Jump to content
David H. Lipman

BEC Scam Costing Almost US$11 Million Leads to FBI Arrest...

Recommended Posts

BEC Scam Costing Almost US$11 Million Leads to FBI Arrest of Nigerian Businessman

"The chief executive officer (CEO) of the Invictus Group of Companies, Obinwanne Okeke, has reportedly been arrested by the U.S. Federal Bureau of Investigation (FBI) after he was accused of conspiracy to commit computer and wire fraud. The FBI investigation into Okeke was initiated after a victim of a business email compromise (BEC) scam informed the FBI that it had been defrauded of nearly US$11 million.

According to an affidavit from FBI Special Agent Marshall Ward, who spearheaded the investigation, a phishing email was sent to the chief financial officer (CFO) of Unatrac Holding Limited, the UK-based export sales office for the construction equipment company Caterpillar. The email contained a URL leading to a spoofed webpage asking for the login credentials of the CFO’s Microsoft Office 365 account. Once the CFO entered his credentials, the attackers managed to gain access to all the contents of the CFO’s Office 365 account, from emails to digital files.

The CFO’s email account was then used to issue fund transfer requests to Unatrac’s financial department. The scam involved fake invoices featuring the corresponding company logos and templates to make the emails seem more legitimate. The attackers even went so far as to send emails from an external account to the CFO’s account, which were then forwarded to the finance team, and created and changed filter rules to intercept legitimate emails and mark them as read.

Between April 11 and 18, 2018, employees of the Unatrac financial department issued 15 payments totaling nearly US$11 million, with some of the payments going to the same account.

The affidavit mentioned that the CFO’s account was accessed at least 464 times using Nigerian IP addresses. The attackers also downloaded files from the CFO’s account, with one of the downloaded files being sent to a Gmail address. Further investigation by the FBI revealed that the email was used for other fraudulent schemes. Ward managed to obtain records from Google, which allowed the FBI to link the email to another email address. The second email address was connected to a forum account that eventually led the FBI to conclude that Okeke is part of the BEC scam."

Share this post


Link to post
Share on other sites

Its good that they caught this guy.... however its a small drop in the bucket of scammers.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

  • Recently Browsing   0 members

    No registered users viewing this page.

×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.