An Atlanta resident was charged last week for his role in a business email compromise (BEC) scheme that resulted in losses of millions of dollars.
The man, Christian Akhatsegbe, 35, of Atlanta, Georgia, was indicted for aggravated identity theft, access device fraud, and conspiracy to commit wire and computer fraud. Emmanuel Aiye Akhatsegbe, 46, of Lagos, Nigeria, was also charged.
According to the indictment, the defendants and their conspirators allegedly sent phishing emails to employees of victim companies and organizations in the United States, in an attempt to steal their email account credentials.
Using the stolen credentials, they then accessed the compromised accounts and sent fraudulent emails to other employees within the victim entities.
These fraudulent emails carried fake invoices requesting payments of hundreds of thousands of dollars to be made to bank accounts operated by cybercriminals.
As part of one attack, carried out in November 2019, the defendants allegedly targeted an employee of a company in the United Kingdom, stole their credentials, and then used the login information to send an email to another company employee.
The message, which appeared to come from one of the company’s vendors, included a fraudulent invoice that requested for a payment of over $434,000 to be made to an account at a bank in Hong Kong. The company made the payment.
The next month, the defendants used credentials stolen from the employee of a Massachusetts company to send another fraudulent invoice that requested for $498,000 to be sent to a bank in Hong Kong. The victim company made the payment, and also paid a second invoice in the same amount.
“The indictment in this case results from the tireless work of federal law enforcement and the valuable cooperation of corporate investigators and agency victims. These federal charges also serve as a reminder to those perpetrating cyber and fraud schemes, whether it be from Atlanta or any corner of the globe,” Acting U.S. Attorney Kurt R. Erskine said.
Related: COO of Security Company Charged for Cyberattack on Medical Center
Related: U.S. Charges 22 in Stolen Payment Cards Crackdown
Related: U.S. Charges North Korean Hackers Over $1.3 Billion Bank Heists