The latest about the Forbes Africa celebrated Nigerian businessman Obinwanne Okeke, now in prison in the United States is that his case has been sent to a federal grand jury for a formal indictment for Business Email Compromise(BEC) crimes.
After his arrest in Washington in early August, the owner of Invictus Group has appeared in federal court twice and remained in federal custody as of Monday.
During an Aug. 12 court hearing, the judge in the case noted that the matter is being sent to a federal grand jury for consideration for a formal indictment.
His arrest for executing within several months in 2018, an $11 million business email compromise scheme that targeted a U.K. affiliate of U.S. heavy equipment manufacturer Caterpillar, was not surprising to people who have been tracking this kind of crime.
(Read Marshall Ward’s affidavit: Obinwanne Okeke the FBI affidavit
It is a global fraud, they call it CEO fraud, worth about $12.5 billion between 2013-2018, with increasing Nigerian connection.
In a report in May this year,Scott Ferguson writing for Information Security Media Group, painted a breathtaking evolution of Nigerian email scammers, from “the days of asking for money to help a member of the country’s royal family”, to their present sophisticated practice of BEC. Ferguson also disclosed the existence of a Nigerian BEC gang, styled SilverTerrier, that is responsible for most of the scams emanating from Nigeria.
Over the last four years, several Nigerian criminal gangs have turned their attention to business email compromise schemes. Now they’re using an increasing array of off-the-shelf malware to help advance their plans.
“The latest research continues our chronicling of the evolution of Nigerian threat actors from unsophisticated spammers to proficient users and abusers of malware and other tools used by cybercriminals worldwide,” says Jen Miller-Osborn, the deputy director of threat intelligence at Unit 42.
BEC Schemes on Rise Globally
What’s happening with Nigerian scammers reflects a larger trend of cybercriminal gangs turning to business email compromise schemes to turn an illegal profit.
These schemes, which are also known as CEO fraud, have started to gain more attention from law enforcement as the number of incidents has increased over the past four years. In its annual Internet Crime Report released in April, the FBI reported that losses from business email compromise scams nearly doubled between 2017 and 2018, reaching $1.2 billion last year in the U.S. alone.
Globally, that number was over $12.5 billion between 2013 and 2018, according to FBI statistics.
In the typical business email compromise scheme, attackers start by stealing the email credentials of a top executive through phishing or other methods. Then they impersonate that executive, sending urgent messages to lower-level employees to transfer or wire money to various bank accounts. In other cases, the attackers spoof a company’s business partner.
The FBI’s most recent report warns that criminals are constantly changing tactics.
“Through the years, the scam has seen personal emails compromised, vendor emails compromised, spoofed lawyer email accounts, requests for W-2 information, and the targeting of the real estate sector,” the FBI report says.
Also of note: Starting in 2018, cybercriminals began asking for gift cards instead of money.