A Nigerian national has been sentenced by a United States court to 41 months in prison for his role in business email compromise (BEC) scams, the Department of Justice announced on Thursday.
The scammer, David Chukwuneke Adindu, was arrested by U.S. authorities in November 2016. He pleaded guilty in June to one count of conspiracy to use a means of identification in connection with a federal crime, and one count of conspiracy to commit wire fraud. He faced at least 15 years in prison for his crimes.
In addition to the prison sentence, the Nigerian has been ordered to pay $1.4 million in restitution.
According to prosecutors, Adindu, who resided in both Nigeria and China, was part of a scheme that involved sending out specially crafted emails designed to trick organizations into wiring significant amounts of money to bank accounts controlled by him and his co-conspirators. The man took part in the operation between 2014 and 2016.
These types of emails typically purport to come from managers at the targeted company or known business partners and they instruct recipients to wire money to a specified account. The scam is referred to as a business email compromise scam because the attacker often hacks into the targeted organization’s email accounts to obtain information that can be leveraged to make the wire transfer requests more credible.
Last year, the FBI received over 12,000 complaints related to BEC and EAC (email account compromise) scams, with losses totaling more than $360 million.
Authorities said the scheme Adindu was involved in targeted thousands of victims around the world and attempted to defraud them of more than $25 million. Reuters learned from the man’s lawyer that his main role was to set up bank accounts in China and Hong Kong.
Adindu is not the first Nigerian sentenced in the United States. Earlier this year, three individuals were given prison sentences totaling 235 years for their role in a massive scheme that involved romance scams, identity theft, fraud and money laundering.
Related: Nigerian Behind Attacks Against Over 4,000 Businesses
Related: Industrial Companies Targeted by Nigerian Cybercriminals