International Police Operation Bags Suspected BEC Mastermind
A 40-year-old Nigerian alleged to have masterminded the theft of over $60 million in thousands of online scams has been arrested after an operation involving Trend Micro and international police.
The suspect, known only as “Mike,” was arrested in Port Harcourt in southern Nigeria after first being tracked and located by Trend Micro and Fortinet.
It’s believed he managed a 40-strong team of scammers across Nigeria, South Africa and Malaysia, who also used malware in their campaigns.
The group made their millions two main ways, according to Interpol.
The first was via payment diversion fraud – where a supplier’s email account is compromised with malware and fake messages are sent to the buyer with instructions for payment to a bank account under the criminal’s control.
The second is “CEO fraud”, also known as “whaling” or “Business Email Compromise.”
Here the email account of a CEO or CFO is either compromised or spoofed and a request for a large wire transfer of corporate funds to a third party account is sent to an employee in the accounts/finance department.
According to the FBI, BEC has incurred damages of over $3 billion over the past three years.
Interpol teamed up with the Nigerian Economic and Financial Crime Commission (EFCC) to get their man, who is alleged to have defrauded one target alone out of more than $15 million.
The 40-year-old is currently on bail along with a 38-year-old and faces charges including hacking, conspiracy and obtaining money under false pretences.
“The public, and especially businesses, need to be alert to this type of cyber-enabled fraud. Basic security protocols such as two-factor authentication and verification by other means before making a money transfer are essential to reduce the risk of falling victim to these scams,” said Noboru Nakatani, executive director of the Interpol Global Complex for Innovation (IGCI).
“It is exactly through this type of public and private sector cooperation that Interpol will continue to help member countries in bringing cyber-criminals to justice no matter where they are.”
Source: Information Security Magazine