Summary: A Nigerian national has been convicted of participating in a $1.5 million business email compromise (BEC) scam, using social engineering and malicious software to deceive businesses into sending money or valuable data to the attackers.
Threat Actor: Ebuka Raphael Umeti | Ebuka Raphael Umeti
Victim: Various businesses and organizations
Key Point :
- Ebuka Raphael Umeti, along with two alleged partners, used social engineering and malicious software to perpetuate a $1.5 million BEC scam.
- The scammers started their success in 2018, siphoning $571,000 from a New York wholesaler and $400,000 from a Texan metal supplier.
- In addition to phishing emails, the scammers also engaged in domain spoofing and signed up for VoIP numbers to further deceive their victims.
A Nigerian national has been convicted of participating in a business email compromise (BEC) scam worth $1.5 million after a jury found him guilty on all counts.
The Feds say Ebuka Raphael Umeti, 35, perpetuated the scam with two alleged partners in crime, using a combination of social engineering and malicious software to pull off the million-dollar BEC scheme. A BEC fraud involves phishing emails and deception to get businesses and organizations to send money or valuable data to attackers, usually over email.
According to the DoJ, Umeti got involved in BEC scams as early as February 2016, when one of his alleged co-conspirators, fellow Nigerian national Franklin Ifeanyichukwu Okwonna, is said to have sent Umeti a phishing email template. The collaborators started to see success in 2018, siphoning $571,000 from a New York wholesaler and $400,000 from a Texan metal supplier.
In the following years, the scammers started domain spoofing, signed up for VoIP numbers, and communicated over the gaming-focused chat platform Discord.
It’s not unusual to find cybercrims congregating on services like this, such as the one command-and-control malware service hosting tech support on Discord and Telegram.
They also began sending emails injected with malware that would allow them to gain remote access to compromised computers, further assisting their fraud. This new technique may be what led to the duo into picking up another member, alleged to be Saudi Arabia national Mohammed Naji Mohammedali Butaish – who has yet to be tried on the charges. Butaish is alleged to have first got involved in 2020 when he is suspected of coding new malware for Umeti and Okwonna.
According to the DoJ’s indictment, in 2021 the three began focusing on malware allegedly designed by Butaish, who the Feds claim sold it to his alleged co-conspirators and others.
Although the three were indicted in August 2022, Umeti and Okwonna weren’t actually arrested until January this year. Part of the delay was because the two lived in Nigeria, but since the West African country has an extradition treaty with the US, this didn’t shield them from prosecution.
According to court documents, Butaish has not yet been arrested, and since Saudi Arabia does not have an extradition treaty with the US, it’s unclear if he ever will go to his own trial.
Meanwhile, Umeti’s trial ended yesterday with the jury finding him guilty of all counts; Okwonna had already been found guilty on May 20. They are respectively scheduled to be sentenced on August 27 and September 3, and Umeti could face up to 102 years in prison. However, federal sentencing guidelines can be complex, and it’s unlikely Umeti will see a triple-digit sentence.
Just a few weeks ago the DoJ sentenced a Georgia resident to a decade in prison for a BEC scheme worth $4.5 million. The feds are also seeking $5 million of cash stolen from trade unions in an ongoing case. ®
Source: https://www.theregister.com/2024/06/14/phishing_scam_conviction
“An interesting youtube video that may be related to the article above”