Africa Press-Nigeria:
A Nigerian entrepreneur has pleaded guilty to charges stemming from an $11 million business email compromise scheme that targeted a U.K. affiliate of U.S. heavy equipment manufacturer Caterpillar, according to the U.S. Department of Justice.
Obinwanne Okeke, 32, defrauded Unatrac Holding Ltd., the U.K.-based export sales office for Caterpillar, by stealing login credentials and sending illegal wire-transfer requests, according to the U.S. Attorney’s Office in the Eastern District of Virginia on Thursday.
Okeke was arrested by the Federal Bureau of Investigation in August 2019 on charges of conspiracy to commit computer and wire fraud, according to an FBI affidavit and other court documents (see: FBI Arrests Nigerian Suspect in $11 Million BEC Scheme). He pleaded guilty to conspiracy to commit wire fraud, which carries a maximum penalty of 20 years in prison. Sentencing is set for Oct. 22.
Okeke, along with other unnamed conspirators, carried out fraudulent activities from 2015 to 2019, when they obtained the credentials of hundreds of victims, including some located in the eastern district of Virginia, prosecutors say.
On April 1, 2018, the CFO at Unatrac received a phishing email containing a link, which when clicked on, redirected the CFO to a phishing site that was designed to look like a legitimate Microsoft Office365 login page. The CFO unknowingly entered his login credentials on the fake web page, giving the criminals access to his credentials and, in turn, his entire account, according to the FBI affidavit.
Okeke and others accessed the CFO’s Office365 account 464 times between April 6 and April 20, 2018, mostly from IP addresses located in Nigeria, the FBI says. They sent fraudulent wire transfer requests from the account to Unatrac’s financial team. To add credibility to their requests, the cybercriminals would send fake invoices to the CFO’s account from external accounts and forward them to the finance team, the affidavit adds.
To hide their activities from the CFO, the conspirators created or modified the email filter rules for the account, intercepted legitimate emails from the finance team, marked them as read and moved them to another folder outside the inbox, the FBI says.
The finance team at Unatrac processed 15 payments to overseas accounts, totaling a sum of about $11 million, most of which could not be recovered by the time the company discovered the fraud, according to the affadavit.
