Following the extradition of a prolific Nigerian cyber criminal to the United States, law enforcement authorities have successfully taken down a cyber crime ring that committed various cyber crimes such as wire fraud, identity theft, romance scams, fraudulent-check scams, gold-buying scams, advance-fee scams and credit card scams.
A detailed investigation led by the FBI and supported by various law enforcement agencies recently culminated with the extradition of Babatunde Martins, a Nigerian cyber criminal from Ghana who was a member of a cyber crime ring that committed various kinds of Business Email Compromise scams across the world.
The cyber crime group used spoofed email addresses and Virtual Private Networks to anonymise their activities and infiltrated servers and email systems of various companies to identify large financial transactions. The hackers then communicated with company employees and business parties via email by impersonating other companies or clients and lured companies into transferring large amounts of money to their bank accounts.
Nigerian cyber criminal used VPNs & spoofed email accounts to carry out fraudulent email correspondence
Members of the Nigerian cyber crime ring then used a network of U.S.-based money mules to redirect funds from various countries to final destinations in Africa. The Department of Justice said that by carrying out such BEC scams, the cyber crime ring "caused hundreds of thousands in loss to companies and individuals".
"In addition to BEC, the defendant is also charged with perpetrating romance scams, fraudulent-check scams, gold-buying scams, advance-fee scams and credit card scams. The indictment alleges that the proceeds of these criminal activities, both money and goods, were shipped and/or transferred from the United States to locations in Africa through a complex network of both complicit and unwitting individuals that had been recruited through the various Internet scams.
"The defendant is specifically alleged to have owned and operated a company called Afriocean LTD that he used in furtherance of these crimes. The defendant, along with his coconspirators, is believed to have caused millions in loss to victims across the globe," it added.
Aside from Martins, five other cyber criminals have pleaded guilty to being involved in the scheme and two others were sentenced to 78 months and 31 months in prison respectively for their roles in the series of BEC scams carried out by the crime ring.
This is the second such breakthrough made by law enforcement agencies in the past few months as far as taking down cyber crime rings behind BEC scams affecting companies and individuals across the world is concerned.
Global law enforcement agencies coordinating with each other to take down cyber crime rings
In September, a massive law enforcement operation spanning the United States, Nigeria, Turkey, Ghana, France, Italy, Japan, Kenya, Malaysia, and the United Kingdom resulted in the arrest of 281 cyber criminals, the seizure of nearly $3.7 million, and the disruption or recovery of approximately $118 million in fraudulent wire transfers.
These sophisticated cyber-enabled scams often target employees with access to company finances and—using methods like social engineering and computer intrusions—trick them into making wire transfers to bank accounts thought to belong to trusted partners. The accounts are actually controlled by the criminals," the FBI explained.
"Criminal organisations that perpetrate BEC schemes don't just target companies. They also exploit individual victims—such as real estate purchasers or the elderly—by convincing them to make wire transfers to bank accounts controlled by the criminals. The scam can also involve requests to purchase gift cards and send the serial numbers or to mail a check, but the request will always appear to come from someone known to or trusted by the victim," it added.
Last year, the FBI ran a similar operation that resulted in the arrest of 74 cyber criminals, 29 of whom were based in Nigeria, and another 42 were in the United States. The arrests took place following a six-month-long investigation that involved personnel from the FBI, the Department of Justice, the Department of Homeland Security, the Department of the Treasury, and the U.S. Postal Inspection Service. The agencies were able to bust several cyber crime groups located in the United States, Nigeria, Canada, Mauritius, and Poland.