Nigerian Man Living in U.S. Charged Over Role in BEC Scheme

A Nigerian national residing in Buffalo, New York, was indicted this week for facilitating a business email compromise (BEC) scam that resulted in hundreds of thousands of dollars being stolen from various companies.

Charged with conspiracy to commit wire fraud, the man, Eric Iwu, aka James, 32, faces up to 20 years in prison and a fine of $250,000.

BEC scammers typically target organizations that conduct wire transfers, and they impersonate CEOs or other executives that can authorize wire transfers, and then alter invoices to redirect funds to bank accounts controlled by the attackers.

One of the victims, a power construction company located in Dubai, UAE, fell victim to a BEC fraud attack using a Wells Fargo checking account. In 2018, the company was defrauded of hundreds of thousands of dollars.

Iwu, the United States Department of Justice says, was the registered owner of a checking account opened at a Citizens Bank in West Seneca, NY, which received two wire transfers related to the scam.

In February 2019, a United Kingdom company was the victim of a BEC attack that employed a Northwest Bank checking account that was eventually traced to Iwu. The company sent $55,242 to the checking account.

Another account traced to Iwu was a business account opened at the Citizens Bank in June 2019. The account received two wire transfers of $131,636 and $112,912 from the third and fourth victim of the BEC operation, respectively.

The defendant appeared at a hearing and was placed in detention, pending further proceedings.

Related: Turkish National Charged for DDoS Attack on U.S. Company

Related: US Charges Swiss ‘Hacktivist’ for Data Theft and Leaks

Related: U.S. Charges North Korean Hackers Over $1.3 Billion Bank Heists