Eight individuals were arrested for their roles in a widespread, Africa-based business email compromise (BEC) conspiracy, the United States Department of Justice announced on Monday.
Following operation WireWire earlier this month, the new international effort named “Operation Keyboard Warrior”, resulted in five individuals being arrested in the United States, along with three others in Ghana. Four more were indicted for their roles in the CEO schemes, but remain at large.
BEC is a type of fraud targeting decision-making positions within organizations via email, phone, or fax, to hijack wire transfers or trick them to authorize payments for fake invoices.
Tens of thousands fell victims to BEC schemes, while losses amount to billions. Victims include accounts payable personnel at Fortune 500 companies, global maritime shipping companies and their customers, and more.
As part of Operation Keyboard Warrior, DoJ coordinated with international law enforcement to disrupt online frauds perpetrated from Africa. The operation, which has been ongoing since at least 2012, allegedly defrauded U.S. companies and citizens of around $15 million, the Justice Department says.
The individuals arrested in the U.S. are Javier Luis Ramos Alonso, 28, a Mexican citizen residing in Seaside, California; James Dean, 65, of Plainfield, Indiana; Dana Brady, 61, of Auburn, Washington; Rashid Abdulai, 24, a Ghanaian citizen residing in the Bronx, New York, and Olufolajimi Abegunde, 31, a Nigerian citizen residing in Atlanta, Georgia.
Maxwell Atugba Abayeta aka Maxwell Peter, 26, and Babatunde Martins, 62, of Ghana and Benard Emurhowhoariogho Okorhi, 39, a Nigerian citizen who resides in Ghana, were arrested overseas and await their extradition. Sumaila Hardi Wumpini, 29; Dennis Miah, 34; Ayodeji Olumide Ojo, 35, and Victor Daniel Fortune Okorhi, 35, who were also charged in the indictment, remain at large.
The defendants are charged with conspiracy to commit wire fraud, wire fraud, conspiracy to commit money laundering, conspiracy to commit computer fraud, and aggravated identity fraud.
According to the indictment, the Africa-based coconspirators committed, or caused to be committed, intrusions into the servers and email systems of a Memphis-based real estate company in June and July 2016.
The defendants used spoofed email addresses and Virtual Private Networks to identify large financial transactions, engage into fraudulent email correspondence with relevant business parties, and redirect closing funds, through a network of U.S.-based money mules, to Africa. The scheme defrauded companies and individuals in Memphis of hundreds of thousands of dollars.
According to the indictment, some of the Africa-based defendants also engaged in various romance scams, fraudulent-check scams, gold-buying scams, advance-fee scams, and credit card scams. All the proceeds of these criminal activities were shipped and/or transferred from the United States to locations in Ghana, Nigeria, and South Africa.
Some of the defendants are also said to have been concealing their conduct by, among other means, “stealing or fraudulently obtaining personal identification information (PII) and using that information to create fake online profiles and personas,” the DoJ announcement reads.
“The defendants allegedly unleashed a barrage of international fraud schemes that targeted U.S. businesses and individuals, robbing them to the tune of approximately $15 million,” Acting Assistant Attorney General John P. Cronan of the Justice Department’s Criminal Division said.
Related: Preventing Business Email Compromise Requires a Human Touch
Related: How to Establish Effective Intelligence Requirements