sent fraudulent wire transfer requests from the account to Unatrac’s financial team. To add credibility to their requests, the cybercriminals would send fake invoices to the CFO’s account from external accounts and forward them to the finance team, the affidavit adds.

To hide their activities from the CFO, the conspirators created or modified the email filter rules for the account, intercepted legitimate emails from the finance team, marked them as read and moved them to another folder outside the inbox, the FBI says.

The finance team at Unatrac processed 15 payments to overseas accounts, totaling a sum of about $11 million, most of which could not be recovered by the time the company discovered the fraud, according to the affadavit.

FBI agents were able to trace the email addresses used to conduct the scam to Okeke. The email account he used contained records of emails and chats that were related to creating spoof websites aimed at tricking victims into sharing their credentials, according to court documents.

The investigation also found Okeke had allegedly swindled the Red Wing Shoe Company out of about $108,000 in early 2018.

Okeke was a well-known businessman who ran the Invictus Group, which had construction, agriculture, oil and gas, telecom and real estate operations. He was profiled in 2016 by Forbes as one of “Africa’s most promising entrepreneurs,” court documents show.

BEC Scams

Nigerian scams have evolved over the years, growing more sophisticated thanks to cybercrime-as-a-service offerings. Cybercrime gangs operating out of Nigeria waged a combined total of 92,000 business email compromise attacks each month in 2019, a 172 percent increase from the previous year, according to an analysis from Palo Alto Network’s Unit 42 published earlier this year (see: Nigerian BEC Scammers Increase Proficiency: Report).

On June 18, several Nigerian nationals were indicted for their alleged involvement in such campaigns operating from 2015 to 2017 that targeted U.S. businesses (see: Feds Indict Nigerian Nationals for Series of BEC Scams).

In a global crackdown on BEC scams last year, 281 suspects were arrested as part of a four-month investigation called “Operation reWired”. The majority of the arrests occurred in Nigeria (see: Business Email Compromise Crackdown: 281 Suspects Busted).

In 2019, the FBI received nearly 24,000 complaints about BEC scams, with losses totaling $1.7 billion for an average loss of about $72,000, according to the FBI Internet Crime Report (see: FBI: BEC Losses Totaled $1.7 Billion in 2019).

Source link

Recent articles

French Prime Minister Resigns Before a Cabinet Reshuffle

PARIS — France’s prime minister, Édouard Philippe, resigned on Friday, the first step in a major government reshuffle, according to the office of...

India’s Modi visits Ladakh region where troops clashed with China | News

Indian Prime Minister Narendra Modi has said that "age of expansionism" is over, as he paid tribute to soldiers killed in last month's...

Blender Quick Tips 001: Using Array Modifier Along Curve Paths [Blender 2.82 Tutorial]

nebmotion writes: Welcome to Blender Quick Tips! In this quick Blender tutorial you will learn how to use the array modifiers to duplicate or instance...

Are Seasons 1-8 of ‘Beavis and Butt-head’ on Netflix?

Beavis and Butt-head – Picture: ViacomCBSWith the news that Beavis and Butt-head is among the many shows set to be rebooted, you may...

The Best Cheap Nespresso Deals for July 2020

Digital Trends may earn a commission when you buy through links on our site. Are you searching coffee maker deals? If you enjoy fine...

Mechanical force used to trigger isomerisation in 3D molecule | Research

The tip of a scanning tunnelling microscope (STM) has been used to precisely switch between three possible isomers of a single molecule. The...

Leave a reply

Please enter your comment!
Please enter your name here