A Nigerian national has been sentenced by a United States court to 41 months in prison for his role in business email compromise (BEC) scams, the Department of Justice announced on Thursday.
The scammer, David Chukwuneke Adindu, was arrested by U.S. authorities in November 2016. He pleaded guilty in June to one count of conspiracy to use a means of identification in connection with a federal crime, and one count of conspiracy to commit wire fraud. He faced at least 15 years in prison for his crimes.
In addition to the prison sentence, the Nigerian has been ordered to pay $1.4 million in restitution.
According to prosecutors, Adindu, who resided in both Nigeria and China, was part of a scheme that involved sending out specially crafted emails designed to trick organizations into wiring significant amounts of money to bank accounts controlled by him and his co-conspirators. The man took part in the operation between 2014 and 2016.
These types of emails typically purport to come from managers at the targeted company or known business partners and they instruct recipients to wire money to a specified account. The scam is referred to as a business email compromise scam because the attacker often hacks into the targeted organization’s email accounts to obtain information that can be leveraged to make the wire transfer requests more credible.
Last year, the FBI received over 12,000 complaints related to BEC and EAC (email account compromise) scams, with losses totaling more than $360 million.
Authorities said the scheme Adindu was involved in targeted thousands of victims around the world and attempted to defraud them of more than $25 million. Reuters learned from the man’s lawyer that his main role was to set up bank accounts in China and Hong Kong.
Adindu is not the first Nigerian sentenced in the United States. Earlier this year, three individuals were given prison sentences totaling 235 years for their role in a massive scheme that involved romance scams, identity theft, fraud and money laundering.
Related: Nigerian Behind Attacks Against Over 4,000 Businesses
Related: Industrial Companies Targeted by Nigerian Cybercriminals

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- CISA Expands Cybersecurity Committee, Updates Baseline Security Goals
- Exploitation of 55 Zero-Day Vulnerabilities Came to Light in 2022: Mandiant
- Organizations Notified of Remotely Exploitable Vulnerabilities in Aveva HMI, SCADA Products
- Waterfall Security, TXOne Networks Launch New OT Security Appliances
- Hitachi Energy Blames Data Breach on Zero-Day as Ransomware Gang Threatens Firm
- New York Man Arrested for Running BreachForums Cybercrime Website
- Exploitation of Recent Fortinet Zero-Day Linked to Chinese Cyberspies
- Mozilla Patches High-Severity Vulnerabilities With Release of Firefox 111
Latest News
- BreachForums Shut Down Over Law Enforcement Takeover Concerns
- CISA Expands Cybersecurity Committee, Updates Baseline Security Goals
- Malware Trends: What’s Old Is Still New
- Burnout in Cybersecurity – Can it be Prevented?
- Spain Needs More Transparency Over Pegasus: EU Lawmakers
- Ransomware Will Likely Target OT Systems in EU Transport Sector: ENISA
- Virtual Event Today: Supply Chain & Third-Party Risk Summit
- Google Suspends Chinese Shopping App Amid Security Concerns
