A Nigerian national has been sentenced by a United States court to 41 months in prison for his role in business email compromise (BEC) scams, the Department of Justice announced on Thursday.
The scammer, David Chukwuneke Adindu, was arrested by U.S. authorities in November 2016. He pleaded guilty in June to one count of conspiracy to use a means of identification in connection with a federal crime, and one count of conspiracy to commit wire fraud. He faced at least 15 years in prison for his crimes.
In addition to the prison sentence, the Nigerian has been ordered to pay $1.4 million in restitution.
According to prosecutors, Adindu, who resided in both Nigeria and China, was part of a scheme that involved sending out specially crafted emails designed to trick organizations into wiring significant amounts of money to bank accounts controlled by him and his co-conspirators. The man took part in the operation between 2014 and 2016.
These types of emails typically purport to come from managers at the targeted company or known business partners and they instruct recipients to wire money to a specified account. The scam is referred to as a business email compromise scam because the attacker often hacks into the targeted organization’s email accounts to obtain information that can be leveraged to make the wire transfer requests more credible.
Last year, the FBI received over 12,000 complaints related to BEC and EAC (email account compromise) scams, with losses totaling more than $360 million.
Authorities said the scheme Adindu was involved in targeted thousands of victims around the world and attempted to defraud them of more than $25 million. Reuters learned from the man’s lawyer that his main role was to set up bank accounts in China and Hong Kong.
Adindu is not the first Nigerian sentenced in the United States. Earlier this year, three individuals were given prison sentences totaling 235 years for their role in a massive scheme that involved romance scams, identity theft, fraud and money laundering.
Related: Nigerian Behind Attacks Against Over 4,000 Businesses
Related: Industrial Companies Targeted by Nigerian Cybercriminals

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.
More from Eduard Kovacs
- Unpatched Econolite Traffic Controller Vulnerabilities Allow Remote Hacking
- Google Fi Data Breach Reportedly Led to SIM Swapping
- Microsoft’s Verified Publisher Status Abused in Email Theft Campaign
- British Retailer JD Sports Discloses Data Breach Affecting 10 Million Customers
- Meta Awards $27,000 Bounty for 2FA Bypass Vulnerability
- Industry Reactions to Hive Ransomware Takedown: Feedback Friday
- US Reiterates $10 Million Reward Offer After Disruption of Hive Ransomware
- Hive Ransomware Operation Shut Down by Law Enforcement
Latest News
- Malicious NPM, PyPI Packages Stealing User Information
- VMware Confirms Exploit Code Released for Critical vRealize Logging Vulnerabilities
- 98% of Firms Have a Supply Chain Relationship That Has Been Breached: Analysis
- Dutch, European Hospitals ‘Hit by Pro-Russian Hackers’
- Gem Security Gets $11 Million Seed Investment for Cloud Incident Response Platform
- Ransomware Leads to Nantucket Public Schools Shutdown
- Stop, Collaborate and Listen: Disrupting Cybercrime Networks Requires Private-Public Cooperation and Information Sharing
- Boxx Insurance Raises $14.4 Million in Series B Funding
