Brother
Professional
- Messages
- 2,590
- Reaction score
- 483
- Points
- 83
A Nigerian man has been arrested in Ghana for a Business Email Compromise (BEC) scam that cost a US charity more than $7.5 million.
Olusegun Samson Adejorin was arrested on December 29 on charges of fraud against two charities in Maryland and New York. Adejorin is charged with email fraud, identity theft and unauthorized access to a protected computer.
According to the U.S. Department of Justice, Adejorin's fraudulent scheme lasted from June to August 2020 and involved unauthorized access to email accounts and impersonation of employees of organizations.
Posing as an employee of one of the charitable organizations (Victim 2), Adejorin solicited large sums of funds from another organization (Victim 1), which provided investment services to Victim 2. To successfully complete transactions in excess of $10,000, Adejorin used stolen credentials to send emails on behalf of employees who were required to confirm these transactions.
As part of the fraudulent scheme, Adejorin also purchased an email credential theft tool, registered fake domain names, and hid fraudulent emails from legitimate employees by redirecting them to inconspicuous sections of inboxes. As a result of his actions, Adejorin was able to deceive Victim 1 into transferring $7.5 million into his bank accounts, while the organization believed that the transfer was going to the accounts of a real charitable company.
Adejorin faces a maximum sentence of 20 years for email fraud, 5 years for unauthorized access to a protected computer and 2 years for identity theft. The US Department of Justice also notes that the sentence can be increased by 7 years for registering and using a domain name for the purpose of fraud.
Olusegun Samson Adejorin was arrested on December 29 on charges of fraud against two charities in Maryland and New York. Adejorin is charged with email fraud, identity theft and unauthorized access to a protected computer.
According to the U.S. Department of Justice, Adejorin's fraudulent scheme lasted from June to August 2020 and involved unauthorized access to email accounts and impersonation of employees of organizations.
Posing as an employee of one of the charitable organizations (Victim 2), Adejorin solicited large sums of funds from another organization (Victim 1), which provided investment services to Victim 2. To successfully complete transactions in excess of $10,000, Adejorin used stolen credentials to send emails on behalf of employees who were required to confirm these transactions.
As part of the fraudulent scheme, Adejorin also purchased an email credential theft tool, registered fake domain names, and hid fraudulent emails from legitimate employees by redirecting them to inconspicuous sections of inboxes. As a result of his actions, Adejorin was able to deceive Victim 1 into transferring $7.5 million into his bank accounts, while the organization believed that the transfer was going to the accounts of a real charitable company.
Adejorin faces a maximum sentence of 20 years for email fraud, 5 years for unauthorized access to a protected computer and 2 years for identity theft. The US Department of Justice also notes that the sentence can be increased by 7 years for registering and using a domain name for the purpose of fraud.
