Nigerian national gets 10-year sentence for stealing $20 million through business email compromise scams

Avatar

A Nigerian national was sentenced to 10 years in U.S. federal prison for stealing almost $20 million from hundreds of people through cyber fraud. 

Babatunde Francis Ayeni, a 33-year-old who had been living in the U.K, was convicted for his role in a business email compromise scheme that targeted real estate transactions. Ayeni pleaded guilty to wire fraud charges in April and was sentenced this week. 

Ayeni worked with two other people in Nigeria and the United Arab Emirates — co-defendants Feyisayo Ogunsanwo and Yusuf Lasisi — who allegedly sent phishing emails with malicious links and attachments to title companies, real estate agents, and real estate attorneys across the U.S. 

Through the phishing emails, the hackers gained access to employee login information, which they used to monitor email accounts for messages indicating a buyer was preparing to make a payment. Ayeni and his co-conspirators would then contact the buyer from the compromised email address and provide wire information linking to their financial accounts. 

Among the more than 400 victims of the scheme, 231 of them were unable to reverse the wire transactions and lost the full amount sent to the hacker-controlled accounts. In total, $19,599,969.46 was lost. 

The thefts were particularly painful for dozens of people who lost all of the money they had saved up to purchase a home. Multiple people provided victim impact statements to the court and testified about the shame, despair, and depression they felt after the losses. One victim said more than $100,000 was stolen from him after he tried to buy his elderly father a home following a Parkinson’s diagnosis.

The indictment mentions at least two victims who lost more than $114,000 and $42,000, respectively. The hackers used the funds to purchase Bitcoin on Coinbase, which was then sent to three different addresses. 

At least one of the victim companies was a real estate title company in Gulf Shores, Alabama.

“Cyber-enabled crimes can cause substantial and lasting harm to victims in an instant,” said U.S.Attorney Sean P. Costello. “Criminals across the world may believe that they are causing no harm to their victims and that they are safe behind their keyboards, but this case proves otherwise.”

Lasisi and Ogunsanwo have not been located and are believed to be at-large. Ogunsanwo was last tracked spending $40,000 of the stolen funds at a Louis Vuitton store in a Dubai mall.

Business email compromise continues to be one of the thorniest — and costliest — digital crimes committed. 

Most schemes target businesses that deal with wire transfers or automated clearing house payments, with the end goal being to get victims to mistakenly send funds to hacker-controlled accounts. 

The FBI said in 2023 that business email compromise accounted for $2.9 billion in losses. The FBI warned last year scammers “are increasingly using custodial accounts held at financial institutions for cryptocurrency exchanges or third-party payment processors, or having targeted individuals send funds directly to these platforms where funds are quickly dispersed.”

In August, about $60 million was stolen from one of the leading suppliers of carbon products after an employee was tricked into making several wire transfers to cybercriminals. A school district in Tennessee was also tricked into handing over millions. 

Law enforcement agencies have sought to step up their takedowns of criminal organizations propagating the schemes. Last month, Interpol took down a phishing scam operation in Côte d’Ivoire, arresting eight people for their involvement. 

NewsCybercrime
Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.

No previous article

No new articles

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.

 

Total
0
Shares
Previous Post

Webinar: Learn How Storytelling Can Make Cybersecurity Training Fun and Effective

Next Post

CISA’s Jack Cable on secure-by-design pledge progress — and next steps

Related Posts

Meta Fined €91 Million for Storing Millions of Facebook and Instagram Passwords in Plaintext

The Irish Data Protection Commission (DPC) has fined Meta €91 million ($101.56 million) as part of a probe into a security lapse in March 2019, when the company disclosed that it had mistakenly stored users' passwords in plaintext in its systems. The investigation, launched by the DPC the next month, found that the social media giant violated four different articles under the European Union's
Avatar
Read More

SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation

SonicWall has revealed that a recently patched critical security flaw impacting SonicOS may have come under active exploitation, making it essential that users apply the patches as soon as possible. The vulnerability, tracked as CVE-2024-40766, carries a CVSS score of 9.3 out of a maximum of 10. "An improper access control vulnerability has been identified in the SonicWall SonicOS management
Avatar
Read More